FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:2973 core dump dir: /tmp secrets file: /etc/ipsec.secrets leak-detective enabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x55a90061bba8 size 40 | libevent_malloc: new ptr-libevent@0x55a90061bcd8 size 40 | libevent_malloc: new ptr-libevent@0x55a90061bdd8 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x55a9006a0458 size 56 | libevent_malloc: new ptr-libevent@0x55a900644388 size 664 | libevent_malloc: new ptr-libevent@0x55a9006a04c8 size 24 | libevent_malloc: new ptr-libevent@0x55a9006a0518 size 384 | libevent_malloc: new ptr-libevent@0x55a9006a0418 size 16 | libevent_malloc: new ptr-libevent@0x55a90061b908 size 40 | libevent_malloc: new ptr-libevent@0x55a90061bd38 size 48 | libevent_realloc: new ptr-libevent@0x55a900644018 size 256 | libevent_malloc: new ptr-libevent@0x55a9006a06c8 size 16 | libevent_free: release ptr-libevent@0x55a9006a0458 | libevent initialized | libevent_realloc: new ptr-libevent@0x55a9006a0458 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds | encryption algorithm assertion checks | encryption algorithm AES_CCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 ESP ID id: 16 enum name: AES_CCM_C | IKEv2 ID id: 16 enum name: AES_CCM_C | encryption algorithm AES_CCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 ESP ID id: 15 enum name: AES_CCM_B | IKEv2 ID id: 15 enum name: AES_CCM_B | encryption algorithm AES_CCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 ESP ID id: 14 enum name: AES_CCM_A | IKEv2 ID id: 14 enum name: AES_CCM_A | encryption algorithm 3DES_CBC, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 3, IKEv2 id: 3 | IKEv1 OAKLEY ID id: 5 enum name: 3DES_CBC | IKEv1 ESP ID id: 3 enum name: 3DES | IKEv2 ID id: 3 enum name: 3DES | encryption algorithm CAMELLIA_CTR, IKEv1 OAKLEY id: 24, IKEv1 ESP_INFO id: 24, IKEv2 id: 24 | IKEv1 OAKLEY ID id: 24 enum name: CAMELLIA_CTR | IKEv1 ESP ID id: 24 enum name: CAMELLIA_CTR | IKEv2 ID id: 24 enum name: CAMELLIA_CTR | encryption algorithm CAMELLIA_CBC, IKEv1 OAKLEY id: 8, IKEv1 ESP_INFO id: 22, IKEv2 id: 23 | IKEv1 OAKLEY ID id: 8 enum name: CAMELLIA_CBC | IKEv1 ESP ID id: 22 enum name: CAMELLIA | IKEv2 ID id: 23 enum name: CAMELLIA_CBC | encryption algorithm AES_GCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 20, IKEv2 id: 20 | IKEv1 ESP ID id: 20 enum name: AES_GCM_C | IKEv2 ID id: 20 enum name: AES_GCM_C | encryption algorithm AES_GCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 19, IKEv2 id: 19 | IKEv1 ESP ID id: 19 enum name: AES_GCM_B | IKEv2 ID id: 19 enum name: AES_GCM_B | encryption algorithm AES_GCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 ESP ID id: 18 enum name: AES_GCM_A | IKEv2 ID id: 18 enum name: AES_GCM_A | encryption algorithm AES_CTR, IKEv1 OAKLEY id: 13, IKEv1 ESP_INFO id: 13, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 13 enum name: AES_CTR | IKEv1 ESP ID id: 13 enum name: AES_CTR | IKEv2 ID id: 13 enum name: AES_CTR | encryption algorithm AES_CBC, IKEv1 OAKLEY id: 7, IKEv1 ESP_INFO id: 12, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 7 enum name: AES_CBC | IKEv1 ESP ID id: 12 enum name: AES | IKEv2 ID id: 12 enum name: AES_CBC | encryption algorithm SERPENT_CBC, IKEv1 OAKLEY id: 65004, IKEv1 ESP_INFO id: 252, IKEv2 id: 65004 | IKEv1 OAKLEY ID id: 65004 enum name: SERPENT_CBC | IKEv1 ESP ID id: 252 enum name: SERPENT | IKEv2 ID id: 65004 enum name: SERPENT_CBC | encryption algorithm TWOFISH_CBC, IKEv1 OAKLEY id: 65005, IKEv1 ESP_INFO id: 253, IKEv2 id: 65005 | IKEv1 OAKLEY ID id: 65005 enum name: TWOFISH_CBC | IKEv1 ESP ID id: 253 enum name: TWOFISH | IKEv2 ID id: 65005 enum name: TWOFISH_CBC | encryption algorithm TWOFISH_SSH, IKEv1 OAKLEY id: 65289, IKEv1 ESP_INFO id: -1, IKEv2 id: 65289 | IKEv1 OAKLEY ID id: 65289 enum name: TWOFISH_CBC_SSH | IKEv2 ID id: 65289 enum name: TWOFISH_CBC_SSH | encryption algorithm NULL_AUTH_AES_GMAC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 23, IKEv2 id: 21 | IKEv1 ESP ID id: 23 enum name: NULL_AUTH_AES_GMAC | IKEv2 ID id: 21 enum name: NULL_AUTH_AES_GMAC | encryption algorithm NULL, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 11, IKEv2 id: 11 | IKEv1 ESP ID id: 11 enum name: NULL | IKEv2 ID id: 11 enum name: NULL | encryption algorithm CHACHA20_POLY1305, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 28 | IKEv2 ID id: 28 enum name: CHACHA20_POLY1305 Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 | hash algorithm assertion checks | hash algorithm MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | hash algorithm SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | hash algorithm SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | hash algorithm SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | hash algorithm SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 | PRF algorithm assertion checks | PRF algorithm HMAC_MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5 | PRF algorithm HMAC_SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1 | PRF algorithm HMAC_SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv2 ID id: 5 enum name: HMAC_SHA2_256 | PRF algorithm HMAC_SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: 6 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv2 ID id: 6 enum name: HMAC_SHA2_384 | PRF algorithm HMAC_SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: 7 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv2 ID id: 7 enum name: HMAC_SHA2_512 | PRF algorithm AES_XCBC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 4 | IKEv2 ID id: 4 enum name: AES128_XCBC PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc | integrity algorithm assertion checks | integrity algorithm HMAC_MD5_96, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: 1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv1 ESP ID id: 1 enum name: HMAC_MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5_96 | integrity algorithm HMAC_SHA1_96, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: 2, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv1 ESP ID id: 2 enum name: HMAC_SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1_96 | integrity algorithm HMAC_SHA2_512_256, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: 7, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv1 ESP ID id: 7 enum name: HMAC_SHA2_512 | IKEv2 ID id: 14 enum name: HMAC_SHA2_512_256 | integrity algorithm HMAC_SHA2_384_192, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 6, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv1 ESP ID id: 6 enum name: HMAC_SHA2_384 | IKEv2 ID id: 13 enum name: HMAC_SHA2_384_192 | integrity algorithm HMAC_SHA2_256_128, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: 5, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv1 ESP ID id: 5 enum name: HMAC_SHA2_256 | IKEv2 ID id: 12 enum name: HMAC_SHA2_256_128 | integrity algorithm HMAC_SHA2_256_TRUNCBUG, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 252, IKEv2 id: -1 | IKEv1 ESP ID id: 252 enum name: HMAC_SHA2_256_TRUNCBUG | integrity algorithm AES_XCBC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 9, IKEv2 id: 5 | IKEv1 ESP ID id: 9 enum name: AES_XCBC | IKEv2 ID id: 5 enum name: AES_XCBC_96 | integrity algorithm AES_CMAC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 250, IKEv2 id: 8 | IKEv1 ESP ID id: 250 enum name: AES_CMAC_96 | IKEv2 ID id: 8 enum name: AES_CMAC_96 | integrity algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 0, IKEv2 id: 0 | IKEv1 ESP ID id: 0 enum name: NONE | IKEv2 ID id: 0 enum name: NONE Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null | DH algorithm assertion checks | DH algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 0 | IKEv2 ID id: 0 enum name: NONE | DH algorithm MODP1536, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 5, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 5 enum name: MODP1536 | IKEv1 ESP ID id: 5 enum name: MODP1536 | IKEv2 ID id: 5 enum name: MODP1536 | DH algorithm MODP2048, IKEv1 OAKLEY id: 14, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 14 enum name: MODP2048 | IKEv1 ESP ID id: 14 enum name: MODP2048 | IKEv2 ID id: 14 enum name: MODP2048 | DH algorithm MODP3072, IKEv1 OAKLEY id: 15, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 OAKLEY ID id: 15 enum name: MODP3072 | IKEv1 ESP ID id: 15 enum name: MODP3072 | IKEv2 ID id: 15 enum name: MODP3072 | DH algorithm MODP4096, IKEv1 OAKLEY id: 16, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 OAKLEY ID id: 16 enum name: MODP4096 | IKEv1 ESP ID id: 16 enum name: MODP4096 | IKEv2 ID id: 16 enum name: MODP4096 | DH algorithm MODP6144, IKEv1 OAKLEY id: 17, IKEv1 ESP_INFO id: 17, IKEv2 id: 17 | IKEv1 OAKLEY ID id: 17 enum name: MODP6144 | IKEv1 ESP ID id: 17 enum name: MODP6144 | IKEv2 ID id: 17 enum name: MODP6144 | DH algorithm MODP8192, IKEv1 OAKLEY id: 18, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 OAKLEY ID id: 18 enum name: MODP8192 | IKEv1 ESP ID id: 18 enum name: MODP8192 | IKEv2 ID id: 18 enum name: MODP8192 | DH algorithm DH19, IKEv1 OAKLEY id: 19, IKEv1 ESP_INFO id: -1, IKEv2 id: 19 | IKEv1 OAKLEY ID id: 19 enum name: ECP_256 | IKEv2 ID id: 19 enum name: ECP_256 | DH algorithm DH20, IKEv1 OAKLEY id: 20, IKEv1 ESP_INFO id: -1, IKEv2 id: 20 | IKEv1 OAKLEY ID id: 20 enum name: ECP_384 | IKEv2 ID id: 20 enum name: ECP_384 | DH algorithm DH21, IKEv1 OAKLEY id: 21, IKEv1 ESP_INFO id: -1, IKEv2 id: 21 | IKEv1 OAKLEY ID id: 21 enum name: ECP_521 | IKEv2 ID id: 21 enum name: ECP_521 | DH algorithm DH31, IKEv1 OAKLEY id: 31, IKEv1 ESP_INFO id: -1, IKEv2 id: 31 | IKEv1 OAKLEY ID id: 31 enum name: CURVE25519 | IKEv2 ID id: 31 enum name: CURVE25519 DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed testing AES_GCM_16: empty string | decode_to_chunk: raw_key: input "0xcf063a34d4a9a76c2c86787d3f96db71" | decode_to_chunk: output: | cf 06 3a 34 d4 a9 a7 6c 2c 86 78 7d 3f 96 db 71 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484130 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484118 | result: symkey-key@0x55a900622080 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: salted IV: input "0x113b9785971864c83b01c787" | decode_to_chunk: output: | 11 3b 97 85 97 18 64 c8 3b 01 c7 87 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "" | decode_to_chunk: output: | | decode_to_chunk: ciphertext: input "" | decode_to_chunk: output: | | decode_to_chunk: tag: input "0x72ac8493e3a5228b5d130a69d2510e42" | decode_to_chunk: output: | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: release sym_key-key@0x55a900622080 | test_gcm_vector: passed one block | decode_to_chunk: raw_key: input "0xe98b72a9881a84ca6b76e0f43e68647a" | decode_to_chunk: output: | e9 8b 72 a9 88 1a 84 ca 6b 76 e0 f4 3e 68 64 7a | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484130 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484118 | result: symkey-key@0x55a900622080 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: salted IV: input "0x8b23299fde174053f3d652ba" | decode_to_chunk: output: | 8b 23 29 9f de 17 40 53 f3 d6 52 ba | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0x28286a321293253c3e0aa2704a278032" | decode_to_chunk: output: | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | decode_to_chunk: ciphertext: input "0x5a3c1cf1985dbb8bed818036fdd5ab42" | decode_to_chunk: output: | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | decode_to_chunk: tag: input "0x23c7ab0f952b7091cd324835043b5eb5" | decode_to_chunk: output: | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: release sym_key-key@0x55a900622080 | test_gcm_vector: passed two blocks | decode_to_chunk: raw_key: input "0xbfd414a6212958a607a0f5d3ab48471d" | decode_to_chunk: output: | bf d4 14 a6 21 29 58 a6 07 a0 f5 d3 ab 48 47 1d | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484130 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484118 | result: symkey-key@0x55a900622080 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: salted IV: input "0x86d8ea0ab8e40dcc481cd0e2" | decode_to_chunk: output: | 86 d8 ea 0a b8 e4 0d cc 48 1c d0 e2 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0xa6b76a066e63392c9443e60272ceaeb9d25c991b0f2e55e2804e168c05ea591a" | decode_to_chunk: output: | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | decode_to_chunk: ciphertext: input "0x62171db33193292d930bf6647347652c1ef33316d7feca99d54f1db4fcf513f8" | decode_to_chunk: output: | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | decode_to_chunk: tag: input "0xc28280aa5c6c7a8bd366f28c1cfd1f6e" | decode_to_chunk: output: | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: release sym_key-key@0x55a900622080 | test_gcm_vector: passed two blocks with associated data | decode_to_chunk: raw_key: input "0x006c458100fc5f4d62949d2c833b82d1" | decode_to_chunk: output: | 00 6c 45 81 00 fc 5f 4d 62 94 9d 2c 83 3b 82 d1 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484130 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484118 | result: symkey-key@0x55a900622080 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: salted IV: input "0xa4e9c4bc5725a21ff42c82b2" | decode_to_chunk: output: | a4 e9 c4 bc 57 25 a2 1f f4 2c 82 b2 | decode_to_chunk: AAD: input "0x2efb14fb3657cdd6b9a8ff1a5f5a39b9" | decode_to_chunk: output: | 2e fb 14 fb 36 57 cd d6 b9 a8 ff 1a 5f 5a 39 b9 | decode_to_chunk: plaintext: input "0xf381d3bfbee0a879f7a4e17b623278cedd6978053dd313530a18f1a836100950" | decode_to_chunk: output: | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | decode_to_chunk: ciphertext: input "0xf39b4db3542d8542fb73fd2d66be568f26d7f814b3f87d1eceac3dd09a8d697e" | decode_to_chunk: output: | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | decode_to_chunk: tag: input "0x39f045cb23b698c925db134d56c5" | decode_to_chunk: output: | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: decrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: encrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: release sym_key-key@0x55a900622080 | test_gcm_vector: passed testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E" | decode_to_chunk: output: | ae 68 52 f8 12 10 67 cc 4b f7 a5 76 55 77 f3 9e | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 128-bit key passed Encrypting 32 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63" | decode_to_chunk: output: | 7e 24 06 78 17 fa e0 d7 43 d6 ce 1f 32 53 91 63 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 128-bit key passed Encrypting 36 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC" | decode_to_chunk: output: | 76 91 be 03 5e 50 20 a8 ac 6e 61 85 29 f9 a0 dc | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 128-bit key passed Encrypting 16 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED86 3D 06 CC FD B7 85 15" | decode_to_chunk: output: | 16 af 5b 14 5f c9 f5 79 c1 75 f9 3e 3b fb 0e ed | 86 3d 06 cc fd b7 85 15 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 192-bit key passed Encrypting 32 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C67 8C 3D B8 E6 F6 A9 1A" | decode_to_chunk: output: | 7c 5c b2 40 1b 3d c3 3c 19 e7 34 08 19 e0 f6 9c | 67 8c 3d b8 e6 f6 a9 1a | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 192-bit key passed Encrypting 36 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9BF5 9B 60 A7 86 D3 E0 FE" | decode_to_chunk: output: | 02 bf 39 1e e8 ec b1 59 b9 59 61 7b 09 65 27 9b | f5 9b 60 a7 86 d3 e0 fe | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a9006a3700 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 192-bit key passed Encrypting 16 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0x77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04" | decode_to_chunk: output: | 77 6b ef f2 85 1d b0 6f 4c 8a 05 42 c8 69 6f 6c | 6a 81 af 1e ec 96 b4 d3 7f c1 d6 89 e6 c1 c1 04 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 256-bit key passed Encrypting 32 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xF6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84" | decode_to_chunk: output: | f6 d6 6d 6b d5 2d 59 bb 07 96 36 58 79 ef f8 86 | c6 6d d5 1a 5b 6a 99 74 4b 50 59 0c 87 a2 38 84 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 256-bit key passed Encrypting 36 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xFF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D" | decode_to_chunk: output: | ff 7a 61 7c e6 91 48 e4 f1 72 6e 2f 43 58 1d e2 | aa 62 d9 f8 05 53 2e df f1 ee d6 87 fb 54 15 3d | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a9006a3700 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 256-bit key passed testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x06a9214036b8a15b512e03d534120006" | decode_to_chunk: output: | 06 a9 21 40 36 b8 a1 5b 51 2e 03 d5 34 12 00 06 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: ciphertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: cipertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key passed Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0xc286696d887c9aa0611bbb3e2025a45a" | decode_to_chunk: output: | c2 86 69 6d 88 7c 9a a0 61 1b bb 3e 20 25 a4 5a | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: ciphertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: cipertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key passed Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x6c3ea0477630ce21a2ce334aa746c2cd" | decode_to_chunk: output: | 6c 3e a0 47 76 30 ce 21 a2 ce 33 4a a7 46 c2 cd | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | decode_to_chunk: ciphertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: cipertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key passed Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x56e47a38c5598974bc46903dba290349" | decode_to_chunk: output: | 56 e4 7a 38 c5 59 89 74 bc 46 90 3d ba 29 03 49 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484190 | result: symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484178 | result: symkey-key@0x55a900622080 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a9006a3700 | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | decode_to_chunk: ciphertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: cipertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a900622080 | test_ctr_vector: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key passed testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "" | decode_to_chunk: output: | | decode_to_chunk: test_prf_vector: input "0x75f0251d528ac01c4573dfd584d79f29" | decode_to_chunk: output: | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a51e8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a3700 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a3700 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a5298 (length 0) | | XCBC: data | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-1043568: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5b98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a6180 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x55a900622080 | PRF chunk interface: release key-key@0x55a9006a3700 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a58a8 (length 16) | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | chunk output 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a3700 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a900622080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF symkey interface PRF aes_xcbc update symkey message-key@(nil) (size 0) | PRF symkey interface: symkey message-key@NULL | symkey message NULL key has no bytes | XCBC: data | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1023: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51a8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a7a00 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x55a9006a6180 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a7a00 | PRF symkey interface: release key-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a6180 (size 16) | PRF symkey interface: key-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracting all 16 bytes of key@0x55a9006a6180 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: d2 ba 3d f0 8c 0c ce 5a 0c 73 8b a5 57 a8 35 08 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracted len 16 bytes at 0x55a9006a5868 | unwrapped: 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | test_prf_vector: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input passed | test_prf_vector: release symkey-key@0x55a9006a6180 | test_prf_vector: release message-key@NULL | test_prf_vector: release key-key@0x55a9006a3700 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102" | decode_to_chunk: output: | 00 01 02 | decode_to_chunk: test_prf_vector: input "0x5b376580ae2f19afe7219ceef172756f" | decode_to_chunk: output: | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5298 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a6180 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a6180 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a9006a3700 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a5868 (length 3) | 00 01 02 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-1043568: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a3700 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a900622080 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x55a9006a3700 | PRF chunk interface: release key-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a5d58 (length 16) | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | chunk output 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a6180 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a7a00 (19-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 3 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 3-bytes | base: base-key@0x55a9006a7a00 (19-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a900622080 (3-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a900622080 (size 3) | PRF symkey interface: symkey message-key@0x55a900622080 (3-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 3 bytes of key@0x55a900622080 | symkey message: symkey-key@0x55a900622080 (3-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (3-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159264: 08 e6 19 c0 cb f1 68 72 b2 8e ac e2 57 5a 6c e2 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 16 bytes at 0x55a9006a51a8 | unwrapped: 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5b98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a7a00 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x55a9006a7a00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a7a00 (size 16) | PRF symkey interface: key-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracting all 16 bytes of key@0x55a9006a7a00 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: c2 4b ee 5b 46 d5 8f a8 80 d6 6d 00 6a ec f0 26 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracted len 16 bytes at 0x55a9006a51a8 | unwrapped: 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | test_prf_vector: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input passed | test_prf_vector: release symkey-key@0x55a9006a7a00 | test_prf_vector: release message-key@0x55a900622080 | test_prf_vector: release key-key@0x55a9006a6180 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xd2a246fa349b68a79998a4394ff7a263" | decode_to_chunk: output: | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5868 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a900622080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a900622080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a51a8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a52d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a7a00 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x55a9006a6180 | PRF chunk interface: release key-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a51e8 (length 16) | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | chunk output d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a900622080 (size 16) | PRF symkey interface: key symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a7a00 (size 16) | PRF symkey interface: symkey message-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 16 bytes of key@0x55a9006a7a00 | symkey message: symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 16 bytes at 0x55a9006a5b98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a3700 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x55a9006a3700 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a3700 (size 16) | PRF symkey interface: key-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracting all 16 bytes of key@0x55a9006a3700 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 13 08 64 a5 9e da ad cf 68 4d 5c af c7 51 bd 28 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracted len 16 bytes at 0x55a9006a5b98 | unwrapped: d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | test_prf_vector: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input passed | test_prf_vector: release symkey-key@0x55a9006a3700 | test_prf_vector: release message-key@0x55a9006a7a00 | test_prf_vector: release key-key@0x55a900622080 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a51a8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a7a00 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a7a00 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a0708 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a9006a7a00 | K: symkey-key@0x55a9006a7a00 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5298 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a3700 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a900622080 | PRF chunk interface: release key-key@0x55a9006a7a00 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a51e8 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a7a00 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a900622080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a6180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a6180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a3700 (size 20) | PRF symkey interface: symkey message-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a9006a3700 | symkey message: symkey-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a e2 9b 78 40 73 cf 85 9a 30 e6 12 48 27 b1 13 87 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 32 bytes at 0x55a9006a5048 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a9006a6180 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a6180 (size 16) | PRF symkey interface: key-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracting all 16 bytes of key@0x55a9006a6180 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 31 76 26 5f ee 00 c6 8d 57 9a 7f b8 d3 f6 30 28 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | test_prf_vector: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input passed | test_prf_vector: release symkey-key@0x55a9006a6180 | test_prf_vector: release message-key@0x55a9006a3700 | test_prf_vector: release key-key@0x55a9006a7a00 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: test_prf_vector: input "0xf54f0ec8d2b9f3d36807734bd5283fd4" | decode_to_chunk: output: | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5b98 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a3700 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a3700 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a9006a7a00 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a0708 (length 32) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a58a8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a7a00 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a6180 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x55a9006a7a00 | PRF chunk interface: release key-key@0x55a9006a3700 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a5cb8 (length 16) | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | chunk output f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a3700 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a9006a7a00 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a900622080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x55a900622080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a6180 (size 32) | PRF symkey interface: symkey message-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 32 bytes of key@0x55a9006a6180 | symkey message: symkey-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (32-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a dc ca a9 d5 42 3a 42 91 20 01 5e 91 44 9c 90 f3 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 32 bytes at 0x55a9006a5048 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x55a9006a7a00 | K: symkey-key@0x55a9006a7a00 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x55a900622080 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc final-key@0x55a900622080 (size 16) | PRF symkey interface: key-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracting all 16 bytes of key@0x55a900622080 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: aa 55 fc 7e 9d c9 70 e2 9f b3 ca 84 b8 a2 d1 c6 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | test_prf_vector: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input passed | test_prf_vector: release symkey-key@0x55a900622080 | test_prf_vector: release message-key@0x55a9006a6180 | test_prf_vector: release key-key@0x55a9006a3700 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | decode_to_chunk: test_prf_vector: input "0xbecbb3bccdb518a30677d5481fb6b4d8" | decode_to_chunk: output: | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a51a8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a6180 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a6180 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a9006a3700 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a5cf8 (length 34) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a52d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a3700 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a900622080 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x55a9006a3700 | PRF chunk interface: release key-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a51e8 (length 16) | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | chunk output be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a6180 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a7a00 (50-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 34 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 34-bytes | base: base-key@0x55a9006a7a00 (50-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a900622080 (34-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a900622080 (size 34) | PRF symkey interface: symkey message-key@0x55a900622080 (34-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 34 bytes of key@0x55a900622080 | symkey message: symkey-key@0x55a900622080 (34-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (34-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a dc ca a9 d5 42 3a 42 91 20 01 5e 91 44 9c 90 f3 5b d4 bd a6 7a 13 04 5b 1b 09 ed f2 02 fc 8d d6 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 48 bytes at 0x55a9006a5ef8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | unwrapped: 20 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5868 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a7a00 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x55a9006a7a00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a7a00 (size 16) | PRF symkey interface: key-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracting all 16 bytes of key@0x55a9006a7a00 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 3a 27 fe 20 0f 76 b4 da 11 de d5 e6 71 df 17 fb | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracted len 16 bytes at 0x55a9006a5868 | unwrapped: be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | test_prf_vector: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input passed | test_prf_vector: release symkey-key@0x55a9006a7a00 | test_prf_vector: release message-key@0x55a900622080 | test_prf_vector: release key-key@0x55a9006a6180 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xf0dafee895db30253761103b5d84528f" | decode_to_chunk: output: | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5868 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a900622080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a900622080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006aab28 (length 1000) | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540028960: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a52d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a7a00 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x55a9006a6180 | PRF chunk interface: release key-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a5cb8 (length 16) | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | chunk output f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a6180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a900622080 (size 16) | PRF symkey interface: key symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a0708 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a3700 (1016-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 1000 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 1000-bytes | base: base-key@0x55a9006a3700 (1016-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a7a00 (1000-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a7a00 (size 1000) | PRF symkey interface: symkey message-key@0x55a9006a7a00 (1000-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 1000 bytes of key@0x55a9006a7a00 | symkey message: symkey-key@0x55a9006a7a00 (1000-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (1000-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 1008 | wrapper: (SECItemType)-1159264: 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 1008 bytes at 0x55a9006ad128 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a3700 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x55a9006a3700 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a3700 (size 16) | PRF symkey interface: key-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracting all 16 bytes of key@0x55a9006a3700 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 95 be d4 d4 b0 dc 4b a8 b8 70 bc 34 68 70 b3 20 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: release slot-key-key@0x55a9006a5fa0 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | test_prf_vector: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input passed | test_prf_vector: release symkey-key@0x55a9006a3700 | test_prf_vector: release message-key@0x55a9006a7a00 | test_prf_vector: release key-key@0x55a900622080 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5d58 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a7a00 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: key-key@0x55a9006a7a00 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a0708 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a9006a7a00 | K: symkey-key@0x55a9006a7a00 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a58a8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a3700 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a900622080 | PRF chunk interface: release key-key@0x55a9006a7a00 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a51e8 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a7a00 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: key symkey-key@0x55a900622080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a6180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a6180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a3700 (size 20) | PRF symkey interface: symkey message-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a9006a3700 | symkey message: symkey-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a e2 9b 78 40 73 cf 85 9a 30 e6 12 48 27 b1 13 87 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 32 bytes at 0x55a9006a5048 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a9006a6180 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006a6180 (size 16) | PRF symkey interface: key-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracting all 16 bytes of key@0x55a9006a6180 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): symkey-key@0x55a9006a6180 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 31 76 26 5f ee 00 c6 8d 57 9a 7f b8 d3 f6 30 28 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): release slot-key-key@0x55a9006a5fa0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracted len 16 bytes at 0x55a9006a5cb8 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) passed | test_prf_vector: release symkey-key@0x55a9006a6180 | test_prf_vector: release message-key@0x55a9006a3700 | test_prf_vector: release key-key@0x55a9006a7a00 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) | decode_to_chunk: test_prf_vector: input "0x00010203040506070809" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x0fa087af7d866e7653434e602fdde835" | decode_to_chunk: output: | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a5868 (length 10) | 00 01 02 03 04 05 06 07 08 09 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a3700 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x55a9006a3700 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a7a00 (10-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a3700 | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x55a9006a7a00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006a7a00 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef94840b0 | result: tmp+=0-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006a7a00 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840d8 | result: PRF chunk interface-key@0x55a9006a6180 (16-bytes, AES_ECB) | PRF chunk interface: release tmp-key@0x55a9006a3700 | PRF chunk interface: release clone-key@0x55a9006a7a00 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a0708 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 02 db 82 c7 62 30 e6 40 e7 85 6a 2c c5 6e b8 84 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a5298 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a7a00 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a3700 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x55a9006a7a00 | PRF chunk interface: release key-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a5cb8 (length 16) | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | chunk output 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a7a00 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x55a9006a7a00 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a6180 (10-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a9006a6180 (size 10) | PRF symkey interface: key symkey-key@0x55a9006a6180 (10-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x55a9006a6180 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006a6180 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef94840e0 | result: tmp+=0-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006a6180 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a7a00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: PRF symkey interface-key@0x55a9006a3700 (16-bytes, AES_ECB) | PRF symkey interface: release tmp-key@0x55a9006a7a00 | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a4fa8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a7a00 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a7a00 (size 20) | PRF symkey interface: symkey message-key@0x55a9006a7a00 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a9006a7a00 | symkey message: symkey-key@0x55a9006a7a00 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a e2 9b 78 40 73 cf 85 9a 30 e6 12 48 27 b1 13 87 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 32 bytes at 0x55a9006a5048 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 02 db 82 c7 62 30 e6 40 e7 85 6a 2c c5 6e b8 84 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x55a900622080 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006a9280 | PRF symkey interface: release key-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc final-key@0x55a900622080 (size 16) | PRF symkey interface: key-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracting all 16 bytes of key@0x55a900622080 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): symkey-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 5c 61 1c 8c 8a 33 91 df 70 6a 24 61 66 ee f5 47 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): release slot-key-key@0x55a9006a5fa0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) passed | test_prf_vector: release symkey-key@0x55a900622080 | test_prf_vector: release message-key@0x55a9006a7a00 | test_prf_vector: release key-key@0x55a9006a6180 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0fedcb" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x8cd3c93ae598a9803006ffb67c40e9e4" | decode_to_chunk: output: | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a9006a0708 (length 18) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484110 | result: key-key@0x55a9006a7a00 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x55a9006a7a00 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840f8 | result: key-key@0x55a9006a6180 (18-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a9006a7a00 | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840b0 | result: key-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484098 | result: key-key@0x55a9006a7a00 (16-bytes, AES_ECB) | key: release tmp-key@0x55a900622080 | key extracting all 18 bytes of key@0x55a9006a6180 | key: symkey-key@0x55a9006a6180 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | key: new slot-key@0x55a9006a5fa0 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a cb ba a7 5c 95 40 29 1e 92 2a 47 f1 c9 51 14 e6 | key: release slot-key-key@0x55a9006a5fa0 | key extracted len 32 bytes at 0x55a9006a5048 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x55a9006a7a00 | K: symkey-key@0x55a9006a7a00 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484030 | result: k1-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484018 | result: k1-key@0x55a900622080 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a3700 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x55a900622080 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840b0 | result: key-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484098 | result: key-key@0x55a900622080 (16-bytes, AES_ECB) | key: release tmp-key@0x55a9006a3700 | PRF chunk interface: release clone-key@0x55a9006a6180 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a9006a5048 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a9006a4fa8 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a900622080 | K: symkey-key@0x55a900622080 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 37 06 9f 73 49 e2 1d ed 4c f4 26 3b ef 7b 21 a4 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a52d8 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484070 | result: k1-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484058 | result: k1-key@0x55a9006a6180 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a3700 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x55a9006a6180 | PRF chunk interface: release key-key@0x55a900622080 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a9006a5868 (length 16) | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | chunk output 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a6180 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x55a9006a6180 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a900622080 (18-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a6180 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a900622080 (size 18) | PRF symkey interface: key symkey-key@0x55a900622080 (18-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840e0 | result: key symkey-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840c8 | result: key symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x55a9006a3700 | key symkey extracting all 18 bytes of key@0x55a900622080 | key symkey: symkey-key@0x55a900622080 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | key symkey: new slot-key@0x55a9006a5fa0 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a cb ba a7 5c 95 40 29 1e 92 2a 47 f1 c9 51 14 e6 | key symkey: release slot-key-key@0x55a9006a5fa0 | key symkey extracted len 32 bytes at 0x55a9006a4ff8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x55a9006a6180 | K: symkey-key@0x55a9006a6180 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 92 23 85 40 43 b6 21 d9 ba c9 95 91 03 9b d7 a0 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484060 | result: k1-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484048 | result: k1-key@0x55a9006a3700 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006a9280 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x55a9006a3700 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840e0 | result: key symkey-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840c8 | result: key symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x55a9006a9280 | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a9006a4ff8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006aad30 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a9006a9280 (size 20) | PRF symkey interface: symkey message-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a9006a9280 | symkey message: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1159264: c0 f0 f1 fb ad bb 8e 45 19 eb 45 c5 a5 3b de 3a e2 9b 78 40 73 cf 85 9a 30 e6 12 48 27 b1 13 87 | symkey message: release slot-key-key@0x55a9006a5fa0 | symkey message extracted len 32 bytes at 0x55a9006aaed8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a9006a3700 | K: symkey-key@0x55a9006a3700 (16-bytes, AES_ECB) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a9006a5fa0 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 37 06 9f 73 49 e2 1d ed 4c f4 26 3b ef 7b 21 a4 | K: release slot-key-key@0x55a9006a5fa0 | K extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484090 | result: k1-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484078 | result: k1-key@0x55a9006aad30 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a9006ac790 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x55a9006aad30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484120 | result: xcbc-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484108 | result: xcbc-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a9006ac790 | PRF symkey interface: release key-key@0x55a9006a3700 | PRF symkey interface PRF aes_xcbc final-key@0x55a9006aad30 (size 16) | PRF symkey interface: key-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracting all 16 bytes of key@0x55a9006aad30 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): symkey-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: ac bf cc 9f 7f b7 5c 26 3f 57 22 0b 93 9c 09 4f | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): release slot-key-key@0x55a9006a5fa0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) passed | test_prf_vector: release symkey-key@0x55a9006aad30 | test_prf_vector: release message-key@0x55a9006a9280 | test_prf_vector: release key-key@0x55a900622080 | test_prf_vector: release output-key@NULL testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 | decode_to_chunk: test_prf_vector: input "0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" | decode_to_chunk: output: | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | decode_to_chunk: test_prf_vector: input "Hi There" | decode_to_chunk: output: | 48 69 20 54 68 65 72 65 | decode_to_chunk: test_prf_vector: input "0x9294727a3638bb1c13f48ef8158bfc9d" | decode_to_chunk: output: | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface PRF md5 init key-chunk@0x55a9006a5d58 (length 16) | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484100 | result: PRF chunk interface-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840e8 | result: PRF chunk interface-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a9006a9280 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a900622080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a9006aaca8 | PRF chunk interface PRF md5 update message-bytes@0x55a9006a51e8 (length 8) | 48 69 20 54 68 65 72 65 | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffef9484170 | result: message-key@0x55a9006aad30 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a900622080 | PRF HMAC inner hash hash md5 inner-key@0x55a9006aad30 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a9006aad30 (size 72) | PRF HMAC inner hash: inner-key@0x55a9006aad30 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a5298 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484000 | result: PRF HMAC inner hash-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9483fe8 | result: PRF HMAC inner hash-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a9006a3700 | PRF chunk interface: release inner-key@0x55a9006aad30 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484070 | result: result-key@0x55a9006aad30 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484058 | result: result-key@0x55a9006a3700 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006aad30 | PRF chunk interface: release hashed-inner-key@0x55a900622080 | PRF chunk interface: release key-key@0x55a9006a9280 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a9006a3700 (size 80) | PRF HMAC outer hash: outer-key@0x55a9006a3700 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a9006a52d8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface: release outer-key@0x55a9006a3700 | PRF chunk interface PRF md5 final-chunk@0x55a9006a52d8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | chunk output 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a9280 | PRF symkey interface PRF md5 init key symkey-key@0x55a9006a3700 (size 16) | PRF symkey interface: key symkey-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a9006a3700 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006a3700 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a9006aaed8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006ac790 (24-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 8 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 8-bytes | base: base-key@0x55a9006ac790 (24-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006aad30 (8-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006ac790 | PRF symkey interface PRF md5 update symkey message-key@0x55a9006aad30 (size 8) | PRF symkey interface: symkey message-key@0x55a9006aad30 (8-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484198 | result: result-key@0x55a9006ac790 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a900622080 | PRF HMAC inner hash hash md5 inner-key@0x55a9006ac790 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a9006ac790 (size 72) | PRF HMAC inner hash: inner-key@0x55a9006ac790 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a52d8 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484020 | result: PRF HMAC inner hash-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484008 | result: PRF HMAC inner hash-key@0x55a900622080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a9006acb70 | PRF symkey interface: release inner-key@0x55a9006ac790 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484090 | result: result-key@0x55a9006ac790 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006ac790 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484078 | result: result-key@0x55a9006acb70 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006ac790 | PRF symkey interface: release hashed-inner-key@0x55a900622080 | PRF symkey interface: release key-key@0x55a9006a9280 | PRF HMAC outer hash hash md5 outer-key@0x55a9006acb70 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a9006acb70 (size 80) | PRF HMAC outer hash: outer-key@0x55a9006acb70 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a9006a52d8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840e0 | result: PRF HMAC outer hash-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840c8 | result: PRF HMAC outer hash-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a900622080 | PRF symkey interface: release outer-key@0x55a9006acb70 | : hashed-outer-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a9006a9280 (size 16) | PRF symkey interface: key-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 1 extracting all 16 bytes of key@0x55a9006a9280 | RFC 2104: MD5_HMAC test 1: symkey-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 1: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: f0 41 4d 10 af 9f 25 e0 ec 8c 21 26 1f 9e 26 0a | RFC 2104: MD5_HMAC test 1: release slot-key-key@0x55a9006a5fa0 | RFC 2104: MD5_HMAC test 1 extracted len 16 bytes at 0x55a9006a5298 | unwrapped: 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | test_prf_vector: RFC 2104: MD5_HMAC test 1 passed | test_prf_vector: release symkey-key@0x55a9006a9280 | test_prf_vector: release message-key@0x55a9006aad30 | test_prf_vector: release key-key@0x55a9006a3700 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 2 | decode_to_chunk: test_prf_vector: input "Jefe" | decode_to_chunk: output: | 4a 65 66 65 | decode_to_chunk: test_prf_vector: input "what do ya want for nothing?" | decode_to_chunk: output: | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | decode_to_chunk: test_prf_vector: input "0x750c783e6ab0b503eaa86e310a5db738" | decode_to_chunk: output: | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface PRF md5 init key-chunk@0x55a9006a5868 (length 4) | 4a 65 66 65 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484100 | result: PRF chunk interface-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840e8 | result: PRF chunk interface-key@0x55a9006a3700 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a9006aad30 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006a3700 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006a3700 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a9006acaf8 | PRF chunk interface PRF md5 update message-bytes@0x55a9006a0708 (length 28) | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffef9484170 | result: message-key@0x55a9006a9280 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a9006a3700 | PRF HMAC inner hash hash md5 inner-key@0x55a9006a9280 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a9006a9280 (size 92) | PRF HMAC inner hash: inner-key@0x55a9006a9280 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a5298 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484000 | result: PRF HMAC inner hash-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9483fe8 | result: PRF HMAC inner hash-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a9006acb70 | PRF chunk interface: release inner-key@0x55a9006a9280 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484070 | result: result-key@0x55a9006a9280 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484058 | result: result-key@0x55a9006acb70 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006a9280 | PRF chunk interface: release hashed-inner-key@0x55a9006a3700 | PRF chunk interface: release key-key@0x55a9006aad30 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a9006acb70 (size 80) | PRF HMAC outer hash: outer-key@0x55a9006acb70 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a9006a51e8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface: release outer-key@0x55a9006acb70 | PRF chunk interface PRF md5 final-chunk@0x55a9006a51e8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | chunk output 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006acb70 (4-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006aad30 | PRF symkey interface PRF md5 init key symkey-key@0x55a9006acb70 (size 4) | PRF symkey interface: key symkey-key@0x55a9006acb70 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a9006acb70 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006acb70 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006acb70 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a9006aaca8 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a900622080 (44-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 28 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 28-bytes | base: base-key@0x55a900622080 (44-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006a9280 (28-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a900622080 | PRF symkey interface PRF md5 update symkey message-key@0x55a9006a9280 (size 28) | PRF symkey interface: symkey message-key@0x55a9006a9280 (28-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484198 | result: result-key@0x55a900622080 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006a3700 | PRF HMAC inner hash hash md5 inner-key@0x55a900622080 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a900622080 (size 92) | PRF HMAC inner hash: inner-key@0x55a900622080 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a51e8 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484020 | result: PRF HMAC inner hash-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484008 | result: PRF HMAC inner hash-key@0x55a9006a3700 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a9006ac790 | PRF symkey interface: release inner-key@0x55a900622080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484090 | result: result-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a900622080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484078 | result: result-key@0x55a9006ac790 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a900622080 | PRF symkey interface: release hashed-inner-key@0x55a9006a3700 | PRF symkey interface: release key-key@0x55a9006aad30 | PRF HMAC outer hash hash md5 outer-key@0x55a9006ac790 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a9006ac790 (size 80) | PRF HMAC outer hash: outer-key@0x55a9006ac790 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a9006a51e8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840e0 | result: PRF HMAC outer hash-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a3700 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840c8 | result: PRF HMAC outer hash-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a9006a3700 | PRF symkey interface: release outer-key@0x55a9006ac790 | : hashed-outer-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a9006aad30 (size 16) | PRF symkey interface: key-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 2 extracting all 16 bytes of key@0x55a9006aad30 | RFC 2104: MD5_HMAC test 2: symkey-key@0x55a9006aad30 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 2: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: 47 a8 19 80 87 98 eb d3 66 c0 44 90 b3 1e c6 65 | RFC 2104: MD5_HMAC test 2: release slot-key-key@0x55a9006a5fa0 | RFC 2104: MD5_HMAC test 2 extracted len 16 bytes at 0x55a9006a5298 | unwrapped: 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | test_prf_vector: RFC 2104: MD5_HMAC test 2 passed | test_prf_vector: release symkey-key@0x55a9006aad30 | test_prf_vector: release message-key@0x55a9006a9280 | test_prf_vector: release key-key@0x55a9006acb70 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 3 | decode_to_chunk: test_prf_vector: input "0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" | decode_to_chunk: output: | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | decode_to_chunk: test_prf_vector: input "0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" | decode_to_chunk: output: | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | decode_to_chunk: test_prf_vector: input "0x56be34521d144c88dbb8c733f0e8b3f6" | decode_to_chunk: output: | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface PRF md5 init key-chunk@0x55a9006a5d58 (length 16) | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484100 | result: PRF chunk interface-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840e8 | result: PRF chunk interface-key@0x55a9006acb70 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a9006a9280 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006acb70 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006acb70 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a9006acb70 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a9006acb48 | PRF chunk interface PRF md5 update message-bytes@0x55a9006a5098 (length 50) | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006acb70 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffef9484170 | result: message-key@0x55a9006aad30 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a9006acb70 | PRF HMAC inner hash hash md5 inner-key@0x55a9006aad30 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a9006aad30 (size 114) | PRF HMAC inner hash: inner-key@0x55a9006aad30 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a51e8 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484000 | result: PRF HMAC inner hash-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006ac790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9483fe8 | result: PRF HMAC inner hash-key@0x55a9006acb70 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a9006ac790 | PRF chunk interface: release inner-key@0x55a9006aad30 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484070 | result: result-key@0x55a9006aad30 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006aad30 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484058 | result: result-key@0x55a9006ac790 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006aad30 | PRF chunk interface: release hashed-inner-key@0x55a9006acb70 | PRF chunk interface: release key-key@0x55a9006a9280 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a9006ac790 (size 80) | PRF HMAC outer hash: outer-key@0x55a9006ac790 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a9006a5298 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface: release outer-key@0x55a9006ac790 | PRF chunk interface PRF md5 final-chunk@0x55a9006a5298 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | chunk output 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: key symkey-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006a9280 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: key symkey-key@0x55a9006ac790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a9006a9280 | PRF symkey interface PRF md5 init key symkey-key@0x55a9006ac790 (size 16) | PRF symkey interface: key symkey-key@0x55a9006ac790 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a9006ac790 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006ac790 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484040 | result: trimed key-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a9006ac790 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484080 | result: result-key@0x55a9006acb70 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a9006a5048 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484180 | result: message symkey-key@0x55a9006a3700 (66-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 50 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 50-bytes | base: base-key@0x55a9006a3700 (66-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484168 | result: message symkey-key@0x55a9006aad30 (50-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a9006a3700 | PRF symkey interface PRF md5 update symkey message-key@0x55a9006aad30 (size 50) | PRF symkey interface: symkey message-key@0x55a9006aad30 (50-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006acb70 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484198 | result: result-key@0x55a9006a3700 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006acb70 | PRF HMAC inner hash hash md5 inner-key@0x55a9006a3700 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a9006a3700 (size 114) | PRF HMAC inner hash: inner-key@0x55a9006a3700 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a9006a5298 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef9484020 | result: PRF HMAC inner hash-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a900622080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9484008 | result: PRF HMAC inner hash-key@0x55a9006acb70 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a900622080 | PRF symkey interface: release inner-key@0x55a9006a3700 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a9280 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffef9484090 | result: result-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a9006a3700 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffef9484078 | result: result-key@0x55a900622080 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a9006a3700 | PRF symkey interface: release hashed-inner-key@0x55a9006acb70 | PRF symkey interface: release key-key@0x55a9006a9280 | PRF HMAC outer hash hash md5 outer-key@0x55a900622080 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a900622080 (size 80) | PRF HMAC outer hash: outer-key@0x55a900622080 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a9006a5298 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffef94840e0 | result: PRF HMAC outer hash-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a9006acb70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94840c8 | result: PRF HMAC outer hash-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a9006acb70 | PRF symkey interface: release outer-key@0x55a900622080 | : hashed-outer-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a9006a9280 (size 16) | PRF symkey interface: key-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 3 extracting all 16 bytes of key@0x55a9006a9280 | RFC 2104: MD5_HMAC test 3: symkey-key@0x55a9006a9280 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 3: new slot-key@0x55a9006a5fa0 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1159318: ca 48 a6 75 31 74 05 04 e2 3d 93 ce b3 80 81 dc | RFC 2104: MD5_HMAC test 3: release slot-key-key@0x55a9006a5fa0 | RFC 2104: MD5_HMAC test 3 extracted len 16 bytes at 0x55a9006a51e8 | unwrapped: 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | test_prf_vector: RFC 2104: MD5_HMAC test 3 passed | test_prf_vector: release symkey-key@0x55a9006a9280 | test_prf_vector: release message-key@0x55a9006aad30 | test_prf_vector: release key-key@0x55a9006ac790 | test_prf_vector: release output-key@NULL 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 | starting up helper thread 0 | status value returned by setting the priority of this thread (crypto helper 0) 22 | crypto helper 0 waiting (nothing to do) started thread for crypto helper 1 | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 1) 22 | crypto helper 1 waiting (nothing to do) started thread for crypto helper 2 | starting up helper thread 2 | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 2 waiting (nothing to do) started thread for crypto helper 3 started thread for crypto helper 4 | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) started thread for crypto helper 5 | starting up helper thread 5 | status value returned by setting the priority of this thread (crypto helper 5) 22 | crypto helper 5 waiting (nothing to do) started thread for crypto helper 6 | starting up helper thread 3 | starting up helper thread 6 | status value returned by setting the priority of this thread (crypto helper 3) 22 | checking IKEv1 state table | crypto helper 3 waiting (nothing to do) | status value returned by setting the priority of this thread (crypto helper 6) 22 | crypto helper 6 waiting (nothing to do) | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55a9006a5098 | libevent_malloc: new ptr-libevent@0x55a9006894a8 size 128 | libevent_malloc: new ptr-libevent@0x55a9006a5868 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55a9006a5bd8 | libevent_malloc: new ptr-libevent@0x55a900647388 size 128 | libevent_malloc: new ptr-libevent@0x55a9006a5d58 size 16 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0920b (length 11) | 4b 41 4d 45 2f 72 61 63 6f 6f 6e | vendor id hash md5 final bytes@0x55a9006a5298 (length 16) | 70 03 cb c1 09 7d be 9c 26 00 ba 69 83 bc 8b 35 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a000 (length 46) | 4e 4c 42 53 5f 50 52 45 53 45 4e 54 28 4e 4c 42 | 2f 4d 53 43 53 20 66 61 73 74 20 66 61 69 6c 6f | 76 65 72 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x55a9006a52d8 (length 16) | ec 22 62 b5 12 32 63 83 67 12 3b ce 3d 37 3c 5e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a030 (length 32) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 28 41 | 75 74 68 49 50 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x55a9006a5cb8 (length 16) | 6f fe a4 ae ec 37 f4 9a 02 6f 97 cf b5 53 30 6d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0938e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x55a9006a58a8 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x55a9006a5d98 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff093a0 (length 23) | 4d 69 63 72 6f 73 6f 66 74 20 58 62 6f 78 20 4f | 6e 65 20 32 30 31 33 | vendor id hash md5 final bytes@0x55a9006a51a8 (length 16) | 8a a3 94 cf 8a 55 77 dc 31 10 c1 13 b0 27 a4 f2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff093b8 (length 22) | 58 62 6f 78 20 49 4b 45 76 32 20 4e 65 67 6f 74 | 69 61 74 69 6f 6e | vendor id hash md5 final bytes@0x55a9006a5b98 (length 16) | aa 28 1f cc d6 8c f8 a8 dc b8 5c c0 a7 10 40 2a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff093cf (length 28) | 4d 53 46 54 20 49 50 73 65 63 20 53 65 63 75 72 | 69 74 79 20 52 65 61 6c 6d 20 49 64 | vendor id hash md5 final bytes@0x55a9006accd8 (length 16) | 68 6a 8c bd fe 63 4b 40 51 46 fb 2b af 33 e9 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a080 (length 39) | 41 20 47 53 53 2d 41 50 49 20 41 75 74 68 65 6e | 74 69 63 61 74 69 6f 6e 20 4d 65 74 68 6f 64 20 | 66 6f 72 20 49 4b 45 | vendor id hash md5 final bytes@0x55a9006b1fb8 (length 16) | ad 2c 0d d0 b9 c3 20 83 cc ba 25 b8 86 1e c4 55 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff093ec (length 6) | 47 53 53 41 50 49 | vendor id hash md5 final bytes@0x55a9006b1ff8 (length 16) | 62 1b 04 bb 09 88 2a c1 e1 59 35 fe fa 24 ae ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff093f3 (length 12) | 53 53 48 20 53 65 6e 74 69 6e 65 6c | vendor id hash md5 final bytes@0x55a9006b2038 (length 16) | 05 41 82 a0 7c 7a e2 06 f9 d2 cf 9d 24 32 c4 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09400 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 31 | vendor id hash md5 final bytes@0x55a9006b2078 (length 16) | b9 16 23 e6 93 ca 18 a5 4c 6a 27 78 55 23 05 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09411 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 32 | vendor id hash md5 final bytes@0x55a9006b20b8 (length 16) | 54 30 88 8d e0 1a 31 a6 fa 8f 60 22 4e 44 99 58 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09422 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 33 | vendor id hash md5 final bytes@0x55a9006b20f8 (length 16) | 7e e5 cb 85 f7 1c e2 59 c9 4a 5c 73 1e e4 e7 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09433 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | vendor id hash md5 final bytes@0x55a9006b2138 (length 16) | 63 d9 a1 a7 00 94 91 b5 a0 a6 fd eb 2a 82 84 f0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09444 (length 18) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | 2e 31 | vendor id hash md5 final bytes@0x55a9006b2178 (length 16) | eb 4b 0d 96 27 6b 4e 22 0a d1 62 21 a7 b2 a5 e6 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a0a8 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a9006b21b8 (length 16) | fb f4 76 14 98 40 31 fa 8e 3b b6 19 80 89 b2 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a0e0 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a9006b21f8 (length 16) | 19 52 dc 91 ac 20 f6 46 fb 01 cf 42 a3 3a ee 30 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a118 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a9006b2238 (length 16) | e8 bf fa 64 3e 5c 8f 2c d1 0f da 73 70 b6 eb e5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a150 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a9006b2278 (length 16) | c1 11 1b 2d ee 8c bc 3d 62 05 73 ec 57 aa b9 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a188 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a9006b22b8 (length 16) | 09 ec 27 bf bc 09 c7 58 23 cf ec bf fe 56 5a 2e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a1c0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a9006b22f8 (length 16) | 7f 21 a5 96 e4 e3 18 f0 b2 f4 94 4c 23 84 cb 84 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a1f8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a9006b2338 (length 16) | 28 36 d1 fd 28 07 bc 9e 5a e3 07 86 32 04 51 ec | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a230 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a9006b2378 (length 16) | a6 8d e7 56 a9 c5 22 9b ae 66 49 80 40 95 1a d5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a268 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a9006b23b8 (length 16) | 3f 23 72 86 7e 23 7c 1c d8 25 0a 75 55 9c ae 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a2a0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a9006b23f8 (length 16) | 0e 58 d5 77 4d f6 02 00 7d 0b 02 44 36 60 f7 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a2d8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a9006b2438 (length 16) | f5 ce 31 eb c2 10 f4 43 50 cf 71 26 5b 57 38 0f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a310 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a9006b2478 (length 16) | f6 42 60 af 2e 27 42 da dd d5 69 87 06 8a 99 a0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a348 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a9006b24b8 (length 16) | 7a 54 d3 bd b3 b1 e6 d9 23 89 20 64 be 2d 98 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a380 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a9006b24f8 (length 16) | 9a a1 f3 b4 34 72 a4 5d 5f 50 6a eb 26 0c f2 14 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a3b8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a9006b2538 (length 16) | 68 80 c7 d0 26 09 91 14 e4 86 c5 54 30 e7 ab ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a3f0 (length 41) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 50 4c 55 54 4f 5f 53 45 4e 44 53 | 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffef9484260 (length 16) | 44 76 1b d7 6b 80 85 41 74 87 ee 8a 51 cf fc f3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a420 (length 53) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 50 4c 55 54 4f 5f 53 45 4e 44 53 5f 56 45 4e | 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffef9484260 (length 16) | b7 0e 8a c3 92 b1 6e 05 48 2f c4 dc 36 10 91 68 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a458 (length 58) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 4c 44 41 50 20 50 4c 55 54 4f 5f 53 45 4e 44 | 53 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffef9484260 (length 16) | 97 1d ea 93 c3 c2 06 74 f9 ae 35 40 83 de 3e 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09531 (length 14) | 4f 70 65 6e 73 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x7ffef9484260 (length 16) | 08 72 0b ee 9e 28 95 3c e0 8f 0a 18 b6 e2 9d da | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a4c0 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 31 | vendor id hash md5 final bytes@0x55a9006b26f8 (length 16) | 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a4e8 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 32 | vendor id hash md5 final bytes@0x55a9006b2738 (length 16) | 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09559 (length 10) | 45 53 50 54 68 72 75 4e 41 54 | vendor id hash md5 final bytes@0x55a9006b2778 (length 16) | 50 76 0f 62 4c 63 e5 c5 3e ea 38 6c 68 5c a0 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a510 (length 38) | 64 72 61 66 74 2d 68 75 74 74 75 6e 65 6e 2d 69 | 70 73 65 63 2d 65 73 70 2d 69 6e 2d 75 64 70 2d | 30 30 2e 74 78 74 | vendor id hash md5 final bytes@0x55a9006b27b8 (length 16) | 6a 74 34 c1 9d 7e 36 34 80 90 a0 23 34 c9 c8 05 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09564 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 30 | vendor id hash md5 final bytes@0x55a9006b27f8 (length 16) | 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09582 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 31 | vendor id hash md5 final bytes@0x55a9006b2838 (length 16) | 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff095a0 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 | vendor id hash md5 final bytes@0x55a9006b2878 (length 16) | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a538 (length 30) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 0a | vendor id hash md5 final bytes@0x55a9006b28b8 (length 16) | 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff095be (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 33 | vendor id hash md5 final bytes@0x55a9006b28f8 (length 16) | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff095dc (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 34 | vendor id hash md5 final bytes@0x55a9006b2938 (length 16) | 99 09 b6 4e ed 93 7c 65 73 de 52 ac e9 52 fa 6b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff095fa (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 35 | vendor id hash md5 final bytes@0x55a9006b2978 (length 16) | 80 d0 bb 3d ef 54 56 5e e8 46 45 d4 c8 5c e3 ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09618 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 36 | vendor id hash md5 final bytes@0x55a9006b29b8 (length 16) | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09636 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 37 | vendor id hash md5 final bytes@0x55a9006b29f8 (length 16) | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09654 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 38 | vendor id hash md5 final bytes@0x55a9006b2a38 (length 16) | 8f 8d 83 82 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09672 (length 26) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 | vendor id hash md5 final bytes@0x55a9006b2a78 (length 16) | 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0968d (length 8) | 52 46 43 20 33 39 34 37 | vendor id hash md5 final bytes@0x55a9006b2ab8 (length 16) | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff124f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x55a9006b2b78 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0973d (length 19) | 56 69 64 2d 49 6e 69 74 69 61 6c 2d 43 6f 6e 74 | 61 63 74 | vendor id hash md5 final bytes@0x55a9006b2bb8 (length 16) | 26 24 4d 38 ed db 61 b3 17 2a 36 e3 d0 cf b8 19 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0a058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x55a9006b2bf8 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0938e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x55a9006b2c38 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09751 (length 14) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 | vendor id hash md5 final bytes@0x55a9006b2c78 (length 16) | 21 4c a4 fa ff a7 f3 2d 67 48 e5 30 33 95 ae 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8ffef88dd (length 10) | 73 74 72 6f 6e 67 53 77 61 6e | vendor id hash md5 final bytes@0x55a9006b2cb8 (length 16) | 88 2f e5 6d 6f d2 0d bc 22 51 61 3b 2e be 5b eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09760 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a9006b2cf8 (length 16) | 2c e9 c9 46 a4 c8 79 bf 11 b5 0b 76 cc 56 92 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09771 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a9006b2d38 (length 16) | 9d bb af cf 1d b0 dd 59 5a e0 65 29 40 03 ad 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09782 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 32 | vendor id hash md5 final bytes@0x55a9006b2d78 (length 16) | 77 e8 ee a6 f5 56 a4 99 de 3f fe 7f 7f 95 66 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09793 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 33 | vendor id hash md5 final bytes@0x55a9006b2db8 (length 16) | b1 81 b1 8e 11 4f c2 09 b3 c6 e2 6c 3a 80 71 8e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 34 | vendor id hash md5 final bytes@0x55a9006b2df8 (length 16) | 1e f2 83 f8 35 49 b5 ff 96 08 b6 d6 34 f8 4d 75 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 35 | vendor id hash md5 final bytes@0x55a9006b2e38 (length 16) | dd 18 0d 21 e5 ce 65 5a 76 8b a3 22 11 dd 8a d9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 36 | vendor id hash md5 final bytes@0x55a9006b2e78 (length 16) | 4c 90 13 69 46 57 7b 51 91 9d 8d 9a 6b 8e 4a 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 37 | vendor id hash md5 final bytes@0x55a9006b2eb8 (length 16) | ab 07 46 22 1c c8 fd 0d 52 38 f7 3a 9b 3d a5 57 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a9006b2ef8 (length 16) | 47 94 ce f6 84 34 22 98 0d 1a 3d 06 af 41 c5 cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff097f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a9006b2f38 (length 16) | d3 f1 c4 88 c3 68 17 5d 5f 40 a8 f5 ca 5f 5e 12 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0980a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a9006b2f78 (length 16) | 15 a1 ac e7 ee 52 fd df ef 04 f9 28 db 2d d1 34 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0981b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 33 | vendor id hash md5 final bytes@0x55a9006b2fb8 (length 16) | 58 49 ab 6d 8b ea bd 6e 4d 09 e5 a3 b8 8c 08 9a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0982c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 34 | vendor id hash md5 final bytes@0x55a9006b2ff8 (length 16) | 31 2f 9c b1 a6 b9 0e 19 de 75 28 c9 04 ac 30 87 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0983d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 35 | vendor id hash md5 final bytes@0x55a9006b3038 (length 16) | bf 0f bf 73 06 eb b7 82 70 42 d8 93 53 98 86 e2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0984e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 36 | vendor id hash md5 final bytes@0x55a9006b3078 (length 16) | d1 96 83 36 8a f4 b0 ed c2 1c cd e9 82 b1 d1 b0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0985f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 37 | vendor id hash md5 final bytes@0x55a9006b30b8 (length 16) | ea 84 0a a4 df c9 71 2d 6c 32 b5 a1 6e b3 29 a3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09870 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 38 | vendor id hash md5 final bytes@0x55a9006b30f8 (length 16) | 66 a2 04 55 07 c1 19 da 78 a4 66 62 59 cd ea 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09881 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 39 | vendor id hash md5 final bytes@0x55a9006b3138 (length 16) | 78 fd d2 87 de f0 1a 3f 07 4b 53 69 ea b4 fd 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09892 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 30 | vendor id hash md5 final bytes@0x55a9006b3178 (length 16) | bf 3a 89 ae 5b ef 8e 72 d4 4d ac 8b b8 8d 7d 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098a4 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 31 | vendor id hash md5 final bytes@0x55a9006b31b8 (length 16) | b7 bd 9f 2f 97 8e 32 59 a7 aa 9f 7a 13 96 ad 6c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098b6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a9006b31f8 (length 16) | 9f 68 90 13 25 a9 72 89 43 35 30 2a 95 31 ab 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098c7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a9006b3238 (length 16) | ba b2 53 f4 cb 10 a8 10 8a 7c 92 7c 56 c8 78 86 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098d8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a9006b3278 (length 16) | 2a 51 7d 0d 23 c3 7d 08 bc e7 c2 92 a0 21 7b 39 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098e9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 33 | vendor id hash md5 final bytes@0x55a9006b32b8 (length 16) | 2d 1f 40 61 18 fb d5 d2 84 74 79 1f fa 00 48 8a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff098fa (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 38 | vendor id hash md5 final bytes@0x55a9006b32f8 (length 16) | 8c 4a 3b cb 72 9b 11 f7 03 d2 2a 5b 39 64 0c a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0990b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 37 | vendor id hash md5 final bytes@0x55a9006b3338 (length 16) | 3a 0d 4e 7c a4 e4 92 ed 4d fe 47 6d 1a c6 01 8b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0991c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 36 | vendor id hash md5 final bytes@0x55a9006b3378 (length 16) | fe 3f 49 70 6e 26 a9 fb 36 a8 7b fc e9 ea 36 ce | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0992d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 35 | vendor id hash md5 final bytes@0x55a9006b33b8 (length 16) | 4c 7e fa 31 b3 9e 51 04 32 a3 17 57 0d 97 bb b9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0993e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 34 | vendor id hash md5 final bytes@0x55a9006b33f8 (length 16) | 76 c7 2b fd 39 84 24 dd 00 1b 86 d0 01 2f e0 61 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff0994f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 33 | vendor id hash md5 final bytes@0x55a9006b3438 (length 16) | fb 46 41 ad 0e eb 2a 34 49 1d 15 f4 ef f5 10 63 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09960 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 32 | vendor id hash md5 final bytes@0x55a9006b3478 (length 16) | 29 99 32 27 7b 7d fe 38 2c e2 34 65 33 3a 7d 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09971 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 31 | vendor id hash md5 final bytes@0x55a9006b34b8 (length 16) | e3 7f 2d 5b a8 9a 62 cd 20 2e e2 7d ac 06 c8 a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09982 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 30 | vendor id hash md5 final bytes@0x55a9006b34f8 (length 16) | 32 f0 e9 b9 c0 6d fe 8c 9a d5 59 9a 63 69 71 a1 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09993 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 33 | vendor id hash md5 final bytes@0x55a9006b3538 (length 16) | 7f 50 cc 4e bf 04 c2 d9 da 73 ab fd 69 b7 7a a2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 32 | vendor id hash md5 final bytes@0x55a9006b3578 (length 16) | a1 94 e2 aa dd d0 ba fb 95 25 3d d9 6d c7 33 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 31 | vendor id hash md5 final bytes@0x55a9006b35b8 (length 16) | 81 34 87 85 82 12 17 85 ba 65 ea 34 5d 6b a7 24 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 30 | vendor id hash md5 final bytes@0x55a9006b35f8 (length 16) | 07 fa 12 8e 47 54 f9 44 7b 1d d4 63 74 ee f3 60 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 34 | vendor id hash md5 final bytes@0x55a9006b3638 (length 16) | b9 27 f9 52 19 a0 fe 36 00 db a3 c1 18 2a e5 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 33 | vendor id hash md5 final bytes@0x55a9006b3678 (length 16) | b2 86 0e 78 37 f7 11 be f3 d0 ee b1 06 87 2d ed | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff099f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 32 | vendor id hash md5 final bytes@0x55a9006b36b8 (length 16) | 5b 1c d6 fe 7d 05 0e da 6c 93 87 1c 10 7d b3 d2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a0a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 31 | vendor id hash md5 final bytes@0x55a9006b36f8 (length 16) | 66 af bc 12 bb fe 6c e1 08 b1 f6 9f 4b c9 17 b7 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a1b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 30 | vendor id hash md5 final bytes@0x55a9006b3738 (length 16) | 3f 32 66 49 9f fd bd 85 95 0e 70 22 98 06 28 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a2c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 37 | vendor id hash md5 final bytes@0x55a9006b3778 (length 16) | 1f 44 42 29 6b 83 d7 e3 3a 8b 45 20 9b a0 e5 90 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a3d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 36 | vendor id hash md5 final bytes@0x55a9006b37b8 (length 16) | 3c 5e ba 3d 85 64 92 8e 32 ae 43 c3 d9 92 4d ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a4e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 35 | vendor id hash md5 final bytes@0x55a9006b37f8 (length 16) | 3f 26 7e d6 21 ad a7 ee 6c 7d 88 93 cc b0 b1 4b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a5f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 34 | vendor id hash md5 final bytes@0x55a9006b3838 (length 16) | 7a 6b f5 b7 df 89 64 2a 75 a7 8e f7 d6 57 c1 c0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a70 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 33 | vendor id hash md5 final bytes@0x55a9006b3878 (length 16) | df 5b 1f 0f 1d 56 79 d9 f8 51 2b 16 c5 5a 60 65 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a81 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 32 | vendor id hash md5 final bytes@0x55a9006b38b8 (length 16) | 86 1c e5 eb 72 16 4b 19 0e 9e 62 9a 31 cf 49 01 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09a92 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 31 | vendor id hash md5 final bytes@0x55a9006b38f8 (length 16) | 9a 4a 46 48 f6 0f 8e da 7c fc bf e2 71 ee 5b 7d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09aa3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 30 | vendor id hash md5 final bytes@0x55a9006b3938 (length 16) | 9e b3 d9 07 ed 7a da 4e 3c bc ac b9 17 ab c8 e4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09ab4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 34 | vendor id hash md5 final bytes@0x55a9006b3978 (length 16) | 48 5a 70 36 1b 44 33 b3 1d ea 1c 6b e0 df 24 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09ac5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 33 | vendor id hash md5 final bytes@0x55a9006b39b8 (length 16) | 98 2b 7a 06 3a 33 c1 43 a8 ea dc 88 24 9f 6b cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09ad6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 32 | vendor id hash md5 final bytes@0x55a9006b39f8 (length 16) | e7 a3 fd 0c 6d 77 1a 8f 1b 8a 86 a4 16 9c 9e a4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09ae7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 31 | vendor id hash md5 final bytes@0x55a9006b3a38 (length 16) | 75 b0 65 3c b2 81 eb 26 d3 1e de 38 c8 e1 e2 28 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09af8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 30 | vendor id hash md5 final bytes@0x55a9006b3a78 (length 16) | e8 29 c8 81 49 ba b3 c0 ce e8 5d a6 0e 18 ae 9b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b09 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 32 | vendor id hash md5 final bytes@0x55a9006b3ab8 (length 16) | 42 a4 83 4c 92 ab 9a 77 77 06 3a fa 25 4b cb 69 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b1a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 31 | vendor id hash md5 final bytes@0x55a9006b3af8 (length 16) | f6 97 c1 af cc 2e c8 dd cd f9 9d c7 af 03 a6 7f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b2b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 30 | vendor id hash md5 final bytes@0x55a9006b3b38 (length 16) | b8 f9 2b 2f a2 d3 fe 5f e1 58 34 4b da 1c c6 ae | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b3c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a9006b3b78 (length 16) | 99 dc 7c c8 23 37 6b 3b 33 d0 43 57 89 6a e0 7b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b4d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a9006b3bb8 (length 16) | d9 11 8b 1e 9d e5 ef ce d9 cc 9d 88 3f 21 68 ff | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff09b5e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a9006b3bf8 (length 16) | 85 b6 cb ec 48 0d 5c 8c d9 88 2c 82 5a c2 c2 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a8fff124f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x55a9006b3c38 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55a9006a5c48 | libevent_malloc: new ptr-libevent@0x55a9006b1f08 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bd0d8 size 16 | libevent_realloc: new ptr-libevent@0x55a9006bd118 size 256 | libevent_malloc: new ptr-libevent@0x55a9006bd248 size 8 | libevent_realloc: new ptr-libevent@0x55a90064db78 size 144 | libevent_malloc: new ptr-libevent@0x55a900644ee8 size 152 | libevent_malloc: new ptr-libevent@0x55a9006bd288 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x55a9006bd2c8 size 8 | libevent_malloc: new ptr-libevent@0x55a90064daa8 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x55a9006bd308 size 8 | libevent_malloc: new ptr-libevent@0x55a9006bd348 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x55a9006bd418 size 8 | libevent_realloc: release ptr-libevent@0x55a90064db78 | libevent_realloc: new ptr-libevent@0x55a9006bd458 size 256 | libevent_malloc: new ptr-libevent@0x55a9006bd588 size 152 | signal event handler PLUTO_SIGSYS installed | created addconn helper (pid:3089) using fork+execve | forked child 3089 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.23:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.23:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.2.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x55a9006bdb68 | libevent_malloc: new ptr-libevent@0x55a9006b1e58 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bdbd8 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdc18 | libevent_malloc: new ptr-libevent@0x55a9006457d8 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bdc88 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdcc8 | libevent_malloc: new ptr-libevent@0x55a900647e18 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bdd38 size 16 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdd78 | libevent_malloc: new ptr-libevent@0x55a9006490c8 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bdde8 size 16 | setup callback for interface eth0 192.0.2.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x55a9006bde28 | libevent_malloc: new ptr-libevent@0x55a90061c4e8 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bde98 size 16 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x55a9006bded8 | libevent_malloc: new ptr-libevent@0x55a90061c1d8 size 128 | libevent_malloc: new ptr-libevent@0x55a9006bdf48 size 16 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x55a900617c48) PKK_PSK: @east | id type added to secret(0x55a900617c48) PKK_PSK: @west | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.14 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 | no interfaces to sort | libevent_free: release ptr-libevent@0x55a9006b1e58 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdb68 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdb68 | libevent_malloc: new ptr-libevent@0x55a9006b1e58 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x55a9006457d8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdc18 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdc18 | libevent_malloc: new ptr-libevent@0x55a9006457d8 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x55a900647e18 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdcc8 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdcc8 | libevent_malloc: new ptr-libevent@0x55a900647e18 size 128 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | libevent_free: release ptr-libevent@0x55a9006490c8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdd78 | add_fd_read_event_handler: new ethX-pe@0x55a9006bdd78 | libevent_malloc: new ptr-libevent@0x55a9006490c8 size 128 | setup callback for interface eth0 192.0.2.254:500 fd 19 | libevent_free: release ptr-libevent@0x55a90061c4e8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bde28 | add_fd_read_event_handler: new ethX-pe@0x55a9006bde28 | libevent_malloc: new ptr-libevent@0x55a90061c4e8 size 128 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | libevent_free: release ptr-libevent@0x55a90061c1d8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bded8 | add_fd_read_event_handler: new ethX-pe@0x55a9006bded8 | libevent_malloc: new ptr-libevent@0x55a90061c1d8 size 128 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x55a900617c48) PKK_PSK: @east | id type added to secret(0x55a900617c48) PKK_PSK: @west | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.218 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 3089 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.012 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection east with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048, 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048,3des-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048, 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.23:500 192.1.2.45:500 -> hp@(nil): none | new hp@0x55a9006bf198 added connection description "east" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east]...192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.338 milliseconds in whack | spent 0.00323 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 01 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 7b 78 5d 26 90 76 e5 74 65 cf be d7 57 ad 04 01 | 02 eb f3 df 65 fc ac 2e b3 0d 77 32 25 b8 c3 63 | creating state object #1 at 0x55a9006c0bc8 | State DB: adding IKEv1 state #1 in UNDEFINED | pstats #1 ikev1.isakmp started | #1 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #1 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #1: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #1: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 80 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #1: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x55a9006c16b8 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a9006bf3e8 size 128 "east" #1: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.464 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00238 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | 14 00 00 24 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 | 40 14 5e 69 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 | 48 c0 27 34 14 00 00 18 4b 17 2b b5 11 ec a0 9b | d6 b0 f4 a7 7f b5 18 09 1d 15 2a e8 00 00 00 18 | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_R1 (find_state_ikev1) | start processing: state #1 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c1160 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c1168 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | natd_hash: hash= 1d 15 2a e8 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c1160 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c1168 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | natd_hash: hash= cf 88 a0 19 | expected NAT-D(me): 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | expected NAT-D(me): 1d 15 2a e8 | expected NAT-D(him): | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | received NAT-D: 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | received NAT-D: 1d 15 2a e8 | received NAT-D: be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | received NAT-D: cf 88 a0 19 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds | adding inI2_outR2 KE work-order 1 for state #1 | state #1 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006bf3e8 | free_event_entry: release EVENT_SO_DISCARD-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a9006bf3e8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.155 milliseconds in process_packet_tail() | crypto helper 0 resuming | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (inI2_outR2 KE); request ID 1 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.304 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7f14cc003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14cc003a28 | NSS: Public DH wire value: | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | Generated nonce: 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b c5 67 d6 75 | Generated nonce: 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa 7d 90 c7 7b | crypto helper 0 finished build KE and nonce (inI2_outR2 KE); request ID 1 time elapsed 0.000849 seconds | (#1) spent 0.838 milliseconds in crypto helper computing work-order 1: inI2_outR2 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f14cc002888 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #1: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14cc003a28: transferring ownership from helper KE to state #1 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | keyex value c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | keyex value 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | keyex value 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | keyex value 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | keyex value be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | keyex value 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | keyex value fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | keyex value ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | keyex value 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | keyex value 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | keyex value 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | keyex value 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | keyex value be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | keyex value 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | keyex value b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b c5 67 d6 75 | Nr 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa 7d 90 c7 7b | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | natd_hash: hash= cf 88 a0 19 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | NAT-D cf 88 a0 19 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | natd_hash: hash= 1d 15 2a e8 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | NAT-D 1d 15 2a e8 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14cc003a28: transferring ownership from state #1 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 2 for state #1 | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006bf3e8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #1 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | crypto helper 1 resuming | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle; has background offloaded task | crypto helper 1 starting work-order 2 for state #1 | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 2 | parent state #1: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | peer's g: 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | event_already_set, deleting event | peer's g: 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | peer's g: 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | peer's g: eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | peer's g: 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | peer's g: af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | peer's g: d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | peer's g: 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | peer's g: 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | libevent_free: release ptr-libevent@0x55a9006c2918 | peer's g: 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | peer's g: 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | peer's g: f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | peer's g: 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | peer's g: 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | peer's g: 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | peer's g: af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | Started DH shared-secret computation in NSS: | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | 14 00 00 24 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b | c5 67 d6 75 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa | 7d 90 c7 7b 14 00 00 18 be 23 b9 9d 36 6e 08 10 | 35 c1 1f 12 cf 13 74 81 cf 88 a0 19 00 00 00 18 | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a9006c16b8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #1 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.73462 "east" #1: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.453 milliseconds in resume sending helper answer | stop processing: state #1 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14cc002888 | new : g_ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14cc003a28: computed shared DH secret key@0x55a9006ac790 | dh-shared : g^ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006c2a38 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188700 | result: psk-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886e8 | result: psk-key@0x55a9006aad30 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a9006a9280 | SKEYID psk prf: created sha context 0x7f14c4002d60 from psk-key@0x55a9006aad30 | SKEYID psk prf: begin sha with context 0x7f14c4002d60 from psk-key@0x55a9006aad30 | SKEYID psk: release clone-key@0x55a9006aad30 | SKEYID psk PRF sha crypt-prf@0x7f14c4001108 | SKEYID psk PRF sha update Ni-bytes@0x55a9006c2a5c (length 32) | 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 40 14 5e 69 | 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 48 c0 27 34 | SKEYID psk PRF sha update Nr-bytes@0x55a9006c2a7c (length 32) | 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b c5 67 d6 75 | 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa 7d 90 c7 7b | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID psk PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID psk: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_d: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188718 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_d prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_d: release clone-key@0x55a9006a9280 | SKEYID_d PRF sha crypt-prf@0x7f14c40010b8 | SKEYID_d PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_d: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 73 ce a6 ca c9 50 3b 57 c0 79 3d 4b 48 00 48 11 c2 50 0f 58 f5 44 0e 10 43 c0 29 93 87 f6 39 9d bc 7e 77 64 5c 3e d2 45 fc 3f ad 5f c1 12 71 85 5b cd 8b e1 40 9a a6 e8 93 97 be 8c 2e 15 44 cf 4b 79 4a 49 72 5f 2d ad 28 4a c5 af 98 c2 90 11 d7 1d b7 c5 c9 53 4d 13 20 a5 4e bf 95 61 3a 56 bd a8 fb fb 2c ef d7 e6 c1 3b a6 86 08 8f 79 67 27 6c 9d d5 e7 a4 2c 0e ad f6 9b f0 e7 d7 f3 23 65 1d 58 79 b0 b3 fd 5b 81 de 44 78 18 0c 28 0a 91 10 d0 77 43 7c a2 c7 14 c7 00 4b 5f e7 67 d4 80 a0 4f b5 3a 05 7c 10 91 bb 03 67 af 41 e6 cd 73 c8 01 cc c6 28 1c d9 bb 5b 31 3a 8e 75 bc 08 f7 c8 73 33 a7 a4 ec fb 0f 6f 27 12 e3 19 12 02 26 d5 fc 7b 98 8e f1 a9 b1 87 5d b1 91 95 46 6b 10 6f 05 28 20 de 88 0b 7e e3 4b 97 b9 eb 73 55 11 f8 a9 d2 03 59 07 8c 98 d0 83 6d 7d d7 29 35 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4004f28 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006c2c9c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006c2ca4 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID_d PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_d: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_a: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886f8 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a900622080 | SKEYID_a prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a900622080 | SKEYID_a: release clone-key@0x55a900622080 | SKEYID_a PRF sha crypt-prf@0x7f14c4001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a9006a9280 (size 20) | SKEYID_a: SKEYID_d-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: 87 e3 02 90 5b 3d 22 db 45 55 d2 6a a4 c5 f7 21 1e aa dc cb d9 0c 3c 55 4c 6a 3b 2e 3f 18 6a 5d | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c40030c8 | unwrapped: 70 78 8a 5d 99 e7 3b 38 7a 16 e2 55 22 fd c6 4d | unwrapped: 40 be 86 70 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_a: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 73 ce a6 ca c9 50 3b 57 c0 79 3d 4b 48 00 48 11 c2 50 0f 58 f5 44 0e 10 43 c0 29 93 87 f6 39 9d bc 7e 77 64 5c 3e d2 45 fc 3f ad 5f c1 12 71 85 5b cd 8b e1 40 9a a6 e8 93 97 be 8c 2e 15 44 cf 4b 79 4a 49 72 5f 2d ad 28 4a c5 af 98 c2 90 11 d7 1d b7 c5 c9 53 4d 13 20 a5 4e bf 95 61 3a 56 bd a8 fb fb 2c ef d7 e6 c1 3b a6 86 08 8f 79 67 27 6c 9d d5 e7 a4 2c 0e ad f6 9b f0 e7 d7 f3 23 65 1d 58 79 b0 b3 fd 5b 81 de 44 78 18 0c 28 0a 91 10 d0 77 43 7c a2 c7 14 c7 00 4b 5f e7 67 d4 80 a0 4f b5 3a 05 7c 10 91 bb 03 67 af 41 e6 cd 73 c8 01 cc c6 28 1c d9 bb 5b 31 3a 8e 75 bc 08 f7 c8 73 33 a7 a4 ec fb 0f 6f 27 12 e3 19 12 02 26 d5 fc 7b 98 8e f1 a9 b1 87 5d b1 91 95 46 6b 10 6f 05 28 20 de 88 0b 7e e3 4b 97 b9 eb 73 55 11 f8 a9 d2 03 59 07 8c 98 d0 83 6d 7d d7 29 35 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4003db8 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006c2c9c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006c2ca4 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188700 | result: final-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886e8 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006acb70 | SKEYID_a PRF sha final-key@0x55a900622080 (size 20) | SKEYID_a: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_e: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: clone-key@0x55a9006acb70 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a9006acb70 | SKEYID_e prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a9006acb70 | SKEYID_e: release clone-key@0x55a9006acb70 | SKEYID_e PRF sha crypt-prf@0x7f14c40010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a900622080 (size 20) | SKEYID_e: SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 97 88 d0 09 b5 7e 79 6c b8 1c 5b ee 5e 7f 26 9f ab e4 1e 44 51 38 7f e0 d1 fc e8 af 99 de c0 d9 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c4001158 | unwrapped: f7 78 d6 90 f8 e9 fb c6 28 1c 77 3f 95 26 65 54 | unwrapped: 19 63 4b 7e 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_e: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 73 ce a6 ca c9 50 3b 57 c0 79 3d 4b 48 00 48 11 c2 50 0f 58 f5 44 0e 10 43 c0 29 93 87 f6 39 9d bc 7e 77 64 5c 3e d2 45 fc 3f ad 5f c1 12 71 85 5b cd 8b e1 40 9a a6 e8 93 97 be 8c 2e 15 44 cf 4b 79 4a 49 72 5f 2d ad 28 4a c5 af 98 c2 90 11 d7 1d b7 c5 c9 53 4d 13 20 a5 4e bf 95 61 3a 56 bd a8 fb fb 2c ef d7 e6 c1 3b a6 86 08 8f 79 67 27 6c 9d d5 e7 a4 2c 0e ad f6 9b f0 e7 d7 f3 23 65 1d 58 79 b0 b3 fd 5b 81 de 44 78 18 0c 28 0a 91 10 d0 77 43 7c a2 c7 14 c7 00 4b 5f e7 67 d4 80 a0 4f b5 3a 05 7c 10 91 bb 03 67 af 41 e6 cd 73 c8 01 cc c6 28 1c d9 bb 5b 31 3a 8e 75 bc 08 f7 c8 73 33 a7 a4 ec fb 0f 6f 27 12 e3 19 12 02 26 d5 fc 7b 98 8e f1 a9 b1 87 5d b1 91 95 46 6b 10 6f 05 28 20 de 88 0b 7e e3 4b 97 b9 eb 73 55 11 f8 a9 d2 03 59 07 8c 98 d0 83 6d 7d d7 29 35 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4004f28 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006c2c9c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006c2ca4 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188710 | result: final-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886f8 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a3700 | SKEYID_e PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID_e: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188768 | result: keymat-key@0x55a9006a3700 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a9006a9280, skeyid_a 0x55a900622080, skeyid_e 0x55a9006acb70, enc_key 0x55a9006a3700 | DH_i: 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | DH_i: 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | DH_i: 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | DH_i: eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | DH_i: 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | DH_i: af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | DH_i: d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | DH_i: 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | DH_i: 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | DH_i: 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | DH_i: 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | DH_i: f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | DH_i: 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | DH_i: 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | DH_i: 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | DH_i: af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | DH_r: 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | DH_r: c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | DH_r: 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | DH_r: 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | DH_r: 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | DH_r: be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | DH_r: 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | DH_r: fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | DH_r: ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | DH_r: 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | DH_r: 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | DH_r: 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | DH_r: 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | DH_r: be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | DH_r: 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | DH_r: b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006c2a9c (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | new IV hash sha digest GR-bytes@0x55a9006c2b9c (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | new IV hash sha final chunk@0x7f14c4001158 (length 20) | cb 49 5e c0 46 e5 cc d6 05 f6 db ff 16 f3 5b dd | 3b c5 ec fa | crypto helper 1 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 2 time elapsed 0.001483 seconds | (#1) spent 1.46 milliseconds in crypto helper computing work-order 2: main_inI2_outR2_tail (pcr) | crypto helper 1 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f14c4003978 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 2 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #1: calculate DH finished | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14cc003a28: transferring ownership from helper IKEv1 DH+IV to state #1 | stop processing: state #1 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.0234 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c4003978 | spent 0.003 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c 05 8e 2e d5 | fa 92 f2 ce 64 77 a8 e0 d6 c6 81 ae 9d ff b3 d2 | a7 bd 53 4d 5d 0e a9 b1 2b c8 cc 0e 0f 99 8b 75 | fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_R2 (find_state_ikev1) | start processing: state #1 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: cb 49 5e c0 46 e5 cc d6 05 f6 db ff 16 f3 5b dd | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 0f 99 8b 75 fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | decrypted payload (starts at offset -48): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 1d 84 b4 92 | 30 62 70 60 7a 98 e0 6e 28 40 88 55 da 6c 1a e9 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #1: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x55a9006bf278 | hmac PRF sha update data-bytes@0x55a9006c0a98 (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | hmac PRF sha update data-bytes@0x7f14cc000b48 (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | hmac PRF sha update data-bytes@0x55a9006c1160 (length 8) | f7 4b 09 d9 49 aa b6 8e | hmac PRF sha update data-bytes@0x55a9006c1168 (length 8) | 7b 78 5d 26 90 76 e5 74 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a9006178b8 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 1d 84 b4 92 30 62 70 60 7a 98 e0 6e 28 40 88 55 | da 6c 1a e9 | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c4001158 | hmac PRF sha update data-bytes@0x7f14cc000b48 (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | hmac PRF sha update data-bytes@0x55a9006c0a98 (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | hmac PRF sha update data-bytes@0x55a9006c1168 (length 8) | 7b 78 5d 26 90 76 e5 74 | hmac PRF sha update data-bytes@0x55a9006c1160 (length 8) | f7 4b 09 d9 49 aa b6 8e | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 4d a0 68 45 07 46 5c b8 99 c8 a1 8a fd b7 ee 8b | d8 22 92 c2 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 4d a0 68 45 07 46 5c b8 99 c8 a1 8a fd b7 ee 8b | HASH_R d8 22 92 c2 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 4d a0 68 45 07 46 5c b8 99 c8 a1 8a fd b7 ee 8b | encrypting: d8 22 92 c2 | IV: 0f 99 8b 75 fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | last encrypted block of Phase 1: | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #1: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a9006c16b8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c f4 7a 1e 74 | a3 f1 67 a3 30 bd 5d 36 25 07 18 f2 85 09 eb 78 | 1b 88 fb a8 2d 07 51 20 54 35 b6 37 a8 fb a9 86 | af 72 02 20 bf 03 ce 91 1c ee fa 4d | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a9006c16b8 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #1 | libevent_malloc: new ptr-libevent@0x7f14cc002888 size 128 | pstats #1 ikev1.isakmp established "east" #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #1 | #1 spent 0.659 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.824 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00309 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 8a fd ee 0a | f0 47 ff 03 49 4a 9e b0 46 6f 93 31 c8 fa 30 c3 | f3 ef 30 aa 57 7a 57 94 e7 bf 90 f0 c8 60 0a 12 | f9 4e 94 00 43 5a b8 0d 81 e2 90 0e a8 ed 71 47 | 48 9a fb 74 29 bd 4b c0 af ab 3b 71 3c ff c6 d3 | 46 44 fa af 0c ed 63 1b 59 43 e5 2b 8c d9 27 29 | 3b 6d 8c e6 f2 58 44 df 08 ca f1 f8 34 fa 21 01 | ee d9 1b 5a f5 24 f2 98 45 ca b3 12 41 c1 fd 2a | c2 eb 36 9d d4 1c bd f0 2d ee 14 21 42 7b b8 53 | a3 17 fa 41 dc 86 88 94 34 9b 2e 69 cb 75 a5 61 | 10 29 04 27 5c eb e3 c7 2f 45 32 e8 d4 8c 65 7b | 9a 9d ee b5 ea 34 cc a3 1b 7a 2e df e3 22 f0 ea | 8c c5 04 c1 d1 fb 8c cf 0c 47 37 93 bc 57 27 69 | 20 54 8b e8 5a 80 08 45 a5 f6 a8 7b 54 1d fe c4 | ca fc a1 84 4c 5a 7f 21 04 c0 bf 16 f1 ac ea c6 | eb 3f 79 0d 77 4a 19 af 6f 41 44 54 00 d5 1c c0 | 8c 0b a1 f8 57 a1 16 7d e4 ef 76 6b be 13 09 4f | 0f 80 dc e1 4e 76 ad 9c 12 ec 18 6d a2 7e 58 44 | 6a 02 6b 99 89 e3 b7 3b 2d fd 29 fe 8f 9b c5 86 | ff 51 21 4c e4 d1 90 c6 ee d9 23 9b 8e a7 ce 50 | 1e f8 46 b5 e4 f7 f5 d1 d8 63 13 9e 3a c2 47 f8 | a4 ce e0 17 56 3f 77 03 15 79 4d 77 ab 05 6a 18 | a3 43 c7 8c 2a b7 c3 f9 c6 9b 90 17 66 87 3b b9 | 44 34 d2 92 9a 62 d8 51 47 31 7e b9 e2 ed a5 2f | b3 17 89 45 64 15 e2 b5 81 dc 5c 5e 77 f6 42 1d | 1d e0 b7 d8 fb a4 c3 35 eb 8b ce 35 b3 ae 4a 55 | 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #1 in MAIN_R3 (find_state_ikev1) | start processing: state #1 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | a5 71 83 5f | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | 28 cb be c8 29 f7 bf fb 4e be 6e a2 9f 5a 39 33 | 82 d5 f5 5f | #1 is idle | #1 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 28 cb be c8 29 f7 bf fb 4e be 6e a2 9f 5a 39 33 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: b3 ae 4a 55 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | decrypted payload (starts at offset -416): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 01 00 00 18 | 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a 11 b9 94 3d | b3 c3 92 b4 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 83 3b 16 bb 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | 05 00 01 04 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d | 8d f2 6f 8a 76 47 5b 41 7a 60 d9 ee d5 db aa 06 | 6c cb 1b 1a 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c | 6b 63 86 18 b7 e5 44 4a da b2 5a b5 eb 4c bb 7e | 00 6b 4c 03 b1 4d 5c 84 57 9d bc 99 17 6a 73 33 | bf a0 e8 f3 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f | da b2 d2 09 b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 | 55 db d3 95 f7 ae d7 19 05 e4 58 b9 98 fd c8 53 | a0 e6 c3 62 18 44 8c a1 16 ec f5 bf 3f 9d ab da | 42 2f 0b fb 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a | 3d 8f 22 da 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 | 85 f8 80 07 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 | 55 fd 7b e3 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 | 18 49 3c cd dd 27 5d 31 ec 04 99 c0 1d 69 11 11 | 9f d3 c3 73 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 | 58 35 49 2a be e0 df 94 07 6c fc 33 11 2d f6 87 | a7 0a 11 4b 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c4001158 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | a5 71 83 5f | HASH(1) PRF sha update payload-bytes@0x55a9006c2bfc (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 83 3b 16 bb 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 c0 60 2f 81 | 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 62 fb ea 9b | 83 79 bc ac 01 b2 36 12 47 35 ac 35 05 00 01 04 | 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a 11 b9 94 3d | b3 c3 92 b4 | quick_inI1_outR1 HASH(1): | 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a 11 b9 94 3d | b3 c3 92 b4 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #1: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | match_id a=@west | b=@west | results matched | fc_try trying east:192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 vs east:192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | fc_try concluding with east [129] | fc_try east gives east | concluding with d = east | client wildcard: no port wildcard: no virtual: no | creating state object #2 at 0x55a9006c1c58 | State DB: adding IKEv1 state #2 in UNDEFINED | pstats #2 ikev1.ipsec started | duplicating state object #1 "east" as #2 for IPSEC SA | #2 setting local endpoint to 192.1.2.23:500 from #1.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_d_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ai_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006a3700 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #1 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #2 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #2: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 83 3b 16 bb | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | adding quick_outI1 KE work-order 3 for state #2 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #2 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #2 and saving MD | crypto helper 2 resuming | #2 is busy; has a suspended MD | crypto helper 2 starting work-order 3 for state #2 | #1 spent 0.191 milliseconds in process_packet_tail() | crypto helper 2 doing build KE and nonce (quick_outI1 KE); request ID 3 | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #2 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.488 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14c80050c8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c80050c8 | NSS: Public DH wire value: | ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | Generated nonce: 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | Generated nonce: d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | crypto helper 2 finished build KE and nonce (quick_outI1 KE); request ID 3 time elapsed 0.000651 seconds | (#2) spent 0.651 milliseconds in crypto helper computing work-order 3: quick_outI1 KE (pcr) | crypto helper 2 sending results from work-order 3 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f14c8003f28 size 128 | libevent_realloc: release ptr-libevent@0x55a9006a0458 | libevent_realloc: new ptr-libevent@0x7f14c8003e78 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 3 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue1 for #2: calculated ke+nonce, calculating DH | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c80050c8: transferring ownership from helper KE to state #2 | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c80050c8: transferring ownership from state #2 to helper IKEv1 DH | adding quick outR1 DH work-order 4 for state #2 | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | suspending state #2 and saving MD | #2 is busy; has a suspended MD | resume sending helper answer for #2 suppresed complete_v1_state_transition() and stole MD | crypto helper 4 resuming | #2 spent 0.0502 milliseconds in resume sending helper answer | crypto helper 4 starting work-order 4 for state #2 | stop processing: state #2 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | crypto helper 4 doing compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 4 | peer's g: 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | peer's g: 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | libevent_free: release ptr-libevent@0x7f14c8003f28 | peer's g: 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | peer's g: b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | peer's g: b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | peer's g: 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | peer's g: b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | peer's g: f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | peer's g: 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | peer's g: 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | peer's g: 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | peer's g: 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | peer's g: 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | peer's g: dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | peer's g: 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | peer's g: be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c80050c8: computed shared DH secret key@0x55a9006bd630 | dh-shared : g^ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 4 finished compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 4 time elapsed 0.000593 seconds | (#2) spent 0.595 milliseconds in crypto helper computing work-order 4: quick outR1 DH (pcr) | crypto helper 4 sending results from work-order 4 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f14bc003618 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 4 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue2 for #2: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 83 3b 16 bb | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x21e81d96 for esp.0@192.1.2.23 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 21 e8 1d 96 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ESP) | attributes 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | attributes 80 05 00 02 80 06 00 80 | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 "east" #2: responding to Quick Mode proposal {msgid:a571835f} "east" #2: us: 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east] "east" #2: them: 192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | Nr d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | emitting length of ISAKMP Nonce Payload: 36 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | keyex value 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | keyex value a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | keyex value 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | keyex value 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | keyex value f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | keyex value c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | keyex value ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | keyex value 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | keyex value c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | keyex value 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | keyex value 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | keyex value fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | keyex value 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | keyex value ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | keyex value a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | emitting length of ISAKMP Key Exchange Payload: 260 | DH secret MODP2048@0x7f14c80050c8: transferring ownership from helper IKEv1 DH to state #2 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 01 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 02 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482648 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x55a9006c1aa8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948272c (length 4) | a5 71 83 5f | HASH(1) PRF sha update Ni_b-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | HASH(1) PRF sha update payload-bytes@0x55a8fff8a8f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 21 e8 1d 96 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 54 d2 08 46 | 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e d6 b3 97 53 | d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 05 00 01 04 | ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a8fff8a8e0 (length 20) | bc a0 96 14 33 d6 66 ae ba 08 96 05 17 74 ea a4 | 2a a6 f4 77 | quick inR1 outI2 HASH(2): | bc a0 96 14 33 d6 66 ae ba 08 96 05 17 74 ea a4 | 2a a6 f4 77 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c80041f0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x7f14c80041f0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x55a9006bf278 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c5618 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: bb 37 05 b5 61 47 38 dd 02 40 3f ce 6f ea 02 6b 94 82 80 b6 c3 52 17 90 d0 e7 49 a3 23 fd 8b 9d 2b 5e 75 ae 69 a0 81 72 a0 c2 62 7e 00 84 0f 20 cb 38 25 f7 ed ec 06 14 a2 e9 26 90 07 00 b9 17 34 38 b1 27 e0 f3 0e 9c 78 fc dd 6b f2 a7 7e 62 d0 af 60 34 fd f0 96 5b 93 60 fe 33 84 89 54 d7 03 0b 9e 4c a4 9e de f4 b7 c4 9f 9b b6 49 d3 a2 20 55 f0 8d 67 fd 41 b8 26 8b 3c 63 c0 f7 a9 3e 6c f4 82 ed de 24 5e b5 2d be 41 ef 5c cb 74 91 2a 8d fc 05 61 3e 26 cb 04 83 e5 92 8f 03 9c 48 fe 8f 87 78 e6 7a 8b 0b 92 8d 9d 1e 59 14 b1 b9 cb e9 0c 51 8d 1b 4d e0 ee 0e 35 28 73 03 6e a0 55 2b 2b 17 f6 4b 91 25 05 4b 92 a3 a5 7d e8 db 49 6d 95 ee 7c 81 7a e7 58 23 c8 52 6d e0 34 79 67 a4 4c 1a 1f 37 71 88 ac 29 91 62 10 9b 1f 77 b1 5d 48 49 f0 f3 61 9d 62 3b c8 68 a9 2f 0c e7 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006ca928 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: bb 37 05 b5 61 47 38 dd 02 40 3f ce 6f ea 02 6b 94 82 80 b6 c3 52 17 90 d0 e7 49 a3 23 fd 8b 9d 2b 5e 75 ae 69 a0 81 72 a0 c2 62 7e 00 84 0f 20 cb 38 25 f7 ed ec 06 14 a2 e9 26 90 07 00 b9 17 34 38 b1 27 e0 f3 0e 9c 78 fc dd 6b f2 a7 7e 62 d0 af 60 34 fd f0 96 5b 93 60 fe 33 84 89 54 d7 03 0b 9e 4c a4 9e de f4 b7 c4 9f 9b b6 49 d3 a2 20 55 f0 8d 67 fd 41 b8 26 8b 3c 63 c0 f7 a9 3e 6c f4 82 ed de 24 5e b5 2d be 41 ef 5c cb 74 91 2a 8d fc 05 61 3e 26 cb 04 83 e5 92 8f 03 9c 48 fe 8f 87 78 e6 7a 8b 0b 92 8d 9d 1e 59 14 b1 b9 cb e9 0c 51 8d 1b 4d e0 ee 0e 35 28 73 03 6e a0 55 2b 2b 17 f6 4b 91 25 05 4b 92 a3 a5 7d e8 db 49 6d 95 ee 7c 81 7a e7 58 23 c8 52 6d e0 34 79 67 a4 4c 1a 1f 37 71 88 ac 29 91 62 10 9b 1f 77 b1 5d 48 49 f0 f3 61 9d 62 3b c8 68 a9 2f 0c e7 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006ca5d8 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c1e60 (length 4) | 21 e8 1d 96 | hmac PRF sha update data-bytes@0x55a9006c1e40 (length 4) | 83 3b 16 bb | hmac PRF sha update data-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f14c8002918 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha update data-bytes@0x7f14c8002918 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha final-bytes@0x7f14c4004138 (length 20) | 12 0e ae 5a 44 bc 6c 17 a0 a2 c8 75 f9 8d a3 1b | 05 1e 95 3f | hmac PRF sha final-bytes@0x55a9006c5668 (length 20) | f7 9d c4 a2 95 8b ef 86 be ce 58 ae 41 04 1c ba | 6b c2 1d b4 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c27d8 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c80041f0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x7f14c80041f0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update data-bytes@0x7f14c4004138 (length 20) | 12 0e ae 5a 44 bc 6c 17 a0 a2 c8 75 f9 8d a3 1b | 05 1e 95 3f | hmac PRF sha update data-bytes@0x55a9006c5668 (length 20) | f7 9d c4 a2 95 8b ef 86 be ce 58 ae 41 04 1c ba | 6b c2 1d b4 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: bb 37 05 b5 61 47 38 dd 02 40 3f ce 6f ea 02 6b 94 82 80 b6 c3 52 17 90 d0 e7 49 a3 23 fd 8b 9d 2b 5e 75 ae 69 a0 81 72 a0 c2 62 7e 00 84 0f 20 cb 38 25 f7 ed ec 06 14 a2 e9 26 90 07 00 b9 17 34 38 b1 27 e0 f3 0e 9c 78 fc dd 6b f2 a7 7e 62 d0 af 60 34 fd f0 96 5b 93 60 fe 33 84 89 54 d7 03 0b 9e 4c a4 9e de f4 b7 c4 9f 9b b6 49 d3 a2 20 55 f0 8d 67 fd 41 b8 26 8b 3c 63 c0 f7 a9 3e 6c f4 82 ed de 24 5e b5 2d be 41 ef 5c cb 74 91 2a 8d fc 05 61 3e 26 cb 04 83 e5 92 8f 03 9c 48 fe 8f 87 78 e6 7a 8b 0b 92 8d 9d 1e 59 14 b1 b9 cb e9 0c 51 8d 1b 4d e0 ee 0e 35 28 73 03 6e a0 55 2b 2b 17 f6 4b 91 25 05 4b 92 a3 a5 7d e8 db 49 6d 95 ee 7c 81 7a e7 58 23 c8 52 6d e0 34 79 67 a4 4c 1a 1f 37 71 88 ac 29 91 62 10 9b 1f 77 b1 5d 48 49 f0 f3 61 9d 62 3b c8 68 a9 2f 0c e7 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006ca928 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: bb 37 05 b5 61 47 38 dd 02 40 3f ce 6f ea 02 6b 94 82 80 b6 c3 52 17 90 d0 e7 49 a3 23 fd 8b 9d 2b 5e 75 ae 69 a0 81 72 a0 c2 62 7e 00 84 0f 20 cb 38 25 f7 ed ec 06 14 a2 e9 26 90 07 00 b9 17 34 38 b1 27 e0 f3 0e 9c 78 fc dd 6b f2 a7 7e 62 d0 af 60 34 fd f0 96 5b 93 60 fe 33 84 89 54 d7 03 0b 9e 4c a4 9e de f4 b7 c4 9f 9b b6 49 d3 a2 20 55 f0 8d 67 fd 41 b8 26 8b 3c 63 c0 f7 a9 3e 6c f4 82 ed de 24 5e b5 2d be 41 ef 5c cb 74 91 2a 8d fc 05 61 3e 26 cb 04 83 e5 92 8f 03 9c 48 fe 8f 87 78 e6 7a 8b 0b 92 8d 9d 1e 59 14 b1 b9 cb e9 0c 51 8d 1b 4d e0 ee 0e 35 28 73 03 6e a0 55 2b 2b 17 f6 4b 91 25 05 4b 92 a3 a5 7d e8 db 49 6d 95 ee 7c 81 7a e7 58 23 c8 52 6d e0 34 79 67 a4 4c 1a 1f 37 71 88 ac 29 91 62 10 9b 1f 77 b1 5d 48 49 f0 f3 61 9d 62 3b c8 68 a9 2f 0c e7 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006ca5d8 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c1e60 (length 4) | 21 e8 1d 96 | hmac PRF sha update data-bytes@0x55a9006c1e40 (length 4) | 83 3b 16 bb | hmac PRF sha update data-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f14c8002918 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha update data-bytes@0x7f14c8002918 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha final-bytes@0x7f14c400414c (length 20) | 29 d8 da 02 ff 57 51 b7 32 d2 66 85 43 7e d4 2b | 83 67 b6 a7 | hmac PRF sha final-bytes@0x55a9006c567c (length 20) | 03 cc 8d 6f ed f6 41 56 7f c0 2e f3 35 89 0c c2 | bd de 3e f0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" unrouted: NULL | install_inbound_ipsec_sa() checking if we can route | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" unrouted: NULL; eroute owner: NULL | routing is easy, or has resolvable near-conflict | checking if this is a replacement state | st=0x55a9006c1c58 ost=(nil) st->serialno=#2 ost->serialno=#0 | installing outgoing SA now as refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.833b16bb@192.1.2.45 included non-error error | outgoing SA has refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.21e81d96@192.1.2.23 included non-error error | priority calculation of connection "east" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | encrypting: 01 00 00 18 bc a0 96 14 33 d6 66 ae ba 08 96 05 | encrypting: 17 74 ea a4 2a a6 f4 77 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 21 e8 1d 96 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe | encrypting: 1c 43 1b 5e d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 | encrypting: 23 42 f4 79 05 00 01 04 ca 5b 13 66 6f fa e2 cf | encrypting: ae 90 6a 56 92 fd 44 0b 01 5e f2 64 9f d6 45 1e | encrypting: c0 e5 47 2b f5 56 0f 3c a3 87 04 e6 0e ca 2f d7 | encrypting: ef 73 e7 a3 5c 9a 02 5a 96 3e 94 e5 d9 f9 74 e5 | encrypting: 96 f6 b7 8e 04 93 41 37 68 ae cf 1f 32 39 86 75 | encrypting: 4a 04 85 6c 5f dc 06 da f0 49 2e 65 0d 3d 62 d3 | encrypting: e3 3b 2b 23 82 11 a4 8a c2 82 b2 02 32 57 26 52 | encrypting: ed 2d 6e 4a 54 9a 37 04 ec a8 a9 a0 39 4d 85 16 | encrypting: a4 eb 70 98 13 0e f2 26 9a 60 6e c3 4f fc 42 f1 | encrypting: 2b ab 7d b5 36 bf 2d 13 c4 9e 02 03 96 d4 b9 11 | encrypting: 20 f0 bf 54 98 3a 14 b7 9b 1f 14 92 4c 83 74 bc | encrypting: 80 c6 31 15 04 76 2a 7b 9b 3c e7 f2 db 8b 0b 5e | encrypting: 2b 11 08 90 bd ab a9 44 fe a6 37 44 94 e6 f1 d2 | encrypting: eb 88 e6 dd 9a 4f 65 af 05 3f 0d 10 80 ea 17 75 | encrypting: 56 23 24 76 02 1f 82 41 ba c6 7a 55 0f 13 26 01 | encrypting: 7c 69 05 f6 b3 3e ce b2 a6 1b 45 2a 3c af 49 bd | encrypting: e9 d0 e2 ce 23 ab bc 8d 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: b3 ae 4a 55 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 0e 64 43 0c eb cf 00 08 b2 54 73 bf 75 1d 27 2a | finished processing quick inI1 | complete v1 state transition with STF_OK | [RE]START processing: state #2 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #2 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 | child state #2: QUICK_R0(established CHILD SA) => QUICK_R1(established CHILD SA) | event_already_set, deleting event | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 444 bytes for STATE_QUICK_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #2) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 6e c6 82 97 | 3b ac 6b 3a 21 b2 27 9d 32 aa 01 b0 13 d9 cc e1 | 11 09 1a 2b 85 a8 3b 84 c1 d4 1d 54 03 79 3f 2b | 87 e2 d7 07 13 9a 5d 2b c1 92 20 c6 28 3e 62 7f | 46 32 b9 ee d6 ed 7c b6 f0 4a 67 9b 90 4a 3b 40 | c4 9d 28 5e 01 ad a9 94 e2 45 2b ae ca e4 a2 5c | a0 c7 74 e4 79 5f 6d 77 ca 43 de 76 7e d0 91 a4 | 18 e8 82 b4 8a b4 a3 d8 e7 51 c0 46 3d ec aa ee | 6e 80 8a ce 55 f4 cd 21 de 7f 09 17 e8 a1 30 5c | de 4e 37 e8 0b 68 6a 9e b9 a2 5d 55 72 09 7f fc | f7 99 47 51 e2 33 1f cb 5b c7 fb 30 a0 e7 44 27 | ba 21 c3 36 11 83 31 19 c3 70 88 b8 70 83 c4 c8 | 72 92 c4 7c 76 f5 2c c1 8c 73 d7 95 4c 22 f2 12 | 65 36 60 2e 28 e8 6d 7f 40 05 86 f7 5f ff 3a 78 | 42 68 6a 03 fe d4 bc c9 54 aa dd 3f d8 f1 e9 4c | bf 09 c9 ff f4 62 0e e3 65 93 f1 1f d5 e5 08 8f | 01 73 ec 65 4c fc 62 f5 aa ae d8 dc be 58 3a 61 | cb 3c 01 3f 7f 8e aa 7c 19 25 ed 2a b2 47 22 2f | 14 06 3e 26 75 d4 9d d9 b0 80 f8 e6 ef ea 9e 53 | 5a f0 2b 6b 7f f5 b5 ae a9 7c 06 c4 40 ce 76 30 | 04 0e 81 5c e4 27 db 45 94 8b 85 79 2f 95 f3 66 | 0e 1b 88 2e 4b b8 10 0a c8 ad 7b 45 ca 9f 36 a1 | 54 72 8a ad 2a 60 e1 c0 e6 6b 8b 4b 20 e8 4d 15 | c9 df 20 99 0f d4 c6 bd ea 52 2d 37 fe 9e c8 45 | 29 4b 52 cf a3 42 c1 21 cf 64 a5 5f 9d eb 33 dd | bb 02 38 68 59 91 cb f8 81 4b ae 1c 0e 64 43 0c | eb cf 00 08 b2 54 73 bf 75 1d 27 2a | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14cc002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f14c8003f28 size 128 | #2 STATE_QUICK_R1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.745848 | pstats #2 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 tunnel mode {ESP=>0x833b16bb <0x21e81d96 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 1.23 milliseconds in resume sending helper answer | stop processing: state #2 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14bc003618 | spent 0.00271 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 60 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 00 3c 7e 67 e8 20 | 89 52 08 9f 2d 27 1f eb bb 80 68 b0 cd 06 54 81 | 40 79 96 2d 23 da 7a 82 84 50 b7 3e | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | length: 60 (0x3c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #2 in QUICK_R1 (find_state_ikev1) | start processing: state #2 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1633) | #2 is idle | #2 idle | received encrypted packet from 192.1.2.45:500 | decrypting 32 bytes using algorithm AES_CBC | IV before: 0e 64 43 0c eb cf 00 08 b2 54 73 bf 75 1d 27 2a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: cd 06 54 81 40 79 96 2d 23 da 7a 82 84 50 b7 3e | decrypted payload (starts at offset -32): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 00 3c 00 00 00 18 | d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b 14 9d 1d c6 | 52 cb 1b d6 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006ca780 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006ca780 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | a5 71 83 5f | HASH(1) PRF sha update Ni_b-bytes@0x7f14c4001158 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | HASH(1) PRF sha update Nr_b-bytes@0x7f14c8002918 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b 14 9d 1d c6 | 52 cb 1b d6 | quick_inI2 HASH(3): | d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b 14 9d 1d c6 | 52 cb 1b d6 | received 'quick_inI2' message HASH(3) data ok | install_ipsec_sa() for #2: outbound only | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" unrouted: NULL; eroute owner: NULL | sr for #2: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: east (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2 | priority calculation of connection "east" is 0xfe7e7 | eroute_connection add eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x833b16bb SPI_OUT=0x21e | popen cmd is 1020 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' : | cmd( 160):PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1638: | cmd( 320):8' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKE: | cmd( 640):V1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO: | cmd( 720):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_IN: | cmd( 800):FO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_: | cmd( 880):CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED=: | cmd( 960):'no' SPI_IN=0x833b16bb SPI_OUT=0x21e81d96 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x833b16bb SPI | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@e: | cmd( 160):ast' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0x833b16bb SPI_OUT=0x21e81d96 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x833b16bb SPI_OUT | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@eas: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0x833b16bb SPI_OUT=0x21e81d96 ipsec _updown 2>&1: | route_and_eroute: instance "east", setting eroute_owner {spd=0x55a9006be648,sr=0x55a9006be648} to #2 (was #0) (newest_ipsec_sa=#0) | #1 spent 1.59 milliseconds in install_ipsec_sa() | inI2: instance east[0], setting IKEv1 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #2 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #2 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 | child state #2: QUICK_R1(established CHILD SA) => QUICK_R2(established CHILD SA) | event_already_set, deleting event | state #2 requesting EVENT_RETRANSMIT to be deleted | #2 STATE_QUICK_R2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f14c8003f28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14cc002b78 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14cc002b78 | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f14bc003618 size 128 | pstats #2 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #2: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x833b16bb <0x21e81d96 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | #2 spent 1.7 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #2 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.92 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00251 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 84 04 19 c0 00 00 00 4c ba f1 9f 3e | 2f 46 bb 36 5d 77 18 6b 32 7f 2f 70 cd 22 5c 6d | b7 4c 09 5b 82 5d ab 71 bd 86 cf 21 8d 51 bf 06 | 12 fc 25 9f f9 79 a9 73 70 82 a1 4c | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2214861248 (0x840419c0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #2; msgid=00000000 st_msgid=a571835f st_msgid_phase15=00000000 | peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #1 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #1 in MAIN_R3 (find_v1_info_state) | start processing: state #1 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 84 04 19 c0 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | d4 53 8d ca 71 02 a2 c5 0f 34 b3 4c 6f 56 18 9e | af 24 55 a2 | #1 is idle | #1 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: d4 53 8d ca 71 02 a2 c5 0f 34 b3 4c 6f 56 18 9e | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 8d 51 bf 06 12 fc 25 9f f9 79 a9 73 70 82 a1 4c | decrypted payload (starts at offset -48): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 84 04 19 c0 00 00 00 4c 0c 00 00 18 | f9 3a 85 0a fd 64 07 25 d4 cd f5 31 b7 c5 72 f3 | 22 bf c6 78 00 00 00 10 00 00 00 01 03 04 00 01 | 83 3b 16 bb 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 84 04 19 c0 | HASH(1) PRF sha update payload-bytes@0x55a9006178cc (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 83 3b 16 bb | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | f9 3a 85 0a fd 64 07 25 d4 cd f5 31 b7 c5 72 f3 | 22 bf c6 78 | informational HASH(1): | f9 3a 85 0a fd 64 07 25 d4 cd f5 31 b7 c5 72 f3 | 22 bf c6 78 | received 'informational' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Delete Payload into SPI | SPI 83 3b 16 bb | FOR_EACH_STATE_... in find_phase2_state_to_delete | start processing: connection "east" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515) "east" #1: received Delete SA(0x833b16bb) payload: deleting IPsec State #2 | pstats #2 ikev1.ipsec deleted completed | suspend processing: state #1 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) | start processing: state #2 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #2: deleting other state #2 (STATE_QUICK_R2) aged 0.085s and sending notification | child state #2: QUICK_R2(established CHILD SA) => delete | get_sa_info esp.833b16bb@192.1.2.45 | get_sa_info esp.21e81d96@192.1.2.23 "east" #2: ESP traffic information: in=84B out=84B | #2 send IKEv1 delete notification for STATE_QUICK_R2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 71502916 (0x4430c44) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 21 e8 1d 96 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94804e8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x55a9006c1aa8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94805cc (length 4) | 04 43 0c 44 | HASH(1) PRF sha update payload-bytes@0x7ffef9480974 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 21 e8 1d 96 | HASH(1) PRF sha final-bytes@0x7ffef9480960 (length 20) | c8 08 3c 6f 66 9e e0 0d c1 e8 97 68 e2 35 d6 03 | 2f 8c 6f e3 | send delete HASH(1): | c8 08 3c 6f 66 9e e0 0d c1 e8 97 68 e2 35 d6 03 | 2f 8c 6f e3 | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94805dc (length 4) | 04 43 0c 44 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | 42 df 85 73 a7 08 61 1a 34 1e c8 57 cf 6f af ed | e4 19 67 92 | encrypting: 0c 00 00 18 c8 08 3c 6f 66 9e e0 0d c1 e8 97 68 | encrypting: e2 35 d6 03 2f 8c 6f e3 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 21 e8 1d 96 | IV: 42 df 85 73 a7 08 61 1a 34 1e c8 57 cf 6f af ed | IV: e4 19 67 92 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 60 6d 77 c3 fa c5 85 cd 1d 45 c0 51 d6 3d f2 b1 | sending 76 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 04 43 0c 44 00 00 00 4c a3 0e 77 fa | ad f8 47 91 cf a1 a6 06 17 d6 ce a4 13 51 78 e4 | a5 f2 a2 9b 45 38 7d 0c b8 a4 cb 9b 60 6d 77 c3 | fa c5 85 cd 1d 45 c0 51 d6 3d f2 b1 | state #2 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14bc003618 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14cc002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844010' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x833b16bb | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east: | cmd( 160):' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844010' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x833b16bb SPI_OUT=0x21e81d96 ipsec _updown 2>&1: | shunt_eroute() called for connection 'east' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.833b16bb@192.1.2.45 | netlink response for Del SA esp.833b16bb@192.1.2.45 included non-error error | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.21e81d96@192.1.2.23 | netlink response for Del SA esp.21e81d96@192.1.2.23 included non-error error | stop processing: connection "east" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection east | State DB: deleting IKEv1 state #2 in QUICK_R2 | child state #2: QUICK_R2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c80050c8: destroyed | stop processing: state #2 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume processing: state #1 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006bd630 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | connection 'east' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #1 ikev1.isakmp deleted completed | [RE]START processing: state #1 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #1: deleting state (STATE_MAIN_R3) aged 0.109s and sending notification | parent state #1: MAIN_R3(established IKE SA) => delete | #1 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3579756672 (0xd55ec080) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI f7 4b 09 d9 49 aa b6 8e | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 7b 78 5d 26 90 76 e5 74 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480488 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c8004fc8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948056c (length 4) | d5 5e c0 80 | HASH(1) PRF sha update payload-bytes@0x7ffef9480914 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 f7 4b 09 d9 | 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | HASH(1) PRF sha final-bytes@0x7ffef9480900 (length 20) | 47 8f 73 dd 49 83 a0 4e ad 9b 09 f2 25 7e 44 28 | f8 bb 37 94 | send delete HASH(1): | 47 8f 73 dd 49 83 a0 4e ad 9b 09 f2 25 7e 44 28 | f8 bb 37 94 | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948057c (length 4) | d5 5e c0 80 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | ac 86 46 3a 7e 52 aa b8 44 5b b8 76 b6 24 a0 4b | 7c 9a f5 01 | encrypting: 0c 00 00 18 47 8f 73 dd 49 83 a0 4e ad 9b 09 f2 | encrypting: 25 7e 44 28 f8 bb 37 94 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 | encrypting: 90 76 e5 74 | IV: ac 86 46 3a 7e 52 aa b8 44 5b b8 76 b6 24 a0 4b | IV: 7c 9a f5 01 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6c 5e 45 15 d1 30 68 47 9e 68 57 a6 c1 df e7 57 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 d5 5e c0 80 00 00 00 5c 13 6c 82 dc | 6a c3 79 65 10 a2 71 af 77 5e 12 e3 fb 05 b5 c8 | a7 0b 9b d9 03 47 5f 53 c4 d9 56 2b d8 48 61 fe | a2 1a 7d 66 53 85 d2 c5 4e 24 1c 7b 6c 5e 45 15 | d1 30 68 47 9e 68 57 a6 c1 df e7 57 | state #1 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14cc002888 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a9006c16b8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #1 in MAIN_R3 | parent state #1: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14cc003a28: destroyed | stop processing: state #1 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006ac790 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2556) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2559) | del: | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.91 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00423 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00297 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00277 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00271 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.0016 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 47 f5 9f ce 00 00 00 5c 52 89 35 f2 | 54 c0 ec 61 1e 3e 55 dd 61 72 cb 2f 3f f0 5e 18 | ed 52 74 ad d8 ad 70 1f 50 65 94 39 0f b9 b9 90 | de ca 93 3a 1e dd 43 55 df 21 d2 68 92 0b c4 0b | 57 8d 11 a2 88 1f 97 37 00 cb 5f b4 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1207279566 (0x47f59fce) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x47f59fce | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f7 4b 09 d9 49 aa b6 8e | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 7b 78 5d 26 90 76 e5 74 | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0664 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00287 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 208 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | b3 39 ed 04 6c b5 f6 ce 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b3 39 ed 04 6c b5 f6 ce | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 208 (0xd0) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 60 (0x3c) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 02 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | a3 8d 70 84 0d 2e 5d 0b 72 d7 f3 2e 05 76 d6 f6 | ad 40 61 2c d6 00 b2 5a 63 bb 61 37 3d 9a 24 4b | creating state object #3 at 0x55a9006c0bc8 | State DB: adding IKEv1 state #3 in UNDEFINED | pstats #3 ikev1.isakmp started | #3 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #3 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #3: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #3: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | b3 39 ed 04 6c b5 f6 ce | responder cookie: | a3 8d 70 84 0d 2e 5d 0b | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 48 (0x30) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) "east" #3: repeated OAKLEY_KEY_LENGTH attribute in Oakley Transform 0 | complete v1 state transition with BAD_PROPOSAL_SYNTAX | [RE]START processing: state #3 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #3 is idle "east" #3: sending notification BAD_PROPOSAL_SYNTAX to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | b3 39 ed 04 6c b5 f6 ce | responder cookie: | a3 8d 70 84 0d 2e 5d 0b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #3) | b3 39 ed 04 6c b5 f6 ce a3 8d 70 84 0d 2e 5d 0b | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | state transition function for STATE_MAIN_R0 failed: BAD_PROPOSAL_SYNTAX | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #3 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.775 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00271 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 208 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | a4 c4 de aa 1a 6d 7f 9a 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | a4 c4 de aa 1a 6d 7f 9a | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 208 (0xd0) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 60 (0x3c) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 03 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 98 2a 82 6d 73 9d cd 54 17 91 4b 3c 65 28 bc ef | 03 2e 51 47 47 52 49 73 21 43 4f 77 49 5f e5 08 | creating state object #4 at 0x55a9006c1c58 | State DB: adding IKEv1 state #4 in UNDEFINED | pstats #4 ikev1.isakmp started | #4 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #4 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #4: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #4: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | a4 c4 de aa 1a 6d 7f 9a | responder cookie: | 98 2a 82 6d 73 9d cd 54 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 48 (0x30) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) "east" #4: repeated OAKLEY_KEY_LENGTH attribute in Oakley Transform 0 | complete v1 state transition with BAD_PROPOSAL_SYNTAX | [RE]START processing: state #4 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #4 is idle "east" #4: sending notification BAD_PROPOSAL_SYNTAX to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | a4 c4 de aa 1a 6d 7f 9a | responder cookie: | 98 2a 82 6d 73 9d cd 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #4) | a4 c4 de aa 1a 6d 7f 9a 98 2a 82 6d 73 9d cd 54 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | state transition function for STATE_MAIN_R0 failed: BAD_PROPOSAL_SYNTAX | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #4 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.541 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00266 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 07 20 8d 8b 21 c0 c2 9f 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 04 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 7c 62 05 39 a5 91 5b c7 ef 59 03 f1 7b c2 57 36 | 15 74 d1 62 17 9f 5e c5 6f a1 47 c2 95 36 34 c3 | creating state object #5 at 0x55a9006c5a48 | State DB: adding IKEv1 state #5 in UNDEFINED | pstats #5 ikev1.isakmp started | #5 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #5 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #5: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #5: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 80 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #5: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x55a9006c16b8 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #5: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.396 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00232 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | 14 00 00 24 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 | ef 71 c0 99 67 48 5d 27 5d 96 98 be ea 23 83 9e | 90 a8 3c 06 14 00 00 18 82 47 a6 bd ea 84 e1 f0 | 30 a2 55 c1 04 e1 53 7a e3 8b 49 64 00 00 00 18 | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_R1 (find_state_ikev1) | start processing: state #5 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c5fe0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c5fe8 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | natd_hash: hash= e3 8b 49 64 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c5fe0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c5fe8 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | natd_hash: hash= b5 ff 33 3d | expected NAT-D(me): 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | expected NAT-D(me): e3 8b 49 64 | expected NAT-D(him): | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | received NAT-D: 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | received NAT-D: e3 8b 49 64 | received NAT-D: fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | received NAT-D: b5 ff 33 3d | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 5 for state #5 | state #5 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a9006c6538 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #5 and saving MD | crypto helper 5 resuming | #5 is busy; has a suspended MD | crypto helper 5 starting work-order 5 for state #5 | #5 spent 0.128 milliseconds in process_packet_tail() | crypto helper 5 doing build KE and nonce (inI2_outR2 KE); request ID 5 | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.26 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14c0003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c0003a28 | NSS: Public DH wire value: | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | Generated nonce: 50 a1 32 5d ff 11 76 cd c9 81 22 67 cb ef 69 2c | Generated nonce: 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 8c 91 32 56 | crypto helper 5 finished build KE and nonce (inI2_outR2 KE); request ID 5 time elapsed 0.000741 seconds | (#5) spent 0.742 milliseconds in crypto helper computing work-order 5: inI2_outR2 KE (pcr) | crypto helper 5 sending results from work-order 5 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f14c0002888 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 5 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #5: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c0003a28: transferring ownership from helper KE to state #5 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | keyex value bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | keyex value 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | keyex value 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | keyex value 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | keyex value c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | keyex value 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | keyex value 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | keyex value 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | keyex value a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | keyex value 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | keyex value c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | keyex value fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | keyex value fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | keyex value 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | keyex value be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 50 a1 32 5d ff 11 76 cd c9 81 22 67 cb ef 69 2c | Nr 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 8c 91 32 56 | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | natd_hash: hash= b5 ff 33 3d | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | NAT-D b5 ff 33 3d | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | natd_hash: hash= e3 8b 49 64 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | NAT-D e3 8b 49 64 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c0003a28: transferring ownership from state #5 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 6 for state #5 | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c6538 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #5 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #5: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | crypto helper 3 resuming | crypto helper 3 starting work-order 6 for state #5 | crypto helper 3 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 6 | peer's g: a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | peer's g: da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | peer's g: 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | peer's g: 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | peer's g: cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | peer's g: fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | peer's g: 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | peer's g: c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | peer's g: 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | peer's g: d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | peer's g: 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | peer's g: e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | peer's g: 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | peer's g: c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | peer's g: d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | peer's g: 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | Started DH shared-secret computation in NSS: | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | 14 00 00 24 50 a1 32 5d ff 11 76 cd c9 81 22 67 | cb ef 69 2c 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 | 8c 91 32 56 14 00 00 18 fe 5e 27 c4 ec e2 b0 0a | a1 62 2b 7a 0f 4d d6 63 b5 ff 33 3d 00 00 00 18 | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a9006c16b8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #5 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29297.123454 "east" #5: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.293 milliseconds in resume sending helper answer | stop processing: state #5 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c0002888 | new : g_ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c0003a28: computed shared DH secret key@0x55a9006a3700 | dh-shared : g^ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186700 | result: psk-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866e8 | result: psk-key@0x55a9006acb70 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a900622080 | SKEYID psk prf: created sha context 0x7f14b4002d60 from psk-key@0x55a9006acb70 | SKEYID psk prf: begin sha with context 0x7f14b4002d60 from psk-key@0x55a9006acb70 | SKEYID psk: release clone-key@0x55a9006acb70 | SKEYID psk PRF sha crypt-prf@0x7f14b4001108 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 ef 71 c0 99 | 67 48 5d 27 5d 96 98 be ea 23 83 9e 90 a8 3c 06 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 50 a1 32 5d ff 11 76 cd c9 81 22 67 cb ef 69 2c | 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 8c 91 32 56 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID psk PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID psk: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_d: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186718 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a900622080 | SKEYID_d prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a900622080 | SKEYID_d: release clone-key@0x55a900622080 | SKEYID_d PRF sha crypt-prf@0x7f14b40010b8 | SKEYID_d PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_d: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ea 23 56 6c 21 2d fc 00 ab 1f cf e4 0f 28 23 c6 b3 0e 63 22 01 56 57 77 d7 f7 bd be 3c e8 d1 d4 0c 89 ca 38 4c 13 4a 51 48 e0 93 35 46 8a 69 43 88 ac 12 9e a1 99 c9 16 b0 bb 6e 04 d2 b3 21 b5 cc da fd 87 b4 b6 82 60 31 92 d0 8b b7 3f 4f f2 84 df bc 69 10 b5 bc c8 7a 3e 40 11 b4 13 49 0f f5 a8 ce 5e 3c 85 01 3f ff f0 32 6e cc 7f 5d 7e 6d dd f2 85 42 84 25 d6 07 80 ff 74 36 dc c4 ba 0e 83 18 98 cb dc db a5 f2 b4 9a b1 d0 15 1a 22 c9 0c 14 e1 0a 58 ff 01 d9 f3 54 70 b9 65 ed 56 5d 05 6d 7d 57 56 ab 21 49 46 49 45 ed 43 c0 f4 e9 1b 48 65 f8 a4 80 b9 e9 15 2e b3 3f ee 60 f0 7c 48 da ed 8a 9c e6 b4 a5 58 a6 93 7f 22 06 81 45 cd 82 71 50 f6 b5 48 1d 33 a6 b7 42 07 4c df f0 a5 91 60 c9 0f 36 4c d9 1c 48 c0 ee 78 ef 6e db cd 89 c8 e1 1b 1d e9 b5 2d 5c 6c 37 c8 0f fa | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4004f28 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID_d PRF sha final-key@0x55a900622080 (size 20) | SKEYID_d: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_a: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866f8 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_a prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_a: release clone-key@0x55a9006a9280 | SKEYID_a PRF sha crypt-prf@0x7f14b4001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a900622080 (size 20) | SKEYID_a: SKEYID_d-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: b3 eb 41 73 30 00 43 8d 5f 82 26 06 40 ca cb a4 fa 4c b4 c6 ff e7 b5 2e fb 96 e3 d5 73 4d c9 7a | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b40030c8 | unwrapped: 71 6e 5e 90 4e 91 ca 68 47 19 9f 63 02 9e d2 23 | unwrapped: 52 9b 71 7b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_a: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ea 23 56 6c 21 2d fc 00 ab 1f cf e4 0f 28 23 c6 b3 0e 63 22 01 56 57 77 d7 f7 bd be 3c e8 d1 d4 0c 89 ca 38 4c 13 4a 51 48 e0 93 35 46 8a 69 43 88 ac 12 9e a1 99 c9 16 b0 bb 6e 04 d2 b3 21 b5 cc da fd 87 b4 b6 82 60 31 92 d0 8b b7 3f 4f f2 84 df bc 69 10 b5 bc c8 7a 3e 40 11 b4 13 49 0f f5 a8 ce 5e 3c 85 01 3f ff f0 32 6e cc 7f 5d 7e 6d dd f2 85 42 84 25 d6 07 80 ff 74 36 dc c4 ba 0e 83 18 98 cb dc db a5 f2 b4 9a b1 d0 15 1a 22 c9 0c 14 e1 0a 58 ff 01 d9 f3 54 70 b9 65 ed 56 5d 05 6d 7d 57 56 ab 21 49 46 49 45 ed 43 c0 f4 e9 1b 48 65 f8 a4 80 b9 e9 15 2e b3 3f ee 60 f0 7c 48 da ed 8a 9c e6 b4 a5 58 a6 93 7f 22 06 81 45 cd 82 71 50 f6 b5 48 1d 33 a6 b7 42 07 4c df f0 a5 91 60 c9 0f 36 4c d9 1c 48 c0 ee 78 ef 6e db cd 89 c8 e1 1b 1d e9 b5 2d 5c 6c 37 c8 0f fa | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4003db8 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186700 | result: final-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866e8 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006aad30 | SKEYID_a PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_a: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_e: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: clone-key@0x55a9006aad30 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a9006aad30 | SKEYID_e prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a9006aad30 | SKEYID_e: release clone-key@0x55a9006aad30 | SKEYID_e PRF sha crypt-prf@0x7f14b40010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a9006a9280 (size 20) | SKEYID_e: SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 2f 40 f9 3f a4 1d 2f d2 74 10 84 c6 7d 4e c7 47 cd ef 81 f0 07 84 69 a9 5a 47 8a a5 b3 65 50 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b4001158 | unwrapped: 1f 5b e9 19 4e 3c 52 da 54 aa 71 ae f5 10 2a 39 | unwrapped: fb 6b 2f ed 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_e: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ea 23 56 6c 21 2d fc 00 ab 1f cf e4 0f 28 23 c6 b3 0e 63 22 01 56 57 77 d7 f7 bd be 3c e8 d1 d4 0c 89 ca 38 4c 13 4a 51 48 e0 93 35 46 8a 69 43 88 ac 12 9e a1 99 c9 16 b0 bb 6e 04 d2 b3 21 b5 cc da fd 87 b4 b6 82 60 31 92 d0 8b b7 3f 4f f2 84 df bc 69 10 b5 bc c8 7a 3e 40 11 b4 13 49 0f f5 a8 ce 5e 3c 85 01 3f ff f0 32 6e cc 7f 5d 7e 6d dd f2 85 42 84 25 d6 07 80 ff 74 36 dc c4 ba 0e 83 18 98 cb dc db a5 f2 b4 9a b1 d0 15 1a 22 c9 0c 14 e1 0a 58 ff 01 d9 f3 54 70 b9 65 ed 56 5d 05 6d 7d 57 56 ab 21 49 46 49 45 ed 43 c0 f4 e9 1b 48 65 f8 a4 80 b9 e9 15 2e b3 3f ee 60 f0 7c 48 da ed 8a 9c e6 b4 a5 58 a6 93 7f 22 06 81 45 cd 82 71 50 f6 b5 48 1d 33 a6 b7 42 07 4c df f0 a5 91 60 c9 0f 36 4c d9 1c 48 c0 ee 78 ef 6e db cd 89 c8 e1 1b 1d e9 b5 2d 5c 6c 37 c8 0f fa | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4004f28 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186710 | result: final-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866f8 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006ac790 | SKEYID_e PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID_e: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186768 | result: keymat-key@0x55a9006ac790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a900622080, skeyid_a 0x55a9006a9280, skeyid_e 0x55a9006aad30, enc_key 0x55a9006ac790 | DH_i: a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | DH_i: da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | DH_i: 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | DH_i: 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | DH_i: cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | DH_i: fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | DH_i: 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | DH_i: c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | DH_i: 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | DH_i: d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | DH_i: 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | DH_i: e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | DH_i: 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | DH_i: c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | DH_i: d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | DH_i: 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | DH_r: c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | DH_r: bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | DH_r: 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | DH_r: 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | DH_r: 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | DH_r: c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | DH_r: 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | DH_r: 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | DH_r: 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | DH_r: a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | DH_r: 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | DH_r: c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | DH_r: fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | DH_r: fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | DH_r: 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | DH_r: be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | new IV hash sha final chunk@0x7f14b4001158 (length 20) | 43 ec cd 6c 73 55 34 81 45 1b fe b0 2a 79 da 9d | 0d b4 75 6a | crypto helper 3 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 6 time elapsed 0.001352 seconds | (#5) spent 1.35 milliseconds in crypto helper computing work-order 6: main_inI2_outR2_tail (pcr) | crypto helper 3 sending results from work-order 6 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f14b4003978 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 6 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #5: calculate DH finished | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14c0003a28: transferring ownership from helper IKEv1 DH+IV to state #5 | stop processing: state #5 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.0147 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b4003978 | spent 0.00204 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c e2 ab 64 60 | 41 4d 6a 3d 6a 75 88 ea 98 69 83 90 96 ea 15 9f | e8 6f 2c 6d 8d 00 df a9 72 cc 3a 96 40 19 be 43 | 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_R2 (find_state_ikev1) | start processing: state #5 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 43 ec cd 6c 73 55 34 81 45 1b fe b0 2a 79 da 9d | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 40 19 be 43 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | decrypted payload (starts at offset -48): | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 49 f7 92 3b | 81 d9 06 6d 6c bd f3 db 5a 20 ea 0e b7 52 ec 2c | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #5: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c8003758 | hmac PRF sha update data-bytes@0x7f14cc000b48 (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | hmac PRF sha update data-bytes@0x55a9006c5fe0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | hmac PRF sha update data-bytes@0x55a9006c5fe8 (length 8) | 7c 62 05 39 a5 91 5b c7 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a9006178b8 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 49 f7 92 3b 81 d9 06 6d 6c bd f3 db 5a 20 ea 0e | b7 52 ec 2c | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14b4001158 | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | hmac PRF sha update data-bytes@0x7f14cc000b48 (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | hmac PRF sha update data-bytes@0x55a9006c5fe8 (length 8) | 7c 62 05 39 a5 91 5b c7 | hmac PRF sha update data-bytes@0x55a9006c5fe0 (length 8) | 07 20 8d 8b 21 c0 c2 9f | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 59 24 9b f1 26 20 60 ff c4 d4 e5 cb 92 0b f5 54 | fc 4a 62 28 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 59 24 9b f1 26 20 60 ff c4 d4 e5 cb 92 0b f5 54 | HASH_R fc 4a 62 28 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 59 24 9b f1 26 20 60 ff c4 d4 e5 cb 92 0b f5 54 | encrypting: fc 4a 62 28 | IV: 40 19 be 43 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | last encrypted block of Phase 1: | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #5: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a9006c16b8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c 7a b6 6d c8 | ab 1e aa 00 18 a3 3f 6f c4 54 6a 16 8f db 6d 33 | 1f 92 92 7f 89 c7 ad a6 0f 26 3b 44 98 2b 56 3e | df d9 fa a0 a4 dd 20 9b af 32 1a 7d | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a9006c16b8 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #5 | libevent_malloc: new ptr-libevent@0x7f14c0002888 size 128 | pstats #5 ikev1.isakmp established "east" #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #5 | #5 spent 0.571 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.706 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00231 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 20 01 33 d9 67 13 00 00 01 bc b4 8c 8d c0 | 51 4f f5 b1 d4 67 4d 04 93 87 4e 37 e0 33 a2 d8 | 57 a3 e6 5d e0 02 48 df fd ba 9d 24 1e 77 db 71 | ff 55 d1 38 17 2a ff 43 8e 04 ab f0 eb 9c 58 2c | b1 7d e1 e7 94 8e ae 5e 61 c8 65 c3 77 b2 a6 68 | 84 1c f0 bf 60 4d de 4b 3a c7 f7 25 72 95 0d 06 | 2e b4 a2 0f 81 73 40 87 d2 96 97 9e 0d c1 d3 ac | be c3 03 9b a1 cb 9e 64 50 5b 90 1c 07 0c f4 70 | ef c2 6a aa f1 d4 66 76 40 ce b4 f0 12 f9 23 99 | ec 73 de 6c 2e 6f e4 1b 9a df 7f 9b e4 07 06 54 | 54 74 4e 63 8a dd ef 73 3f cd 24 40 7f 58 57 98 | 45 01 38 76 a8 8b 51 22 ba 5d 94 d8 8c c6 1a 19 | 85 f6 df 12 16 55 2d 24 2b 52 35 7e d3 2d a6 70 | 93 ed 56 42 87 2d 81 e4 21 5a 4b 14 ff 39 7c 9d | c5 68 f5 53 65 2e 36 1d 02 38 b1 d7 86 0e 2c 1a | 67 67 17 2f 41 d6 32 5a 10 23 4d 8f 8e 48 8c 42 | e9 f8 47 fa 51 7f 1c 5f 05 e2 3c 0b 0c 29 8d fa | 36 f9 b8 63 3c d0 a5 bf c5 40 e8 ab 65 7b 03 2f | 1f 20 1a 52 96 d3 00 93 9b ba 61 c5 e2 94 b6 8f | 8d 3b 7f d1 b8 82 97 81 56 ff 71 70 0a e3 f6 9c | 3d 43 fa 67 97 eb e9 d1 f0 59 3f 96 b6 07 17 d8 | 2b 04 01 e3 d2 4a b7 73 2a 18 d1 e7 9c 60 88 16 | 51 9b f6 a0 d5 6c 65 08 c3 ed 82 1f 3b 6a d3 7e | 5c fa 42 21 77 63 a8 ee 30 08 ba 9a 9e a3 34 35 | 41 24 8c c6 8d 64 89 1b 40 ec 7f 92 29 b1 7a 7c | cf 51 ce 28 02 55 ed 7f 59 57 a9 0e 6c 15 50 ad | d3 0d 63 04 74 1d a0 1a 2c 55 aa 6b | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 869885715 (0x33d96713) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #5 in MAIN_R3 (find_state_ikev1) | start processing: state #5 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c5ed8 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 33 d9 67 13 | Phase 2 IV hash sha final bytes@0x55a9006c5e58 (length 20) | 08 0f c6 fe a2 a1 75 76 a4 b8 3f 79 72 d6 d9 7b | 7d bb 77 7b | #5 is idle | #5 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 08 0f c6 fe a2 a1 75 76 a4 b8 3f 79 72 d6 d9 7b | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 6c 15 50 ad d3 0d 63 04 74 1d a0 1a 2c 55 aa 6b | decrypted payload (starts at offset -416): | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 20 01 33 d9 67 13 00 00 01 bc 01 00 00 18 | 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 70 48 47 c5 | ee 89 0a 06 0a 00 00 3c 00 00 00 01 00 00 00 01 | 00 00 00 30 00 03 04 01 e4 be 80 51 00 00 00 24 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 80 06 00 80 | 04 00 00 24 57 8a 2a 9f be a8 82 9f 60 30 f3 be | 74 47 ce 56 c1 93 a3 54 43 26 74 91 2b a0 15 91 | e6 a3 3d 0a 05 00 01 04 32 1e 0b ba 2a e3 84 81 | 50 97 b8 66 71 c0 bc e1 66 33 b5 81 60 70 42 4b | 16 f3 a1 a4 ab d7 37 8c 9a e6 4d d6 13 57 6e 52 | 76 bb 5a 2a ce 73 0e dd aa be f3 2e 87 ce 04 55 | c3 55 9c c6 1b 6a 42 c5 52 e9 83 3f 9e 31 04 af | cb 2b 7c 97 d2 58 ae f9 fe 5b 75 6c 4f 5c b2 f9 | 20 fc 2f 63 a8 aa 88 df 7c 22 d1 70 7c 4f 32 91 | 3e 3d 43 b5 d7 56 cb 36 d7 12 ac 08 1a bf 11 72 | 96 c3 b9 30 e9 17 6d e8 f3 9d 37 01 3b 82 1c a0 | 68 ec 7c b2 5e 20 86 7c 41 f6 dc 95 28 1b 57 5c | 77 9b e4 69 6e df 8a 1f bc c9 9b b7 e9 8e 85 0b | 01 0b 9d 32 1b 68 2e cc b1 14 fb f8 08 b5 db 68 | 8a 80 cd 79 73 48 5c 2c e2 f1 54 9a fe e4 4f 36 | a2 f4 a9 96 6d e3 96 c7 b6 ea 33 57 9b 18 f8 f5 | 43 76 7b 21 c0 a8 f5 6c bb 1e 9d b3 6c 0a 5d cd | 97 df 2b c7 29 58 57 80 57 f2 03 73 27 61 8c 27 | 0b 30 86 62 c8 3a 9f e3 05 00 00 10 04 00 00 00 | c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | c0 00 02 00 ff ff ff 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 60 (0x3c) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b4001158 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 33 d9 67 13 | HASH(1) PRF sha update payload-bytes@0x55a9006caa8c (length 388) | 0a 00 00 3c 00 00 00 01 00 00 00 01 00 00 00 30 | 00 03 04 01 e4 be 80 51 00 00 00 24 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 80 06 00 80 04 00 00 24 | 57 8a 2a 9f be a8 82 9f 60 30 f3 be 74 47 ce 56 | c1 93 a3 54 43 26 74 91 2b a0 15 91 e6 a3 3d 0a | 05 00 01 04 32 1e 0b ba 2a e3 84 81 50 97 b8 66 | 71 c0 bc e1 66 33 b5 81 60 70 42 4b 16 f3 a1 a4 | ab d7 37 8c 9a e6 4d d6 13 57 6e 52 76 bb 5a 2a | ce 73 0e dd aa be f3 2e 87 ce 04 55 c3 55 9c c6 | 1b 6a 42 c5 52 e9 83 3f 9e 31 04 af cb 2b 7c 97 | d2 58 ae f9 fe 5b 75 6c 4f 5c b2 f9 20 fc 2f 63 | a8 aa 88 df 7c 22 d1 70 7c 4f 32 91 3e 3d 43 b5 | d7 56 cb 36 d7 12 ac 08 1a bf 11 72 96 c3 b9 30 | e9 17 6d e8 f3 9d 37 01 3b 82 1c a0 68 ec 7c b2 | 5e 20 86 7c 41 f6 dc 95 28 1b 57 5c 77 9b e4 69 | 6e df 8a 1f bc c9 9b b7 e9 8e 85 0b 01 0b 9d 32 | 1b 68 2e cc b1 14 fb f8 08 b5 db 68 8a 80 cd 79 | 73 48 5c 2c e2 f1 54 9a fe e4 4f 36 a2 f4 a9 96 | 6d e3 96 c7 b6 ea 33 57 9b 18 f8 f5 43 76 7b 21 | c0 a8 f5 6c bb 1e 9d b3 6c 0a 5d cd 97 df 2b c7 | 29 58 57 80 57 f2 03 73 27 61 8c 27 0b 30 86 62 | c8 3a 9f e3 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 70 48 47 c5 | ee 89 0a 06 | quick_inI1_outR1 HASH(1): | 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 70 48 47 c5 | ee 89 0a 06 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #5: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #6 at 0x55a9006cac48 | State DB: adding IKEv1 state #6 in UNDEFINED | pstats #6 ikev1.ipsec started | duplicating state object #5 "east" as #6 for IPSEC SA | #6 setting local endpoint to 192.1.2.23:500 from #5.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_d_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ai_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006ac790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #5 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #6 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #6: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 48 (0x30) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI e4 be 80 51 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) "east" #6: repeated KEY_LENGTH attribute in IPsec Transform 0 | complete v1 state transition with BAD_PROPOSAL_SYNTAX | [RE]START processing: state #6 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #6 is idle | FOR_EACH_STATE_... in find_phase1_state "east" #6: sending encrypted notification BAD_PROPOSAL_SYNTAX to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 165601553 (0x9dee111) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'notification msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482208 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94822ec (length 4) | 09 de e1 11 | HASH(1) PRF sha update payload-bytes@0x7ffef9482594 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffef9482580 (length 20) | 36 ae 95 bc 11 80 d3 78 03 77 32 cc b8 06 aa 70 | d4 e9 15 a6 | send notification HASH(1): | 36 ae 95 bc 11 80 d3 78 03 77 32 cc b8 06 aa 70 | d4 e9 15 a6 | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c5ed8 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94822fc (length 4) | 09 de e1 11 | Phase 2 IV hash sha final bytes@0x55a9006c5e58 (length 20) | 6d 9e a5 b3 6b 63 5f c9 d7 24 2f 3e ba a6 d0 63 | 68 9e 7c 0b | encrypting: 0b 00 00 18 36 ae 95 bc 11 80 d3 78 03 77 32 cc | encrypting: b8 06 aa 70 d4 e9 15 a6 00 00 00 0c 00 00 00 01 | encrypting: 01 00 00 0f | IV: 6d 9e a5 b3 6b 63 5f c9 d7 24 2f 3e ba a6 d0 63 | IV: 68 9e 7c 0b | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 11 9f 0d 07 16 06 70 54 56 9f 6b b0 9f 9b 0d 21 | sending 76 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #6) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 09 de e1 11 00 00 00 4c 90 73 21 19 | 44 f9 b2 f2 11 9f e3 a1 54 22 f1 60 a6 3a ca f8 | 96 92 91 c5 bd 3b 69 07 c6 46 8f 35 11 9f 0d 07 | 16 06 70 54 56 9f 6b b0 9f 9b 0d 21 | state transition function for STATE_QUICK_R0 failed: BAD_PROPOSAL_SYNTAX | pstats #6 ikev1.ipsec deleted other | [RE]START processing: state #6 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #6: deleting state (STATE_QUICK_R0) aged 0.000s and NOT sending notification | child state #6: QUICK_R0(established CHILD SA) => delete | child state #6: QUICK_R0(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | in connection_discard for connection east | State DB: deleting IKEv1 state #6 in CHILDSA_DEL | child state #6: CHILDSA_DEL(informational) => UNDEFINED(ignore) | stop processing: state #6 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | #5 spent 0.525 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.902 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00283 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 c4 44 a9 37 00 00 00 5c 13 c9 ce ee | 4b 64 cb b2 10 24 bf 84 a9 08 5d a6 0a f6 02 7d | c3 0e 95 88 aa 24 c1 42 48 4a 12 92 3b 63 07 69 | e4 2f 99 2b 39 53 4d 08 f9 e3 9a eb fc 46 a2 8a | 0f 12 b5 ce ed 23 c9 ca e4 51 16 09 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3292834103 (0xc444a937) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #5; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #5 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #5 in MAIN_R3 (find_v1_info_state) | start processing: state #5 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c5ed8 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | c4 44 a9 37 | Phase 2 IV hash sha final bytes@0x55a9006c5e58 (length 20) | e0 8c 0d cf 76 6d 51 08 99 75 ea d8 da 3e 69 76 | 70 d3 3b e7 | #5 is idle | #5 idle | received encrypted packet from 192.1.2.45:500 | decrypting 64 bytes using algorithm AES_CBC | IV before: e0 8c 0d cf 76 6d 51 08 99 75 ea d8 da 3e 69 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: fc 46 a2 8a 0f 12 b5 ce ed 23 c9 ca e4 51 16 09 | decrypted payload (starts at offset -64): | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 c4 44 a9 37 00 00 00 5c 0c 00 00 18 | c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 1f 64 ff ce | 5b 40 d1 89 00 00 00 1c 00 00 00 01 01 10 00 01 | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c8003758 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | c4 44 a9 37 | HASH(1) PRF sha update payload-bytes@0x55a9006c656c (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 07 20 8d 8b | 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 1f 64 ff ce | 5b 40 d1 89 | informational HASH(1): | c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 1f 64 ff ce | 5b 40 d1 89 | received 'informational' message HASH(1) data ok | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie | iCookie 07 20 8d 8b 21 c0 c2 9f | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie | rCookie 7c 62 05 39 a5 91 5b c7 | State DB: found IKEv1 state #5 in MAIN_R3 (find_state_ikev1) | del: "east" #5: received Delete SA payload: self-deleting ISAKMP State #5 | pstats #5 ikev1.isakmp deleted completed | [RE]START processing: state #5 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #5: deleting state (STATE_MAIN_R3) aged 0.523s and sending notification | parent state #5: MAIN_R3(established IKE SA) => delete | #5 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1734942012 (0x67691d3c) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 07 20 8d 8b 21 c0 c2 9f | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 7c 62 05 39 a5 91 5b c7 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480558 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b4001158 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948063c (length 4) | 67 69 1d 3c | HASH(1) PRF sha update payload-bytes@0x7ffef94809e4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 07 20 8d 8b | 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | HASH(1) PRF sha final-bytes@0x7ffef94809d0 (length 20) | 42 07 6b f4 5c d5 e3 2d 3e 3e 45 6c 64 b8 13 65 | df 64 c9 8b | send delete HASH(1): | 42 07 6b f4 5c d5 e3 2d 3e 3e 45 6c 64 b8 13 65 | df 64 c9 8b | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c5ed8 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948064c (length 4) | 67 69 1d 3c | Phase 2 IV hash sha final bytes@0x55a9006c5e58 (length 20) | 09 c8 b1 d6 28 dd 38 9a 43 80 8c d6 72 e3 a3 da | 95 f2 48 f8 | encrypting: 0c 00 00 18 42 07 6b f4 5c d5 e3 2d 3e 3e 45 6c | encrypting: 64 b8 13 65 df 64 c9 8b 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 | encrypting: a5 91 5b c7 | IV: 09 c8 b1 d6 28 dd 38 9a 43 80 8c d6 72 e3 a3 da | IV: 95 f2 48 f8 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: c0 85 3f 1c 6e 07 38 0a c9 cb d4 7b 21 cb 93 52 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 67 69 1d 3c 00 00 00 5c ac b9 ff c0 | 93 76 d3 b8 2b 7f 3e a8 ec db 2c 69 a6 54 7c a6 | 0d eb b3 a0 28 9c f1 f6 fb c7 92 b8 a1 b5 25 d0 | 1f ba 25 b8 79 85 c3 70 ec e5 5c dc c0 85 3f 1c | 6e 07 38 0a c9 cb d4 7b 21 cb 93 52 | state #5 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14c0002888 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a9006c16b8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #5 in MAIN_R3 | parent state #5: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c0003a28: destroyed | stop processing: state #5 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006a3700 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.474 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00263 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba df af 49 ce e4 fb 46 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba df af 49 ce e4 fb 46 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 05 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 27 19 c2 c0 d5 02 b5 0c 98 66 14 34 43 41 89 95 | 4f 19 75 4d 6d 05 3b ff 9c a1 a0 b2 fb 08 e7 52 | creating state object #7 at 0x55a9006c5a48 | State DB: adding IKEv1 state #7 in UNDEFINED | pstats #7 ikev1.isakmp started | #7 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #7 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #7: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #7: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | ba df af 49 ce e4 fb 46 | responder cookie: | 27 19 c2 c0 d5 02 b5 0c | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) "east" #7: peer proposed key_len not valid for encrypt algo setup specified. Attribute OAKLEY_KEY_LENGTH "east" #7: no acceptable Oakley Transform | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #7 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #7 is idle "east" #7: sending notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | ba df af 49 ce e4 fb 46 | responder cookie: | 27 19 c2 c0 d5 02 b5 0c | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #7) | ba df af 49 ce e4 fb 46 27 19 c2 c0 d5 02 b5 0c | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | state transition function for STATE_MAIN_R0 failed: NO_PROPOSAL_CHOSEN | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #7 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.444 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00314 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | c0 0d 1f 3f 23 31 e7 c9 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c0 0d 1f 3f 23 31 e7 c9 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 06 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 4b be 3d 9a 40 e0 3e ae 69 39 87 81 6d ae 16 b3 | 71 12 95 a8 91 a8 bb a2 f0 f8 f3 ef 1e 44 26 33 | creating state object #8 at 0x55a9006cac48 | State DB: adding IKEv1 state #8 in UNDEFINED | pstats #8 ikev1.isakmp started | #8 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #8 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #8: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #8: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | c0 0d 1f 3f 23 31 e7 c9 | responder cookie: | 4b be 3d 9a 40 e0 3e ae | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) "east" #8: peer proposed key_len not valid for encrypt algo setup specified. Attribute OAKLEY_KEY_LENGTH "east" #8: no acceptable Oakley Transform | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #8 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #8 is idle "east" #8: sending notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | c0 0d 1f 3f 23 31 e7 c9 | responder cookie: | 4b be 3d 9a 40 e0 3e ae | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #8) | c0 0d 1f 3f 23 31 e7 c9 4b be 3d 9a 40 e0 3e ae | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | state transition function for STATE_MAIN_R0 failed: NO_PROPOSAL_CHOSEN | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #8 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.552 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00293 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 91 60 df 5e b9 66 1e df 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 07 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 52 8e 9e 9b d2 64 d6 41 25 0d 71 48 6b 35 80 a8 | 54 2f d8 62 ce 8b 25 87 4a 05 b9 45 a8 b0 26 50 | creating state object #9 at 0x55a9006cb738 | State DB: adding IKEv1 state #9 in UNDEFINED | pstats #9 ikev1.isakmp started | #9 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #9 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #9: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #9: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 80 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #9: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x55a9006c16b8 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #9: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.572 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00272 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | 14 00 00 24 b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 | f2 3a 96 ad 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 | b8 69 10 08 14 00 00 18 3f a7 e6 f3 e0 41 91 80 | 4b aa e1 42 4f 51 70 20 e9 c2 c3 c3 00 00 00 18 | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_R1 (find_state_ikev1) | start processing: state #9 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006cbcd0 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006cbcd8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | natd_hash: hash= e9 c2 c3 c3 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006cbcd0 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006cbcd8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | natd_hash: hash= 1a b4 4b e3 | expected NAT-D(me): 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | expected NAT-D(me): e9 c2 c3 c3 | expected NAT-D(him): | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | received NAT-D: 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | received NAT-D: e9 c2 c3 c3 | received NAT-D: a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | received NAT-D: 1a b4 4b e3 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 7 for state #9 | state #9 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | #9 spent 0.193 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.346 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 7 for state #9 | crypto helper 6 doing build KE and nonce (inI2_outR2 KE); request ID 7 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14b8003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14b8003a28 | NSS: Public DH wire value: | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | Generated nonce: 9b 0f f3 67 99 fa 92 10 2e 44 00 25 1d eb da d3 | Generated nonce: 0f e5 af 38 45 a7 82 be 91 3d 63 26 6e 4e 55 9c | crypto helper 6 finished build KE and nonce (inI2_outR2 KE); request ID 7 time elapsed 0.001081 seconds | (#9) spent 1.06 milliseconds in crypto helper computing work-order 7: inI2_outR2 KE (pcr) | crypto helper 6 sending results from work-order 7 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f14b8002888 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 7 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #9: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14b8003a28: transferring ownership from helper KE to state #9 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | keyex value 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | keyex value c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | keyex value 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | keyex value 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | keyex value de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | keyex value 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | keyex value 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | keyex value f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | keyex value 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | keyex value 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | keyex value 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | keyex value 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | keyex value 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | keyex value 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | keyex value 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 9b 0f f3 67 99 fa 92 10 2e 44 00 25 1d eb da d3 | Nr 0f e5 af 38 45 a7 82 be 91 3d 63 26 6e 4e 55 9c | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | natd_hash: hash= 1a b4 4b e3 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | NAT-D 1a b4 4b e3 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | natd_hash: hash= e9 c2 c3 c3 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | NAT-D e9 c2 c3 c3 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14b8003a28: transferring ownership from state #9 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 8 for state #9 | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #9 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | crypto helper 0 resuming | parent state #9: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | crypto helper 0 starting work-order 8 for state #9 | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | crypto helper 0 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 8 | peer's g: 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | peer's g: 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c16b8 | peer's g: b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | peer's g: a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | peer's g: 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | peer's g: ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | peer's g: e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | peer's g: db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | peer's g: 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | peer's g: 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | peer's g: c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | peer's g: 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | peer's g: be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | peer's g: b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | peer's g: 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | peer's g: 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | 14 00 00 24 9b 0f f3 67 99 fa 92 10 2e 44 00 25 | 1d eb da d3 0f e5 af 38 45 a7 82 be 91 3d 63 26 | 6e 4e 55 9c 14 00 00 18 a4 94 bd ae 33 6e de e2 | cf ab 6e 4c 82 a5 05 14 1a b4 4b e3 00 00 00 18 | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | Started DH shared-secret computation in NSS: | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a9006c16b8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #9 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.901979 "east" #9: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.428 milliseconds in resume sending helper answer | stop processing: state #9 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b8002888 | new : g_ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14b8003a28: computed shared DH secret key@0x55a9006ac790 | dh-shared : g^ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cce68 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989700 | result: psk-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: psk-key@0x55a9006aad30 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a9006a9280 | SKEYID psk prf: created sha context 0x7f14cc003b00 from psk-key@0x55a9006aad30 | SKEYID psk prf: begin sha with context 0x7f14cc003b00 from psk-key@0x55a9006aad30 | SKEYID psk: release clone-key@0x55a9006aad30 | SKEYID psk PRF sha crypt-prf@0x7f14cc0015f8 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cce8c (length 32) | b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 f2 3a 96 ad | 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 b8 69 10 08 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cceac (length 32) | 9b 0f f3 67 99 fa 92 10 2e 44 00 25 1d eb da d3 | 0f e5 af 38 45 a7 82 be 91 3d 63 26 6e 4e 55 9c | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID psk PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID psk: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_d: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989718 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d: release clone-key@0x55a9006a9280 | SKEYID_d PRF sha crypt-prf@0x7f14cc001278 | SKEYID_d PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_d: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 08 77 4b 0d f5 e0 bc 9d 1f 04 50 35 ad 29 c4 88 b9 5f 74 ae 0f a6 8d 60 dc 0e 6a 0f d3 73 35 54 b2 3f af ad 13 f8 a0 21 68 75 93 e0 ac e2 33 15 60 99 da b1 81 8d 28 bf 16 3c d7 7b 54 5a aa b7 65 2d 8e f6 52 86 85 ac d1 8f 48 b1 ae 22 3c 9d 03 c6 55 00 c5 07 2a cd ad 32 e8 dd 39 dd cb 7c b5 a5 09 c5 4b 58 a8 f5 12 08 4b d7 34 27 17 90 de 04 9d cb 2c be 63 eb 02 27 a7 87 18 23 23 cf 12 3e 08 5b 7b 9b 69 c0 3b 2f d0 16 2e 5c c2 d8 e4 29 93 aa 43 91 1f d2 ea 55 00 19 68 64 10 74 ba 8d 30 6f f2 ca d7 48 ec c4 b0 13 d2 b2 25 17 d3 da 66 d9 54 d1 29 86 d5 4a dc 3d dd 5c b9 ed d9 42 ee 40 cf ba 89 d9 1d 11 94 91 ba 48 7d bb 71 3a ae ef 1d 3e 37 b0 fc 9b b1 a1 bf 62 ce 80 fb dc 2c ab bc 55 80 4b 55 27 06 3d ed b9 08 89 e8 3e f8 94 ed 2c db a4 23 28 a2 c0 3a bd 7a 39 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc004728 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID_d PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_d: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_a: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896f8 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a900622080 | SKEYID_a prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a900622080 | SKEYID_a: release clone-key@0x55a900622080 | SKEYID_a PRF sha crypt-prf@0x7f14cc0015f8 | SKEYID_a PRF sha update SKEYID_d-key@0x55a9006a9280 (size 20) | SKEYID_a: SKEYID_d-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: f2 6c 93 1a bf 79 68 2c e0 b8 4a c2 09 0e 79 2d 7f f2 b1 68 d2 23 55 04 8a 74 a0 1e ce 2e 49 68 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14cc002148 | unwrapped: c9 db fd 29 12 0e ee c1 f2 45 81 81 09 0b fc aa | unwrapped: 3a 1b 9c 3f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_a: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 08 77 4b 0d f5 e0 bc 9d 1f 04 50 35 ad 29 c4 88 b9 5f 74 ae 0f a6 8d 60 dc 0e 6a 0f d3 73 35 54 b2 3f af ad 13 f8 a0 21 68 75 93 e0 ac e2 33 15 60 99 da b1 81 8d 28 bf 16 3c d7 7b 54 5a aa b7 65 2d 8e f6 52 86 85 ac d1 8f 48 b1 ae 22 3c 9d 03 c6 55 00 c5 07 2a cd ad 32 e8 dd 39 dd cb 7c b5 a5 09 c5 4b 58 a8 f5 12 08 4b d7 34 27 17 90 de 04 9d cb 2c be 63 eb 02 27 a7 87 18 23 23 cf 12 3e 08 5b 7b 9b 69 c0 3b 2f d0 16 2e 5c c2 d8 e4 29 93 aa 43 91 1f d2 ea 55 00 19 68 64 10 74 ba 8d 30 6f f2 ca d7 48 ec c4 b0 13 d2 b2 25 17 d3 da 66 d9 54 d1 29 86 d5 4a dc 3d dd 5c b9 ed d9 42 ee 40 cf ba 89 d9 1d 11 94 91 ba 48 7d bb 71 3a ae ef 1d 3e 37 b0 fc 9b b1 a1 bf 62 ce 80 fb dc 2c ab bc 55 80 4b 55 27 06 3d ed b9 08 89 e8 3e f8 94 ed 2c db a4 23 28 a2 c0 3a bd 7a 39 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc001978 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989700 | result: final-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006acb70 | SKEYID_a PRF sha final-key@0x55a900622080 (size 20) | SKEYID_a: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_e: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: clone-key@0x55a9006acb70 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e: release clone-key@0x55a9006acb70 | SKEYID_e PRF sha crypt-prf@0x7f14cc001278 | SKEYID_e PRF sha update SKEYID_a-key@0x55a900622080 (size 20) | SKEYID_e: SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: e6 36 10 88 05 35 9d b5 de a2 7a 14 77 c3 5f e0 6f 52 6c 1c b1 ad 0f 34 d0 cd 04 ff d3 76 32 f7 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14cc001648 | unwrapped: e3 13 1d 44 75 b3 e0 46 f7 5d d0 29 91 b7 9f 27 | unwrapped: 35 b6 e9 88 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_e: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 08 77 4b 0d f5 e0 bc 9d 1f 04 50 35 ad 29 c4 88 b9 5f 74 ae 0f a6 8d 60 dc 0e 6a 0f d3 73 35 54 b2 3f af ad 13 f8 a0 21 68 75 93 e0 ac e2 33 15 60 99 da b1 81 8d 28 bf 16 3c d7 7b 54 5a aa b7 65 2d 8e f6 52 86 85 ac d1 8f 48 b1 ae 22 3c 9d 03 c6 55 00 c5 07 2a cd ad 32 e8 dd 39 dd cb 7c b5 a5 09 c5 4b 58 a8 f5 12 08 4b d7 34 27 17 90 de 04 9d cb 2c be 63 eb 02 27 a7 87 18 23 23 cf 12 3e 08 5b 7b 9b 69 c0 3b 2f d0 16 2e 5c c2 d8 e4 29 93 aa 43 91 1f d2 ea 55 00 19 68 64 10 74 ba 8d 30 6f f2 ca d7 48 ec c4 b0 13 d2 b2 25 17 d3 da 66 d9 54 d1 29 86 d5 4a dc 3d dd 5c b9 ed d9 42 ee 40 cf ba 89 d9 1d 11 94 91 ba 48 7d bb 71 3a ae ef 1d 3e 37 b0 fc 9b b1 a1 bf 62 ce 80 fb dc 2c ab bc 55 80 4b 55 27 06 3d ed b9 08 89 e8 3e f8 94 ed 2c db a4 23 28 a2 c0 3a bd 7a 39 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc004728 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989710 | result: final-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896f8 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a3700 | SKEYID_e PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID_e: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989768 | result: keymat-key@0x55a9006a3700 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a9006a9280, skeyid_a 0x55a900622080, skeyid_e 0x55a9006acb70, enc_key 0x55a9006a3700 | DH_i: 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | DH_i: 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | DH_i: b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | DH_i: a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | DH_i: 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | DH_i: ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | DH_i: e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | DH_i: db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | DH_i: 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | DH_i: 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | DH_i: c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | DH_i: 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | DH_i: be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | DH_i: b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | DH_i: 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | DH_i: 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | DH_r: 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | DH_r: 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | DH_r: c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | DH_r: 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | DH_r: 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | DH_r: de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | DH_r: 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | DH_r: 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | DH_r: f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | DH_r: 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | DH_r: 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | DH_r: 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | DH_r: 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | DH_r: 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | DH_r: 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | DH_r: 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006ccecc (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | new IV hash sha digest GR-bytes@0x55a9006ccfcc (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | new IV hash sha final chunk@0x7f14cc001648 (length 20) | 64 88 45 da 80 ce 91 fa 2a 5c 11 3a 72 18 3a ac | ae a2 9a 3a | crypto helper 0 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 8 time elapsed 0.002087 seconds | (#9) spent 2.04 milliseconds in crypto helper computing work-order 8: main_inI2_outR2_tail (pcr) | crypto helper 0 sending results from work-order 8 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f14cc001378 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 8 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #9: calculate DH finished | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14b8003a28: transferring ownership from helper IKEv1 DH+IV to state #9 | stop processing: state #9 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.0153 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14cc001378 | spent 0.00211 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 25 3f 31 5a | ec 55 6c 8c af 75 4a ff 88 30 e5 c7 13 28 45 3f | 25 5a 6f 0b df c6 84 4d cc 3a 83 9e 5d 45 24 0d | 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_R2 (find_state_ikev1) | start processing: state #9 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 64 88 45 da 80 ce 91 fa 2a 5c 11 3a 72 18 3a ac | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 5d 45 24 0d 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | decrypted payload (starts at offset -48): | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 fc df 29 58 | 68 20 b7 77 fc 21 98 c7 a7 eb bb ea dd e6 94 3e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #9: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14b8002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14b8002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c8003758 | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | hmac PRF sha update data-bytes@0x7f14b8000b48 (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | hmac PRF sha update data-bytes@0x55a9006cbcd0 (length 8) | 91 60 df 5e b9 66 1e df | hmac PRF sha update data-bytes@0x55a9006cbcd8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a9006c5518 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | fc df 29 58 68 20 b7 77 fc 21 98 c7 a7 eb bb ea | dd e6 94 3e | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14b8002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14b8002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14cc001648 | hmac PRF sha update data-bytes@0x7f14b8000b48 (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | hmac PRF sha update data-bytes@0x55a9006cbcd8 (length 8) | 52 8e 9e 9b d2 64 d6 41 | hmac PRF sha update data-bytes@0x55a9006cbcd0 (length 8) | 91 60 df 5e b9 66 1e df | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006bf2cc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 61 31 87 ec 16 85 93 0a f8 a2 ad 07 40 8f 39 90 | b6 d1 71 9b | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 61 31 87 ec 16 85 93 0a f8 a2 ad 07 40 8f 39 90 | HASH_R b6 d1 71 9b | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 61 31 87 ec 16 85 93 0a f8 a2 ad 07 40 8f 39 90 | encrypting: b6 d1 71 9b | IV: 5d 45 24 0d 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | last encrypted block of Phase 1: | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #9: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a9006c16b8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 49 b9 97 ba | 47 56 16 f8 a0 82 4d d9 4a 3e 4d 71 f7 e2 c9 4f | 84 b4 2e af bc 5a 25 01 7f 52 19 99 5e 51 59 7a | f9 21 2d 06 ed 11 51 39 02 cf 91 af | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a9006c16b8 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f14b8002888 size 128 | pstats #9 ikev1.isakmp established "east" #9: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #9 | #9 spent 0.544 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.669 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 20 01 52 df 9d e4 00 00 01 bc dd ff eb 46 | 33 40 f5 d1 8d 61 60 46 fa 42 70 e6 40 15 2d 7b | 14 6c 66 20 5b 57 bf 3a e8 a0 6c 8d 59 71 26 bb | 7a 43 5c fc 27 9b 8e df f3 89 6f 65 3e 2e 51 69 | e4 3f d8 88 08 9d ac b7 3d 88 e9 6f fe 36 58 77 | d6 5c a0 77 27 a6 c8 5f 4e 14 c2 99 8e d1 b5 fe | 7e 98 fa 71 46 c8 75 de bb f5 bb ce f2 15 22 f3 | 81 c2 8b 56 23 69 5b f9 11 c4 3d 86 e6 7d ce 23 | b7 28 35 d0 89 b4 e0 73 20 e3 47 1a 2e f9 fa 13 | f7 a9 f8 2b 3d ab a9 68 f6 82 f5 25 25 ac 57 6f | 88 26 a3 2b 46 3a 9e b6 29 97 8f 45 f6 82 80 36 | 4b e5 07 69 e4 20 56 3c 19 43 fb 05 98 50 b2 63 | 87 15 75 71 73 b0 4c 10 61 e9 21 0f 6c 84 e6 0d | b8 5b 8c 30 5e 4e 1b 4b ef af 97 35 23 66 87 15 | 10 e3 07 5b e6 4f e5 9d b7 3e 95 b0 3c a1 a2 52 | 18 ae 41 08 cb 21 f1 cd 99 77 4a de f5 4a d3 8e | 30 1c e9 28 12 22 ef ff 6b d1 35 05 e4 7e 4e 0f | 6c 91 b6 7f 38 8c b1 34 9f 59 e2 28 0e cc 13 b6 | cf ec c4 60 ec 5b be 8d c1 1e 34 08 d0 5b 7b 48 | 8c 17 7d ca 17 6e 1e b2 fd 2c bd be 43 8d bf 50 | 2f 11 dd 16 b8 41 cb 1d de 8f ee 3a f1 c3 1d a0 | 4d fa 52 2f 72 9b 93 65 a4 06 bd 18 bf 0a fc 49 | ae 22 e0 09 73 ca 68 12 92 55 29 f4 30 4c fe c7 | 9d 6f 0d d8 1f 5c 76 49 60 63 ec 85 c6 21 88 68 | bf 5e a9 0e 73 95 ca a0 e5 1b b7 c5 1e 67 e4 87 | ba bc 06 73 e9 04 6c 51 b0 d1 75 a8 75 c3 90 c3 | da d4 77 b5 39 b2 ed 0c 6b 76 25 ef | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1390386660 (0x52df9de4) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #9 in MAIN_R3 (find_state_ikev1) | start processing: state #9 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 52 df 9d e4 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | c1 60 0a 70 28 b4 26 06 89 e1 4a c5 0b 7a 24 ed | 09 41 d1 bd | #9 is idle | #9 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: c1 60 0a 70 28 b4 26 06 89 e1 4a c5 0b 7a 24 ed | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 75 c3 90 c3 da d4 77 b5 39 b2 ed 0c 6b 76 25 ef | decrypted payload (starts at offset -416): | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 20 01 52 df 9d e4 00 00 01 bc 01 00 00 18 | a6 65 40 81 4d be 62 0e 6b de 27 a6 83 6f 08 d2 | 75 28 25 3c 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 1c 30 3c 0f 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 00 04 00 00 24 | e7 57 c1 96 9f 25 9d 4b 1f 18 9c b9 da 18 46 c8 | 69 05 78 c2 6c f6 7e ff 63 7b 12 83 b6 ca dd 57 | 05 00 01 04 4f dc 67 41 3e 5d 54 3d a1 d3 d8 59 | 26 c1 1f 4b 8a 1d 1b 65 cd 8d 4e 60 15 7a f7 8a | cc 7c 3d 01 60 ac 70 8f a0 b2 0e eb 18 28 10 1b | f3 47 d6 fc 7e 6f 6e 0e 51 b9 3e 4a 87 1d 8d cc | b8 a5 1f ec 51 ae f6 f4 9f 52 f4 38 8f 71 15 6c | d5 9f de ea 9e d4 dc ca be 4e 22 a0 5f 1a 18 7a | d7 25 b2 08 bb 78 18 96 d6 15 af ff c4 0d 9e 46 | 02 88 20 6d fb 43 31 e8 1e 0d 94 de d6 b7 74 73 | 40 69 ab 8c df d7 74 9b 1f e3 b1 73 fe 22 67 1e | 91 51 4f 30 ac a7 11 b6 93 3d 03 4c 9c d0 9d f9 | 3d 58 48 b2 11 72 bd 57 95 ba 6a 6c 09 3b 96 d2 | af c9 b2 64 bc 2d 50 08 02 5b c8 8d 76 47 8a 77 | 9a 5b aa 91 e0 45 13 8e af 17 af 5c 1f 1d 59 d8 | 2b 8e 0f e1 82 01 7c 51 5d 24 75 a1 1d 0f 90 94 | ba 15 b6 1d 0e 6b 00 14 c6 ee 83 7c 70 b4 52 30 | 0d 63 53 29 d4 a3 e6 a2 10 ed e7 67 d1 f5 15 4f | c4 1b 80 ff 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14cc001648 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 52 df 9d e4 | HASH(1) PRF sha update payload-bytes@0x55a9006caa8c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 1c 30 3c 0f 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 00 04 00 00 24 e7 57 c1 96 | 9f 25 9d 4b 1f 18 9c b9 da 18 46 c8 69 05 78 c2 | 6c f6 7e ff 63 7b 12 83 b6 ca dd 57 05 00 01 04 | 4f dc 67 41 3e 5d 54 3d a1 d3 d8 59 26 c1 1f 4b | 8a 1d 1b 65 cd 8d 4e 60 15 7a f7 8a cc 7c 3d 01 | 60 ac 70 8f a0 b2 0e eb 18 28 10 1b f3 47 d6 fc | 7e 6f 6e 0e 51 b9 3e 4a 87 1d 8d cc b8 a5 1f ec | 51 ae f6 f4 9f 52 f4 38 8f 71 15 6c d5 9f de ea | 9e d4 dc ca be 4e 22 a0 5f 1a 18 7a d7 25 b2 08 | bb 78 18 96 d6 15 af ff c4 0d 9e 46 02 88 20 6d | fb 43 31 e8 1e 0d 94 de d6 b7 74 73 40 69 ab 8c | df d7 74 9b 1f e3 b1 73 fe 22 67 1e 91 51 4f 30 | ac a7 11 b6 93 3d 03 4c 9c d0 9d f9 3d 58 48 b2 | 11 72 bd 57 95 ba 6a 6c 09 3b 96 d2 af c9 b2 64 | bc 2d 50 08 02 5b c8 8d 76 47 8a 77 9a 5b aa 91 | e0 45 13 8e af 17 af 5c 1f 1d 59 d8 2b 8e 0f e1 | 82 01 7c 51 5d 24 75 a1 1d 0f 90 94 ba 15 b6 1d | 0e 6b 00 14 c6 ee 83 7c 70 b4 52 30 0d 63 53 29 | d4 a3 e6 a2 10 ed e7 67 d1 f5 15 4f c4 1b 80 ff | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | a6 65 40 81 4d be 62 0e 6b de 27 a6 83 6f 08 d2 | 75 28 25 3c | quick_inI1_outR1 HASH(1): | a6 65 40 81 4d be 62 0e 6b de 27 a6 83 6f 08 d2 | 75 28 25 3c | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #9: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #10 at 0x55a9006cc228 | State DB: adding IKEv1 state #10 in UNDEFINED | pstats #10 ikev1.ipsec started | duplicating state object #9 "east" as #10 for IPSEC SA | #10 setting local endpoint to 192.1.2.23:500 from #9.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_d_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ai_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006a3700 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #9 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #10 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #10: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 1c 30 3c 0f | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 0 (0x0) "east" #10: IKEv1 key-length attribute without encryption algorithm | complete v1 state transition with BAD_PROPOSAL_SYNTAX | [RE]START processing: state #10 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #10 is idle | FOR_EACH_STATE_... in find_phase1_state "east" #10: sending encrypted notification BAD_PROPOSAL_SYNTAX to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3152138189 (0xbbe1cfcd) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'notification msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482208 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94822ec (length 4) | bb e1 cf cd | HASH(1) PRF sha update payload-bytes@0x7ffef9482594 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffef9482580 (length 20) | 45 e5 11 8c ff 2e 24 27 3d 78 41 33 14 fc c8 0f | c7 3a 91 b9 | send notification HASH(1): | 45 e5 11 8c ff 2e 24 27 3d 78 41 33 14 fc c8 0f | c7 3a 91 b9 | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94822fc (length 4) | bb e1 cf cd | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 50 39 3a d0 e6 04 46 47 eb 32 20 c5 c4 f5 f5 b6 | 1e 33 06 b4 | encrypting: 0b 00 00 18 45 e5 11 8c ff 2e 24 27 3d 78 41 33 | encrypting: 14 fc c8 0f c7 3a 91 b9 00 00 00 0c 00 00 00 01 | encrypting: 01 00 00 0f | IV: 50 39 3a d0 e6 04 46 47 eb 32 20 c5 c4 f5 f5 b6 | IV: 1e 33 06 b4 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 5d b5 18 ee 96 b2 c9 12 51 e6 41 e3 84 82 fb a2 | sending 76 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #10) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 bb e1 cf cd 00 00 00 4c c4 b9 d4 9e | 63 5c 80 98 db 84 05 c5 e1 77 22 06 86 b2 27 79 | 80 9d 10 25 49 da 28 af 28 f5 7b 02 5d b5 18 ee | 96 b2 c9 12 51 e6 41 e3 84 82 fb a2 | state transition function for STATE_QUICK_R0 failed: BAD_PROPOSAL_SYNTAX | pstats #10 ikev1.ipsec deleted other | [RE]START processing: state #10 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #10: deleting state (STATE_QUICK_R0) aged 0.000s and NOT sending notification | child state #10: QUICK_R0(established CHILD SA) => delete | child state #10: QUICK_R0(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | in connection_discard for connection east | State DB: deleting IKEv1 state #10 in CHILDSA_DEL | child state #10: CHILDSA_DEL(informational) => UNDEFINED(ignore) | stop processing: state #10 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | #9 spent 0.525 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.917 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00272 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 ca 27 5b d1 00 00 00 5c b4 4c aa 38 | 5b fe a9 00 49 3b 1c ee 0d 7b 1e 58 40 cf ad 1a | b1 1e b2 d0 1d 7c d4 70 ef ad c0 50 be 08 0a b8 | 98 8a e3 eb 2e 5f 73 d6 f9 39 87 e9 8a 7c 6d 3c | 8b ba 83 32 e3 82 db 45 c5 03 1c 0c | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3391577041 (0xca275bd1) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #9; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #9 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #9 in MAIN_R3 (find_v1_info_state) | start processing: state #9 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | ca 27 5b d1 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 81 22 c8 c6 34 96 9f d9 df b9 6f 27 1c ac de b8 | 2a f4 45 fd | #9 is idle | #9 idle | received encrypted packet from 192.1.2.45:500 | decrypting 64 bytes using algorithm AES_CBC | IV before: 81 22 c8 c6 34 96 9f d9 df b9 6f 27 1c ac de b8 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 8a 7c 6d 3c 8b ba 83 32 e3 82 db 45 c5 03 1c 0c | decrypted payload (starts at offset -64): | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 ca 27 5b d1 00 00 00 5c 0c 00 00 18 | 69 6e 17 25 95 b7 29 0f 45 a5 e1 db da e5 69 b6 | 45 5b f8 53 00 00 00 1c 00 00 00 01 01 10 00 01 | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c8003758 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | ca 27 5b d1 | HASH(1) PRF sha update payload-bytes@0x55a9006c656c (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 91 60 df 5e | b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 69 6e 17 25 95 b7 29 0f 45 a5 e1 db da e5 69 b6 | 45 5b f8 53 | informational HASH(1): | 69 6e 17 25 95 b7 29 0f 45 a5 e1 db da e5 69 b6 | 45 5b f8 53 | received 'informational' message HASH(1) data ok | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie | iCookie 91 60 df 5e b9 66 1e df | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie | rCookie 52 8e 9e 9b d2 64 d6 41 | State DB: found IKEv1 state #9 in MAIN_R3 (find_state_ikev1) | del: "east" #9: received Delete SA payload: self-deleting ISAKMP State #9 | pstats #9 ikev1.isakmp deleted completed | [RE]START processing: state #9 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #9: deleting state (STATE_MAIN_R3) aged 0.531s and sending notification | parent state #9: MAIN_R3(established IKE SA) => delete | #9 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3081848152 (0xb7b14558) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 91 60 df 5e b9 66 1e df | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 52 8e 9e 9b d2 64 d6 41 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480558 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14b8002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14cc001648 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948063c (length 4) | b7 b1 45 58 | HASH(1) PRF sha update payload-bytes@0x7ffef94809e4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 91 60 df 5e | b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | HASH(1) PRF sha final-bytes@0x7ffef94809d0 (length 20) | 60 59 e9 07 02 5d 13 32 5e dd 1a 4f a7 06 60 51 | 2f 6b 80 d2 | send delete HASH(1): | 60 59 e9 07 02 5d 13 32 5e dd 1a 4f a7 06 60 51 | 2f 6b 80 d2 | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948064c (length 4) | b7 b1 45 58 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 0f 54 9f fd a8 3e 79 47 90 7e 83 e0 90 bf 6d 27 | 59 47 5d 56 | encrypting: 0c 00 00 18 60 59 e9 07 02 5d 13 32 5e dd 1a 4f | encrypting: a7 06 60 51 2f 6b 80 d2 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 91 60 df 5e b9 66 1e df 52 8e 9e 9b | encrypting: d2 64 d6 41 | IV: 0f 54 9f fd a8 3e 79 47 90 7e 83 e0 90 bf 6d 27 | IV: 59 47 5d 56 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d0 0d 2c b2 ce 2e d8 54 ef 73 91 bf c0 2e 1d a8 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 b7 b1 45 58 00 00 00 5c d2 51 6e 3d | 70 e0 b3 24 53 04 7e da 6b 82 8a d9 46 de 62 32 | d5 6b 7c c4 5f cc 0c d1 3b 57 a8 37 4e aa e7 44 | 33 eb fa 82 1d 54 18 d6 37 4b 17 12 d0 0d 2c b2 | ce 2e d8 54 ef 73 91 bf c0 2e 1d a8 | state #9 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14b8002888 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a9006c16b8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #9 in MAIN_R3 | parent state #9: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14b8003a28: destroyed | stop processing: state #9 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006ac790 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.675 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00281 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 200 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 200 (0xc8) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 08 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | c9 91 91 14 7f bd 3f d5 26 dc 4a 84 71 f3 16 ac | f3 64 68 2a 06 71 6f 47 5b 05 e8 43 c5 b1 db 37 | creating state object #11 at 0x55a9006cb738 | State DB: adding IKEv1 state #11 in UNDEFINED | pstats #11 ikev1.isakmp started | #11 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #11 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #11: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #11: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 140 | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #11: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 140 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x7f14b8002b78 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #11: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.397 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00282 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | 14 00 00 24 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 | 15 a1 c1 be 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 | f9 a1 b5 a1 14 00 00 18 7c b0 00 2d e6 44 96 7e | b0 03 d6 18 c7 40 46 95 52 e7 89 8f 00 00 00 18 | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_R1 (find_state_ikev1) | start processing: state #11 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006cbcd0 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006cbcd8 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | natd_hash: hash= 52 e7 89 8f | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006cbcd0 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006cbcd8 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | natd_hash: hash= a7 21 35 8e | expected NAT-D(me): 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | expected NAT-D(me): 52 e7 89 8f | expected NAT-D(him): | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | received NAT-D: 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | received NAT-D: 52 e7 89 8f | received NAT-D: 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | received NAT-D: a7 21 35 8e | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 9 for state #11 | state #11 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #11 and saving MD | crypto helper 1 resuming | crypto helper 1 starting work-order 9 for state #11 | crypto helper 1 doing build KE and nonce (inI2_outR2 KE); request ID 9 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14c40098d8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c40098d8 | NSS: Public DH wire value: | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | Generated nonce: e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 98 a5 0a 2e | Generated nonce: d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e fb 64 0e dc | crypto helper 1 finished build KE and nonce (inI2_outR2 KE); request ID 9 time elapsed 0.001072 seconds | (#11) spent 1.06 milliseconds in crypto helper computing work-order 9: inI2_outR2 KE (pcr) | crypto helper 1 sending results from work-order 9 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f14c4003ad8 size 128 | crypto helper 1 waiting (nothing to do) | #11 is busy; has a suspended MD | #11 spent 0.191 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.335 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #11 | start processing: state #11 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 9 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #11: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c40098d8: transferring ownership from helper KE to state #11 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | keyex value c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | keyex value 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | keyex value ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | keyex value bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | keyex value ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | keyex value ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | keyex value 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | keyex value 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | keyex value a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | keyex value 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | keyex value 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | keyex value c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | keyex value 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | keyex value 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | keyex value f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 98 a5 0a 2e | Nr d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e fb 64 0e dc | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | natd_hash: hash= a7 21 35 8e | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | NAT-D a7 21 35 8e | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | natd_hash: hash= 52 e7 89 8f | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | NAT-D 52 e7 89 8f | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c40098d8: transferring ownership from state #11 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 10 for state #11 | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #11 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #11: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | crypto helper 2 resuming | crypto helper 2 starting work-order 10 for state #11 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 10 | peer's g: 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | peer's g: ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | peer's g: 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | peer's g: e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | peer's g: 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | peer's g: ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | peer's g: b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | 14 00 00 24 e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 | 98 a5 0a 2e d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e | fb 64 0e dc 14 00 00 18 03 90 34 fd c1 86 60 1e | 1b 96 d4 dd a1 38 c8 8b a7 21 35 8e 00 00 00 18 | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | peer's g: 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | peer's g: 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | peer's g: 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | peer's g: b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | peer's g: 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | peer's g: 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | peer's g: 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | peer's g: f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | peer's g: b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | Started DH shared-secret computation in NSS: | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14b8002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #11 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.872221 "east" #11: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.441 milliseconds in resume sending helper answer | stop processing: state #11 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c4003ad8 | new : g_ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c40098d8: computed shared DH secret key@0x55a9006a3700 | dh-shared : g^ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cce68 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2987700 | result: psk-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d29876e8 | result: psk-key@0x55a9006acb70 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a900622080 | SKEYID psk prf: created sha context 0x55a9006a0430 from psk-key@0x55a9006acb70 | SKEYID psk prf: begin sha with context 0x55a9006a0430 from psk-key@0x55a9006acb70 | SKEYID psk: release clone-key@0x55a9006acb70 | SKEYID psk PRF sha crypt-prf@0x7f14c8002918 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cce8c (length 32) | 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 15 a1 c1 be | 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 f9 a1 b5 a1 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cceac (length 32) | e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 98 a5 0a 2e | d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e fb 64 0e dc | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2987720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2987708 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID psk PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID psk: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_d: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2987718 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x55a9006a0430 from SKEYID-key@0x55a900622080 | SKEYID_d prf: begin sha with context 0x55a9006a0430 from SKEYID-key@0x55a900622080 | SKEYID_d: release clone-key@0x55a900622080 | SKEYID_d PRF sha crypt-prf@0x7f14c80041c8 | SKEYID_d PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_d: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 02 88 5d d4 a3 64 c8 c1 f5 34 71 1d fb c4 b8 16 af 7a c4 4e 00 59 b3 42 d4 1f 00 3c e0 9e 75 2a c7 cc 49 91 c7 0e 55 e2 57 a8 d3 d7 c4 6b 96 ec 45 e3 09 30 ef b6 94 b0 ba 36 1d 00 7b 7c 7f 96 70 7e c5 b7 dd 01 cf dd ae 0e 9f dc 6e ab 33 0d b4 a4 5b 4c 17 70 2c 19 4d 2a 2a e5 3a db a1 da 84 6d 16 3d 1d 08 87 25 21 2f 5c f2 21 0a e9 26 84 01 7e 9d 8b 06 74 7d a3 16 09 9e d0 31 90 5a e2 4c 0f 63 a1 be c0 e1 0d d2 f9 6b 4e 2d 3f f4 aa 19 78 18 03 b3 a0 5c 98 c0 dc b2 dc 20 46 1c 0a c7 37 b5 1c 0c cb f5 ba fa 04 eb 60 23 33 9b ed 4c 44 08 50 e0 aa 16 8b fa 78 92 32 f9 06 ce 4d 8b d0 bf e2 d2 61 ee ab 2e b2 8e cc 63 8c 3a 18 cc 36 89 8a 57 fd bb 0c 34 23 eb 31 d7 5a 69 b0 fe af 15 22 69 42 e8 38 46 83 3c 37 1b 3c 82 ee 35 f4 09 cc cc bf 66 82 06 16 77 b6 8f bb b6 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8002ff8 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2987720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2987708 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID_d PRF sha final-key@0x55a900622080 (size 20) | SKEYID_d: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_a: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d29876f8 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x55a9006a0430 from SKEYID-key@0x55a9006a9280 | SKEYID_a prf: begin sha with context 0x55a9006a0430 from SKEYID-key@0x55a9006a9280 | SKEYID_a: release clone-key@0x55a9006a9280 | SKEYID_a PRF sha crypt-prf@0x7f14c8002918 | SKEYID_a PRF sha update SKEYID_d-key@0x55a900622080 (size 20) | SKEYID_a: SKEYID_d-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: 06 3c 91 d8 cf 71 e9 5f e4 36 9a 3f ee 05 d2 6a a9 c2 fd 6b 27 cb 92 b9 4c e9 6e 9c f3 c9 b7 fa | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c8002d28 | unwrapped: 23 e5 b7 86 d5 ec 2c b6 87 02 d0 2e f9 50 22 aa | unwrapped: 75 d0 4b 42 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_a: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 02 88 5d d4 a3 64 c8 c1 f5 34 71 1d fb c4 b8 16 af 7a c4 4e 00 59 b3 42 d4 1f 00 3c e0 9e 75 2a c7 cc 49 91 c7 0e 55 e2 57 a8 d3 d7 c4 6b 96 ec 45 e3 09 30 ef b6 94 b0 ba 36 1d 00 7b 7c 7f 96 70 7e c5 b7 dd 01 cf dd ae 0e 9f dc 6e ab 33 0d b4 a4 5b 4c 17 70 2c 19 4d 2a 2a e5 3a db a1 da 84 6d 16 3d 1d 08 87 25 21 2f 5c f2 21 0a e9 26 84 01 7e 9d 8b 06 74 7d a3 16 09 9e d0 31 90 5a e2 4c 0f 63 a1 be c0 e1 0d d2 f9 6b 4e 2d 3f f4 aa 19 78 18 03 b3 a0 5c 98 c0 dc b2 dc 20 46 1c 0a c7 37 b5 1c 0c cb f5 ba fa 04 eb 60 23 33 9b ed 4c 44 08 50 e0 aa 16 8b fa 78 92 32 f9 06 ce 4d 8b d0 bf e2 d2 61 ee ab 2e b2 8e cc 63 8c 3a 18 cc 36 89 8a 57 fd bb 0c 34 23 eb 31 d7 5a 69 b0 fe af 15 22 69 42 e8 38 46 83 3c 37 1b 3c 82 ee 35 f4 09 cc cc bf 66 82 06 16 77 b6 8f bb b6 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8002b58 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2987700 | result: final-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d29876e8 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006aad30 | SKEYID_a PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_a: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_e: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2987708 | result: clone-key@0x55a9006aad30 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x55a9006a0430 from SKEYID-key@0x55a9006aad30 | SKEYID_e prf: begin sha with context 0x55a9006a0430 from SKEYID-key@0x55a9006aad30 | SKEYID_e: release clone-key@0x55a9006aad30 | SKEYID_e PRF sha crypt-prf@0x7f14c80041c8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a9006a9280 (size 20) | SKEYID_e: SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: da b7 d3 13 63 14 c5 84 98 46 61 ff 12 38 f3 f0 dd 4f 59 dd d9 c5 b5 d5 92 2c 00 50 c0 0e 2e 80 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c8005d78 | unwrapped: 56 a0 52 0d 5b af c9 79 18 70 be 7e 96 08 ab 64 | unwrapped: b3 3b 29 8f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_e: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 02 88 5d d4 a3 64 c8 c1 f5 34 71 1d fb c4 b8 16 af 7a c4 4e 00 59 b3 42 d4 1f 00 3c e0 9e 75 2a c7 cc 49 91 c7 0e 55 e2 57 a8 d3 d7 c4 6b 96 ec 45 e3 09 30 ef b6 94 b0 ba 36 1d 00 7b 7c 7f 96 70 7e c5 b7 dd 01 cf dd ae 0e 9f dc 6e ab 33 0d b4 a4 5b 4c 17 70 2c 19 4d 2a 2a e5 3a db a1 da 84 6d 16 3d 1d 08 87 25 21 2f 5c f2 21 0a e9 26 84 01 7e 9d 8b 06 74 7d a3 16 09 9e d0 31 90 5a e2 4c 0f 63 a1 be c0 e1 0d d2 f9 6b 4e 2d 3f f4 aa 19 78 18 03 b3 a0 5c 98 c0 dc b2 dc 20 46 1c 0a c7 37 b5 1c 0c cb f5 ba fa 04 eb 60 23 33 9b ed 4c 44 08 50 e0 aa 16 8b fa 78 92 32 f9 06 ce 4d 8b d0 bf e2 d2 61 ee ab 2e b2 8e cc 63 8c 3a 18 cc 36 89 8a 57 fd bb 0c 34 23 eb 31 d7 5a 69 b0 fe af 15 22 69 42 e8 38 46 83 3c 37 1b 3c 82 ee 35 f4 09 cc cc bf 66 82 06 16 77 b6 8f bb b6 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8002ff8 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cd0cc (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cd0d4 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2987710 | result: final-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d29876f8 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006ac790 | SKEYID_e PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID_e: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2987768 | result: keymat-key@0x55a9006ac790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a900622080, skeyid_a 0x55a9006a9280, skeyid_e 0x55a9006aad30, enc_key 0x55a9006ac790 | DH_i: 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | DH_i: ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | DH_i: 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | DH_i: e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | DH_i: 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | DH_i: ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | DH_i: b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | DH_i: 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | DH_i: 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | DH_i: 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | DH_i: b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | DH_i: 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | DH_i: 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | DH_i: 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | DH_i: f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | DH_i: b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | DH_r: cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | DH_r: c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | DH_r: 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | DH_r: ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | DH_r: bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | DH_r: ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | DH_r: ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | DH_r: 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | DH_r: 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | DH_r: a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | DH_r: 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | DH_r: 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | DH_r: c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | DH_r: 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | DH_r: 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | DH_r: f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006ccecc (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | new IV hash sha digest GR-bytes@0x55a9006ccfcc (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | new IV hash sha final chunk@0x7f14c8005d78 (length 20) | 4c 8a 89 0f 7e 60 8d 5d a3 db 7f 94 ec 2f c2 42 | 76 ac 42 b4 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 10 time elapsed 0.00196 seconds | (#11) spent 1.92 milliseconds in crypto helper computing work-order 10: main_inI2_outR2_tail (pcr) | crypto helper 2 sending results from work-order 10 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f14c8005af8 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 10 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #11: calculate DH finished | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14c40098d8: transferring ownership from helper IKEv1 DH+IV to state #11 | stop processing: state #11 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.0207 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c8005af8 | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c e2 28 51 8c | 86 98 ee ee f7 59 c4 1a c6 9b e2 dc 2e 65 5f 07 | 10 29 cb 91 17 f5 f0 cc 2c 4f d5 f4 c3 53 f8 e6 | 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_R2 (find_state_ikev1) | start processing: state #11 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 4c 8a 89 0f 7e 60 8d 5d a3 db 7f 94 ec 2f c2 42 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: c3 53 f8 e6 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | decrypted payload (starts at offset -48): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 d1 3a 9d a8 | ca a8 15 96 f0 d0 54 b3 65 a5 cb 48 d3 96 68 a6 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #11: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c8003758 | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | hmac PRF sha update data-bytes@0x7f14c4004f28 (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | hmac PRF sha update data-bytes@0x55a9006cbcd0 (length 8) | f8 0e 07 98 5a 78 ed f7 | hmac PRF sha update data-bytes@0x55a9006cbcd8 (length 8) | c9 91 91 14 7f bd 3f d5 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a9006b1308 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | d1 3a 9d a8 ca a8 15 96 f0 d0 54 b3 65 a5 cb 48 | d3 96 68 a6 | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c8005d78 | hmac PRF sha update data-bytes@0x7f14c4004f28 (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | hmac PRF sha update data-bytes@0x55a9006cbcd8 (length 8) | c9 91 91 14 7f bd 3f d5 | hmac PRF sha update data-bytes@0x55a9006cbcd0 (length 8) | f8 0e 07 98 5a 78 ed f7 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | ef 6b 91 00 2e 34 cd 84 30 41 dd ab 84 b5 a2 a3 | 90 78 57 d5 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R ef 6b 91 00 2e 34 cd 84 30 41 dd ab 84 b5 a2 a3 | HASH_R 90 78 57 d5 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: ef 6b 91 00 2e 34 cd 84 30 41 dd ab 84 b5 a2 a3 | encrypting: 90 78 57 d5 | IV: c3 53 f8 e6 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | last encrypted block of Phase 1: | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #11: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c 8c a9 30 3a | 8f 7c c3 39 92 6b 67 85 91 4b e7 a2 e7 a9 4a 54 | 8c e3 cb fc 79 7c 0d e9 90 eb 00 02 6a 4a 17 c7 | 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14b8002b78 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f14c4003ad8 size 128 | pstats #11 ikev1.isakmp established "east" #11: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #11 | #11 spent 0.553 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.699 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00287 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 25 b8 03 25 | 14 97 86 5b 1d 86 d0 d1 0e 6b 3a cd b6 4f 20 a8 | 7f ab f7 56 ed 72 a4 8a 4b 4f c9 b2 a8 b3 26 90 | 35 e6 91 9e a9 28 7f 7e fc 7a 3b c0 a0 51 ff 88 | 22 d2 fd b2 d3 c2 60 7f 55 6e c6 1a 98 47 02 8c | fa 43 e3 e5 47 7e d1 56 6d f4 72 3a c6 34 8b 33 | 5d 96 72 9d bc 95 55 ba df 0f 2c 5b c8 30 a6 3d | 42 15 45 54 24 87 16 95 0c d2 f4 30 af 18 2b 00 | cc 85 b7 ae 95 10 a8 7e 20 a7 2f 72 34 10 d9 7f | 62 b8 1e 1a 7c 1d 22 c0 7e 21 b7 17 89 db c9 9f | 04 f9 36 db 96 03 21 10 3b 1b 5b ae 21 39 1a 5f | 6f cf e3 b8 2e 11 d2 2a 2e 59 1f 8b c8 06 88 64 | ca 81 8a a2 68 d2 ba c2 0f b1 7a 35 d5 dd 45 b5 | 23 e1 2c f3 ab 35 d1 8d c9 6f a6 5d a4 d6 6b 2f | ad 84 ba 96 97 e0 3e a1 2e b9 a3 31 b7 b3 05 24 | 81 14 c8 9c 94 29 3b dc d2 c7 50 f6 37 74 56 57 | 09 d4 da a0 97 e5 a2 65 52 42 4b 37 17 74 82 e2 | 35 8c 1c 2a 7c 1e f8 67 d8 61 12 42 60 af 75 8d | d6 6d 05 0d c8 4b 9f ec 17 e9 06 dd 89 56 9a f1 | 38 dd b6 58 03 c5 22 15 f9 a7 bd 2b 7c 90 f6 d0 | a3 94 1b 8a 4c 81 aa 23 9f 1b d8 c4 0c 44 fa cd | e4 6e e2 22 65 eb 44 59 8e 94 55 dc b5 9a 59 63 | 69 a5 6f e4 f8 6c 85 72 d6 4e 1e e5 a0 9c 3d 18 | a9 48 f5 88 fa 13 ac 13 37 74 30 a9 01 3c 13 9c | b5 10 9c da a2 0d 3a bb 0f d0 10 4e c5 eb 28 b8 | 7c c1 c3 ea 2f cd 96 1c 9c ec 01 c6 a2 bc c9 8f | e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #11 in MAIN_R3 (find_state_ikev1) | start processing: state #11 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 5c 95 67 a0 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 59 65 9f 74 d6 1a 15 eb 67 75 2f 57 cc 9c 02 2b | 3b b9 4b af | #11 is idle | #11 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 59 65 9f 74 d6 1a 15 eb 67 75 2f 57 cc 9c 02 2b | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: a2 bc c9 8f e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | decrypted payload (starts at offset -416): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 01 00 00 18 | d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 b3 17 78 5f | 60 3b 83 57 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 2e 76 1e f9 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | 05 00 01 04 fa 6c 73 64 2d dd 6d 77 66 64 85 10 | bf fb be f3 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 | b7 6e 2d d2 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 | e7 2c a7 60 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 | 25 09 b9 fb fd 57 76 8b 88 27 cb 8e 20 af e5 8d | 76 ed f1 5d 80 b9 a8 96 ae 03 70 c6 25 40 82 99 | c8 02 93 93 ef 89 b1 a4 71 63 19 78 b6 20 56 49 | b9 14 76 e7 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 | 80 d2 25 b7 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 | a8 f4 c1 2d 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 | ce 35 8d 90 09 7e b4 d9 a3 de f1 df be 2d 8d e0 | 29 95 29 4f 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 | 25 e3 5a fd fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 | ba 36 28 f2 6a 3a 23 66 b3 45 0b 1e 85 85 26 db | 06 03 42 8d 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 | 54 f8 9c 24 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad | bf f4 ef 5e 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c8005d78 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update payload-bytes@0x55a9006caa8c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 2e 76 1e f9 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 2d e2 ee 3a | b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 71 87 b0 52 | 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de 05 00 01 04 | fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 b3 17 78 5f | 60 3b 83 57 | quick_inI1_outR1 HASH(1): | d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 b3 17 78 5f | 60 3b 83 57 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #11: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #12 at 0x55a9006cc228 | State DB: adding IKEv1 state #12 in UNDEFINED | pstats #12 ikev1.ipsec started | duplicating state object #11 "east" as #12 for IPSEC SA | #12 setting local endpoint to 192.1.2.23:500 from #11.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_d_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ai_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006ac790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #12 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #12: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 2e 76 1e f9 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | adding quick_outI1 KE work-order 11 for state #12 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14c0002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #12 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #12 and saving MD | #12 is busy; has a suspended MD | crypto helper 4 resuming | #11 spent 0.24 milliseconds in process_packet_tail() | crypto helper 4 starting work-order 11 for state #12 | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 4 doing build KE and nonce (quick_outI1 KE); request ID 11 | stop processing: state #12 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.646 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14bc0027f8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14bc0027f8 | NSS: Public DH wire value: | 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | Generated nonce: 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | Generated nonce: 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | crypto helper 4 finished build KE and nonce (quick_outI1 KE); request ID 11 time elapsed 0.000842 seconds | (#12) spent 0.842 milliseconds in crypto helper computing work-order 11: quick_outI1 KE (pcr) | crypto helper 4 sending results from work-order 11 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f14bc007658 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 11 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue1 for #12: calculated ke+nonce, calculating DH | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14bc0027f8: transferring ownership from helper KE to state #12 | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14bc0027f8: transferring ownership from state #12 to helper IKEv1 DH | adding quick outR1 DH work-order 12 for state #12 | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14c0002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14c0002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | suspending state #12 and saving MD | #12 is busy; has a suspended MD | resume sending helper answer for #12 suppresed complete_v1_state_transition() and stole MD | crypto helper 5 resuming | crypto helper 5 starting work-order 12 for state #12 | #12 spent 0.087 milliseconds in resume sending helper answer | crypto helper 5 doing compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 12 | peer's g: fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | peer's g: 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | peer's g: 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | peer's g: 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | peer's g: fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | peer's g: 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | peer's g: ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | peer's g: 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | peer's g: 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | peer's g: 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | peer's g: 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | peer's g: 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | peer's g: fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | peer's g: 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | peer's g: 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | peer's g: 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | Started DH shared-secret computation in NSS: | stop processing: state #12 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14bc007658 | new : g_ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14bc0027f8: computed shared DH secret key@0x55a9006bd630 | dh-shared : g^ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 5 finished compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 12 time elapsed 0.000764 seconds | (#12) spent 0.765 milliseconds in crypto helper computing work-order 12: quick outR1 DH (pcr) | crypto helper 5 sending results from work-order 12 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f14c00027d8 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 12 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue2 for #12: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 2e 76 1e f9 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xea05ea29 for esp.0@192.1.2.23 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI ea 05 ea 29 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ESP) | attributes 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | attributes 80 05 00 02 80 06 00 80 | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 "east" #12: responding to Quick Mode proposal {msgid:5c9567a0} "east" #12: us: 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east] "east" #12: them: 192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | Nr 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | emitting length of ISAKMP Nonce Payload: 36 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | keyex value fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | keyex value 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | keyex value 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | keyex value 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | keyex value 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | keyex value 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | keyex value c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | keyex value 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | keyex value 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | keyex value a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | keyex value 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | keyex value 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | keyex value c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | keyex value 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | keyex value 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | emitting length of ISAKMP Key Exchange Payload: 260 | DH secret MODP2048@0x7f14bc0027f8: transferring ownership from helper IKEv1 DH to state #12 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 01 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 02 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482648 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948272c (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | HASH(1) PRF sha update payload-bytes@0x55a8fff8a8f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 ea 05 ea 29 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 3b af 52 b0 | 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f 48 b6 e7 6a | 81 54 0f 9b 67 09 52 d5 90 58 21 c7 05 00 01 04 | 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a8fff8a8e0 (length 20) | 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 15 f9 3a cd | e8 9a 76 a7 | quick inR1 outI2 HASH(2): | 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 15 f9 3a cd | e8 9a 76 a7 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14c8003758 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ec a8 f1 83 48 e2 d7 f4 3d 69 ee 83 d8 3c 13 f0 10 a2 ad ac 4d 48 e8 49 e7 69 51 c8 9d ef a0 cb d8 e4 a4 f1 e2 46 57 a3 cf 25 03 84 fa 9e 82 0b c1 d1 de d7 34 70 72 dc 70 9c 30 be 5b 0f 7e 15 14 dd 44 d0 ba 4f 67 5b 69 09 33 c1 6f 48 81 9c ce b9 df e2 db ee 9e 6a 8f f3 9d dd ab 5f d1 94 10 50 29 ed af 01 cc 0d 23 d4 00 f3 7a 1d d0 9b d6 cb f3 8f 35 85 8f 21 37 ec b7 73 82 35 39 95 0a 66 6f 1f 6e 23 20 58 77 d9 21 b0 3e 7a 84 33 b1 f1 fb 58 ea 23 e5 64 97 45 37 fc d2 ec 8a ad e5 4b 07 94 e6 9b dc 90 97 54 be 83 70 56 bd b6 f2 76 2a aa 9f cb 6d b5 ac 9e 7b 36 0c 4c 3d 7e 4e 34 29 95 06 ae 74 68 29 4d dc e4 4b 42 fd b1 fd 25 35 9d 27 34 e2 d8 df 6d 13 0a 7a 25 ed c6 1e 7d 2e 31 ce 97 e2 b0 5e 0a 66 45 d9 36 73 68 8f 84 19 15 10 68 0f eb c3 a4 84 37 9a 62 54 26 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ec a8 f1 83 48 e2 d7 f4 3d 69 ee 83 d8 3c 13 f0 10 a2 ad ac 4d 48 e8 49 e7 69 51 c8 9d ef a0 cb d8 e4 a4 f1 e2 46 57 a3 cf 25 03 84 fa 9e 82 0b c1 d1 de d7 34 70 72 dc 70 9c 30 be 5b 0f 7e 15 14 dd 44 d0 ba 4f 67 5b 69 09 33 c1 6f 48 81 9c ce b9 df e2 db ee 9e 6a 8f f3 9d dd ab 5f d1 94 10 50 29 ed af 01 cc 0d 23 d4 00 f3 7a 1d d0 9b d6 cb f3 8f 35 85 8f 21 37 ec b7 73 82 35 39 95 0a 66 6f 1f 6e 23 20 58 77 d9 21 b0 3e 7a 84 33 b1 f1 fb 58 ea 23 e5 64 97 45 37 fc d2 ec 8a ad e5 4b 07 94 e6 9b dc 90 97 54 be 83 70 56 bd b6 f2 76 2a aa 9f cb 6d b5 ac 9e 7b 36 0c 4c 3d 7e 4e 34 29 95 06 ae 74 68 29 4d dc e4 4b 42 fd b1 fd 25 35 9d 27 34 e2 d8 df 6d 13 0a 7a 25 ed c6 1e 7d 2e 31 ce 97 e2 b0 5e 0a 66 45 d9 36 73 68 8f 84 19 15 10 68 0f eb c3 a4 84 37 9a 62 54 26 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006cc430 (length 4) | ea 05 ea 29 | hmac PRF sha update data-bytes@0x55a9006cc410 (length 4) | 2e 76 1e f9 | hmac PRF sha update data-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f14bc004638 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha update data-bytes@0x7f14bc004638 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha final-bytes@0x7f14c8005ba8 (length 20) | cd ad a7 c8 1f 92 ba f3 bb 25 2f 28 c2 77 7a 5e | 42 3b 94 04 | hmac PRF sha final-bytes@0x7f14c4009978 (length 20) | 6a e9 42 21 49 06 0a 2d d3 18 46 57 4e 7f ee 9d | da 6d 67 ed | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006bf278 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14c8004ec8 | hmac PRF sha update data-bytes@0x7f14c8005ba8 (length 20) | cd ad a7 c8 1f 92 ba f3 bb 25 2f 28 c2 77 7a 5e | 42 3b 94 04 | hmac PRF sha update data-bytes@0x7f14c4009978 (length 20) | 6a e9 42 21 49 06 0a 2d d3 18 46 57 4e 7f ee 9d | da 6d 67 ed | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ec a8 f1 83 48 e2 d7 f4 3d 69 ee 83 d8 3c 13 f0 10 a2 ad ac 4d 48 e8 49 e7 69 51 c8 9d ef a0 cb d8 e4 a4 f1 e2 46 57 a3 cf 25 03 84 fa 9e 82 0b c1 d1 de d7 34 70 72 dc 70 9c 30 be 5b 0f 7e 15 14 dd 44 d0 ba 4f 67 5b 69 09 33 c1 6f 48 81 9c ce b9 df e2 db ee 9e 6a 8f f3 9d dd ab 5f d1 94 10 50 29 ed af 01 cc 0d 23 d4 00 f3 7a 1d d0 9b d6 cb f3 8f 35 85 8f 21 37 ec b7 73 82 35 39 95 0a 66 6f 1f 6e 23 20 58 77 d9 21 b0 3e 7a 84 33 b1 f1 fb 58 ea 23 e5 64 97 45 37 fc d2 ec 8a ad e5 4b 07 94 e6 9b dc 90 97 54 be 83 70 56 bd b6 f2 76 2a aa 9f cb 6d b5 ac 9e 7b 36 0c 4c 3d 7e 4e 34 29 95 06 ae 74 68 29 4d dc e4 4b 42 fd b1 fd 25 35 9d 27 34 e2 d8 df 6d 13 0a 7a 25 ed c6 1e 7d 2e 31 ce 97 e2 b0 5e 0a 66 45 d9 36 73 68 8f 84 19 15 10 68 0f eb c3 a4 84 37 9a 62 54 26 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: ec a8 f1 83 48 e2 d7 f4 3d 69 ee 83 d8 3c 13 f0 10 a2 ad ac 4d 48 e8 49 e7 69 51 c8 9d ef a0 cb d8 e4 a4 f1 e2 46 57 a3 cf 25 03 84 fa 9e 82 0b c1 d1 de d7 34 70 72 dc 70 9c 30 be 5b 0f 7e 15 14 dd 44 d0 ba 4f 67 5b 69 09 33 c1 6f 48 81 9c ce b9 df e2 db ee 9e 6a 8f f3 9d dd ab 5f d1 94 10 50 29 ed af 01 cc 0d 23 d4 00 f3 7a 1d d0 9b d6 cb f3 8f 35 85 8f 21 37 ec b7 73 82 35 39 95 0a 66 6f 1f 6e 23 20 58 77 d9 21 b0 3e 7a 84 33 b1 f1 fb 58 ea 23 e5 64 97 45 37 fc d2 ec 8a ad e5 4b 07 94 e6 9b dc 90 97 54 be 83 70 56 bd b6 f2 76 2a aa 9f cb 6d b5 ac 9e 7b 36 0c 4c 3d 7e 4e 34 29 95 06 ae 74 68 29 4d dc e4 4b 42 fd b1 fd 25 35 9d 27 34 e2 d8 df 6d 13 0a 7a 25 ed c6 1e 7d 2e 31 ce 97 e2 b0 5e 0a 66 45 d9 36 73 68 8f 84 19 15 10 68 0f eb c3 a4 84 37 9a 62 54 26 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006cc430 (length 4) | ea 05 ea 29 | hmac PRF sha update data-bytes@0x55a9006cc410 (length 4) | 2e 76 1e f9 | hmac PRF sha update data-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f14bc004638 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha update data-bytes@0x7f14bc004638 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha final-bytes@0x7f14c8005bbc (length 20) | 76 b7 5d f6 d8 43 f9 a7 d7 4f 0c ca 62 c9 d0 63 | 5b 91 3a 45 | hmac PRF sha final-bytes@0x7f14c400998c (length 20) | 27 64 70 c9 b6 c8 59 88 d1 0d 45 c9 bc b4 ed c2 | d3 50 c7 85 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self | install_inbound_ipsec_sa() checking if we can route | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | routing is easy, or has resolvable near-conflict | checking if this is a replacement state | st=0x55a9006cc228 ost=(nil) st->serialno=#12 ost->serialno=#0 | installing outgoing SA now as refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2e761ef9@192.1.2.45 included non-error error | outgoing SA has refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.ea05ea29@192.1.2.23 included non-error error | priority calculation of connection "east" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | encrypting: 01 00 00 18 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 | encrypting: 15 f9 3a cd e8 9a 76 a7 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 ea 05 ea 29 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 3b af 52 b0 04 9f 88 48 3c 74 18 1a | encrypting: 40 ff 7a 9f 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 | encrypting: 90 58 21 c7 05 00 01 04 3e 1d 03 0f 28 1c 91 d3 | encrypting: 75 6e fe 8b 5d 04 a6 ed fe 62 75 27 3e 7d ed 47 | encrypting: 26 99 51 b8 19 8e cb fd 25 99 a7 03 37 5c 29 fe | encrypting: 57 45 ce 4d 69 36 24 d2 6b bf 03 f1 77 ff 5d e4 | encrypting: b5 2f a7 47 59 90 28 57 7b 90 ea ff 3d f2 0b c1 | encrypting: 32 2c 92 47 e5 8b fd 25 74 98 65 cf 2d 31 1b ed | encrypting: 89 b7 aa 1f fe 4c e7 bd 7d 31 ea e4 db eb bc 5b | encrypting: 71 13 bc 69 75 a8 4b a7 c8 13 ed d4 55 b1 20 80 | encrypting: 88 c5 40 30 54 9f 18 f7 02 6b 08 3f ec 44 09 1d | encrypting: 72 47 5d 55 67 26 94 68 6d 97 95 be f2 c7 a2 c9 | encrypting: 57 17 66 95 81 21 da 35 a8 cb dc 3b ab 3b 83 90 | encrypting: e8 c8 44 15 22 30 ae cb 1a 50 5e d5 07 57 06 86 | encrypting: db d7 59 04 31 f6 34 f3 4c 8d 53 15 0b 70 05 c8 | encrypting: b5 e5 b1 be dd 36 19 c0 c2 93 72 39 c7 5b 71 56 | encrypting: 7a b9 1f 74 62 fe d1 70 18 f9 7d bd e9 e7 8d 55 | encrypting: 2e 1b 9e cd c4 62 b2 31 86 25 0c da 45 83 78 06 | encrypting: e8 b6 69 15 a9 73 6d b9 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: a2 bc c9 8f e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: e7 f2 41 c5 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | finished processing quick inI1 | complete v1 state transition with STF_OK | [RE]START processing: state #12 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #12 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 | child state #12: QUICK_R0(established CHILD SA) => QUICK_R1(established CHILD SA) | event_already_set, deleting event | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14c0002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 444 bytes for STATE_QUICK_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #12) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 2a 30 3c 3d | ca e1 3f e9 b7 ec 72 63 c4 24 db 7b c9 59 c4 4c | 33 11 5b b6 2f 74 87 90 23 ab 9d 6d ab 2f 18 b7 | 1a f2 51 19 1d 42 5d 14 02 8b 7c 3a b7 9c 44 b2 | 9c bd 60 7b da 20 47 1e f0 89 b0 d3 e8 29 81 59 | 10 7d 61 d3 16 01 d6 e7 3d 28 b4 44 12 06 ac 5f | 5a fb 6f 90 60 a6 d9 92 04 f9 1a 88 c4 a1 d3 03 | 87 72 94 d0 4c 0e fe d8 b3 00 ee 47 df d4 76 81 | 73 1b ee 7f fd 00 87 25 24 bd d7 bc d2 df b9 f7 | b0 0e a9 92 6c 25 a8 21 09 14 9f 0a 90 69 7a 9a | 14 86 22 6b 4f 41 15 4b 31 33 b9 2f 2f 76 4a be | ee fd 6a 06 ea 68 09 87 a4 1f a6 9a 4d 14 39 f4 | e4 0a 81 ec 2e e0 fb 35 57 5c dc c6 c8 3e 75 b1 | c3 2a 76 a9 ec 87 a5 6e 3a 24 7a 7f c8 24 67 2e | 6a f1 06 a6 ae af 59 9d 61 9d 97 91 92 bd 35 17 | 13 20 c3 75 5f 38 61 16 e0 7e f3 cb b5 23 b1 ba | ee 55 4b e0 1b 39 11 4f f1 a1 bc 55 93 22 23 12 | 14 4a 4b ab 89 ee 6c d7 ae 51 f0 86 49 08 29 ae | 57 28 b9 69 b0 a9 05 7f 1e 71 0a 2c fb f6 ba 8c | 8d 6f 88 1f 19 8c 07 88 77 eb c3 f5 6f c5 d9 19 | 44 5c f2 f1 3a 74 46 f2 28 46 76 70 3e 8d 17 c8 | 44 0d fb 68 84 29 72 07 63 99 c0 bb 3d fa 24 34 | 31 3b 08 dd 09 bb 52 2b 40 54 cf 3a 37 a8 68 c8 | 18 94 15 57 84 4c cd ac 91 1b 3f 8d 1e 77 39 ea | 70 34 7a 63 b4 22 d8 10 5a bc 47 f6 01 d1 50 dc | 4e 3e 16 74 0e f9 e6 af 38 23 4e d4 e7 f2 41 c5 | 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14c0002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f14bc007658 size 128 | #12 STATE_QUICK_R1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.8824 | pstats #12 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #12: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 tunnel mode {ESP=>0x2e761ef9 <0xea05ea29 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 1.71 milliseconds in resume sending helper answer | stop processing: state #12 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c00027d8 | spent 0.00318 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 60 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 00 3c 7d 79 20 52 | 99 b3 ea fb e0 17 92 f8 97 2c 1b 61 bf b0 f3 91 | bc 3b fa c5 43 a3 7d 80 d4 f2 4c 28 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | length: 60 (0x3c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #12 in QUICK_R1 (find_state_ikev1) | start processing: state #12 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1633) | #12 is idle | #12 idle | received encrypted packet from 192.1.2.45:500 | decrypting 32 bytes using algorithm AES_CBC | IV before: e7 f2 41 c5 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: bf b0 f3 91 bc 3b fa c5 43 a3 7d 80 d4 f2 4c 28 | decrypted payload (starts at offset -32): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 00 3c 00 00 00 18 | 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e e8 ea 17 b7 | 21 2f 1a 35 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8003758 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f14c8005d78 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | HASH(1) PRF sha update Nr_b-bytes@0x7f14bc004638 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e e8 ea 17 b7 | 21 2f 1a 35 | quick_inI2 HASH(3): | 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e e8 ea 17 b7 | 21 2f 1a 35 | received 'quick_inI2' message HASH(3) data ok | install_ipsec_sa() for #12: outbound only | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | sr for #12: prospective erouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | route_and_eroute with c: east (next: none) ero:east esr:{(nil)} ro:east rosr:{(nil)} and state: #12 | priority calculation of connection "east" is 0xfe7e7 | eroute_connection replace eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45>tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2e761ef9 SPI_OUT=0xea0 | popen cmd is 1020 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' : | cmd( 160):PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1638: | cmd( 320):8' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKE: | cmd( 640):V1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO: | cmd( 720):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_IN: | cmd( 800):FO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_: | cmd( 880):CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED=: | cmd( 960):'no' SPI_IN=0x2e761ef9 SPI_OUT=0xea05ea29 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | route_and_eroute: instance "east", setting eroute_owner {spd=0x55a9006be648,sr=0x55a9006be648} to #12 (was #0) (newest_ipsec_sa=#0) | #11 spent 0.676 milliseconds in install_ipsec_sa() | inI2: instance east[0], setting IKEv1 newest_ipsec_sa to #12 (was #0) (spd.eroute=#12) cloned from #11 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #12 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #12 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 | child state #12: QUICK_R1(established CHILD SA) => QUICK_R2(established CHILD SA) | event_already_set, deleting event | state #12 requesting EVENT_RETRANSMIT to be deleted | #12 STATE_QUICK_R2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f14bc007658 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14c0002b78 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14c0002b78 | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f14c00027d8 size 128 | pstats #12 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #12: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x2e761ef9 <0xea05ea29 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | #12 spent 0.771 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #12 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.992 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00439 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00306 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 93 03 e3 61 00 00 00 4c 56 44 a6 12 | 90 b0 99 89 bc 81 3b c2 b3 a1 b7 38 bb 92 fc a0 | af f7 4c 41 c6 76 8b 8d fc 29 94 59 cd 75 ed b3 | 40 4c a7 fa 17 56 15 12 e6 f5 b7 21 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2466505569 (0x9303e361) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #12; msgid=00000000 st_msgid=5c9567a0 st_msgid_phase15=00000000 | peer and cookies match on #11; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #11 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #11 in MAIN_R3 (find_v1_info_state) | start processing: state #11 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 93 03 e3 61 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 78 47 85 71 29 f0 7d d9 0a 31 e9 5e 4e 59 74 88 | 49 08 e5 86 | #11 is idle | #11 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 78 47 85 71 29 f0 7d d9 0a 31 e9 5e 4e 59 74 88 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: cd 75 ed b3 40 4c a7 fa 17 56 15 12 e6 f5 b7 21 | decrypted payload (starts at offset -48): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 93 03 e3 61 00 00 00 4c 0c 00 00 18 | 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 81 ec c8 4f | 76 42 0c 1e 00 00 00 10 00 00 00 01 03 04 00 01 | 2e 76 1e f9 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8003758 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 93 03 e3 61 | HASH(1) PRF sha update payload-bytes@0x55a9006b131c (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 2e 76 1e f9 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 81 ec c8 4f | 76 42 0c 1e | informational HASH(1): | 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 81 ec c8 4f | 76 42 0c 1e | received 'informational' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Delete Payload into SPI | SPI 2e 76 1e f9 | FOR_EACH_STATE_... in find_phase2_state_to_delete | start processing: connection "east" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515) "east" #11: received Delete SA(0x2e761ef9) payload: deleting IPsec State #12 | pstats #12 ikev1.ipsec deleted completed | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) | start processing: state #12 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #12: deleting other state #12 (STATE_QUICK_R2) aged 0.092s and sending notification | child state #12: QUICK_R2(established CHILD SA) => delete | get_sa_info esp.2e761ef9@192.1.2.45 | get_sa_info esp.ea05ea29@192.1.2.23 "east" #12: ESP traffic information: in=84B out=84B | #12 send IKEv1 delete notification for STATE_QUICK_R2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3257508453 (0xc229a265) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload ea 05 ea 29 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94804e8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94805cc (length 4) | c2 29 a2 65 | HASH(1) PRF sha update payload-bytes@0x7ffef9480974 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 ea 05 ea 29 | HASH(1) PRF sha final-bytes@0x7ffef9480960 (length 20) | e2 7b f6 fa 87 4b 48 61 c8 12 cb 9c e4 3f 59 cb | 7f 9f 47 83 | send delete HASH(1): | e2 7b f6 fa 87 4b 48 61 c8 12 cb 9c e4 3f 59 cb | 7f 9f 47 83 | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94805dc (length 4) | c2 29 a2 65 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 64 2e e6 0d 8c 99 af 9d 83 a2 bf e5 e4 cf f7 43 | ba ad ba 11 | encrypting: 0c 00 00 18 e2 7b f6 fa 87 4b 48 61 c8 12 cb 9c | encrypting: e4 3f 59 cb 7f 9f 47 83 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 ea 05 ea 29 | IV: 64 2e e6 0d 8c 99 af 9d 83 a2 bf e5 e4 cf f7 43 | IV: ba ad ba 11 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 33 87 e7 11 a8 53 1b 1e 22 fc dd de 04 3c 65 52 | sending 76 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 c2 29 a2 65 00 00 00 4c f0 ba 8f 7e | f0 29 ff 46 15 8e c0 e3 e6 f8 14 1e 7e 6a 5d eb | af 7d 85 60 f1 22 04 aa 30 94 9e 71 33 87 e7 11 | a8 53 1b 1e 22 fc dd de 04 3c 65 52 | state #12 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14c00027d8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14c0002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844014' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2e761ef9 | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east: | cmd( 160):' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844014' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x2e761ef9 SPI_OUT=0xea05ea29 ipsec _updown 2>&1: | shunt_eroute() called for connection 'east' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.2e761ef9@192.1.2.45 | netlink response for Del SA esp.2e761ef9@192.1.2.45 included non-error error | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.ea05ea29@192.1.2.23 | netlink response for Del SA esp.ea05ea29@192.1.2.23 included non-error error | stop processing: connection "east" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection east | State DB: deleting IKEv1 state #12 in QUICK_R2 | child state #12: QUICK_R2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14bc0027f8: destroyed | stop processing: state #12 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume processing: state #11 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006bd630 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | connection 'east' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #11 | state #8 | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #8 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #8 ikev1.isakmp deleted other | [RE]START processing: state #8 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #8: deleting state (STATE_MAIN_R0) aged 1.417s and NOT sending notification | parent state #8: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #8 in MAIN_R0 | parent state #8: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #8 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #7 | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #7 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #7 ikev1.isakmp deleted other | [RE]START processing: state #7 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #7: deleting state (STATE_MAIN_R0) aged 1.920s and NOT sending notification | parent state #7: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #7 in MAIN_R0 | parent state #7: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #7 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #4 | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #4 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #4 ikev1.isakmp deleted other | [RE]START processing: state #4 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #4: deleting state (STATE_MAIN_R0) aged 3.183s and NOT sending notification | parent state #4: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #4 in MAIN_R0 | parent state #4: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #4 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #3 | suspend processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #3 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #3 ikev1.isakmp deleted other | [RE]START processing: state #3 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #3: deleting state (STATE_MAIN_R0) aged 3.685s and NOT sending notification | parent state #3: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #3 in MAIN_R0 | parent state #3: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #3 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #11 | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #11 ikev1.isakmp deleted completed | [RE]START processing: state #11 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #11: deleting state (STATE_MAIN_R3) aged 0.115s and sending notification | parent state #11: MAIN_R3(established IKE SA) => delete | #11 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1343971192 (0x501b5f78) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI f8 0e 07 98 5a 78 ed f7 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI c9 91 91 14 7f bd 3f d5 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480488 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c8003758 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948056c (length 4) | 50 1b 5f 78 | HASH(1) PRF sha update payload-bytes@0x7ffef9480914 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 f8 0e 07 98 | 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | HASH(1) PRF sha final-bytes@0x7ffef9480900 (length 20) | 91 a0 cb db b2 bb a0 43 3a 86 c3 2e c7 e7 2d ed | 5e 62 15 9a | send delete HASH(1): | 91 a0 cb db b2 bb a0 43 3a 86 c3 2e c7 e7 2d ed | 5e 62 15 9a | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006cbbc8 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948057c (length 4) | 50 1b 5f 78 | Phase 2 IV hash sha final bytes@0x55a9006cbb48 (length 20) | 6f 5d 68 ab 40 34 43 29 7d b3 0a ec e0 d8 42 e0 | 8e e0 5a 1a | encrypting: 0c 00 00 18 91 a0 cb db b2 bb a0 43 3a 86 c3 2e | encrypting: c7 e7 2d ed 5e 62 15 9a 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 f8 0e 07 98 5a 78 ed f7 c9 91 91 14 | encrypting: 7f bd 3f d5 | IV: 6f 5d 68 ab 40 34 43 29 7d b3 0a ec e0 d8 42 e0 | IV: 8e e0 5a 1a | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 3f 48 0d f1 a4 76 dd 30 9c f7 6c f8 4e 92 10 b6 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 50 1b 5f 78 00 00 00 5c 2f 27 96 d3 | 64 f4 cc 3c 52 2e e2 ae b9 c9 c1 e1 9c e4 df fa | d4 9a 6f b4 76 29 c8 44 47 01 5a f6 21 d5 62 ed | 70 2b 39 18 76 91 c1 f7 ce fd 30 ae 3f 48 0d f1 | a4 76 dd 30 9c f7 6c f8 4e 92 10 b6 | state #11 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14c4003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14b8002b78 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #11 in MAIN_R3 | parent state #11: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c40098d8: destroyed | stop processing: state #11 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006a3700 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2556) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2559) | del: | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.93 milliseconds in comm_handle_cb() reading and processing packet | spent 0.0018 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 e1 d3 43 c6 00 00 00 5c 7c 88 a9 05 | b5 a2 09 8c a9 da ba 3c 71 88 aa b8 62 30 f2 1e | 4b 61 f5 9f 8b 2d 6c dd 56 81 f8 26 0e 41 3b ec | 31 47 cf f8 b7 6f 82 4f 9c 4b d3 1a 40 29 ad 3f | 68 69 ec 4e 72 4c 9e f1 10 66 b3 6d | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3788719046 (0xe1d343c6) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xe1d343c6 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f8 0e 07 98 5a 78 ed f7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | c9 91 91 14 7f bd 3f d5 | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.071 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00515 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00267 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 4e 1a a3 b3 5c f7 10 ef 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 09 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | d8 c0 57 5b 86 37 ae d0 a2 84 d9 cf 57 b7 1e 70 | 14 aa 39 18 6c 48 67 ec e6 5f c0 7c f1 e1 36 e2 | creating state object #13 at 0x55a9006c1c58 | State DB: adding IKEv1 state #13 in UNDEFINED | pstats #13 ikev1.isakmp started | #13 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #13 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #13: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #13: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 80 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #13: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x7f14b8002b78 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #13: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.581 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00201 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | 14 00 00 24 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 | b8 d5 27 f9 b7 f6 49 9e cb 35 db 71 44 ea 83 14 | 9a 16 b4 08 14 00 00 18 3c 9a ed 4d a6 2c e1 ba | 76 9a c4 8a 47 50 6d f4 ae b7 b7 02 00 00 00 18 | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_R1 (find_state_ikev1) | start processing: state #13 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | natd_hash: hash= ae b7 b7 02 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | natd_hash: hash= a8 28 40 d1 | expected NAT-D(me): 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | expected NAT-D(me): ae b7 b7 02 | expected NAT-D(him): | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | received NAT-D: 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | received NAT-D: ae b7 b7 02 | received NAT-D: e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | received NAT-D: a8 28 40 d1 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 13 for state #13 | state #13 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | crypto helper 3 resuming | crypto helper 3 starting work-order 13 for state #13 | crypto helper 3 doing build KE and nonce (inI2_outR2 KE); request ID 13 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14b4006b98: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14b4006b98 | NSS: Public DH wire value: | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | Generated nonce: 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 76 4d 58 a6 | Generated nonce: 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 4d 08 d1 78 | crypto helper 3 finished build KE and nonce (inI2_outR2 KE); request ID 13 time elapsed 0.001045 seconds | (#13) spent 1.03 milliseconds in crypto helper computing work-order 13: inI2_outR2 KE (pcr) | crypto helper 3 sending results from work-order 13 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f14b4003ad8 size 128 | crypto helper 3 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | #13 spent 0.175 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.306 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #13 | start processing: state #13 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 13 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #13: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14b4006b98: transferring ownership from helper KE to state #13 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | keyex value ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | keyex value 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | keyex value 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | keyex value 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | keyex value 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | keyex value af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | keyex value bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | keyex value eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | keyex value ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | keyex value 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | keyex value 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | keyex value 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | keyex value 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | keyex value a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | keyex value d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 76 4d 58 a6 | Nr 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 4d 08 d1 78 | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | natd_hash: hash= a8 28 40 d1 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | NAT-D a8 28 40 d1 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | natd_hash: hash= ae b7 b7 02 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | NAT-D ae b7 b7 02 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14b4006b98: transferring ownership from state #13 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 14 for state #13 | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | crypto helper 6 resuming | crypto helper 6 starting work-order 14 for state #13 | crypto helper 6 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 14 | peer's g: 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | peer's g: 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | peer's g: 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | peer's g: de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | peer's g: 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | peer's g: 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | peer's g: 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | peer's g: 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | peer's g: f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | peer's g: 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | peer's g: 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | peer's g: f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | peer's g: a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | peer's g: 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | peer's g: 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | peer's g: 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14b4006b98: computed shared DH secret key@0x55a9006ac790 | dh-shared : g^ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d0983700 | #13 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #13: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | result: psk-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d09836e8 | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | result: psk-key@0x55a9006aad30 (36-bytes, SHA_1_HMAC) | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | psk: release tmp-key@0x55a9006a9280 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | SKEYID psk prf: created sha context 0x7f14b8003b00 from psk-key@0x55a9006aad30 | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #13) | SKEYID psk prf: begin sha with context 0x7f14b8003b00 from psk-key@0x55a9006aad30 | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | 14 00 00 24 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 | 76 4d 58 a6 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 | 4d 08 d1 78 14 00 00 18 e6 bc e2 ab 1b 53 a9 49 | fc 05 49 77 fd 47 fd b2 a8 28 40 d1 00 00 00 18 | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | SKEYID psk: release clone-key@0x55a9006aad30 | SKEYID psk PRF sha crypt-prf@0x7f14b8001548 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 b8 d5 27 f9 | b7 f6 49 9e cb 35 db 71 44 ea 83 14 9a 16 b4 08 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 76 4d 58 a6 | 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 4d 08 d1 78 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d0983720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d0983708 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID psk PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID psk: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_d: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d0983718 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14b8003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d prf: begin sha with context 0x7f14b8003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d: release clone-key@0x55a9006a9280 | SKEYID_d PRF sha crypt-prf@0x7f14b8001278 | SKEYID_d PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_d: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: b0 91 2d ea ab ca 39 2a 00 99 b7 70 cd a7 1a 8b e2 cb 5e ba 21 6a 47 2e a5 04 69 d4 2e e6 78 b0 2b 97 ae 6e e8 e4 de 32 e7 df 44 e6 d9 73 a8 40 bc 95 cf f8 04 bf 41 1b 2e c4 7f 55 54 2e ca d1 8c a1 dd 9e 73 01 6b 03 80 64 98 94 02 a0 40 2c 56 c8 9a f1 38 68 c8 7d b7 11 69 ae 87 71 39 a9 22 bc 45 8d 51 e3 a7 58 70 de 68 1b 79 b6 64 c1 2f 6b f2 9a bf e3 25 52 c4 16 e9 ce a5 ac c1 22 d7 16 fd 10 5d bb 7f 6a dd ae 79 88 7e df 13 c9 1f c9 d9 79 dd 93 62 b2 35 04 0a 58 f2 7f 0e ed 0a bb 20 29 2c a5 15 06 aa 20 d0 07 87 ba 23 40 e1 48 9d 1b 9e 0c fd ff 61 70 30 da 22 f9 00 18 9b 29 d0 cd 79 12 bb f5 77 eb 12 6b 23 f3 61 7d ad 1b 1d 61 f3 eb 66 27 3c af 7d ec ed a0 62 7d 0d 26 3c d1 93 ed 8c ca c2 a8 6a ec be cd 10 2f e7 bd f3 3f 83 ba 8f 9a e6 fa e7 ca 24 51 9f 6c | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b8004678 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d0983720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d0983708 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID_d PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_d: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_a: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d09836f8 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14b8003b00 from SKEYID-key@0x55a900622080 | SKEYID_a prf: begin sha with context 0x7f14b8003b00 from SKEYID-key@0x55a900622080 | SKEYID_a: release clone-key@0x55a900622080 | SKEYID_a PRF sha crypt-prf@0x7f14b8001548 | SKEYID_a PRF sha update SKEYID_d-key@0x55a9006a9280 (size 20) | SKEYID_a: SKEYID_d-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: f0 48 85 99 d5 4f 66 a5 5f 7f d6 ba ba 20 f5 f0 65 29 0f 4b ab 0c 44 c6 f0 93 e3 f7 f7 f9 56 0d | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b8002148 | unwrapped: e7 3d 90 ba c7 9a ba e2 e7 e3 ca 04 0c 4c 48 f6 | unwrapped: 51 06 06 e5 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_a: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: b0 91 2d ea ab ca 39 2a 00 99 b7 70 cd a7 1a 8b e2 cb 5e ba 21 6a 47 2e a5 04 69 d4 2e e6 78 b0 2b 97 ae 6e e8 e4 de 32 e7 df 44 e6 d9 73 a8 40 bc 95 cf f8 04 bf 41 1b 2e c4 7f 55 54 2e ca d1 8c a1 dd 9e 73 01 6b 03 80 64 98 94 02 a0 40 2c 56 c8 9a f1 38 68 c8 7d b7 11 69 ae 87 71 39 a9 22 bc 45 8d 51 e3 a7 58 70 de 68 1b 79 b6 64 c1 2f 6b f2 9a bf e3 25 52 c4 16 e9 ce a5 ac c1 22 d7 16 fd 10 5d bb 7f 6a dd ae 79 88 7e df 13 c9 1f c9 d9 79 dd 93 62 b2 35 04 0a 58 f2 7f 0e ed 0a bb 20 29 2c a5 15 06 aa 20 d0 07 87 ba 23 40 e1 48 9d 1b 9e 0c fd ff 61 70 30 da 22 f9 00 18 9b 29 d0 cd 79 12 bb f5 77 eb 12 6b 23 f3 61 7d ad 1b 1d 61 f3 eb 66 27 3c af 7d ec ed a0 62 7d 0d 26 3c d1 93 ed 8c ca c2 a8 6a ec be cd 10 2f e7 bd f3 3f 83 ba 8f 9a e6 fa e7 ca 24 51 9f 6c | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b80018c8 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d0983700 | result: final-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d09836e8 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006acb70 | SKEYID_a PRF sha final-key@0x55a900622080 (size 20) | SKEYID_a: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_e: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d0983708 | result: clone-key@0x55a9006acb70 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14b8003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e prf: begin sha with context 0x7f14b8003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e: release clone-key@0x55a9006acb70 | SKEYID_e PRF sha crypt-prf@0x7f14b8001278 | SKEYID_e PRF sha update SKEYID_a-key@0x55a900622080 (size 20) | SKEYID_e: SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 69 58 69 5e 32 a8 55 09 aa 21 a3 2b ec 89 a8 57 81 36 af 51 44 bc a6 b6 7d 73 55 3a 5d 3b b1 f2 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b8001598 | unwrapped: ef e9 c6 82 ff 3c 74 57 ec d9 d9 b6 8f e7 bf 92 | unwrapped: ee ee f6 73 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_e: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: b0 91 2d ea ab ca 39 2a 00 99 b7 70 cd a7 1a 8b e2 cb 5e ba 21 6a 47 2e a5 04 69 d4 2e e6 78 b0 2b 97 ae 6e e8 e4 de 32 e7 df 44 e6 d9 73 a8 40 bc 95 cf f8 04 bf 41 1b 2e c4 7f 55 54 2e ca d1 8c a1 dd 9e 73 01 6b 03 80 64 98 94 02 a0 40 2c 56 c8 9a f1 38 68 c8 7d b7 11 69 ae 87 71 39 a9 22 bc 45 8d 51 e3 a7 58 70 de 68 1b 79 b6 64 c1 2f 6b f2 9a bf e3 25 52 c4 16 e9 ce a5 ac c1 22 d7 16 fd 10 5d bb 7f 6a dd ae 79 88 7e df 13 c9 1f c9 d9 79 dd 93 62 b2 35 04 0a 58 f2 7f 0e ed 0a bb 20 29 2c a5 15 06 aa 20 d0 07 87 ba 23 40 e1 48 9d 1b 9e 0c fd ff 61 70 30 da 22 f9 00 18 9b 29 d0 cd 79 12 bb f5 77 eb 12 6b 23 f3 61 7d ad 1b 1d 61 f3 eb 66 27 3c af 7d ec ed a0 62 7d 0d 26 3c d1 93 ed 8c ca c2 a8 6a ec be cd 10 2f e7 bd f3 3f 83 ba 8f 9a e6 fa e7 ca 24 51 9f 6c | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b8004678 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d0983710 | result: final-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d09836f8 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a3700 | SKEYID_e PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID_e: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d0983768 | result: keymat-key@0x55a9006a3700 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a9006a9280, skeyid_a 0x55a900622080, skeyid_e 0x55a9006acb70, enc_key 0x55a9006a3700 | DH_i: 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | DH_i: 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | DH_i: 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | DH_i: de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | DH_i: 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | DH_i: 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | DH_i: 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | DH_i: 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | DH_i: f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | DH_i: 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | DH_i: 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | DH_i: f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | DH_i: a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | DH_i: 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | DH_i: 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | DH_i: 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | DH_r: 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | DH_r: ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | DH_r: 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | DH_r: 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | DH_r: 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | DH_r: 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | DH_r: af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | DH_r: bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | DH_r: eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | DH_r: ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | DH_r: 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | DH_r: 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | DH_r: 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | DH_r: 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | DH_r: a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | DH_r: d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | new IV hash sha final chunk@0x7f14b8001598 (length 20) | ef 0d 19 56 4a 57 00 69 05 62 3e 5f 8f 98 95 29 | dc 93 b8 5c | crypto helper 6 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 14 time elapsed 0.004667 seconds | (#13) spent 2.13 milliseconds in crypto helper computing work-order 14: main_inI2_outR2_tail (pcr) | crypto helper 6 sending results from work-order 14 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f14b8002098 size 128 | crypto helper 6 waiting (nothing to do) | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14b8002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #13 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29300.403611 "east" #13: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.441 milliseconds in resume sending helper answer | stop processing: state #13 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b4003ad8 | processing resume sending helper answer for #13 | start processing: state #13 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 14 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #13: calculate DH finished | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14b4006b98: transferring ownership from helper IKEv1 DH+IV to state #13 | stop processing: state #13 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.0191 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b8002098 | spent 0.00173 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 8d 27 bb 07 | 3d 8a 0e b5 fb ae 91 0b 39 1e 9c f4 17 49 f2 13 | a9 5b 79 33 3d 6d d4 3d 7c 21 b1 c7 19 26 96 0c | 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_R2 (find_state_ikev1) | start processing: state #13 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: ef 0d 19 56 4a 57 00 69 05 62 3e 5f 8f 98 95 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 19 26 96 0c 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | decrypted payload (starts at offset -48): | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 59 21 02 42 | 87 d3 1c 1f 17 c4 79 f5 a9 ca d3 1a 7f a1 7b bd | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #13: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14bc002f08 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | hmac PRF sha update data-bytes@0x7f14b4004f28 (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | d8 c0 57 5b 86 37 ae d0 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a9006b1308 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 59 21 02 42 87 d3 1c 1f 17 c4 79 f5 a9 ca d3 1a | 7f a1 7b bd | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14b8001598 | hmac PRF sha update data-bytes@0x7f14b4004f28 (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | d8 c0 57 5b 86 37 ae d0 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 4e 1a a3 b3 5c f7 10 ef | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | eb 16 ca 5a ef 1a e4 3b dc 8b 26 98 f1 a8 75 dd | 8f 0e 64 8c | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R eb 16 ca 5a ef 1a e4 3b dc 8b 26 98 f1 a8 75 dd | HASH_R 8f 0e 64 8c | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: eb 16 ca 5a ef 1a e4 3b dc 8b 26 98 f1 a8 75 dd | encrypting: 8f 0e 64 8c | IV: 19 26 96 0c 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | last encrypted block of Phase 1: | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #13: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 9a 43 bf 97 | 8d bc 2a 1a 66 1f 98 b8 2f 60 98 df 40 ec 44 62 | 56 11 ff 5f 3c 64 9d d7 e3 77 3a f3 8f 45 2f 46 | 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14b8002b78 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f14b4003ad8 size 128 | pstats #13 ikev1.isakmp established "east" #13: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #13 | #13 spent 0.559 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.691 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00313 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 20 01 62 f4 88 c5 00 00 01 bc e3 ff 23 9e | d8 4f d5 36 c6 f1 e8 49 8e 2a 89 dc 72 f3 ec 11 | 85 79 96 bd d3 93 55 ee 36 d9 33 f6 7f 55 fb e7 | ba fa f3 6d 89 d3 9e 38 44 da b2 1f 88 f4 ce 8a | cf 29 ea 0b 26 9e fc 6d 96 54 ed fd c1 96 44 73 | bf ca fd 82 dd a1 98 35 a3 b5 de 6a 55 c7 6c 55 | 51 af 40 75 ba 12 59 3a 11 95 dd 51 6e e5 a4 05 | 98 ea a6 cf 8c 18 00 25 7f ac a0 88 ad dc e2 e3 | 3d 99 ef e0 ee 3d 53 64 73 93 6b f2 b5 1c 61 18 | ec ea 42 11 5e ef 0e 72 4c 74 fa 59 8e 90 94 33 | 22 3c a5 40 7a b0 49 b9 76 98 84 87 16 6d 11 75 | f2 75 82 6c a7 97 ad 96 70 fe b0 2c fc 48 4c 23 | 6f 15 75 57 21 9d fc 75 6e a0 48 a9 99 52 6d f9 | 76 b4 88 01 3c 4c dc 76 14 77 d4 be e3 6e 08 c5 | 4e fc c4 50 f8 62 47 d2 45 b1 3a f1 76 c1 31 f1 | 1d 59 66 5a 80 1f 68 8c 9d 78 58 c7 4d 3d 50 0c | a0 ec 66 f9 42 23 64 2a b8 84 fa 8b 51 d5 89 d2 | 43 7e f1 31 51 fb fe a0 88 2e d1 ef 25 3e 0b 3c | a2 a7 8a a1 bd 23 1a 9b 17 1e 3b ab a8 50 cc a3 | 64 df 4e 0b 69 15 c2 2a 41 89 2a 74 23 20 82 f8 | 80 22 1a 8e 3a b4 81 61 37 c4 1d 3e 09 97 bd 2e | b0 a6 79 c2 d5 36 50 15 c4 30 62 42 18 86 cc 41 | 4a b7 0e ec 93 9f 60 e9 70 46 e5 1b 4c c1 97 7a | db f5 d7 14 0a c2 ac 9b ce 20 40 8a 49 8e e4 41 | d3 23 9d 8f 29 8d 06 65 4f 9f 33 1b 2a d2 78 41 | de a9 19 98 5f cd 07 0b 54 f7 dc e5 32 53 fb 79 | 30 d4 5a 63 62 8a 7b b5 ee 65 49 59 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1660192965 (0x62f488c5) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #13 in MAIN_R3 (find_state_ikev1) | start processing: state #13 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 62 f4 88 c5 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 56 8f 8d be a5 d9 73 02 5b 9e 43 64 d1 a1 87 7d | 72 38 58 f9 | #13 is idle | #13 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 56 8f 8d be a5 d9 73 02 5b 9e 43 64 d1 a1 87 7d | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 32 53 fb 79 30 d4 5a 63 62 8a 7b b5 ee 65 49 59 | decrypted payload (starts at offset -416): | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 20 01 62 f4 88 c5 00 00 01 bc 01 00 00 18 | 65 b9 46 53 72 05 b2 ed be d9 3b 74 0c f8 2b 5d | 9b 5f 0d 37 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 04 4d ea b4 00 00 00 1c | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 7c 3c 76 59 | d0 12 93 ef 5c 3b d9 fd b5 1b 54 e2 dc f9 f7 9c | 28 e1 84 c1 ff c5 e6 7c 6d 40 85 3b 05 00 01 04 | 03 74 9b 43 ac 7c 26 51 5f 83 88 73 ba 45 b9 2d | 3f 80 0b 6c d5 96 02 73 f3 fe 51 78 3e 9f f3 4a | fb 63 65 9f b3 8a 93 88 2b 58 88 60 42 ec 45 42 | d2 ef 18 c8 87 90 a1 0e 3f 1b 03 a8 4e 25 9e 81 | 2f 8f d5 52 61 da 68 15 bd ae 9b 37 1b ff ca d5 | 78 2c 6f 71 2f 43 86 53 1f 08 ea 23 e8 1e 49 79 | bd df a2 bc 52 c5 fa e4 cd b0 24 0e e2 df 65 7f | a1 b8 a6 57 0f 8c 99 30 38 70 aa 28 11 43 43 88 | da 23 aa 41 8b f0 17 14 a4 51 c3 b9 d0 56 97 ac | cb 40 1b 8f 9d c6 5b 62 ea 60 7b 36 a8 3c cd fd | f8 7d a4 39 b8 c9 02 af 34 a9 32 fd ab 0e b0 48 | 80 37 8c 50 52 dd fc 78 1d 80 44 08 1f c1 61 24 | d3 5e 91 30 c5 4c 3e 0b dd 3c 86 b3 6f 80 6f 32 | 04 09 2c e4 62 6b 1f 72 ba c4 3a e9 8b 4f 2a 8d | 9b 6d 73 c2 23 0e 5e 1e 56 8c b6 84 e3 9a 91 11 | af c9 bc 2a bd 7b c7 15 42 d0 d9 6f 00 9e 15 3c | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b8001598 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 62 f4 88 c5 | HASH(1) PRF sha update payload-bytes@0x55a9006c2bfc (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 04 4d ea b4 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 7c 3c 76 59 d0 12 93 ef | 5c 3b d9 fd b5 1b 54 e2 dc f9 f7 9c 28 e1 84 c1 | ff c5 e6 7c 6d 40 85 3b 05 00 01 04 03 74 9b 43 | ac 7c 26 51 5f 83 88 73 ba 45 b9 2d 3f 80 0b 6c | d5 96 02 73 f3 fe 51 78 3e 9f f3 4a fb 63 65 9f | b3 8a 93 88 2b 58 88 60 42 ec 45 42 d2 ef 18 c8 | 87 90 a1 0e 3f 1b 03 a8 4e 25 9e 81 2f 8f d5 52 | 61 da 68 15 bd ae 9b 37 1b ff ca d5 78 2c 6f 71 | 2f 43 86 53 1f 08 ea 23 e8 1e 49 79 bd df a2 bc | 52 c5 fa e4 cd b0 24 0e e2 df 65 7f a1 b8 a6 57 | 0f 8c 99 30 38 70 aa 28 11 43 43 88 da 23 aa 41 | 8b f0 17 14 a4 51 c3 b9 d0 56 97 ac cb 40 1b 8f | 9d c6 5b 62 ea 60 7b 36 a8 3c cd fd f8 7d a4 39 | b8 c9 02 af 34 a9 32 fd ab 0e b0 48 80 37 8c 50 | 52 dd fc 78 1d 80 44 08 1f c1 61 24 d3 5e 91 30 | c5 4c 3e 0b dd 3c 86 b3 6f 80 6f 32 04 09 2c e4 | 62 6b 1f 72 ba c4 3a e9 8b 4f 2a 8d 9b 6d 73 c2 | 23 0e 5e 1e 56 8c b6 84 e3 9a 91 11 af c9 bc 2a | bd 7b c7 15 42 d0 d9 6f 00 9e 15 3c 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 65 b9 46 53 72 05 b2 ed be d9 3b 74 0c f8 2b 5d | 9b 5f 0d 37 | quick_inI1_outR1 HASH(1): | 65 b9 46 53 72 05 b2 ed be d9 3b 74 0c f8 2b 5d | 9b 5f 0d 37 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #13: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #14 at 0x55a9006c5a48 | State DB: adding IKEv1 state #14 in UNDEFINED | pstats #14 ikev1.ipsec started | duplicating state object #13 "east" as #14 for IPSEC SA | #14 setting local endpoint to 192.1.2.23:500 from #13.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_d_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ai_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006a3700 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #13 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #14 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #14: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 04 4d ea b4 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 "east" #14: IPsec encryption transform AES_CBC did not specify required KEY_LENGTH attribute | ignoring ESP proposal with NULLed or unknown encryption "east" #14: no acceptable Proposal in IPsec SA | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #14 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #14 is idle | FOR_EACH_STATE_... in find_phase1_state "east" #14: sending encrypted notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1797042566 (0x6b1cb186) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'notification msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482208 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94822ec (length 4) | 6b 1c b1 86 | HASH(1) PRF sha update payload-bytes@0x7ffef9482594 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffef9482580 (length 20) | b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 8c 5f f6 08 | 13 99 fb 26 | send notification HASH(1): | b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 8c 5f f6 08 | 13 99 fb 26 | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94822fc (length 4) | 6b 1c b1 86 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 83 b2 18 7d 19 9f 43 b4 80 53 87 62 d4 e4 e9 7c | 75 0e 5d cc | encrypting: 0b 00 00 18 b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 | encrypting: 8c 5f f6 08 13 99 fb 26 00 00 00 0c 00 00 00 01 | encrypting: 01 00 00 0e | IV: 83 b2 18 7d 19 9f 43 b4 80 53 87 62 d4 e4 e9 7c | IV: 75 0e 5d cc | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 97 28 be 8e d8 f4 87 28 bf 69 da ca e6 94 86 0c | sending 76 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #14) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 6b 1c b1 86 00 00 00 4c c7 43 02 e1 | 59 ef 39 62 3e 7f f7 62 5e 7e fd 18 39 f7 c9 f2 | d2 4b 12 85 3e 05 56 12 d3 e9 2a 0a 97 28 be 8e | d8 f4 87 28 bf 69 da ca e6 94 86 0c | state transition function for STATE_QUICK_R0 failed: NO_PROPOSAL_CHOSEN | pstats #14 ikev1.ipsec deleted other | [RE]START processing: state #14 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #14: deleting state (STATE_QUICK_R0) aged 0.000s and NOT sending notification | child state #14: QUICK_R0(established CHILD SA) => delete | child state #14: QUICK_R0(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | in connection_discard for connection east | State DB: deleting IKEv1 state #14 in CHILDSA_DEL | child state #14: CHILDSA_DEL(informational) => UNDEFINED(ignore) | stop processing: state #14 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | #13 spent 0.56 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.948 milliseconds in comm_handle_cb() reading and processing packet | spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 ff df 4c 94 00 00 00 5c ec 38 3a 78 | d5 d9 0d 0e 65 b8 88 d3 0a 30 38 ea 6c db b4 a1 | ed 7b 04 1f 0c 24 df 23 f9 8f b8 fe 9e 69 cb 23 | c1 fa 39 37 ba ac 05 da 92 a9 14 5c d3 f5 03 a2 | 75 8e 80 ec 7d 10 25 20 7d 72 02 06 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4292824212 (0xffdf4c94) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #13; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #13 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #13 in MAIN_R3 (find_v1_info_state) | start processing: state #13 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | ff df 4c 94 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 8d 45 00 af a5 67 f8 9f 89 2e e8 4f ee c3 73 e0 | 6a ba 32 ba | #13 is idle | #13 idle | received encrypted packet from 192.1.2.45:500 | decrypting 64 bytes using algorithm AES_CBC | IV before: 8d 45 00 af a5 67 f8 9f 89 2e e8 4f ee c3 73 e0 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: d3 f5 03 a2 75 8e 80 ec 7d 10 25 20 7d 72 02 06 | decrypted payload (starts at offset -64): | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 ff df 4c 94 00 00 00 5c 0c 00 00 18 | e1 26 f4 44 8e 42 18 11 03 b6 c9 bc e4 6a fa 03 | 2e 0e c6 25 00 00 00 1c 00 00 00 01 01 10 00 01 | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14bc002f08 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | ff df 4c 94 | HASH(1) PRF sha update payload-bytes@0x55a9006c656c (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 4e 1a a3 b3 | 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | e1 26 f4 44 8e 42 18 11 03 b6 c9 bc e4 6a fa 03 | 2e 0e c6 25 | informational HASH(1): | e1 26 f4 44 8e 42 18 11 03 b6 c9 bc e4 6a fa 03 | 2e 0e c6 25 | received 'informational' message HASH(1) data ok | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie | iCookie 4e 1a a3 b3 5c f7 10 ef | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie | rCookie d8 c0 57 5b 86 37 ae d0 | State DB: found IKEv1 state #13 in MAIN_R3 (find_state_ikev1) | del: "east" #13: received Delete SA payload: self-deleting ISAKMP State #13 | pstats #13 ikev1.isakmp deleted completed | [RE]START processing: state #13 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #13: deleting state (STATE_MAIN_R3) aged 0.534s and sending notification | parent state #13: MAIN_R3(established IKE SA) => delete | #13 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3991348034 (0xede72342) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 4e 1a a3 b3 5c f7 10 ef | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI d8 c0 57 5b 86 37 ae d0 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480558 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b8001598 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948063c (length 4) | ed e7 23 42 | HASH(1) PRF sha update payload-bytes@0x7ffef94809e4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 4e 1a a3 b3 | 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | HASH(1) PRF sha final-bytes@0x7ffef94809d0 (length 20) | c0 40 3b 84 27 01 fa c0 3d db 9b 76 ca ee 49 a4 | 09 2e 72 b0 | send delete HASH(1): | c0 40 3b 84 27 01 fa c0 3d db 9b 76 ca ee 49 a4 | 09 2e 72 b0 | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948064c (length 4) | ed e7 23 42 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 37 a8 0f 1a 6c 92 dd 75 4e c5 6a 37 3c 07 a0 07 | 82 66 b7 a2 | encrypting: 0c 00 00 18 c0 40 3b 84 27 01 fa c0 3d db 9b 76 | encrypting: ca ee 49 a4 09 2e 72 b0 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b | encrypting: 86 37 ae d0 | IV: 37 a8 0f 1a 6c 92 dd 75 4e c5 6a 37 3c 07 a0 07 | IV: 82 66 b7 a2 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 36 2c 59 34 fe 54 21 65 94 03 e8 ec 19 b5 3a 35 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 ed e7 23 42 00 00 00 5c e8 a1 94 42 | 66 a4 c6 cf 4c 0a 33 7a e0 23 ee 7d c3 68 c8 94 | cb 85 37 69 11 52 dc 6b c0 a2 3b d0 38 e5 ef bf | 77 80 39 7c 0c 64 10 1d eb 9c 6e 5d 36 2c 59 34 | fe 54 21 65 94 03 e8 ec 19 b5 3a 35 | state #13 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14b4003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14b8002b78 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #13 in MAIN_R3 | parent state #13: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14b4006b98: destroyed | stop processing: state #13 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006ac790 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.635 milliseconds in comm_handle_cb() reading and processing packet | spent 0.0027 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 200 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 200 (0xc8) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0a 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 98 02 c7 dd 12 51 32 67 4d 70 a3 f6 3a 16 d4 ce | 7e 82 97 3e 48 3c 7e ff 76 43 0f 96 f7 30 52 db | creating state object #15 at 0x55a9006c1c58 | State DB: adding IKEv1 state #15 in UNDEFINED | pstats #15 ikev1.isakmp started | #15 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #15 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #15: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #15: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 140 | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #15: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 140 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x7f14b8002b78 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #15: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.57 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | 14 00 00 24 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 | 1c d7 8b a1 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 | 53 a2 77 66 14 00 00 18 15 56 6e d8 dd 59 ce ab | 4f bb b9 da af 51 2a 08 54 5e 97 39 00 00 00 18 | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_R1 (find_state_ikev1) | start processing: state #15 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | natd_hash: hash= 54 5e 97 39 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | natd_hash: hash= 3e a4 18 c0 | expected NAT-D(me): 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | expected NAT-D(me): 54 5e 97 39 | expected NAT-D(him): | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | received NAT-D: 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | received NAT-D: 54 5e 97 39 | received NAT-D: 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | received NAT-D: 3e a4 18 c0 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 15 for state #15 | state #15 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | crypto helper 0 resuming | crypto helper 0 starting work-order 15 for state #15 | crypto helper 0 doing build KE and nonce (inI2_outR2 KE); request ID 15 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14cc006f48: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14cc006f48 | NSS: Public DH wire value: | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | Generated nonce: 02 d5 7e fb 43 ab 30 62 8a 91 54 9b 6a d7 00 b0 | Generated nonce: f1 ae 4b 4c d9 06 b8 52 be e7 93 0f 79 86 ca 40 | crypto helper 0 finished build KE and nonce (inI2_outR2 KE); request ID 15 time elapsed 0.001069 seconds | (#15) spent 1.07 milliseconds in crypto helper computing work-order 15: inI2_outR2 KE (pcr) | crypto helper 0 sending results from work-order 15 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f14cc001698 size 128 | crypto helper 0 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #15 and saving MD | #15 is busy; has a suspended MD | #15 spent 0.2 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.356 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #15 | start processing: state #15 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 15 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #15: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14cc006f48: transferring ownership from helper KE to state #15 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | keyex value e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | keyex value 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | keyex value b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | keyex value 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | keyex value bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | keyex value 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | keyex value e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | keyex value bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | keyex value a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | keyex value 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | keyex value 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | keyex value 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | keyex value 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | keyex value 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | keyex value be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 02 d5 7e fb 43 ab 30 62 8a 91 54 9b 6a d7 00 b0 | Nr f1 ae 4b 4c d9 06 b8 52 be e7 93 0f 79 86 ca 40 | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | natd_hash: hash= 3e a4 18 c0 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | NAT-D 3e a4 18 c0 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | natd_hash: hash= 54 5e 97 39 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | NAT-D 54 5e 97 39 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14cc006f48: transferring ownership from state #15 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 16 for state #15 | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | crypto helper 1 resuming | crypto helper 1 starting work-order 16 for state #15 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 16 | peer's g: 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | peer's g: 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | peer's g: 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | peer's g: 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | peer's g: c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | peer's g: 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | peer's g: 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | peer's g: 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | peer's g: 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | peer's g: 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | peer's g: 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | peer's g: b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | peer's g: af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | peer's g: 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | peer's g: 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | peer's g: 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14cc006f48: computed shared DH secret key@0x55a9006a3700 | dh-shared : g^ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188700 | result: psk-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886e8 | result: psk-key@0x55a9006acb70 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a900622080 | SKEYID psk prf: created sha context 0x7f14c4002d60 from psk-key@0x55a9006acb70 | SKEYID psk prf: begin sha with context 0x7f14c4002d60 from psk-key@0x55a9006acb70 | SKEYID psk: release clone-key@0x55a9006acb70 | SKEYID psk PRF sha crypt-prf@0x7f14c40010b8 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 1c d7 8b a1 | 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 53 a2 77 66 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 02 d5 7e fb 43 ab 30 62 8a 91 54 9b 6a d7 00 b0 | f1 ae 4b 4c d9 06 b8 52 be e7 93 0f 79 86 ca 40 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID psk PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID psk: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_d: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188718 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a900622080 | SKEYID_d prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a900622080 | SKEYID_d: release clone-key@0x55a900622080 | SKEYID_d PRF sha crypt-prf@0x7f14c4001108 | SKEYID_d PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_d: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: fa 93 37 1f d3 37 29 8d e9 a6 0b 54 54 08 8c a5 50 da 82 a3 6e 05 f6 98 c1 2b 21 57 31 07 55 a2 27 82 68 62 5d 91 ce 28 cd 10 84 e5 a8 bc 33 ac c5 00 21 45 a4 0a e5 1e ce b4 b8 3e 96 83 40 4c 7a 15 d2 d7 8c f2 fe df dd a9 95 c2 74 32 fb b8 e1 de 73 83 06 ee 7a 35 c5 96 b0 23 00 b6 19 d6 91 87 7a c5 2e b9 b2 e1 ff 63 9c 63 39 40 f2 6b 40 f0 fa 1e 69 28 30 00 6f 20 c8 ab 39 65 ea 93 13 97 92 0e ac 8e 61 ac 25 53 e0 2d f6 52 77 c2 40 ab 6b 70 b8 2f bf 40 17 5f 93 88 88 09 d0 f3 55 d0 a5 05 66 cf 0a b9 1c ba 65 5a 7a d1 31 30 ac f7 ea 85 15 38 0c 9a c3 6e fd 18 e1 51 d5 4a 0b 5f 72 2c 31 0d 74 b6 8e 23 99 4c a0 e6 c7 71 c6 be 61 1c 80 68 c3 ec 27 1e 03 95 17 a3 4a 53 a9 61 a7 9b 92 d4 59 f9 8b d3 2d c5 17 7b 5d ed f9 e3 30 01 f0 02 5f 96 e4 28 7d a5 99 bf ff 20 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4003db8 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID_d PRF sha final-key@0x55a900622080 (size 20) | SKEYID_d: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_a: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886f8 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_a prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_a: release clone-key@0x55a9006a9280 | SKEYID_a PRF sha crypt-prf@0x7f14c40010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x55a900622080 (size 20) | SKEYID_a: SKEYID_d-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: 55 8e 03 7f 72 08 4f c7 f9 23 a0 98 45 7f d3 07 0c ee 3a e8 6b 40 db ac 45 bc 5d 21 f9 f0 71 12 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c4001158 | unwrapped: 4d ed 05 fc f9 e3 61 b2 90 c8 aa 0c 98 2b 29 30 | unwrapped: 07 40 02 42 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_a: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: fa 93 37 1f d3 37 29 8d e9 a6 0b 54 54 08 8c a5 50 da 82 a3 6e 05 f6 98 c1 2b 21 57 31 07 55 a2 27 82 68 62 5d 91 ce 28 cd 10 84 e5 a8 bc 33 ac c5 00 21 45 a4 0a e5 1e ce b4 b8 3e 96 83 40 4c 7a 15 d2 d7 8c f2 fe df dd a9 95 c2 74 32 fb b8 e1 de 73 83 06 ee 7a 35 c5 96 b0 23 00 b6 19 d6 91 87 7a c5 2e b9 b2 e1 ff 63 9c 63 39 40 f2 6b 40 f0 fa 1e 69 28 30 00 6f 20 c8 ab 39 65 ea 93 13 97 92 0e ac 8e 61 ac 25 53 e0 2d f6 52 77 c2 40 ab 6b 70 b8 2f bf 40 17 5f 93 88 88 09 d0 f3 55 d0 a5 05 66 cf 0a b9 1c ba 65 5a 7a d1 31 30 ac f7 ea 85 15 38 0c 9a c3 6e fd 18 e1 51 d5 4a 0b 5f 72 2c 31 0d 74 b6 8e 23 99 4c a0 e6 c7 71 c6 be 61 1c 80 68 c3 ec 27 1e 03 95 17 a3 4a 53 a9 61 a7 9b 92 d4 59 f9 8b d3 2d c5 17 7b 5d ed f9 e3 30 01 f0 02 5f 96 e4 28 7d a5 99 bf ff 20 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4004f28 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188700 | result: final-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886e8 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006aad30 | SKEYID_a PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_a: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_e: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188708 | result: clone-key@0x55a9006aad30 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14c4002d60 from SKEYID-key@0x55a9006aad30 | SKEYID_e prf: begin sha with context 0x7f14c4002d60 from SKEYID-key@0x55a9006aad30 | SKEYID_e: release clone-key@0x55a9006aad30 | SKEYID_e PRF sha crypt-prf@0x7f14c4001108 | SKEYID_e PRF sha update SKEYID_a-key@0x55a9006a9280 (size 20) | SKEYID_e: SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: f7 89 d3 bc cc 78 74 28 91 1e d9 3e 88 a1 05 d6 f8 44 9d 92 80 31 51 dd 86 1c 1c 4f a1 2e 1a 60 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c40030c8 | unwrapped: 96 ff 20 ec 1f 2a e5 ba 81 69 a6 25 c4 f5 cd c9 | unwrapped: ae f5 26 ea 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_e: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: fa 93 37 1f d3 37 29 8d e9 a6 0b 54 54 08 8c a5 50 da 82 a3 6e 05 f6 98 c1 2b 21 57 31 07 55 a2 27 82 68 62 5d 91 ce 28 cd 10 84 e5 a8 bc 33 ac c5 00 21 45 a4 0a e5 1e ce b4 b8 3e 96 83 40 4c 7a 15 d2 d7 8c f2 fe df dd a9 95 c2 74 32 fb b8 e1 de 73 83 06 ee 7a 35 c5 96 b0 23 00 b6 19 d6 91 87 7a c5 2e b9 b2 e1 ff 63 9c 63 39 40 f2 6b 40 f0 fa 1e 69 28 30 00 6f 20 c8 ab 39 65 ea 93 13 97 92 0e ac 8e 61 ac 25 53 e0 2d f6 52 77 c2 40 ab 6b 70 b8 2f bf 40 17 5f 93 88 88 09 d0 f3 55 d0 a5 05 66 cf 0a b9 1c ba 65 5a 7a d1 31 30 ac f7 ea 85 15 38 0c 9a c3 6e fd 18 e1 51 d5 4a 0b 5f 72 2c 31 0d 74 b6 8e 23 99 4c a0 e6 c7 71 c6 be 61 1c 80 68 c3 ec 27 1e 03 95 17 a3 4a 53 a9 61 a7 9b 92 d4 59 f9 8b d3 2d c5 17 7b 5d ed f9 e3 30 01 f0 02 5f 96 e4 28 7d a5 99 bf ff 20 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c4003db8 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3188710 | result: final-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d31886f8 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006ac790 | SKEYID_e PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID_e: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3188768 | result: keymat-key@0x55a9006ac790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a900622080, skeyid_a 0x55a9006a9280, skeyid_e 0x55a9006aad30, enc_key 0x55a9006ac790 | DH_i: 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | DH_i: 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | DH_i: 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | DH_i: 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | DH_i: c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | DH_i: 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | DH_i: 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | DH_i: 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | DH_i: 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | DH_i: 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | DH_i: 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | DH_i: b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | DH_i: af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | DH_i: 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | DH_i: 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | DH_i: 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | DH_r: 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | DH_r: e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | DH_r: 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | DH_r: b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | DH_r: 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | DH_r: bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | DH_r: 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | DH_r: e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | DH_r: bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | DH_r: a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | DH_r: 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | DH_r: 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | DH_r: 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | DH_r: 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | DH_r: 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | DH_r: be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | new IV hash sha final chunk@0x7f14c40030c8 (length 20) | a3 03 96 91 81 c8 cb 60 cf d5 08 52 6f f5 7a 13 | 8f 1c aa 6c | crypto helper 1 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 16 time elapsed 0.001955 seconds | (#15) spent 1.95 milliseconds in crypto helper computing work-order 16: main_inI2_outR2_tail (pcr) | crypto helper 1 sending results from work-order 16 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f14c40085b8 size 128 | crypto helper 1 waiting (nothing to do) | #15 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #15: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | 14 00 00 24 02 d5 7e fb 43 ab 30 62 8a 91 54 9b | 6a d7 00 b0 f1 ae 4b 4c d9 06 b8 52 be e7 93 0f | 79 86 ca 40 14 00 00 18 66 5c 2c 6a 10 19 97 84 | 66 6f 5a 47 98 96 73 18 3e a4 18 c0 00 00 00 18 | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14b8002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #15 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.435 "east" #15: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.395 milliseconds in resume sending helper answer | stop processing: state #15 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14cc001698 | processing resume sending helper answer for #15 | start processing: state #15 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 16 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #15: calculate DH finished | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14cc006f48: transferring ownership from helper IKEv1 DH+IV to state #15 | stop processing: state #15 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.0194 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c40085b8 | spent 0.00265 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 99 2e a8 05 | ba 2d ff 1f dc 05 21 b1 90 7b b8 3b bc 83 f8 9c | 6e 6c aa 36 35 8c 85 02 35 d3 4b 88 4a 81 5f b6 | c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_R2 (find_state_ikev1) | start processing: state #15 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: a3 03 96 91 81 c8 cb 60 cf d5 08 52 6f f5 7a 13 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 4a 81 5f b6 c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | decrypted payload (starts at offset -48): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 cc 54 8f 58 | 24 9c ec ad 3b c4 43 f7 45 24 01 04 c3 ad b7 2f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #15: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14bc002f08 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | hmac PRF sha update data-bytes@0x7f14cc004728 (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | ba c0 c7 46 43 f3 19 a7 | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | 98 02 c7 dd 12 51 32 67 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a9006bd708 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | cc 54 8f 58 24 9c ec ad 3b c4 43 f7 45 24 01 04 | c3 ad b7 2f | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c40030c8 | hmac PRF sha update data-bytes@0x7f14cc004728 (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | 98 02 c7 dd 12 51 32 67 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | ba c0 c7 46 43 f3 19 a7 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 1e 98 ba 4b c1 65 d3 9d b7 79 d0 42 ad 0f c1 2a | 56 27 52 26 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 1e 98 ba 4b c1 65 d3 9d b7 79 d0 42 ad 0f c1 2a | HASH_R 56 27 52 26 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 1e 98 ba 4b c1 65 d3 9d b7 79 d0 42 ad 0f c1 2a | encrypting: 56 27 52 26 | IV: 4a 81 5f b6 c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | last encrypted block of Phase 1: | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #15: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 14 a9 08 43 | 25 3b 05 db b0 78 4d 74 18 8b e3 7b 4f 75 db 2c | 9a bf 46 8b c6 a6 36 8e b5 25 65 26 ce c7 f1 92 | 43 42 36 0a dc c5 14 46 f3 40 95 03 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14b8002b78 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f14cc001698 size 128 | pstats #15 ikev1.isakmp established "east" #15: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #15 | #15 spent 0.596 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.742 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00252 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc e8 d7 94 61 | de 4f 33 0b 39 ab 3c 1b 70 fc 30 9e 26 c7 8a 44 | a3 89 81 78 bc fc 0e 83 67 b1 27 b9 75 3b bb 07 | e9 7d 05 05 f0 5b 57 3a 87 d2 ce ce 9e a3 75 82 | be 05 c1 6a 72 2b 00 13 03 8c 8d f8 4d 26 f7 06 | 38 be 6c 8e b5 3e 9e 90 a2 9d 16 46 d9 3a 7a 88 | fb 1b c1 c8 e6 8b 2b c0 6f ca 52 4c 5b 43 61 fe | 77 66 6e a7 82 11 4e 4f 21 ba 2b 45 01 e1 e2 3a | fa 18 17 7c 5e cc 78 b9 8d 91 f1 d6 fd 02 bc b3 | c3 76 68 d9 2b 18 76 e3 c3 a4 47 d8 dd de 94 20 | 2c 79 ce bc af df 1b e3 de 5b bd 96 99 d6 d2 3d | d3 aa 47 4c 2f a0 68 c3 e8 73 a2 25 58 7e 2b dc | b7 44 4e a8 8b c5 ea 43 a6 6e 05 9f bb 8d f9 88 | 40 80 d3 ef 80 d6 99 7d a4 b1 c8 71 50 8e ad b9 | 9f 97 c3 5a 7e 78 be f0 96 ff 72 04 f0 c0 87 ff | c6 83 11 09 7f c5 6f b2 0a d9 b8 4f f2 a9 b0 bf | 57 64 63 db 6c 9a b9 63 64 b8 a4 ab 2d 69 ff d3 | e1 c2 f6 df 04 ad d5 1e b1 ec cb 1b 0c ee 69 49 | 10 00 d3 49 85 94 18 78 8e 38 99 53 bc e6 4d e3 | 8f b7 53 a8 ce 9b e8 b9 8f 44 1b bd d2 f2 9b 13 | af 5a c5 dd c2 71 6b 37 3c 47 5e 29 6e b1 dc d2 | 7c 80 ce 2c e9 02 1d 16 47 3e 2a ac 5c 46 98 e7 | 38 5d 54 aa c4 8f 5d b2 12 59 cf 0a c4 92 2f fe | c9 9f 70 4e d3 9c c4 d2 6e 7d f2 33 8d 0d 76 43 | 89 ae 0d 20 6a fc ca e2 7b 6b e3 44 b7 69 55 68 | 27 fa d0 29 62 2b 6d 78 79 89 0f 33 b1 06 f0 98 | 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #15 in MAIN_R3 (find_state_ikev1) | start processing: state #15 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 1d bd 12 fc | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 71 92 59 78 6d ec 24 d2 0f 3f 99 13 1e 6b 63 cd | 75 1d 66 9b | #15 is idle | #15 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 71 92 59 78 6d ec 24 d2 0f 3f 99 13 1e 6b 63 cd | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: b1 06 f0 98 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | decrypted payload (starts at offset -416): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc 01 00 00 18 | 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 91 2c 55 b0 | da 50 f0 f4 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 84 d8 c1 2f 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | 05 00 01 04 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 | d4 65 ee f5 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 | 21 e8 52 d3 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd | e4 36 45 df 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 | fb 3c 2d 53 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 | c1 84 2a bc de 5a d9 51 42 34 9e 96 3e 33 f5 8a | b0 f0 41 45 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 | 3d fa e8 c4 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 | 38 22 2e 38 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 | ea 58 d9 fd 48 0d 2e e8 37 88 68 4a a9 89 3b 10 | 5e e6 74 21 86 42 a4 33 64 e7 fe 66 14 a3 29 ae | f0 3d 90 74 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 | 88 f9 ef 9f 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e | 8f 8d cc c0 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 | 5b 5b e2 ba 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa | 4a d7 9d e8 b2 26 92 ac 06 b1 de fe b4 a2 93 c3 | 9c bb 94 82 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c40030c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 1d bd 12 fc | HASH(1) PRF sha update payload-bytes@0x55a9006c2bfc (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 84 d8 c1 2f 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 0c 9f 69 54 | bc 52 cc 52 2b fe 3a 62 86 b9 42 ee fb bd 4a 50 | 41 68 68 3a 10 77 23 67 9b f0 e5 82 05 00 01 04 | 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 91 2c 55 b0 | da 50 f0 f4 | quick_inI1_outR1 HASH(1): | 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 91 2c 55 b0 | da 50 f0 f4 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #15: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #16 at 0x55a9006c5a48 | State DB: adding IKEv1 state #16 in UNDEFINED | pstats #16 ikev1.ipsec started | duplicating state object #15 "east" as #16 for IPSEC SA | #16 setting local endpoint to 192.1.2.23:500 from #15.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_d_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ai_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006ac790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #15 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #16 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #16: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 84 d8 c1 2f | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | adding quick_outI1 KE work-order 17 for state #16 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #16 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #16 and saving MD | #16 is busy; has a suspended MD | crypto helper 2 resuming | crypto helper 2 starting work-order 17 for state #16 | crypto helper 2 doing build KE and nonce (quick_outI1 KE); request ID 17 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | #15 spent 0.258 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #16 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.669 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7f14c80088f8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c80088f8 | NSS: Public DH wire value: | b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | Generated nonce: cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | Generated nonce: f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | crypto helper 2 finished build KE and nonce (quick_outI1 KE); request ID 17 time elapsed 0.001021 seconds | (#16) spent 1.02 milliseconds in crypto helper computing work-order 17: quick_outI1 KE (pcr) | crypto helper 2 sending results from work-order 17 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f14c8005af8 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #16 | start processing: state #16 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 17 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue1 for #16: calculated ke+nonce, calculating DH | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c80088f8: transferring ownership from helper KE to state #16 | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c80088f8: transferring ownership from state #16 to helper IKEv1 DH | adding quick outR1 DH work-order 18 for state #16 | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | crypto helper 4 resuming | crypto helper 4 starting work-order 18 for state #16 | crypto helper 4 doing compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 18 | peer's g: 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | peer's g: 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | peer's g: 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | peer's g: 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | peer's g: 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | peer's g: de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | peer's g: 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | peer's g: 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | peer's g: 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | peer's g: 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | peer's g: 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | peer's g: 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | peer's g: 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | peer's g: 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | peer's g: 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | peer's g: b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c80088f8: computed shared DH secret key@0x55a9006bd630 | dh-shared : g^ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 4 finished compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 18 time elapsed 0.00099 seconds | (#16) spent 0.981 milliseconds in crypto helper computing work-order 18: quick outR1 DH (pcr) | crypto helper 4 sending results from work-order 18 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f14bc0075a8 size 128 | crypto helper 4 waiting (nothing to do) | suspending state #16 and saving MD | #16 is busy; has a suspended MD | resume sending helper answer for #16 suppresed complete_v1_state_transition() and stole MD | #16 spent 0.0698 milliseconds in resume sending helper answer | stop processing: state #16 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c8005af8 | processing resume sending helper answer for #16 | start processing: state #16 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 18 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue2 for #16: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 84 d8 c1 2f | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xc2ceba69 for esp.0@192.1.2.23 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI c2 ce ba 69 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ESP) | attributes 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | attributes 80 05 00 02 80 06 00 80 | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 "east" #16: responding to Quick Mode proposal {msgid:1dbd12fc} "east" #16: us: 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east] "east" #16: them: 192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | Nr f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | emitting length of ISAKMP Nonce Payload: 36 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | keyex value c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | keyex value 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | keyex value a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | keyex value 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | keyex value bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | keyex value b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | keyex value dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | keyex value c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | keyex value 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | keyex value 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | keyex value 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | keyex value d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | keyex value 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | keyex value 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | keyex value a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | emitting length of ISAKMP Key Exchange Payload: 260 | DH secret MODP2048@0x7f14c80088f8: transferring ownership from helper IKEv1 DH to state #16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 01 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 02 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482648 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948272c (length 4) | 1d bd 12 fc | HASH(1) PRF sha update Ni_b-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | HASH(1) PRF sha update payload-bytes@0x55a8fff8a8f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 c2 ce ba 69 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 cf e7 52 14 | ce 11 a5 5c 3d 0a db a8 52 60 16 ac f7 f8 a6 82 | b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 05 00 01 04 | b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a8fff8a8e0 (length 20) | 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b 55 2c f7 69 | 6b 3c 6a 4f | quick inR1 outI2 HASH(2): | 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b 55 2c f7 69 | 6b 3c 6a 4f | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14bc002f08 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 04 4f 77 5f b3 ce 3b 28 06 5a 1c df 4f 02 2f 80 3b 8c 36 a4 68 be 18 89 d4 8f fd be 17 38 4f 14 a4 94 86 32 eb fc f8 73 c5 01 37 d6 73 72 68 a5 8d 48 43 5b 45 f3 6a 26 27 39 aa c3 b2 97 b6 c0 b0 33 f2 9d b1 93 a6 df b5 86 44 c6 b3 ad c6 dd 09 21 aa de b6 d9 b5 a3 2c 8f d6 a8 cd 53 0a 39 cc b2 b4 e7 fe 8b 19 55 63 59 29 a6 e7 0f ef be c1 bd 83 e2 eb 4b 50 25 63 e5 92 cf c4 ae 73 e0 9f 8c 9a 9d 18 82 52 9f bc 16 32 4f 62 89 bd e1 42 53 0c 9d 7c 07 ad c0 67 a2 0d 6a 55 3b d1 ae d0 63 35 d2 2f 0f cf d7 4d 7e 70 68 f1 97 71 97 f3 c8 52 dd 5c 35 ad b3 36 8e a8 40 9f 17 4d 51 f0 0f 28 dc be b9 95 49 92 af 0a 55 9e e6 ee a4 9f 0c b4 8f 1c 32 4c f7 e9 e7 16 05 8e e6 a2 6b 2c af 41 a8 53 f2 15 7b 15 e2 d4 bf 26 3a 67 f5 12 60 27 4b 0a 3a bb 5b ba 3f e8 a0 91 82 aa 17 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 04 4f 77 5f b3 ce 3b 28 06 5a 1c df 4f 02 2f 80 3b 8c 36 a4 68 be 18 89 d4 8f fd be 17 38 4f 14 a4 94 86 32 eb fc f8 73 c5 01 37 d6 73 72 68 a5 8d 48 43 5b 45 f3 6a 26 27 39 aa c3 b2 97 b6 c0 b0 33 f2 9d b1 93 a6 df b5 86 44 c6 b3 ad c6 dd 09 21 aa de b6 d9 b5 a3 2c 8f d6 a8 cd 53 0a 39 cc b2 b4 e7 fe 8b 19 55 63 59 29 a6 e7 0f ef be c1 bd 83 e2 eb 4b 50 25 63 e5 92 cf c4 ae 73 e0 9f 8c 9a 9d 18 82 52 9f bc 16 32 4f 62 89 bd e1 42 53 0c 9d 7c 07 ad c0 67 a2 0d 6a 55 3b d1 ae d0 63 35 d2 2f 0f cf d7 4d 7e 70 68 f1 97 71 97 f3 c8 52 dd 5c 35 ad b3 36 8e a8 40 9f 17 4d 51 f0 0f 28 dc be b9 95 49 92 af 0a 55 9e e6 ee a4 9f 0c b4 8f 1c 32 4c f7 e9 e7 16 05 8e e6 a2 6b 2c af 41 a8 53 f2 15 7b 15 e2 d4 bf 26 3a 67 f5 12 60 27 4b 0a 3a bb 5b ba 3f e8 a0 91 82 aa 17 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c5c50 (length 4) | c2 ce ba 69 | hmac PRF sha update data-bytes@0x55a9006c5c30 (length 4) | 84 d8 c1 2f | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f14c8003758 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha update data-bytes@0x7f14c8003758 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha final-bytes@0x7f14bc003748 (length 20) | 02 4e 39 3b 12 58 84 d9 d9 9a a4 b1 d2 80 ff b4 | 9c 5f 99 bb | hmac PRF sha final-bytes@0x7f14c0002888 (length 20) | 17 79 7b 81 13 21 23 00 6a 7d 87 ab ed 6a ec 78 | 87 40 db d7 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006bf278 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14c8004ec8 | hmac PRF sha update data-bytes@0x7f14bc003748 (length 20) | 02 4e 39 3b 12 58 84 d9 d9 9a a4 b1 d2 80 ff b4 | 9c 5f 99 bb | hmac PRF sha update data-bytes@0x7f14c0002888 (length 20) | 17 79 7b 81 13 21 23 00 6a 7d 87 ab ed 6a ec 78 | 87 40 db d7 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 04 4f 77 5f b3 ce 3b 28 06 5a 1c df 4f 02 2f 80 3b 8c 36 a4 68 be 18 89 d4 8f fd be 17 38 4f 14 a4 94 86 32 eb fc f8 73 c5 01 37 d6 73 72 68 a5 8d 48 43 5b 45 f3 6a 26 27 39 aa c3 b2 97 b6 c0 b0 33 f2 9d b1 93 a6 df b5 86 44 c6 b3 ad c6 dd 09 21 aa de b6 d9 b5 a3 2c 8f d6 a8 cd 53 0a 39 cc b2 b4 e7 fe 8b 19 55 63 59 29 a6 e7 0f ef be c1 bd 83 e2 eb 4b 50 25 63 e5 92 cf c4 ae 73 e0 9f 8c 9a 9d 18 82 52 9f bc 16 32 4f 62 89 bd e1 42 53 0c 9d 7c 07 ad c0 67 a2 0d 6a 55 3b d1 ae d0 63 35 d2 2f 0f cf d7 4d 7e 70 68 f1 97 71 97 f3 c8 52 dd 5c 35 ad b3 36 8e a8 40 9f 17 4d 51 f0 0f 28 dc be b9 95 49 92 af 0a 55 9e e6 ee a4 9f 0c b4 8f 1c 32 4c f7 e9 e7 16 05 8e e6 a2 6b 2c af 41 a8 53 f2 15 7b 15 e2 d4 bf 26 3a 67 f5 12 60 27 4b 0a 3a bb 5b ba 3f e8 a0 91 82 aa 17 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update g^xy-key@0x55a9006bd630 (size 256) | hmac: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 04 4f 77 5f b3 ce 3b 28 06 5a 1c df 4f 02 2f 80 3b 8c 36 a4 68 be 18 89 d4 8f fd be 17 38 4f 14 a4 94 86 32 eb fc f8 73 c5 01 37 d6 73 72 68 a5 8d 48 43 5b 45 f3 6a 26 27 39 aa c3 b2 97 b6 c0 b0 33 f2 9d b1 93 a6 df b5 86 44 c6 b3 ad c6 dd 09 21 aa de b6 d9 b5 a3 2c 8f d6 a8 cd 53 0a 39 cc b2 b4 e7 fe 8b 19 55 63 59 29 a6 e7 0f ef be c1 bd 83 e2 eb 4b 50 25 63 e5 92 cf c4 ae 73 e0 9f 8c 9a 9d 18 82 52 9f bc 16 32 4f 62 89 bd e1 42 53 0c 9d 7c 07 ad c0 67 a2 0d 6a 55 3b d1 ae d0 63 35 d2 2f 0f cf d7 4d 7e 70 68 f1 97 71 97 f3 c8 52 dd 5c 35 ad b3 36 8e a8 40 9f 17 4d 51 f0 0f 28 dc be b9 95 49 92 af 0a 55 9e e6 ee a4 9f 0c b4 8f 1c 32 4c f7 e9 e7 16 05 8e e6 a2 6b 2c af 41 a8 53 f2 15 7b 15 e2 d4 bf 26 3a 67 f5 12 60 27 4b 0a 3a bb 5b ba 3f e8 a0 91 82 aa 17 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c5c50 (length 4) | c2 ce ba 69 | hmac PRF sha update data-bytes@0x55a9006c5c30 (length 4) | 84 d8 c1 2f | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f14c8003758 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha update data-bytes@0x7f14c8003758 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha final-bytes@0x7f14bc00375c (length 20) | 38 a8 b6 cc e4 6c 8c d5 26 c8 e3 4e b2 88 0d 63 | f6 91 5d af | hmac PRF sha final-bytes@0x7f14c000289c (length 20) | 60 bc 36 59 73 b7 db 2e dd a5 ca 33 1a 27 0b bb | d5 da ee 10 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self | install_inbound_ipsec_sa() checking if we can route | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | routing is easy, or has resolvable near-conflict | checking if this is a replacement state | st=0x55a9006c5a48 ost=(nil) st->serialno=#16 ost->serialno=#0 | installing outgoing SA now as refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.84d8c12f@192.1.2.45 included non-error error | outgoing SA has refhim=0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.c2ceba69@192.1.2.23 included non-error error | priority calculation of connection "east" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | encrypting: 01 00 00 18 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b | encrypting: 55 2c f7 69 6b 3c 6a 4f 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 c2 ce ba 69 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 cf e7 52 14 ce 11 a5 5c 3d 0a db a8 | encrypting: 52 60 16 ac f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 | encrypting: 95 b9 0a d9 05 00 01 04 b3 ba 44 48 90 88 34 ff | encrypting: 6d bb b0 30 7d 4d 3d 58 c7 1a 3c 06 d6 e9 37 e8 | encrypting: 7b 73 f9 e4 22 52 c3 24 37 31 d1 ae 10 3c 84 fe | encrypting: 38 25 29 a9 90 50 ac 77 a2 6f a7 49 9b f6 a7 d7 | encrypting: c7 4f 3c 18 57 99 6b b2 13 89 00 dd 61 09 d6 d9 | encrypting: 69 f0 1a 6c ef 9f f4 bd bb 78 4e 24 7a 89 11 b9 | encrypting: f2 fa a3 b3 ab 6b ab e5 b6 8e d4 a4 2b 28 be 5f | encrypting: d3 c6 1d 75 c3 f4 39 01 dd 5c af 0d 77 9f dd f2 | encrypting: 56 86 f2 a5 37 d0 2a b7 c8 c5 23 ad 7e a9 c5 4c | encrypting: 8d 50 a3 f7 93 0b 52 b9 68 c3 12 a3 54 63 10 bd | encrypting: 74 f2 3f 63 7e 94 02 dc 36 4d 56 73 d8 17 ed 0a | encrypting: 39 6f d5 68 f8 6d b4 3a 9e f9 cd 8e 0c f3 b9 05 | encrypting: 44 80 96 37 e0 a0 cd 82 d2 da f3 67 31 ef f8 b9 | encrypting: d8 05 fd 9f 1e 08 43 65 95 9b df 5a 57 7b 5e 24 | encrypting: 9a b0 7e 0a 0f 99 05 f2 0a 88 29 33 07 dc 67 15 | encrypting: 5e 5f 3c 90 5c 8e cb dd a2 14 c2 e5 0d 40 22 d5 | encrypting: 61 bd 64 ee b0 7b d3 05 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: b1 06 f0 98 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: bb 50 05 05 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | finished processing quick inI1 | complete v1 state transition with STF_OK | [RE]START processing: state #16 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #16 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 | child state #16: QUICK_R0(established CHILD SA) => QUICK_R1(established CHILD SA) | event_already_set, deleting event | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14cc002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 444 bytes for STATE_QUICK_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #16) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc a3 b7 b6 f5 | ec fb 3e 5b d3 9e 10 ac 51 7c 1a 05 44 24 b4 5c | 7c 00 21 44 b0 ce dc af 2e 8d e9 88 cc e8 44 73 | 79 54 1c 39 c6 50 ea b5 8b 2a 13 f1 03 c5 06 de | 4d e3 9c 6f 3e 3d 57 e8 8a 4d 58 4e 40 e5 82 db | 21 25 a4 27 19 6a 7c e6 51 b2 bb 4c fb 54 fe c8 | e7 6a 15 33 d0 c8 6f 9c ac d7 61 f0 74 fc 5d 38 | 36 5c fa c3 3c d9 8e c8 6f 07 78 4a a6 2c f5 07 | d0 f8 36 4f b9 60 9d 93 23 5e 47 0a 71 28 03 03 | ca c1 ca 33 31 62 fe 8e 55 df c3 4c 7a 75 7f dd | 4a 35 17 82 b5 e9 4f 25 86 00 a0 ac c4 b6 8b 96 | 79 ed d1 93 04 f7 64 78 4f 28 12 a2 7c 4d cb 0b | a7 83 04 db 35 bb 2e 05 1c 46 ea 77 af 0a 85 af | c9 84 fb 98 4f b9 92 d3 1d f6 69 aa 43 e9 a1 b3 | df 87 da 28 67 6b 63 8c 67 9a db b2 30 79 bc 21 | f8 10 52 93 46 fb cb 51 07 9b 8f a3 9c be f7 0c | bc 05 46 17 f3 d4 5b 4c 04 39 00 44 16 29 34 03 | cd 75 0c 9d f3 9d bd bc a1 db 08 5e 7c e6 25 ee | 49 ee d8 92 75 2d 0b 17 50 fc 4e 21 7d fe 16 8b | 7b 6b e4 f3 21 30 24 ac cd cb a3 56 47 a5 80 8c | 5a 73 ad 98 5f db d6 e0 7a 15 44 a5 e7 7b 41 30 | c4 54 38 52 9b 77 08 1c c3 1a 4f 79 8e a3 28 fa | 55 53 d4 39 8b 6b 6b 60 6c 9f 0f 70 4b a6 1c 66 | d6 be ed 8c 5a 69 8a 2e 0f 02 ec fc 45 b2 08 4d | eb 6f 11 93 28 fb 24 f5 fc fe 7d 59 60 85 a0 8f | 82 a3 e0 ec ce da 19 0f af 31 18 ac bb 50 05 05 | 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14cc002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f14c8005af8 size 128 | #16 STATE_QUICK_R1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.448082 | pstats #16 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #16: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 tunnel mode {ESP=>0x84d8c12f <0xc2ceba69 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 1.67 milliseconds in resume sending helper answer | stop processing: state #16 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14bc0075a8 | spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 60 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 00 3c bf 1a fa 82 | ae 49 b1 b1 15 df b4 c3 45 1c 3d b2 41 08 0e ab | 68 82 ab d6 81 a8 96 50 de 46 f2 65 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | length: 60 (0x3c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #16 in QUICK_R1 (find_state_ikev1) | start processing: state #16 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1633) | #16 is idle | #16 idle | received encrypted packet from 192.1.2.45:500 | decrypting 32 bytes using algorithm AES_CBC | IV before: bb 50 05 05 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 41 08 0e ab 68 82 ab d6 81 a8 96 50 de 46 f2 65 | decrypted payload (starts at offset -32): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 00 3c 00 00 00 18 | 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc ce f3 b5 d7 | f5 7f 18 57 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14bc002f08 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 1d bd 12 fc | HASH(1) PRF sha update Ni_b-bytes@0x7f14c40030c8 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | HASH(1) PRF sha update Nr_b-bytes@0x7f14c8003758 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc ce f3 b5 d7 | f5 7f 18 57 | quick_inI2 HASH(3): | 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc ce f3 b5 d7 | f5 7f 18 57 | received 'quick_inI2' message HASH(3) data ok | install_ipsec_sa() for #16: outbound only | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | sr for #16: prospective erouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | route_and_eroute with c: east (next: none) ero:east esr:{(nil)} ro:east rosr:{(nil)} and state: #16 | priority calculation of connection "east" is 0xfe7e7 | eroute_connection replace eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45>tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x84d8c12f SPI_OUT=0xc2c | popen cmd is 1020 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' : | cmd( 160):PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1638: | cmd( 320):8' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKE: | cmd( 640):V1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO: | cmd( 720):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_IN: | cmd( 800):FO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_: | cmd( 880):CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED=: | cmd( 960):'no' SPI_IN=0x84d8c12f SPI_OUT=0xc2ceba69 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | route_and_eroute: instance "east", setting eroute_owner {spd=0x55a9006be648,sr=0x55a9006be648} to #16 (was #0) (newest_ipsec_sa=#0) | #15 spent 0.649 milliseconds in install_ipsec_sa() | inI2: instance east[0], setting IKEv1 newest_ipsec_sa to #16 (was #0) (spd.eroute=#16) cloned from #15 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #16 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #16 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 | child state #16: QUICK_R1(established CHILD SA) => QUICK_R2(established CHILD SA) | event_already_set, deleting event | state #16 requesting EVENT_RETRANSMIT to be deleted | #16 STATE_QUICK_R2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f14c8005af8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14cc002b78 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14cc002b78 | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f14bc0075a8 size 128 | pstats #16 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #16: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x84d8c12f <0xc2ceba69 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | #16 spent 0.744 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #16 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.958 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00412 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00284 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 55 c7 0b 63 00 00 00 4c 13 86 cc d9 | dc 6f f1 61 b3 b8 9d fc 4b 41 83 bb 9e 98 61 56 | de 5c b5 60 7d 96 c7 28 7d ee 7c d9 ed d9 ca 54 | e4 cc ed 67 2c 29 14 9a d5 bc 16 15 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1439107939 (0x55c70b63) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #16; msgid=00000000 st_msgid=1dbd12fc st_msgid_phase15=00000000 | peer and cookies match on #15; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #15 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #15 in MAIN_R3 (find_v1_info_state) | start processing: state #15 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 55 c7 0b 63 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 73 a5 6a d1 6d 9f 80 a4 74 ca c0 37 3b c0 79 40 | 38 b5 dd 32 | #15 is idle | #15 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 73 a5 6a d1 6d 9f 80 a4 74 ca c0 37 3b c0 79 40 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: ed d9 ca 54 e4 cc ed 67 2c 29 14 9a d5 bc 16 15 | decrypted payload (starts at offset -48): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 55 c7 0b 63 00 00 00 4c 0c 00 00 18 | 99 60 d8 ed d1 48 e8 d5 05 7f da 04 93 7c 7b d2 | cb 1a 09 aa 00 00 00 10 00 00 00 01 03 04 00 01 | 84 d8 c1 2f 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14bc002f08 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 55 c7 0b 63 | HASH(1) PRF sha update payload-bytes@0x55a9006bd71c (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 84 d8 c1 2f | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 99 60 d8 ed d1 48 e8 d5 05 7f da 04 93 7c 7b d2 | cb 1a 09 aa | informational HASH(1): | 99 60 d8 ed d1 48 e8 d5 05 7f da 04 93 7c 7b d2 | cb 1a 09 aa | received 'informational' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Delete Payload into SPI | SPI 84 d8 c1 2f | FOR_EACH_STATE_... in find_phase2_state_to_delete | start processing: connection "east" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515) "east" #15: received Delete SA(0x84d8c12f) payload: deleting IPsec State #16 | pstats #16 ikev1.ipsec deleted completed | suspend processing: state #15 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) | start processing: state #16 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #16: deleting other state #16 (STATE_QUICK_R2) aged 0.097s and sending notification | child state #16: QUICK_R2(established CHILD SA) => delete | get_sa_info esp.84d8c12f@192.1.2.45 | get_sa_info esp.c2ceba69@192.1.2.23 "east" #16: ESP traffic information: in=84B out=84B | #16 send IKEv1 delete notification for STATE_QUICK_R2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3098020356 (0xb8a80a04) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload c2 ce ba 69 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94804e8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94805cc (length 4) | b8 a8 0a 04 | HASH(1) PRF sha update payload-bytes@0x7ffef9480974 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 c2 ce ba 69 | HASH(1) PRF sha final-bytes@0x7ffef9480960 (length 20) | 73 61 91 95 ba 25 94 fd 17 f9 54 9b 94 7f c8 4c | c1 80 b9 2b | send delete HASH(1): | 73 61 91 95 ba 25 94 fd 17 f9 54 9b 94 7f c8 4c | c1 80 b9 2b | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94805dc (length 4) | b8 a8 0a 04 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | a9 17 f2 2d bd 48 8b de 6c 46 e7 41 bd c8 18 e0 | b2 22 a6 02 | encrypting: 0c 00 00 18 73 61 91 95 ba 25 94 fd 17 f9 54 9b | encrypting: 94 7f c8 4c c1 80 b9 2b 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 c2 ce ba 69 | IV: a9 17 f2 2d bd 48 8b de 6c 46 e7 41 bd c8 18 e0 | IV: b2 22 a6 02 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 18 02 4a 54 00 d8 ac 70 bd a3 fb 63 14 65 3c dc | sending 76 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 b8 a8 0a 04 00 00 00 4c cd 16 54 05 | a4 7c 9b 4e d8 af c1 d1 92 34 3c 28 d0 b1 23 be | 74 f4 00 54 54 52 ca 67 65 92 50 98 18 02 4a 54 | 00 d8 ac 70 bd a3 fb 63 14 65 3c dc | state #16 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14bc0075a8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14cc002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844015' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x84d8c12f | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east: | cmd( 160):' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844015' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x84d8c12f SPI_OUT=0xc2ceba69 ipsec _updown 2>&1: | shunt_eroute() called for connection 'east' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.84d8c12f@192.1.2.45 | netlink response for Del SA esp.84d8c12f@192.1.2.45 included non-error error | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.c2ceba69@192.1.2.23 | netlink response for Del SA esp.c2ceba69@192.1.2.23 included non-error error | stop processing: connection "east" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection east | State DB: deleting IKEv1 state #16 in QUICK_R2 | child state #16: QUICK_R2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c80088f8: destroyed | stop processing: state #16 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume processing: state #15 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006bd630 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | connection 'east' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #15 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #15 | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #15 ikev1.isakmp deleted completed | [RE]START processing: state #15 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #15: deleting state (STATE_MAIN_R3) aged 0.126s and sending notification | parent state #15: MAIN_R3(established IKE SA) => delete | #15 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1655820917 (0x62b1d275) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI ba c0 c7 46 43 f3 19 a7 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 98 02 c7 dd 12 51 32 67 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480488 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14bc002f08 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948056c (length 4) | 62 b1 d2 75 | HASH(1) PRF sha update payload-bytes@0x7ffef9480914 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 ba c0 c7 46 | 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | HASH(1) PRF sha final-bytes@0x7ffef9480900 (length 20) | 08 1f 29 7f 96 7f 64 60 81 11 8b f6 8e 4c 0f fc | f2 ff 61 63 | send delete HASH(1): | 08 1f 29 7f 96 7f 64 60 81 11 8b f6 8e 4c 0f fc | f2 ff 61 63 | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948057c (length 4) | 62 b1 d2 75 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 8c 01 9b 9a b3 00 6f 4a cf 3a 1e 38 b1 1f b1 16 | 4c 40 3a 90 | encrypting: 0c 00 00 18 08 1f 29 7f 96 7f 64 60 81 11 8b f6 | encrypting: 8e 4c 0f fc f2 ff 61 63 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 ba c0 c7 46 43 f3 19 a7 98 02 c7 dd | encrypting: 12 51 32 67 | IV: 8c 01 9b 9a b3 00 6f 4a cf 3a 1e 38 b1 1f b1 16 | IV: 4c 40 3a 90 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: c7 e5 28 b1 a8 69 17 73 51 24 0b 9a 1c f5 35 0f | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 62 b1 d2 75 00 00 00 5c bb fa 02 29 | 3f 60 92 02 b0 dc f1 45 b0 ad 93 ce a4 a6 62 f0 | 47 4b 8a 8e 16 6a 32 5d 4d 3e 05 8a f5 14 5e 19 | d1 b9 34 e5 17 88 56 b5 ba bf 15 ed c7 e5 28 b1 | a8 69 17 73 51 24 0b 9a 1c f5 35 0f | state #15 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14cc001698 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14b8002b78 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #15 in MAIN_R3 | parent state #15: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14cc006f48: destroyed | stop processing: state #15 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006a3700 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006ac790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2556) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2559) | del: | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.78 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00159 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 47 20 5a c6 00 00 00 5c 56 59 fb cf | a5 58 66 f1 c8 67 a3 2d 8a 7f 82 f3 36 d8 cf 5c | e4 ff 38 91 fb 48 ff 18 32 95 7c 14 94 67 4a c3 | f2 6d 57 a1 42 5f 7b e0 5b 47 c3 eb 66 7e 71 ed | cb dd d1 b3 3f 36 de b2 10 85 6e 83 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1193302726 (0x47205ac6) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x47205ac6 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | ba c0 c7 46 43 f3 19 a7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 98 02 c7 dd 12 51 32 67 | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0684 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00435 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00287 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 0e bf 9d 0d f9 86 72 c3 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0b 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | a7 45 86 f0 34 c6 4f 5b e4 72 94 42 93 56 76 f7 | bb d9 2f c8 76 c0 06 da db d6 a7 99 f2 60 27 a2 | creating state object #17 at 0x55a9006c1c58 | State DB: adding IKEv1 state #17 in UNDEFINED | pstats #17 ikev1.isakmp started | #17 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #17 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #17: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #17: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 80 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #17: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x7f14b8002b78 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #17: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.614 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00216 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | 14 00 00 24 d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 | 86 86 4a e6 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a | 8a d8 8a 18 14 00 00 18 10 03 62 ea e9 44 04 65 | 4e 8a 6f f4 6b ca 0b 89 e7 82 77 59 00 00 00 18 | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_R1 (find_state_ikev1) | start processing: state #17 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | natd_hash: hash= e7 82 77 59 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | natd_hash: hash= 45 76 de 71 | expected NAT-D(me): 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | expected NAT-D(me): e7 82 77 59 | expected NAT-D(him): | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | received NAT-D: 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | received NAT-D: e7 82 77 59 | received NAT-D: ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | received NAT-D: 45 76 de 71 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 19 for state #17 | state #17 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | crypto helper 5 resuming | #17 spent 0.163 milliseconds in process_packet_tail() | crypto helper 5 starting work-order 19 for state #17 | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 5 doing build KE and nonce (inI2_outR2 KE); request ID 19 | stop processing: state #17 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.3 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14c00045b8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c00045b8 | NSS: Public DH wire value: | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | Generated nonce: 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc a2 73 f8 8a | Generated nonce: 65 15 5d 64 51 0b 82 aa bd 85 bd a4 01 79 3a ea | crypto helper 5 finished build KE and nonce (inI2_outR2 KE); request ID 19 time elapsed 0.001037 seconds | (#17) spent 1.02 milliseconds in crypto helper computing work-order 19: inI2_outR2 KE (pcr) | crypto helper 5 sending results from work-order 19 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f14c0004768 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 19 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #17: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c00045b8: transferring ownership from helper KE to state #17 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | keyex value 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | keyex value 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | keyex value 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | keyex value 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | keyex value 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | keyex value c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | keyex value da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | keyex value 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | keyex value 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | keyex value 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | keyex value 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | keyex value fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | keyex value ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | keyex value fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | keyex value cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc a2 73 f8 8a | Nr 65 15 5d 64 51 0b 82 aa bd 85 bd a4 01 79 3a ea | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | natd_hash: hash= 45 76 de 71 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | NAT-D 45 76 de 71 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | natd_hash: hash= e7 82 77 59 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | NAT-D e7 82 77 59 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c00045b8: transferring ownership from state #17 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 20 for state #17 | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #17 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #17: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | crypto helper 3 resuming | crypto helper 3 starting work-order 20 for state #17 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | crypto helper 3 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 20 | peer's g: 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | peer's g: dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | 14 00 00 24 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc | a2 73 f8 8a 65 15 5d 64 51 0b 82 aa bd 85 bd a4 | 01 79 3a ea 14 00 00 18 ef 6d 3f 16 f6 df c0 ef | 0a f0 bc 30 9f a8 ff ca 45 76 de 71 00 00 00 18 | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14b8002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #17 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29302.023433 "east" #17: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.435 milliseconds in resume sending helper answer | stop processing: state #17 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c0004768 | peer's g: 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | peer's g: 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | peer's g: 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | peer's g: 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | peer's g: 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | peer's g: 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | peer's g: 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | peer's g: 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | peer's g: a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | peer's g: f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | peer's g: 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | peer's g: 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | peer's g: f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | peer's g: 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c00045b8: computed shared DH secret key@0x55a9006ac790 | dh-shared : g^ir-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186700 | result: psk-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866e8 | result: psk-key@0x55a9006aad30 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a9006a9280 | SKEYID psk prf: created sha context 0x7f14b4002d60 from psk-key@0x55a9006aad30 | SKEYID psk prf: begin sha with context 0x7f14b4002d60 from psk-key@0x55a9006aad30 | SKEYID psk: release clone-key@0x55a9006aad30 | SKEYID psk PRF sha crypt-prf@0x7f14b40010b8 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 86 86 4a e6 | 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a 8a d8 8a 18 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc a2 73 f8 8a | 65 15 5d 64 51 0b 82 aa bd 85 bd a4 01 79 3a ea | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID psk PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID psk: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_d: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186718 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_d prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a9006a9280 | SKEYID_d: release clone-key@0x55a9006a9280 | SKEYID_d PRF sha crypt-prf@0x7f14b4001108 | SKEYID_d PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_d: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f3 6d 1c fb 16 ff 61 26 b9 41 9b de 39 40 50 45 7b c2 23 08 59 74 2e 60 79 3f 05 0f 67 6d 5b 44 6f b1 25 35 d7 0a a8 87 09 0a 01 cd e5 2b 7a 91 7e 99 bf 26 4f b8 41 cf 33 51 9a 3d bd d2 bf 7d 03 69 bb 8c 6a 18 21 18 d4 b2 81 43 e6 b0 f6 f9 50 11 9e e8 ec 7a 90 97 8e 84 a0 0b 95 09 b6 9b 3b fd 53 0b 40 df 3f 5e 81 09 14 13 fa b5 76 7f 22 61 52 7c 95 df 08 56 42 08 11 c5 cd 43 3a 72 c8 75 39 c4 4e 4f 34 52 2e 78 ee 4d 0f 2b d2 4e 2b a5 e8 17 00 1c 95 95 4b 0c d8 06 89 23 14 75 e4 3f c5 fd 5e 60 2b 3c 31 f3 01 02 bf 07 56 e4 46 96 34 02 69 02 a5 30 d2 02 f2 c8 38 fb b5 05 12 fe ae 66 1b e8 1b b9 e0 a8 ea 5f 1d de 04 37 c4 00 d7 26 62 85 af d0 5c e1 c4 8b ab 52 2f 0d 20 c6 38 73 d8 62 ba df 18 7f 0c a5 6e 4e bf f6 19 99 da f7 a5 6c 25 40 06 50 83 51 20 09 31 45 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4003db8 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID_d PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_d: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_a: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866f8 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a900622080 | SKEYID_a prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a900622080 | SKEYID_a: release clone-key@0x55a900622080 | SKEYID_a PRF sha crypt-prf@0x7f14b40010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x55a9006a9280 (size 20) | SKEYID_a: SKEYID_d-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: 49 42 38 65 a3 15 41 10 e8 a9 47 68 35 ce 8d fb 3b a0 1e 00 7e 5e f9 9e 47 74 35 f9 4c 3a 55 34 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b4001158 | unwrapped: 7e 5f 85 5d 74 5b ee f5 b0 0f dd 8b 33 1b 10 b8 | unwrapped: d5 b7 a5 8a 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_a: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f3 6d 1c fb 16 ff 61 26 b9 41 9b de 39 40 50 45 7b c2 23 08 59 74 2e 60 79 3f 05 0f 67 6d 5b 44 6f b1 25 35 d7 0a a8 87 09 0a 01 cd e5 2b 7a 91 7e 99 bf 26 4f b8 41 cf 33 51 9a 3d bd d2 bf 7d 03 69 bb 8c 6a 18 21 18 d4 b2 81 43 e6 b0 f6 f9 50 11 9e e8 ec 7a 90 97 8e 84 a0 0b 95 09 b6 9b 3b fd 53 0b 40 df 3f 5e 81 09 14 13 fa b5 76 7f 22 61 52 7c 95 df 08 56 42 08 11 c5 cd 43 3a 72 c8 75 39 c4 4e 4f 34 52 2e 78 ee 4d 0f 2b d2 4e 2b a5 e8 17 00 1c 95 95 4b 0c d8 06 89 23 14 75 e4 3f c5 fd 5e 60 2b 3c 31 f3 01 02 bf 07 56 e4 46 96 34 02 69 02 a5 30 d2 02 f2 c8 38 fb b5 05 12 fe ae 66 1b e8 1b b9 e0 a8 ea 5f 1d de 04 37 c4 00 d7 26 62 85 af d0 5c e1 c4 8b ab 52 2f 0d 20 c6 38 73 d8 62 ba df 18 7f 0c a5 6e 4e bf f6 19 99 da f7 a5 6c 25 40 06 50 83 51 20 09 31 45 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4004f28 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186700 | result: final-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866e8 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006acb70 | SKEYID_a PRF sha final-key@0x55a900622080 (size 20) | SKEYID_a: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_e: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186708 | result: clone-key@0x55a9006acb70 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14b4002d60 from SKEYID-key@0x55a9006acb70 | SKEYID_e prf: begin sha with context 0x7f14b4002d60 from SKEYID-key@0x55a9006acb70 | SKEYID_e: release clone-key@0x55a9006acb70 | SKEYID_e PRF sha crypt-prf@0x7f14b4001108 | SKEYID_e PRF sha update SKEYID_a-key@0x55a900622080 (size 20) | SKEYID_e: SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 04 75 25 8b 35 ec 9c b9 5c c1 30 be d2 45 f8 64 4b 62 0c b8 ad c5 46 01 1d 47 cb 0f ef a7 69 6c | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14b40030c8 | unwrapped: 5f 0c 70 73 d0 a2 e0 66 da c5 42 ed 9a d8 b4 6f | unwrapped: 79 f0 be 6b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006ac790 (size 256) | SKEYID_e: g^xy-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f3 6d 1c fb 16 ff 61 26 b9 41 9b de 39 40 50 45 7b c2 23 08 59 74 2e 60 79 3f 05 0f 67 6d 5b 44 6f b1 25 35 d7 0a a8 87 09 0a 01 cd e5 2b 7a 91 7e 99 bf 26 4f b8 41 cf 33 51 9a 3d bd d2 bf 7d 03 69 bb 8c 6a 18 21 18 d4 b2 81 43 e6 b0 f6 f9 50 11 9e e8 ec 7a 90 97 8e 84 a0 0b 95 09 b6 9b 3b fd 53 0b 40 df 3f 5e 81 09 14 13 fa b5 76 7f 22 61 52 7c 95 df 08 56 42 08 11 c5 cd 43 3a 72 c8 75 39 c4 4e 4f 34 52 2e 78 ee 4d 0f 2b d2 4e 2b a5 e8 17 00 1c 95 95 4b 0c d8 06 89 23 14 75 e4 3f c5 fd 5e 60 2b 3c 31 f3 01 02 bf 07 56 e4 46 96 34 02 69 02 a5 30 d2 02 f2 c8 38 fb b5 05 12 fe ae 66 1b e8 1b b9 e0 a8 ea 5f 1d de 04 37 c4 00 d7 26 62 85 af d0 5c e1 c4 8b ab 52 2f 0d 20 c6 38 73 d8 62 ba df 18 7f 0c a5 6e 4e bf f6 19 99 da f7 a5 6c 25 40 06 50 83 51 20 09 31 45 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14b4003db8 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d2186710 | result: final-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d21866f8 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a3700 | SKEYID_e PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID_e: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d2186768 | result: keymat-key@0x55a9006a3700 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a9006a9280, skeyid_a 0x55a900622080, skeyid_e 0x55a9006acb70, enc_key 0x55a9006a3700 | DH_i: 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | DH_i: dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | DH_i: 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | DH_i: 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | DH_i: 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | DH_i: 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | DH_i: 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | DH_i: 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | DH_i: 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | DH_i: 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | DH_i: a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | DH_i: f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | DH_i: 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | DH_i: 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | DH_i: f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | DH_i: 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | DH_r: 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | DH_r: 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | DH_r: 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | DH_r: 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | DH_r: 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | DH_r: 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | DH_r: c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | DH_r: da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | DH_r: 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | DH_r: 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | DH_r: 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | DH_r: 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | DH_r: fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | DH_r: ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | DH_r: fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | DH_r: cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | new IV hash sha final chunk@0x7f14b40030c8 (length 20) | cd 38 e3 6d 78 bf 56 0e 64 6b 69 6c 3c 62 b9 4f | 87 ca a3 c2 | crypto helper 3 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 20 time elapsed 0.002266 seconds | (#17) spent 2.03 milliseconds in crypto helper computing work-order 20: main_inI2_outR2_tail (pcr) | crypto helper 3 sending results from work-order 20 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f14b4003978 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 20 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #17: calculate DH finished | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14c00045b8: transferring ownership from helper IKEv1 DH+IV to state #17 | stop processing: state #17 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.0204 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b4003978 | spent 0.00275 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c fb fb 6a 07 | c3 42 12 03 2b ad 20 32 5e 2e 53 c7 a2 d8 e1 b8 | 2b 4a 6b ee 9d 52 d0 31 92 37 04 85 33 c7 3e 5c | a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_R2 (find_state_ikev1) | start processing: state #17 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | received encrypted packet from 192.1.2.45:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: cd 38 e3 6d 78 bf 56 0e 64 6b 69 6c 3c 62 b9 4f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 33 c7 3e 5c a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | decrypted payload (starts at offset -48): | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 8a a4 53 1d | 8f 07 5c c1 c1 84 c6 07 a8 eb 41 40 a2 1a 2f e2 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #17: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14c80031d8 | hmac PRF sha update data-bytes@0x7f14c8002ff8 (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | a7 45 86 f0 34 c6 4f 5b | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a9006bd708 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 8a a4 53 1d 8f 07 5c c1 c1 84 c6 07 a8 eb 41 40 | a2 1a 2f e2 | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006bd630 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006bd630 | hmac: release clone-key@0x55a9006bd630 | hmac PRF sha crypt-prf@0x7f14b40030c8 | hmac PRF sha update data-bytes@0x7f14c0000b48 (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | hmac PRF sha update data-bytes@0x7f14c8002ff8 (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | a7 45 86 f0 34 c6 4f 5b | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 0e bf 9d 0d f9 86 72 c3 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 2e 04 d1 fb af 8d 6b 84 9d 71 3a 70 fe f5 6d d4 | 1e 2c 2d c0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 2e 04 d1 fb af 8d 6b 84 9d 71 3a 70 fe f5 6d d4 | HASH_R 1e 2c 2d c0 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 2e 04 d1 fb af 8d 6b 84 9d 71 3a 70 fe f5 6d d4 | encrypting: 1e 2c 2d c0 | IV: 33 c7 3e 5c a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | last encrypted block of Phase 1: | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #17: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 76 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c 7c d4 dd 65 | 2f da f7 aa da 97 be 24 60 90 a7 ed c8 58 e8 b6 | c5 d0 bd 57 dc ba 8d ed b0 36 48 c9 72 ba f2 d7 | a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14b8002b78 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f14c0004768 size 128 | pstats #17 ikev1.isakmp established "east" #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #17 | #17 spent 0.544 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.683 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00297 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 20 01 8d 6e 0a 0d 00 00 01 bc 93 a4 d1 4e | 5c 7d 8a 55 f6 32 f3 77 ad df 52 60 a6 99 7c eb | 5b 4a e5 f8 c6 02 d4 9a 05 ef 0a 64 ce 06 b9 53 | f0 89 b9 6d 1f b8 9a 1c 38 09 34 75 28 c8 d1 61 | f5 ea 45 5b da b0 92 b1 6b 6d cc 60 f3 f9 02 b9 | 91 0e 32 55 f4 75 b1 89 36 3f 2f a4 5e 5a c6 79 | 18 8b 98 d0 93 0b f5 6b 78 8f a4 1f 71 4c f9 38 | 59 29 b6 d9 90 ab 27 48 78 6b d5 36 99 f1 bf ed | 17 e5 36 d1 5d 24 98 59 35 89 bc f4 9f 31 58 17 | 84 ff a6 c5 08 0c d2 17 ca d6 b8 ec 6f bd 80 4c | 14 c3 b2 21 74 2c f3 f3 ce 87 55 fe 08 0a 9f 46 | d8 0f 77 bd dd 96 bd 32 96 60 f5 ac 3d 37 ba 7e | e1 99 45 fb 3f 76 86 b4 98 25 c3 30 c9 b8 61 3c | 83 a9 ac f1 fd cc ab d4 d6 da 1b 2c 83 94 34 8a | e1 94 b1 7c 78 99 69 18 21 dd 8e e3 41 ba dd e7 | 8e 19 0a 05 a8 2b 7b ea e5 1b 85 12 18 dd f1 40 | f4 08 5a af ff 38 ab d4 9d 37 8b a7 c9 65 61 1f | be 06 57 69 03 41 80 20 dd 8d a0 45 b2 39 9b 27 | 20 26 f8 32 fb de 70 4b d1 de 68 4d 7e 93 39 1d | 0f 92 b9 2d 70 6c fc ab b4 81 24 44 89 68 ea e2 | a3 f8 7a 56 e8 9c 66 a1 7a ad e9 42 2d 86 db 34 | f1 34 52 1f 26 19 67 a9 b1 5b 3a 07 4c cf 1a 28 | ea 4b 71 f4 df 0e 8a 34 5a f3 99 b1 86 e5 98 f6 | 31 a0 5c 09 34 23 20 4c 62 87 b1 c4 b7 8d 0c 95 | 55 8e 70 28 96 8c 34 a4 01 ce 9e 3d c9 2c 6b 88 | ed 27 fb 4e 55 44 73 d0 4a e7 7c 41 fe 77 d5 90 | 8c dd 3a 68 f0 56 07 8a 0f d0 23 01 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2372798989 (0x8d6e0a0d) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #17 in MAIN_R3 (find_state_ikev1) | start processing: state #17 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 8d 6e 0a 0d | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 91 c2 c5 2c 16 09 38 72 01 a7 1d 79 ea 7b 60 eb | 29 e5 d9 74 | #17 is idle | #17 idle | received encrypted packet from 192.1.2.45:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 91 c2 c5 2c 16 09 38 72 01 a7 1d 79 ea 7b 60 eb | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: fe 77 d5 90 8c dd 3a 68 f0 56 07 8a 0f d0 23 01 | decrypted payload (starts at offset -416): | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 20 01 8d 6e 0a 0d 00 00 01 bc 01 00 00 18 | fb 0b b1 96 7b 68 e0 9d ab c0 80 66 2f 86 53 fd | 95 a9 10 8c 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 d3 67 a2 21 00 00 00 1c | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 1e 3d 4b 14 | 4f 74 ec 0b 2b 46 3d 71 16 c2 10 b3 bd 42 1c ab | 83 f1 62 66 92 f0 29 fd 30 72 01 3c 05 00 01 04 | 40 2a 10 32 fa 47 9a 29 a1 ee 6c 8a 27 7e 7f ed | a4 3f 4e a5 e8 2f 90 e3 3c e0 be b4 98 e0 72 7b | 8f de f9 cb 4a a7 3b 32 ad 32 f4 d0 53 9d 59 5f | a3 1d d0 d4 f5 a1 af 22 88 c0 b6 80 f1 2d 23 0c | f3 2b e4 e3 e7 5c 9b f4 01 10 0f dd 09 83 9b ff | d6 da a0 ef 35 d9 5a 68 75 66 af 08 7a c7 20 cc | f6 ca 02 82 72 d7 06 88 49 3a 41 a8 8b 89 46 48 | 1c 17 63 24 ff 52 f0 fb a1 b4 10 de d2 54 56 df | 8f bd 34 a5 69 46 6f e2 3c 44 9d 8c 0f 1c 85 22 | 1a 3d 67 e9 fe d3 9d a9 b8 e4 9e f6 ec 22 c2 50 | 86 5d bc 03 64 16 6e f7 33 16 ce d4 53 6c 97 51 | 41 74 36 c8 bc f6 d7 3d 7f ed 51 fa 23 12 89 59 | 2f 45 37 36 c0 34 24 28 9d ab db d8 ae 2f df 3b | 18 07 46 04 31 0a f6 58 63 f9 75 51 4f de 14 fc | ee 9d 80 53 4e f2 d3 d9 b2 22 03 28 9c 49 4c 4d | f5 08 bf 8f 4c 46 a2 3f 08 b8 eb 79 bf e1 f3 1c | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b40030c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 8d 6e 0a 0d | HASH(1) PRF sha update payload-bytes@0x55a9006caa8c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 d3 67 a2 21 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 1e 3d 4b 14 4f 74 ec 0b | 2b 46 3d 71 16 c2 10 b3 bd 42 1c ab 83 f1 62 66 | 92 f0 29 fd 30 72 01 3c 05 00 01 04 40 2a 10 32 | fa 47 9a 29 a1 ee 6c 8a 27 7e 7f ed a4 3f 4e a5 | e8 2f 90 e3 3c e0 be b4 98 e0 72 7b 8f de f9 cb | 4a a7 3b 32 ad 32 f4 d0 53 9d 59 5f a3 1d d0 d4 | f5 a1 af 22 88 c0 b6 80 f1 2d 23 0c f3 2b e4 e3 | e7 5c 9b f4 01 10 0f dd 09 83 9b ff d6 da a0 ef | 35 d9 5a 68 75 66 af 08 7a c7 20 cc f6 ca 02 82 | 72 d7 06 88 49 3a 41 a8 8b 89 46 48 1c 17 63 24 | ff 52 f0 fb a1 b4 10 de d2 54 56 df 8f bd 34 a5 | 69 46 6f e2 3c 44 9d 8c 0f 1c 85 22 1a 3d 67 e9 | fe d3 9d a9 b8 e4 9e f6 ec 22 c2 50 86 5d bc 03 | 64 16 6e f7 33 16 ce d4 53 6c 97 51 41 74 36 c8 | bc f6 d7 3d 7f ed 51 fa 23 12 89 59 2f 45 37 36 | c0 34 24 28 9d ab db d8 ae 2f df 3b 18 07 46 04 | 31 0a f6 58 63 f9 75 51 4f de 14 fc ee 9d 80 53 | 4e f2 d3 d9 b2 22 03 28 9c 49 4c 4d f5 08 bf 8f | 4c 46 a2 3f 08 b8 eb 79 bf e1 f3 1c 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | fb 0b b1 96 7b 68 e0 9d ab c0 80 66 2f 86 53 fd | 95 a9 10 8c | quick_inI1_outR1 HASH(1): | fb 0b b1 96 7b 68 e0 9d ab c0 80 66 2f 86 53 fd | 95 a9 10 8c | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #17: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #18 at 0x55a9006c5a48 | State DB: adding IKEv1 state #18 in UNDEFINED | pstats #18 ikev1.ipsec started | duplicating state object #17 "east" as #18 for IPSEC SA | #18 setting local endpoint to 192.1.2.23:500 from #17.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_d_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ai_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006a3700 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #17 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #18 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #18: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI d3 67 a2 21 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 "east" #18: IPsec encryption transform AES_CBC did not specify required KEY_LENGTH attribute | ignoring ESP proposal with NULLed or unknown encryption "east" #18: no acceptable Proposal in IPsec SA | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #18 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #18 is idle | FOR_EACH_STATE_... in find_phase1_state "east" #18: sending encrypted notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3405038168 (0xcaf4c258) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'notification msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482208 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94822ec (length 4) | ca f4 c2 58 | HASH(1) PRF sha update payload-bytes@0x7ffef9482594 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffef9482580 (length 20) | 95 62 24 50 f2 b9 36 0f 5b d5 03 0b ff 64 71 c7 | 20 29 b0 ff | send notification HASH(1): | 95 62 24 50 f2 b9 36 0f 5b d5 03 0b ff 64 71 c7 | 20 29 b0 ff | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94822fc (length 4) | ca f4 c2 58 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 42 64 10 00 03 a4 77 2d 7d 7c fd f2 0b 42 f7 f7 | 47 20 17 ea | encrypting: 0b 00 00 18 95 62 24 50 f2 b9 36 0f 5b d5 03 0b | encrypting: ff 64 71 c7 20 29 b0 ff 00 00 00 0c 00 00 00 01 | encrypting: 01 00 00 0e | IV: 42 64 10 00 03 a4 77 2d 7d 7c fd f2 0b 42 f7 f7 | IV: 47 20 17 ea | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 74 7a cb 5a 5a 93 c6 c6 7a 32 29 b9 ad c6 d8 0d | sending 76 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #18) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 ca f4 c2 58 00 00 00 4c c5 a2 6b fa | 37 1b b6 5b 02 ec 5b be 29 8a cf b2 47 8f 5f 8d | 6d 18 f8 77 47 d2 45 52 86 e1 ce 87 74 7a cb 5a | 5a 93 c6 c6 7a 32 29 b9 ad c6 d8 0d | state transition function for STATE_QUICK_R0 failed: NO_PROPOSAL_CHOSEN | pstats #18 ikev1.ipsec deleted other | [RE]START processing: state #18 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #18: deleting state (STATE_QUICK_R0) aged 0.000s and NOT sending notification | child state #18: QUICK_R0(established CHILD SA) => delete | child state #18: QUICK_R0(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | in connection_discard for connection east | State DB: deleting IKEv1 state #18 in CHILDSA_DEL | child state #18: CHILDSA_DEL(informational) => UNDEFINED(ignore) | stop processing: state #18 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | #17 spent 0.54 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.941 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00311 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 5f 1f bf 46 00 00 00 5c 28 5b 6a bc | cf d2 d7 27 3c 56 93 a8 ca e4 9c e1 cf b3 3d 85 | 3c 62 84 14 17 27 a3 a8 22 a8 87 95 9c 16 b2 3d | 60 e0 ec d5 27 d5 c3 d0 f2 52 2c a8 02 e9 a7 d2 | 0e a8 2f c2 e2 78 73 14 8b 74 09 d1 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1595916102 (0x5f1fbf46) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #17; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #17 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #17 in MAIN_R3 (find_v1_info_state) | start processing: state #17 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 5f 1f bf 46 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 80 08 c7 7b 5e f0 7b f6 60 d6 51 01 fb 10 ea f6 | c3 16 47 b5 | #17 is idle | #17 idle | received encrypted packet from 192.1.2.45:500 | decrypting 64 bytes using algorithm AES_CBC | IV before: 80 08 c7 7b 5e f0 7b f6 60 d6 51 01 fb 10 ea f6 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 02 e9 a7 d2 0e a8 2f c2 e2 78 73 14 8b 74 09 d1 | decrypted payload (starts at offset -64): | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 5f 1f bf 46 00 00 00 5c 0c 00 00 18 | 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca 40 b9 be 55 | c1 e2 6f 42 00 00 00 1c 00 00 00 01 01 10 00 01 | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14c80031d8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 5f 1f bf 46 | HASH(1) PRF sha update payload-bytes@0x55a9006c656c (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 0e bf 9d 0d | f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca 40 b9 be 55 | c1 e2 6f 42 | informational HASH(1): | 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca 40 b9 be 55 | c1 e2 6f 42 | received 'informational' message HASH(1) data ok | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie | iCookie 0e bf 9d 0d f9 86 72 c3 | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie | rCookie a7 45 86 f0 34 c6 4f 5b | State DB: found IKEv1 state #17 in MAIN_R3 (find_state_ikev1) | del: "east" #17: received Delete SA payload: self-deleting ISAKMP State #17 | pstats #17 ikev1.isakmp deleted completed | [RE]START processing: state #17 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #17: deleting state (STATE_MAIN_R3) aged 0.543s and sending notification | parent state #17: MAIN_R3(established IKE SA) => delete | #17 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1195566992 (0x4742e790) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 0e bf 9d 0d f9 86 72 c3 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI a7 45 86 f0 34 c6 4f 5b | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480558 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006bd630 | HASH(1): release clone-key@0x55a9006bd630 | HASH(1) PRF sha crypt-prf@0x7f14b40030c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948063c (length 4) | 47 42 e7 90 | HASH(1) PRF sha update payload-bytes@0x7ffef94809e4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 0e bf 9d 0d | f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | HASH(1) PRF sha final-bytes@0x7ffef94809d0 (length 20) | b8 9d 4b 2c 65 c8 a4 56 5a 79 7e 0b 15 fe 26 7f | 5d 7b df b3 | send delete HASH(1): | b8 9d 4b 2c 65 c8 a4 56 5a 79 7e 0b 15 fe 26 7f | 5d 7b df b3 | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948064c (length 4) | 47 42 e7 90 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 27 19 6a 19 0b 5e 4e 47 62 ff 02 38 56 76 73 ef | dc ef b8 7d | encrypting: 0c 00 00 18 b8 9d 4b 2c 65 c8 a4 56 5a 79 7e 0b | encrypting: 15 fe 26 7f 5d 7b df b3 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 | encrypting: 34 c6 4f 5b | IV: 27 19 6a 19 0b 5e 4e 47 62 ff 02 38 56 76 73 ef | IV: dc ef b8 7d | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8f 63 0a 60 71 ca 1d 3d 4b 0b 69 d7 d2 86 f8 62 | sending 92 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 47 42 e7 90 00 00 00 5c 38 f6 4b af | be fb c4 e6 29 8f f8 66 37 06 99 74 ef e1 6b 9a | 80 c5 5f 55 9d 07 e3 50 39 4b fa 2d 27 9f 1c 7a | 77 e9 24 32 7d fd c6 4a 81 e2 57 83 8f 63 0a 60 | 71 ca 1d 3d 4b 0b 69 d7 d2 86 f8 62 | state #17 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14c0004768 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14b8002b78 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #17 in MAIN_R3 | parent state #17: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c00045b8: destroyed | stop processing: state #17 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006ac790 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006a3700 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.639 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00328 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 200 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 200 (0xc8) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0c 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | b6 8a 2c 11 a9 4a 88 72 7f 48 b6 ed 26 5d d2 de | e1 0a e9 af 83 10 ad 3d 40 c2 01 1f 52 e0 2c 50 | creating state object #19 at 0x55a9006c1c58 | State DB: adding IKEv1 state #19 in UNDEFINED | pstats #19 ikev1.isakmp started | #19 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #19 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #19: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #19: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 05 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 140 | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #19: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 140 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x7f14b8002b78 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #19: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.564 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00243 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | 14 00 00 24 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 | c9 cb 58 9d 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c | 55 8e 1b c3 14 00 00 18 0e 50 92 c2 d5 1b 29 74 | 50 0b 76 59 c4 cc 17 ed d8 a9 bf 8c 00 00 00 18 | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_R1 (find_state_ikev1) | start processing: state #19 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | natd_hash: hash= d8 a9 bf 8c | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c21f0 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c21f8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | natd_hash: hash= a0 7a da 3c | expected NAT-D(me): 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | expected NAT-D(me): d8 a9 bf 8c | expected NAT-D(him): | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | received NAT-D: 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | received NAT-D: d8 a9 bf 8c | received NAT-D: 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | received NAT-D: a0 7a da 3c | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 21 for state #19 | state #19 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | crypto helper 6 resuming | crypto helper 6 starting work-order 21 for state #19 | crypto helper 6 doing build KE and nonce (inI2_outR2 KE); request ID 21 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14b8006de8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14b8006de8 | NSS: Public DH wire value: | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | Generated nonce: 50 14 d7 98 ea d8 50 6d bb 9b c1 87 31 02 8f 5c | Generated nonce: aa 0c 08 ae 4c 50 12 00 71 55 61 37 c2 78 59 17 | crypto helper 6 finished build KE and nonce (inI2_outR2 KE); request ID 21 time elapsed 0.00107 seconds | (#19) spent 1.04 milliseconds in crypto helper computing work-order 21: inI2_outR2 KE (pcr) | crypto helper 6 sending results from work-order 21 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f14b80015e8 size 128 | crypto helper 6 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.18 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.318 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #19 | start processing: state #19 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 21 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #19: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14b8006de8: transferring ownership from helper KE to state #19 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | keyex value 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | keyex value 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | keyex value 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | keyex value 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | keyex value fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | keyex value d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | keyex value e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | keyex value f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | keyex value 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | keyex value 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | keyex value 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | keyex value ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | keyex value 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | keyex value d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | keyex value 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 50 14 d7 98 ea d8 50 6d bb 9b c1 87 31 02 8f 5c | Nr aa 0c 08 ae 4c 50 12 00 71 55 61 37 c2 78 59 17 | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | natd_hash: hash= a0 7a da 3c | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | NAT-D a0 7a da 3c | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | natd_hash: hash= d8 a9 bf 8c | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | NAT-D d8 a9 bf 8c | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14b8006de8: transferring ownership from state #19 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 22 for state #19 | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | crypto helper 0 resuming | crypto helper 0 starting work-order 22 for state #19 | crypto helper 0 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 22 | peer's g: f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | peer's g: 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | peer's g: ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | peer's g: 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | peer's g: 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | peer's g: 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | peer's g: 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | peer's g: 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | peer's g: b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | peer's g: 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | peer's g: 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | peer's g: 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | peer's g: 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | peer's g: 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | peer's g: d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | peer's g: 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14b8006de8: computed shared DH secret key@0x55a9006a3700 | dh-shared : g^ir-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989700 | result: psk-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a900622080 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: psk-key@0x55a9006acb70 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a900622080 | SKEYID psk prf: created sha context 0x7f14cc003b00 from psk-key@0x55a9006acb70 | SKEYID psk prf: begin sha with context 0x7f14cc003b00 from psk-key@0x55a9006acb70 | SKEYID psk: release clone-key@0x55a9006acb70 | SKEYID psk PRF sha crypt-prf@0x7f14cc001278 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 c9 cb 58 9d | 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c 55 8e 1b c3 | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 50 14 d7 98 ea d8 50 6d bb 9b c1 87 31 02 8f 5c | aa 0c 08 ae 4c 50 12 00 71 55 61 37 c2 78 59 17 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID psk PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID psk: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_d: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989718 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a900622080 | SKEYID_d prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a900622080 | SKEYID_d: release clone-key@0x55a900622080 | SKEYID_d PRF sha crypt-prf@0x7f14cc0015f8 | SKEYID_d PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_d: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: cf 6d 5e c3 e2 3d d4 ad 36 39 8c 3e d0 7c 17 aa 71 3f b0 58 07 61 1f 22 ae e9 51 b4 63 b1 a5 69 6a 52 fd 85 e8 92 8c c6 36 48 1b f4 4b 82 fe 49 5a f4 39 bc 12 ac 68 fc b3 76 4d 52 02 83 ae b9 c8 ef c0 ce fd 6c 45 df d1 68 64 75 53 05 97 92 00 1f bf 1f 33 0f 5c a3 30 ac 82 9a 87 49 f1 42 67 27 5b 52 88 9c f3 30 40 ec 43 d4 47 80 92 a9 1c d1 76 8b 13 d0 f5 c3 bb cc c4 7f e2 6a 85 e1 96 16 0c 6a ab df 80 20 2f 16 bd 3d a6 b7 f0 36 17 5c 4b 80 7d 0c ef a0 2a fe bc 3f 88 f3 34 ad 40 b5 c8 af 7b 31 d9 13 0d 38 61 3f 0c 6c 68 54 62 85 26 a3 1a cb cc fc b8 a1 39 db b9 07 a0 ad 03 7b 12 67 ea 0e f4 8e 7a 11 ee fb 24 6a 9c 23 8e 93 cf e4 a1 a8 c3 11 24 63 d7 84 23 6e c5 7d a6 37 92 8b 05 a3 19 d8 21 c7 d7 ea a9 e3 23 ed 7a 1f 4e 16 0f c6 2c 9d a6 0f 91 73 07 ff f2 96 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc001978 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID_d PRF sha final-key@0x55a900622080 (size 20) | SKEYID_d: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_a: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896f8 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_a prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_a: release clone-key@0x55a9006a9280 | SKEYID_a PRF sha crypt-prf@0x7f14cc001278 | SKEYID_a PRF sha update SKEYID_d-key@0x55a900622080 (size 20) | SKEYID_a: SKEYID_d-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: 0b cc be cf 1a 4b e6 53 fa 54 6a 2f 8a 0a bd 1a 36 7c 72 c0 68 8b cb 58 45 1c 7a 04 46 b8 1d 3c | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14cc0044b8 | unwrapped: 0e 15 f5 8f 84 38 86 8b a1 3c 6e 42 31 da 09 a9 | unwrapped: 9c 85 81 52 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_a: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: cf 6d 5e c3 e2 3d d4 ad 36 39 8c 3e d0 7c 17 aa 71 3f b0 58 07 61 1f 22 ae e9 51 b4 63 b1 a5 69 6a 52 fd 85 e8 92 8c c6 36 48 1b f4 4b 82 fe 49 5a f4 39 bc 12 ac 68 fc b3 76 4d 52 02 83 ae b9 c8 ef c0 ce fd 6c 45 df d1 68 64 75 53 05 97 92 00 1f bf 1f 33 0f 5c a3 30 ac 82 9a 87 49 f1 42 67 27 5b 52 88 9c f3 30 40 ec 43 d4 47 80 92 a9 1c d1 76 8b 13 d0 f5 c3 bb cc c4 7f e2 6a 85 e1 96 16 0c 6a ab df 80 20 2f 16 bd 3d a6 b7 f0 36 17 5c 4b 80 7d 0c ef a0 2a fe bc 3f 88 f3 34 ad 40 b5 c8 af 7b 31 d9 13 0d 38 61 3f 0c 6c 68 54 62 85 26 a3 1a cb cc fc b8 a1 39 db b9 07 a0 ad 03 7b 12 67 ea 0e f4 8e 7a 11 ee fb 24 6a 9c 23 8e 93 cf e4 a1 a8 c3 11 24 63 d7 84 23 6e c5 7d a6 37 92 8b 05 a3 19 d8 21 c7 d7 ea a9 e3 23 ed 7a 1f 4e 16 0f c6 2c 9d a6 0f 91 73 07 ff f2 96 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc004728 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989700 | result: final-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006aad30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006aad30 | SKEYID_a PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_a: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006acb70 (size 20) | SKEYID_e: SKEYID-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989708 | result: clone-key@0x55a9006aad30 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14cc003b00 from SKEYID-key@0x55a9006aad30 | SKEYID_e prf: begin sha with context 0x7f14cc003b00 from SKEYID-key@0x55a9006aad30 | SKEYID_e: release clone-key@0x55a9006aad30 | SKEYID_e PRF sha crypt-prf@0x7f14cc0015f8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a9006a9280 (size 20) | SKEYID_e: SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 52 d1 da 32 c3 8e 75 79 7a 68 42 50 75 0c 0e ad 90 ee d6 54 d0 57 29 9c 4c 69 84 fd d8 81 49 a4 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14cc002148 | unwrapped: 92 78 d5 4d bb af 79 83 6e 65 ae 1c 2e c2 18 98 | unwrapped: f4 d0 c9 dd 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006a3700 (size 256) | SKEYID_e: g^xy-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: cf 6d 5e c3 e2 3d d4 ad 36 39 8c 3e d0 7c 17 aa 71 3f b0 58 07 61 1f 22 ae e9 51 b4 63 b1 a5 69 6a 52 fd 85 e8 92 8c c6 36 48 1b f4 4b 82 fe 49 5a f4 39 bc 12 ac 68 fc b3 76 4d 52 02 83 ae b9 c8 ef c0 ce fd 6c 45 df d1 68 64 75 53 05 97 92 00 1f bf 1f 33 0f 5c a3 30 ac 82 9a 87 49 f1 42 67 27 5b 52 88 9c f3 30 40 ec 43 d4 47 80 92 a9 1c d1 76 8b 13 d0 f5 c3 bb cc c4 7f e2 6a 85 e1 96 16 0c 6a ab df 80 20 2f 16 bd 3d a6 b7 f0 36 17 5c 4b 80 7d 0c ef a0 2a fe bc 3f 88 f3 34 ad 40 b5 c8 af 7b 31 d9 13 0d 38 61 3f 0c 6c 68 54 62 85 26 a3 1a cb cc fc b8 a1 39 db b9 07 a0 ad 03 7b 12 67 ea 0e f4 8e 7a 11 ee fb 24 6a 9c 23 8e 93 cf e4 a1 a8 c3 11 24 63 d7 84 23 6e c5 7d a6 37 92 8b 05 a3 19 d8 21 c7 d7 ea a9 e3 23 ed 7a 1f 4e 16 0f c6 2c 9d a6 0f 91 73 07 ff f2 96 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14cc001978 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d3989710 | result: final-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006ac790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896f8 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006ac790 | SKEYID_e PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID_e: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x55a9006aad30 (size 20) | appendix_b: SKEYID_e-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f14cc003b00 from SKEYID_e-key@0x55a9006ac790 | appendix_b prf: begin sha with context 0x7f14cc003b00 from SKEYID_e-key@0x55a9006ac790 | appendix_b: release clone-key@0x55a9006ac790 | appendix_b PRF sha crypt-prf@0x7f14cc001278 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d39896f0 | result: final-key@0x55a9006bd630 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006bd630 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896d8 | result: final-key@0x55a9006ac790 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006bd630 | appendix_b PRF sha final-key@0x55a9006ac790 (size 20) | appendix_b: key-key@0x55a9006ac790 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x55a9006ac790 | Kn PRF sha init SKEYID_e-key@0x55a9006aad30 (size 20) | Kn: SKEYID_e-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896e8 | result: clone-key@0x55a9006bd630 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f14cc003b00 from SKEYID_e-key@0x55a9006bd630 | Kn prf: begin sha with context 0x7f14cc003b00 from SKEYID_e-key@0x55a9006bd630 | Kn: release clone-key@0x55a9006bd630 | Kn PRF sha crypt-prf@0x7f14cc0015f8 | Kn PRF sha update old_k-key@0x55a9006ac790 (size 20) | Kn: old_k-key@0x55a9006ac790 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006ac790 | nss hmac digest hack: symkey-key@0x55a9006ac790 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921289: 17 94 0b 77 b3 ba 57 55 83 5e 2c 30 57 dd e8 5d c7 3d c9 f0 65 81 91 8f 21 3a f0 c7 57 c4 e3 99 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14cc0044b8 | unwrapped: 4d 1d 6d 23 e2 0f 4f 89 4f c6 a6 14 f6 46 e1 f8 | unwrapped: 06 7a 5f be 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d39896f0 | result: final-key@0x55a9006c2720 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006c2720 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d39896d8 | result: final-key@0x55a9006bd630 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006c2720 | Kn PRF sha final-key@0x55a9006bd630 (size 20) | Kn: key-key@0x55a9006bd630 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006ac790 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f14d3989768 | result: result-key@0x55a9006c2720 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x55a9006ac790 | appendix_b_keymat_e: release old_k#N-key@0x55a9006ac790 | appendix_b_keymat_e: release old_k#final-key@0x55a9006bd630 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a9006c2720 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d3989768 | result: cryptkey-key@0x55a9006bd630 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x55a9006c2720 | NSS: pointers skeyid_d 0x55a900622080, skeyid_a 0x55a9006a9280, skeyid_e 0x55a9006aad30, enc_key 0x55a9006bd630 | DH_i: f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | DH_i: 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | DH_i: ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | DH_i: 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | DH_i: 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | DH_i: 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | DH_i: 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | DH_i: 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | DH_i: b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | DH_i: 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | DH_i: 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | DH_i: 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | DH_i: 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | DH_i: 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | DH_i: d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | DH_i: 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | DH_r: 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | DH_r: 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | DH_r: 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | DH_r: 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | DH_r: 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | DH_r: fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | DH_r: d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | DH_r: e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | DH_r: f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | DH_r: 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | DH_r: 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | DH_r: 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | DH_r: ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | DH_r: 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | DH_r: d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | DH_r: 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | new IV hash sha final chunk@0x7f14cc0044b8 (length 20) | 3e 3f 76 14 e6 92 e7 12 fd 25 7f 62 43 c0 42 1f | b5 35 74 cd | crypto helper 0 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 22 time elapsed 0.002251 seconds | (#19) spent 2.25 milliseconds in crypto helper computing work-order 22: main_inI2_outR2_tail (pcr) | crypto helper 0 sending results from work-order 22 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f14cc001378 size 128 | crypto helper 0 waiting (nothing to do) | #19 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | parent state #19: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | 14 00 00 24 50 14 d7 98 ea d8 50 6d bb 9b c1 87 | 31 02 8f 5c aa 0c 08 ae 4c 50 12 00 71 55 61 37 | c2 78 59 17 14 00 00 18 3d ae 97 98 de 90 37 6a | c8 f7 e2 82 a9 20 4f ea a0 7a da 3c 00 00 00 18 | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14b8002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #19 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.127517 "east" #19: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.383 milliseconds in resume sending helper answer | stop processing: state #19 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b80015e8 | processing resume sending helper answer for #19 | start processing: state #19 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 22 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #19: calculate DH finished | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14b8006de8: transferring ownership from helper IKEv1 DH+IV to state #19 | stop processing: state #19 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.0202 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14cc001378 | spent 0.00354 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 70 eb a1 90 | a6 94 7f cd 08 b7 7d e4 d2 5b 94 19 ef 66 5a a5 | 48 57 77 5b 0f c9 20 4f d2 b5 c5 19 7e 9a 32 51 | 6a 16 17 07 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_R2 (find_state_ikev1) | start processing: state #19 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | received encrypted packet from 192.1.2.45:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 3e 3f 76 14 e6 92 e7 12 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 7e 9a 32 51 6a 16 17 07 | decrypted payload (starts at offset -40): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 28 96 76 63 | 79 bb f4 b2 e5 2d 05 92 4b 7c 1e c7 3b 2f f5 e4 | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #19: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14c80031d8 | hmac PRF sha update data-bytes@0x7f14c8002ff8 (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | hmac PRF sha update data-bytes@0x7f14b8004678 (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 5d 97 d9 f8 3f c6 7d de | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a9006c5518 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 28 96 76 63 79 bb f4 b2 e5 2d 05 92 4b 7c 1e c7 | 3b 2f f5 e4 | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006acb70 (size 20) | hmac: symkey-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006c2720 | hmac: release clone-key@0x55a9006c2720 | hmac PRF sha crypt-prf@0x7f14cc0044b8 | hmac PRF sha update data-bytes@0x7f14b8004678 (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | hmac PRF sha update data-bytes@0x7f14c8002ff8 (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | hmac PRF sha update data-bytes@0x55a9006c21f8 (length 8) | b6 8a 2c 11 a9 4a 88 72 | hmac PRF sha update data-bytes@0x55a9006c21f0 (length 8) | 5d 97 d9 f8 3f c6 7d de | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a9006c16bc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 21 71 90 7c c8 fa 29 8b b6 ae 6c 9c 06 a3 0e 71 | 67 78 3a 1b | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 21 71 90 7c c8 fa 29 8b b6 ae 6c 9c 06 a3 0e 71 | HASH_R 67 78 3a 1b | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 21 71 90 7c c8 fa 29 8b b6 ae 6c 9c 06 a3 0e 71 | encrypting: 67 78 3a 1b | IV: 7e 9a 32 51 6a 16 17 07 | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 06 12 b0 19 66 34 98 8a | last encrypted block of Phase 1: | 06 12 b0 19 66 34 98 8a | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #19: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14b8002b78 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 68 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 01 26 93 59 | 1e 07 ad 45 51 99 ea 33 88 09 25 2e d8 94 cb e6 | 13 ac 1a b4 65 ce 79 28 d5 07 e2 a4 06 12 b0 19 | 66 34 98 8a | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14b8002b78 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f14b80015e8 size 128 | pstats #19 ikev1.isakmp established "east" #19: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #19 | #19 spent 0.557 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.697 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00246 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 72 7f ae c0 | c0 94 7a d3 15 eb 47 18 c7 76 71 d9 af fa d1 a7 | 6c c8 8e b4 5a 45 18 c4 96 4c 8b 49 e3 33 45 f2 | 67 6f 6f eb 63 db 9b cc be 52 81 0e 17 61 aa 6b | 71 52 ef 25 b5 ac 17 38 1e 4c 82 9e e5 c3 7d 87 | c9 c3 ca 02 d6 cd f7 1b 80 cf 66 e3 36 a0 bd a7 | ae ce eb d7 c2 ea 93 18 79 97 14 65 38 2e 03 05 | 0c b3 eb 46 b9 84 ad 04 07 00 8b bc 42 d8 a6 66 | bc 63 c3 14 c6 a5 f4 4c 7a d3 43 03 ca 19 79 64 | 52 53 16 45 2e 72 0c c1 83 c9 ed df 7b 5d 11 8e | 08 c5 3a 9f fe 60 dd 86 0c 1e 36 b8 ff 7b 85 8d | 15 bf 17 de e9 32 26 e7 46 5f fc 27 06 c8 9f 4c | 4e d4 f3 10 0f 2d b9 bc b5 62 18 84 4c 5a 8f bf | 75 86 bd c0 3d 64 7c 66 99 74 e5 13 db a4 23 de | 4e 94 3f 79 da 15 f3 b4 5c da b6 ec c2 fa 4a 47 | ce 5e e2 e3 7e 59 8a 22 54 18 09 89 37 36 ca 9f | f6 a1 53 5f 91 39 13 c2 ca 97 47 3c d4 8b 0c 3c | e5 5b cf 90 fd e0 dc 54 16 c1 0f c5 8a 37 92 8c | 0c 81 89 0d 72 7b ac 74 e4 a1 d2 86 49 9e 61 d5 | 25 67 0e 23 51 a8 96 5a f0 ee 14 c5 8f 09 02 62 | 19 59 2d bc a6 2f 1d d3 96 70 32 c3 bf 80 8e 21 | a0 a8 ab a6 e8 4c 62 3f d7 50 54 d9 9a 7d 90 fc | 77 20 7c a7 ac e7 34 4b 89 55 00 88 e4 9e af 5d | 6f 90 fe fc 68 99 7a 95 5d 8f e2 11 7a 41 33 bc | ec ae 31 ac 8f 49 66 5e 64 5d 42 4a a0 18 28 6d | 01 a7 41 79 04 1e 3d 5f b1 9c ab 4b fa ac f3 61 | b7 ef 03 4c | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #19 in MAIN_R3 (find_state_ikev1) | start processing: state #19 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 00 36 54 0e | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 5e 8c e2 e7 b8 26 d9 9e 8d ed 18 a7 dd d6 18 ff | bd d6 09 7b | #19 is idle | #19 idle | received encrypted packet from 192.1.2.45:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 5e 8c e2 e7 b8 26 d9 9e | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: fa ac f3 61 b7 ef 03 4c | decrypted payload (starts at offset -408): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 01 00 00 18 | 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a 01 06 41 63 | a7 92 3a 22 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 df cc b3 b1 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 a7 d5 f6 08 | 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b 70 cd 07 d7 | 81 fb d9 6b 76 6d cc 03 72 31 c4 88 05 00 01 04 | 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 79 97 55 6b | 43 41 7e 13 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 | 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 42 48 38 5e | 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 | 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f | bf 5d 81 83 fc 37 26 eb 54 39 65 c0 a4 c1 af cd | e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 | 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 | 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 28 a0 1a 6b | 91 3a cd e9 92 36 21 ad ba 22 71 e2 bd 02 25 05 | 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 | a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 | cb ae 72 a7 d0 92 7e 75 22 c0 74 8b 63 72 a2 01 | 93 84 cd b3 96 18 56 67 10 44 81 89 fb a0 40 b5 | b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 de d8 e0 34 | 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x7f14cc0044b8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 00 36 54 0e | HASH(1) PRF sha update payload-bytes@0x55a9006caa8c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 df cc b3 b1 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 a7 d5 f6 08 9d bb 23 66 | 4e 66 b4 6f 7a 5d 31 5b 70 cd 07 d7 81 fb d9 6b | 76 6d cc 03 72 31 c4 88 05 00 01 04 8f 63 04 6a | bb ee 7a f3 f7 00 5e 46 79 97 55 6b 43 41 7e 13 | 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 53 a4 d1 86 | ff 52 c6 b1 41 c5 43 c0 42 48 38 5e 0c f0 1c 05 | 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 40 99 3f ed | 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f bf 5d 81 83 | fc 37 26 eb 54 39 65 c0 a4 c1 af cd e8 9d 47 a6 | 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 1c 0e 3f dd | e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 5f 8a 90 16 | ea ee 4a 91 13 1f 08 07 28 a0 1a 6b 91 3a cd e9 | 92 36 21 ad ba 22 71 e2 bd 02 25 05 3e bf 04 6d | c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 a2 98 7d b5 | eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 cb ae 72 a7 | d0 92 7e 75 22 c0 74 8b 63 72 a2 01 93 84 cd b3 | 96 18 56 67 10 44 81 89 fb a0 40 b5 b4 54 e9 f4 | fe d0 0b fd bc 35 1a a6 de d8 e0 34 57 e3 d1 71 | 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a 01 06 41 63 | a7 92 3a 22 | quick_inI1_outR1 HASH(1): | 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a 01 06 41 63 | a7 92 3a 22 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #19: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #20 at 0x55a9006c0bc8 | State DB: adding IKEv1 state #20 in UNDEFINED | pstats #20 ikev1.ipsec started | duplicating state object #19 "east" as #20 for IPSEC SA | #20 setting local endpoint to 192.1.2.23:500 from #19.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_d_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ai_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006bd630 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #19 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #20 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #20: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI df cc b3 b1 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 79 97 55 6b | 43 41 7e 13 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 | 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 42 48 38 5e | 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 | 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f | bf 5d 81 83 fc 37 26 eb 54 39 65 c0 a4 c1 af cd | e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 | 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 | 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 28 a0 1a 6b | 91 3a cd e9 92 36 21 ad ba 22 71 e2 bd 02 25 05 | 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 | a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 | cb ae 72 a7 d0 92 7e 75 22 c0 74 8b 63 72 a2 01 | 93 84 cd b3 96 18 56 67 10 44 81 89 fb a0 40 b5 | b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 de d8 e0 34 | 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 | adding quick_outI1 KE work-order 23 for state #20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c18d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #20 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #20 and saving MD | #20 is busy; has a suspended MD | #19 spent 0.248 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #20 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.651 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 23 for state #20 | crypto helper 1 doing build KE and nonce (quick_outI1 KE); request ID 23 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14c4009fa8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14c4009fa8 | NSS: Public DH wire value: | f9 17 88 0b 16 9b 40 43 ef 50 36 75 7a ba a5 4c | 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 | a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 00 85 29 8c | cd 1e 6e ce fe f5 82 3c b0 90 76 7a 69 70 bb 15 | 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a e2 20 70 92 | 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d | 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c bd 66 bb dd | 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 | 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e | 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 56 07 02 82 | 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 a2 65 39 6a | d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b 16 95 18 44 | 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 | 3d f3 0c d3 65 01 74 70 de 27 3c fb dc ba e7 49 | 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc 4f 08 af cf | 49 bb 0e 80 63 68 3c f2 c0 11 8b df 1c dc 8f a5 | Generated nonce: 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | Generated nonce: 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | crypto helper 1 finished build KE and nonce (quick_outI1 KE); request ID 23 time elapsed 0.001028 seconds | (#20) spent 1.03 milliseconds in crypto helper computing work-order 23: quick_outI1 KE (pcr) | crypto helper 1 sending results from work-order 23 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f14c4003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 23 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue1 for #20: calculated ke+nonce, calculating DH | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14c4009fa8: transferring ownership from helper KE to state #20 | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14c4009fa8: transferring ownership from state #20 to helper IKEv1 DH | adding quick outR1 DH work-order 24 for state #20 | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c18d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c18d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | crypto helper 2 resuming | crypto helper 2 starting work-order 24 for state #20 | crypto helper 2 doing compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 24 | peer's g: 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 79 97 55 6b | peer's g: 43 41 7e 13 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 | peer's g: 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 42 48 38 5e | peer's g: 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 | peer's g: 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f | peer's g: bf 5d 81 83 fc 37 26 eb 54 39 65 c0 a4 c1 af cd | peer's g: e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 | peer's g: 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 | peer's g: 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 28 a0 1a 6b | peer's g: 91 3a cd e9 92 36 21 ad ba 22 71 e2 bd 02 25 05 | peer's g: 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 | peer's g: a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 | peer's g: cb ae 72 a7 d0 92 7e 75 22 c0 74 8b 63 72 a2 01 | peer's g: 93 84 cd b3 96 18 56 67 10 44 81 89 fb a0 40 b5 | peer's g: b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 de d8 e0 34 | peer's g: 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14c4009fa8: computed shared DH secret key@0x55a9006c2720 | dh-shared : g^ir-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 2 finished compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 24 time elapsed 0.000986 seconds | (#20) spent 0.987 milliseconds in crypto helper computing work-order 24: quick outR1 DH (pcr) | crypto helper 2 sending results from work-order 24 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f14c8003f28 size 128 | crypto helper 2 waiting (nothing to do) | suspending state #20 and saving MD | #20 is busy; has a suspended MD | resume sending helper answer for #20 suppresed complete_v1_state_transition() and stole MD | #20 spent 0.0737 milliseconds in resume sending helper answer | stop processing: state #20 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c4003ad8 | processing resume sending helper answer for #20 | start processing: state #20 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 24 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue2 for #20: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI df cc b3 b1 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x48793225 for esp.0@192.1.2.23 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 48 79 32 25 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | emitting 20 raw bytes of attributes into ISAKMP Transform Payload (ESP) | attributes 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | attributes 80 05 00 02 | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 "east" #20: responding to Quick Mode proposal {msgid:0036540e} "east" #20: us: 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east] "east" #20: them: 192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | Nr 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | emitting length of ISAKMP Nonce Payload: 36 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value f9 17 88 0b 16 9b 40 43 ef 50 36 75 7a ba a5 4c | keyex value 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 | keyex value a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 00 85 29 8c | keyex value cd 1e 6e ce fe f5 82 3c b0 90 76 7a 69 70 bb 15 | keyex value 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a e2 20 70 92 | keyex value 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d | keyex value 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c bd 66 bb dd | keyex value 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 | keyex value 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e | keyex value 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 56 07 02 82 | keyex value 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 a2 65 39 6a | keyex value d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b 16 95 18 44 | keyex value 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 | keyex value 3d f3 0c d3 65 01 74 70 de 27 3c fb dc ba e7 49 | keyex value 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc 4f 08 af cf | keyex value 49 bb 0e 80 63 68 3c f2 c0 11 8b df 1c dc 8f a5 | emitting length of ISAKMP Key Exchange Payload: 260 | DH secret MODP2048@0x7f14c4009fa8: transferring ownership from helper IKEv1 DH to state #20 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 01 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 02 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482648 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006ac790 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006ac790 | HASH(1): release clone-key@0x55a9006ac790 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948272c (length 4) | 00 36 54 0e | HASH(1) PRF sha update Ni_b-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | HASH(1) PRF sha update payload-bytes@0x55a8fff8a8f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 48 79 32 25 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 03 4f a4 e5 7b 9c 3b 2d | 3e 8e 86 b7 34 5d 3c 12 8c df 4f 58 e2 de e3 0e | 54 05 27 8b 5b f5 ae d8 05 00 01 04 f9 17 88 0b | 16 9b 40 43 ef 50 36 75 7a ba a5 4c 64 bb 7a 36 | 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 a9 7a 59 d7 | 22 bc 4d 34 e4 5f 88 38 00 85 29 8c cd 1e 6e ce | fe f5 82 3c b0 90 76 7a 69 70 bb 15 8b e9 dc b1 | 3d 95 d6 66 ca d7 18 7a e2 20 70 92 52 e6 9b a2 | 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d 4a 84 f5 cf | 09 89 0a a0 dc 38 20 6c bd 66 bb dd 84 23 5a 0e | 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 09 62 ce df | 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e 02 aa ba 4e | 50 2a a6 6a 35 9b f5 19 56 07 02 82 70 93 48 f2 | b1 8f 0f 00 cb fb 16 13 a2 65 39 6a d3 45 f5 4b | a1 e8 7f db 9c 2e 28 5b 16 95 18 44 0b 9f ec a1 | c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 3d f3 0c d3 | 65 01 74 70 de 27 3c fb dc ba e7 49 8d 85 98 d9 | c2 98 87 e6 a3 1d 3d dc 4f 08 af cf 49 bb 0e 80 | 63 68 3c f2 c0 11 8b df 1c dc 8f a5 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a8fff8a8e0 (length 20) | 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 b4 e3 34 03 | 52 de bc e1 | quick inR1 outI2 HASH(2): | 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 b4 e3 34 03 | 52 de bc e1 | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c80031d8 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c0dd0 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x55a9006c0db0 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f14c8004218 (length 20) | 31 cf 6b b9 04 97 44 41 61 46 90 89 03 b2 79 ec | 46 60 31 1f | hmac PRF sha final-bytes@0x55a9006ca7a8 (length 20) | a4 97 50 c1 6e 81 c9 4e a3 ae f9 8d 3e 5b f0 af | f1 67 43 db | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006bf278 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c8004ec8 | hmac PRF sha update data-bytes@0x7f14c8004218 (length 20) | 31 cf 6b b9 04 97 44 41 61 46 90 89 03 b2 79 ec | 46 60 31 1f | hmac PRF sha update data-bytes@0x55a9006ca7a8 (length 20) | a4 97 50 c1 6e 81 c9 4e a3 ae f9 8d 3e 5b f0 af | f1 67 43 db | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c0dd0 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x55a9006c0db0 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f14c800422c (length 20) | 9c 5b f3 c6 7f 66 1c 38 c9 fd 69 29 c5 33 ae 89 | 7a 86 84 ab | hmac PRF sha final-bytes@0x55a9006ca7bc (length 20) | 0f 11 68 b9 c2 3f 71 4a 21 70 b8 1e a7 af d3 14 | 10 61 a5 dc | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c80031d8 | hmac PRF sha init symkey-key@0x55a900622080 (size 20) | hmac: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14c0002b50 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update data-bytes@0x7f14c800422c (length 20) | 9c 5b f3 c6 7f 66 1c 38 c9 fd 69 29 c5 33 ae 89 | 7a 86 84 ab | hmac PRF sha update data-bytes@0x55a9006ca7bc (length 20) | 0f 11 68 b9 c2 3f 71 4a 21 70 b8 1e a7 af d3 14 | 10 61 a5 dc | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a9006c2720 (size 256) | hmac: g^xy-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c2720 | nss hmac digest hack: symkey-key@0x55a9006c2720 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 94 4c 37 50 f0 4c 3f 32 af 57 d6 aa d3 55 30 f1 ad 14 21 ac 80 8f 4d 66 80 e4 02 c4 2f 77 a0 21 b5 9a 69 b8 09 36 8b 45 7c 73 4c b3 f7 88 56 bb 86 c8 82 40 78 09 fd 49 e9 e8 4d b9 60 cc c4 46 76 4e ea 6d a3 1c 20 57 be f7 fb 65 1a 2e 33 82 ad e1 3a b5 10 36 d5 d3 b6 20 ca b7 15 5d a7 a3 a7 5d 56 20 73 be 33 c8 90 5b 7e 5b 19 7f 3a b8 62 9a 6f c8 a9 5e a5 84 a2 b1 73 79 15 84 98 79 8d b3 f2 ed 52 ff 77 f0 d6 ad 07 d8 43 a4 01 dd b4 67 4e 4a 08 68 40 9a 2c a7 f0 c8 a9 e3 2e a5 ef 7a 31 a1 30 b6 9f 70 68 ae 9c 89 f1 f0 8a 49 f9 66 11 55 4a 61 db 4c ec 4a d1 64 69 e8 62 40 2e 0d 04 56 4b 9c f2 19 92 55 37 6d ec 94 dc c2 87 6b a1 35 34 3d 27 94 87 f3 a4 36 18 a1 17 96 92 79 15 0e f5 52 32 52 1a a8 99 ab d9 b1 be de 3f 20 88 4a 9b 7c 66 23 65 48 4b 26 93 aa be 93 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006c0dd0 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x55a9006c0db0 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f14c8004240 (length 20) | 2f 41 0f 13 99 ab f9 09 ea fb 9e 30 2c 0e 66 a9 | dc 90 81 5d | hmac PRF sha final-bytes@0x55a9006ca7d0 (length 20) | 16 ca 6a a8 7f a5 d5 4a 7b cc 3f 7d 29 dd af 5e | 90 04 39 2e | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self | install_inbound_ipsec_sa() checking if we can route | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | routing is easy, or has resolvable near-conflict | checking if this is a replacement state | st=0x55a9006c0bc8 ost=(nil) st->serialno=#20 ost->serialno=#0 | installing outgoing SA now as refhim=0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.dfccb3b1@192.1.2.45 included non-error error | outgoing SA has refhim=0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.48793225@192.1.2.23 included non-error error | priority calculation of connection "east" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | encrypting: 01 00 00 18 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 | encrypting: b4 e3 34 03 52 de bc e1 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 48 79 32 25 | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | encrypting: 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | encrypting: 05 00 01 04 f9 17 88 0b 16 9b 40 43 ef 50 36 75 | encrypting: 7a ba a5 4c 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 | encrypting: 1d ee 6f 30 a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 | encrypting: 00 85 29 8c cd 1e 6e ce fe f5 82 3c b0 90 76 7a | encrypting: 69 70 bb 15 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a | encrypting: e2 20 70 92 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 | encrypting: 06 f1 5d 5d 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c | encrypting: bd 66 bb dd 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 | encrypting: 50 d8 24 57 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 | encrypting: a1 46 c6 0e 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 | encrypting: 56 07 02 82 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 | encrypting: a2 65 39 6a d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b | encrypting: 16 95 18 44 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 | encrypting: ca a1 05 03 3d f3 0c d3 65 01 74 70 de 27 3c fb | encrypting: dc ba e7 49 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc | encrypting: 4f 08 af cf 49 bb 0e 80 63 68 3c f2 c0 11 8b df | encrypting: 1c dc 8f a5 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: fa ac f3 61 b7 ef 03 4c | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 61 b6 15 32 3b b6 5c 41 | finished processing quick inI1 | complete v1 state transition with STF_OK | [RE]START processing: state #20 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #20 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 | child state #20: QUICK_R0(established CHILD SA) => QUICK_R1(established CHILD SA) | event_already_set, deleting event | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006c18d8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 436 bytes for STATE_QUICK_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #20) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 6c 37 28 88 | 83 ee 02 1b 37 83 30 15 01 ee c7 b0 0b 01 5a 8e | 2f e1 bc cc 0a a3 b5 7e 2d 7b 2e 37 e0 eb 7b 09 | f9 d6 c0 02 7a 2d f7 22 86 d6 af 55 3b 82 ee 40 | b5 e7 9e db 91 68 9d e8 1a 50 88 4b 7e e7 a8 2c | 9b 8e c7 25 0c eb c7 10 bf 6a 60 96 9f 81 ec 9d | df b7 23 c1 70 35 b7 9b 2e 46 06 75 3c b0 56 75 | 19 9b f7 c6 f3 ca c7 2c c6 89 ee e9 3e 7f 04 42 | 1c bd ed 53 c5 97 fa 62 b5 4f b3 f2 71 80 24 c5 | 91 41 df ed dc fa 58 77 13 40 0c 35 a7 66 24 a2 | 93 37 b1 99 9e 3c 38 83 cc e7 cd 61 1d 6f 13 71 | 73 fb dd b8 04 55 8c a0 f8 f5 1b 03 9c f8 6c a3 | 6a 12 11 f2 b0 cf e2 e6 cc 9b dc f4 eb fb 90 1d | b5 f3 5f 2f cd 5b ef 55 a5 ee c1 5a bc 68 30 65 | 0a af b3 bc e1 5c 35 e2 d7 12 36 89 29 3f 7d 2f | 69 63 e6 12 38 e7 39 bf bf 59 be 41 66 05 ec db | 9f 41 7d b7 03 61 50 e0 5d 88 3a a8 76 69 d5 03 | 3f ae b5 f1 c2 0b 1c 55 f9 1d 51 21 30 8b ab aa | fa fa 3d b4 2c 54 a7 7f 10 41 79 97 4a 14 7c 68 | f6 2d 37 1e b2 2c 05 39 89 a6 82 85 55 b3 72 19 | b0 b0 32 6f 77 66 a6 5b 36 db d3 6e 92 51 e0 fa | 67 47 86 a7 03 44 7f 99 60 31 7a 6b bd d2 eb 15 | d8 31 f8 05 c0 6e db 3d 87 9d f0 5f 16 3c c3 59 | a7 53 9d 92 c5 a8 f6 c6 2c 2d af 64 10 5e 9c 70 | ed d3 5d f8 2e 67 d0 85 e3 7e 02 67 0f 69 9a bc | f2 d4 14 d3 ed cd 2b 64 92 08 08 a4 61 b6 15 32 | 3b b6 5c 41 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a9006c18d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f14c4003ad8 size 128 | #20 STATE_QUICK_R1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.139809 | pstats #20 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #20: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 tunnel mode {ESP=>0xdfccb3b1 <0x48793225 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 1.99 milliseconds in resume sending helper answer | stop processing: state #20 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c8003f28 | spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 52 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 00 34 89 67 cf 7f | e5 00 fa 11 0c 99 25 6a 50 ad 1a cd 63 6a 15 4a | c8 c7 c6 92 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | length: 52 (0x34) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #20 in QUICK_R1 (find_state_ikev1) | start processing: state #20 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1633) | #20 is idle | #20 idle | received encrypted packet from 192.1.2.45:500 | decrypting 24 bytes using algorithm 3DES_CBC | IV before: 61 b6 15 32 3b b6 5c 41 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 63 6a 15 4a c8 c7 c6 92 | decrypted payload (starts at offset -24): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 00 34 00 00 00 18 | 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 1a ff bc ac | ed 41 2d 45 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006bf2a0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1) prf: begin sha with context 0x55a9006bf2a0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1): release clone-key@0x55a9006c4f70 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 00 36 54 0e | HASH(1) PRF sha update Ni_b-bytes@0x7f14cc0044b8 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | HASH(1) PRF sha update Nr_b-bytes@0x7f14c40030c8 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 1a ff bc ac | ed 41 2d 45 | quick_inI2 HASH(3): | 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 1a ff bc ac | ed 41 2d 45 | received 'quick_inI2' message HASH(3) data ok | install_ipsec_sa() for #20: outbound only | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | sr for #20: prospective erouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | route_and_eroute with c: east (next: none) ero:east esr:{(nil)} ro:east rosr:{(nil)} and state: #20 | priority calculation of connection "east" is 0xfe7e7 | eroute_connection replace eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45>tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xdfccb3b1 SPI_OUT=0x487 | popen cmd is 1020 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' : | cmd( 160):PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1638: | cmd( 320):8' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKE: | cmd( 640):V1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO: | cmd( 720):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_IN: | cmd( 800):FO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_: | cmd( 880):CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED=: | cmd( 960):'no' SPI_IN=0xdfccb3b1 SPI_OUT=0x48793225 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | route_and_eroute: instance "east", setting eroute_owner {spd=0x55a9006be648,sr=0x55a9006be648} to #20 (was #0) (newest_ipsec_sa=#0) | #19 spent 0.599 milliseconds in install_ipsec_sa() | inI2: instance east[0], setting IKEv1 newest_ipsec_sa to #20 (was #0) (spd.eroute=#20) cloned from #19 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #20 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #20 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 | child state #20: QUICK_R1(established CHILD SA) => QUICK_R2(established CHILD SA) | event_already_set, deleting event | state #20 requesting EVENT_RETRANSMIT to be deleted | #20 STATE_QUICK_R2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f14c4003ad8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a9006c18d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a9006c18d8 | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f14c8003f28 size 128 | pstats #20 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #20: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xdfccb3b1 <0x48793225 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | #20 spent 0.692 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #20 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.92 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00408 milliseconds in signal handler PLUTO_SIGCHLD | spent 0 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 23 fc 8a 26 00 00 00 44 75 f7 1c d3 | 0e bd 74 d1 27 51 a2 3a eb 3b 6f 7f 20 e4 b5 12 | c1 73 52 55 a1 8f 22 9c 6a 4e 2a ad d6 c1 df c7 | 68 87 97 d6 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 603752998 (0x23fc8a26) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #20; msgid=00000000 st_msgid=0036540e st_msgid_phase15=00000000 | peer and cookies match on #19; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #19 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #19 in MAIN_R3 (find_v1_info_state) | start processing: state #19 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 23 fc 8a 26 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 2e 89 fa a4 a6 e2 4c 50 92 2d 39 f2 b2 38 4b 8e | e1 3c df cb | #19 is idle | #19 idle | received encrypted packet from 192.1.2.45:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 2e 89 fa a4 a6 e2 4c 50 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: d6 c1 df c7 68 87 97 d6 | decrypted payload (starts at offset -40): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 23 fc 8a 26 00 00 00 44 0c 00 00 18 | 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a a3 df 01 10 | 0f 5b db 03 00 00 00 10 00 00 00 01 03 04 00 01 | df cc b3 b1 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c4f70 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c4f70 | HASH(1): release clone-key@0x55a9006c4f70 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 23 fc 8a 26 | HASH(1) PRF sha update payload-bytes@0x55a9006c552c (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 df cc b3 b1 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a a3 df 01 10 | 0f 5b db 03 | informational HASH(1): | 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a a3 df 01 10 | 0f 5b db 03 | received 'informational' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Delete Payload into SPI | SPI df cc b3 b1 | FOR_EACH_STATE_... in find_phase2_state_to_delete | start processing: connection "east" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515) "east" #19: received Delete SA(0xdfccb3b1) payload: deleting IPsec State #20 | pstats #20 ikev1.ipsec deleted completed | suspend processing: state #19 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) | start processing: state #20 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #20: deleting other state #20 (STATE_QUICK_R2) aged 0.100s and sending notification | child state #20: QUICK_R2(established CHILD SA) => delete | get_sa_info esp.dfccb3b1@192.1.2.45 | get_sa_info esp.48793225@192.1.2.23 "east" #20: ESP traffic information: in=84B out=84B | #20 send IKEv1 delete notification for STATE_QUICK_R2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 225988656 (0xd785030) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 48 79 32 25 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94804e8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c4f70 | HASH(1) prf: begin sha with context 0x7f14c0002b50 from SKEYID_a-key@0x55a9006c4f70 | HASH(1): release clone-key@0x55a9006c4f70 | HASH(1) PRF sha crypt-prf@0x55a9006c1aa8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94805cc (length 4) | 0d 78 50 30 | HASH(1) PRF sha update payload-bytes@0x7ffef9480974 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 48 79 32 25 | HASH(1) PRF sha final-bytes@0x7ffef9480960 (length 20) | 52 65 a7 e0 c7 46 82 13 14 2a e4 9b 89 eb c7 2d | 01 c5 de ff | send delete HASH(1): | 52 65 a7 e0 c7 46 82 13 14 2a e4 9b 89 eb c7 2d | 01 c5 de ff | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94805dc (length 4) | 0d 78 50 30 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | ac 5f 71 c6 e0 6c ae 43 f6 c3 fe 7c 3e 4e 2c ce | 68 f4 d6 0b | encrypting: 0c 00 00 18 52 65 a7 e0 c7 46 82 13 14 2a e4 9b | encrypting: 89 eb c7 2d 01 c5 de ff 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 48 79 32 25 | IV: ac 5f 71 c6 e0 6c ae 43 f6 c3 fe 7c 3e 4e 2c ce | IV: 68 f4 d6 0b | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 10 09 24 e4 c4 c7 6f 5f | sending 68 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 0d 78 50 30 00 00 00 44 e7 db 28 ad | 92 8e 41 8d f0 cc 8f b6 23 5e 50 ee fc fc 41 87 | ab 1b 22 ff 68 ee d2 f3 1e e1 15 b9 10 09 24 e4 | c4 c7 6f 5f | state #20 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14c8003f28 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a9006c18d8 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844017' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xdfccb3b1 | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east: | cmd( 160):' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844017' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0xdfccb3b1 SPI_OUT=0x48793225 ipsec _updown 2>&1: | shunt_eroute() called for connection 'east' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.dfccb3b1@192.1.2.45 | netlink response for Del SA esp.dfccb3b1@192.1.2.45 included non-error error | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.48793225@192.1.2.23 | netlink response for Del SA esp.48793225@192.1.2.23 included non-error error | stop processing: connection "east" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection east | State DB: deleting IKEv1 state #20 in QUICK_R2 | child state #20: QUICK_R2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14c4009fa8: destroyed | stop processing: state #20 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume processing: state #19 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006c2720 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006bd630 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | connection 'east' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #19 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #19 | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #19 ikev1.isakmp deleted completed | [RE]START processing: state #19 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #19: deleting state (STATE_MAIN_R3) aged 0.129s and sending notification | parent state #19: MAIN_R3(established IKE SA) => delete | #19 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2283133712 (0x8815db10) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 5d 97 d9 f8 3f c6 7d de | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI b6 8a 2c 11 a9 4a 88 72 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a9006a9280 (size 20) | HASH(1): SKEYID_a-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480488 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006ca780 from SKEYID_a-key@0x55a9006c2720 | HASH(1) prf: begin sha with context 0x55a9006ca780 from SKEYID_a-key@0x55a9006c2720 | HASH(1): release clone-key@0x55a9006c2720 | HASH(1) PRF sha crypt-prf@0x55a9006bf278 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948056c (length 4) | 88 15 db 10 | HASH(1) PRF sha update payload-bytes@0x7ffef9480914 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 5d 97 d9 f8 | 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | HASH(1) PRF sha final-bytes@0x7ffef9480900 (length 20) | 64 1f 4a 65 24 60 ee fc 07 e0 92 b7 21 0c ad 60 | 85 0e c1 b2 | send delete HASH(1): | 64 1f 4a 65 24 60 ee fc 07 e0 92 b7 21 0c ad 60 | 85 0e c1 b2 | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c20e8 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948057c (length 4) | 88 15 db 10 | Phase 2 IV hash sha final bytes@0x55a9006c2068 (length 20) | 12 18 29 e1 1c 58 67 42 2b b5 d6 d6 48 71 50 45 | 45 7d 9c 44 | encrypting: 0c 00 00 18 64 1f 4a 65 24 60 ee fc 07 e0 92 b7 | encrypting: 21 0c ad 60 85 0e c1 b2 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 | encrypting: a9 4a 88 72 | IV: 12 18 29 e1 1c 58 67 42 2b b5 d6 d6 48 71 50 45 | IV: 45 7d 9c 44 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: c2 78 9a 0e 44 a0 0a 7b | sending 84 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 88 15 db 10 00 00 00 54 81 19 1f 85 | 6e e6 04 00 f8 28 2b bd d7 dd 7b 39 60 c3 c9 db | 91 39 80 32 a7 c5 1f 92 c8 17 a7 da 8f 40 0e 64 | c7 dc af a5 7c 92 4b 9f 7b bb 00 8d c2 78 9a 0e | 44 a0 0a 7b | state #19 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14b80015e8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14b8002b78 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #19 in MAIN_R3 | parent state #19: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14b8006de8: destroyed | stop processing: state #19 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006a3700 | delete_state: release st->st_skeyid_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_d_nss-key@0x55a900622080 | delete_state: release st->st_skey_ai_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006bd630 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2556) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2559) | del: | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.97 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00233 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 a7 5c e7 dd 00 00 00 54 93 2f 71 ea | d0 e7 c2 d5 0b 61 94 65 57 07 2d ba cf a5 5b 5e | a1 ed f0 9e 23 4c 5b ab 18 35 51 a8 33 5e bc 67 | b8 f3 6b 3d e9 1d 3c 95 fa 5c ba dd 18 df a9 2f | a2 78 4f 6e | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2807883741 (0xa75ce7dd) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xa75ce7dd | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 5d 97 d9 f8 3f c6 7d de | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | b6 8a 2c 11 a9 4a 88 72 | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0733 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00467 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00254 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | 90 7e 86 5d c4 c6 5a b5 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 90 7e 86 5d c4 c6 5a b5 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0d 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 97 d9 ec 54 c5 11 8c 49 8f a8 89 ec 9e b1 3b 6d | ad 51 4b 51 03 32 bd 32 f2 35 cc 2e da a0 f1 a2 | creating state object #21 at 0x55a9006c1c58 | State DB: adding IKEv1 state #21 in UNDEFINED | pstats #21 ikev1.isakmp started | #21 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #21 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #21: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #21: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | 90 7e 86 5d c4 c6 5a b5 | responder cookie: | 97 d9 ec 54 c5 11 8c 49 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) "east" #21: peer proposed key_len not valid for encrypt algo setup specified. Attribute OAKLEY_KEY_LENGTH "east" #21: no acceptable Oakley Transform | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #21 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #21 is idle "east" #21: sending notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | 90 7e 86 5d c4 c6 5a b5 | responder cookie: | 97 d9 ec 54 c5 11 8c 49 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #21) | 90 7e 86 5d c4 c6 5a b5 97 d9 ec 54 c5 11 8c 49 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | state transition function for STATE_MAIN_R0 failed: NO_PROPOSAL_CHOSEN | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #21 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.502 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | f5 c7 14 93 c1 b1 c3 3f 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f5 c7 14 93 c1 b1 c3 3f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0e 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 21 04 ae 5b f5 60 67 41 75 e2 e8 eb 6d e3 42 a8 | 3a b4 6c 83 58 1d f2 1e 88 37 17 43 33 b2 e3 ea | creating state object #22 at 0x55a9006c5a48 | State DB: adding IKEv1 state #22 in UNDEFINED | pstats #22 ikev1.isakmp started | #22 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #22 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #22: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #22: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | f5 c7 14 93 c1 b1 c3 3f | responder cookie: | 21 04 ae 5b f5 60 67 41 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) "east" #22: peer proposed key_len not valid for encrypt algo setup specified. Attribute OAKLEY_KEY_LENGTH "east" #22: no acceptable Oakley Transform | complete v1 state transition with NO_PROPOSAL_CHOSEN | [RE]START processing: state #22 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #22 is idle "east" #22: sending notification NO_PROPOSAL_CHOSEN to 192.1.2.45:500 | **emit ISAKMP Message: | initiator cookie: | f5 c7 14 93 c1 b1 c3 3f | responder cookie: | 21 04 ae 5b f5 60 67 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N) | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'notification msg' | emitting length of ISAKMP Notification Payload: 12 | emitting length of ISAKMP Message: 40 | sending 40 bytes for notification packet through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #22) | f5 c7 14 93 c1 b1 c3 3f 21 04 ae 5b f5 60 67 41 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | state transition function for STATE_MAIN_R0 failed: NO_PROPOSAL_CHOSEN | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #22 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.518 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00277 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 204 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 204 (0xcc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1_init) | #null state always idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inI1_outR1' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] | Ignoring older NAT-T Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] | in statetime_start() with no state | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=IKEV1_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=IKEV1_ALLOW | found policy = PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (east) | find_next_host_connection returns east | find_next_host_connection policy=IKEV1_ALLOW | find_next_host_connection returns empty | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x55a9006bf5d8 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x55a8fff7e700 (length 32) | 26 8e 09 7e 09 24 b9 c5 c2 b5 86 b6 8e b1 82 58 | 9e 3d 96 08 2c 7f 90 73 6f 79 bb 1e 41 be 14 ad | IKE SPIr hash sha2_256 digest counter-bytes@0x55a8fff7e6e0 (length 4) | 0f 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffef9482bc0 (length 32) | 6d ef 71 0c f6 3c c0 44 b2 02 0b 1b 47 08 08 0e | e8 16 ec cf 6d c7 61 8b 5c 04 56 5a 37 7d 92 6c | creating state object #23 at 0x55a9006c0bc8 | State DB: adding IKEv1 state #23 in UNDEFINED | pstats #23 ikev1.isakmp started | #23 updating local interface from to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | start processing: state #23 connection "east" from 192.1.2.45:500 (in main_inI1_outR1() at ikev1_main.c:667) | parent state #23: UNDEFINED(ignore) => MAIN_R0(half-open IKE SA) | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) "east" #23: responding to Main Mode | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 05 80 02 00 02 | attributes 80 03 00 01 80 04 00 0e 80 0e 00 c0 | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 144 | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 | parent state #23: MAIN_R0(half-open IKE SA) => MAIN_R1(open IKE SA) | event_already_set, deleting event | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 144 bytes for STATE_MAIN_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | !event_already_set at reschedule | event_schedule: new EVENT_SO_DISCARD-pe@0x55a9006ca7a8 | inserting event EVENT_SO_DISCARD, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 "east" #23: STATE_MAIN_R1: sent MR1, expecting MI2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.406 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00249 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | 14 00 00 24 c1 70 9e 94 01 66 b5 85 d4 22 6c c1 | 22 f7 36 cd 25 d8 9a 0f fb 94 2c 70 fe a4 1b de | 54 89 d9 7c 14 00 00 18 5f f2 ef 47 d8 08 4d ae | 08 01 d8 1f cf a2 4b f1 37 b2 91 e6 00 00 00 18 | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_R1 (find_state_ikev1) | start processing: state #23 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inI2_outR2' HASH payload not checked early | DH public value received: | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c1160 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c1168 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482da0 (length 20) | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | natd_hash: hash= 37 b2 91 e6 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a9006c1160 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a9006c1168 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffef9482d04 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482cf6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482de0 (length 20) | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | natd_hash: hash= c6 dc 0b 90 | expected NAT-D(me): 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | expected NAT-D(me): 37 b2 91 e6 | expected NAT-D(him): | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | received NAT-D: 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | received NAT-D: 37 b2 91 e6 | received NAT-D: 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | received NAT-D: c6 dc 0b 90 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | adding inI2_outR2 KE work-order 25 for state #23 | state #23 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_SO_DISCARD-pe@0x55a9006ca7a8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006ca7a8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a9006c4e78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | crypto helper 4 resuming | suspending state #23 and saving MD | crypto helper 4 starting work-order 25 for state #23 | #23 is busy; has a suspended MD | crypto helper 4 doing build KE and nonce (inI2_outR2 KE); request ID 25 | #23 spent 0.196 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.327 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14bc0026e8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14bc0026e8 | NSS: Public DH wire value: | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | Generated nonce: 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 2c de ee 0e | Generated nonce: 47 06 4e 67 5b f5 af a8 04 1e 77 48 ae 4b 38 84 | crypto helper 4 finished build KE and nonce (inI2_outR2 KE); request ID 25 time elapsed 0.00089 seconds | (#23) spent 0.891 milliseconds in crypto helper computing work-order 25: inI2_outR2 KE (pcr) | crypto helper 4 sending results from work-order 25 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f14bc007988 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 25 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_continue for #23: calculated ke+nonce, sending R2 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14bc0026e8: transferring ownership from helper KE to state #23 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | keyex value c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | keyex value d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | keyex value e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | keyex value 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | keyex value 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | keyex value 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | keyex value 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | keyex value e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | keyex value f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | keyex value c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | keyex value 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | keyex value 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | keyex value ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | keyex value 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | keyex value f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 2c de ee 0e | Nr 47 06 4e 67 5b f5 af a8 04 1e 77 48 ae 4b 38 84 | emitting length of ISAKMP Nonce Payload: 36 | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | natd_hash: hash= c6 dc 0b 90 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | NAT-D c6 dc 0b 90 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffef94829e0 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffef94829e8 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffef9482964 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffef9482956 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffef9482a30 (length 20) | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | natd_hash: hasher=0x55a8fff61800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | natd_hash: hash= 37 b2 91 e6 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | NAT-D 37 b2 91 e6 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | main inI2_outR2: starting async DH calculation (group=14) | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14bc0026e8: transferring ownership from state #23 to helper IKEv1 DH+IV | adding main_inI2_outR2_tail work-order 26 for state #23 | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c4e78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006ca7a8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a9006ca7a8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #23 main_inI2_outR2_continue1_tail:1165 st->st_calculating = FALSE; | complete v1 state transition with STF_OK | crypto helper 5 resuming | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle; has background offloaded task | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 | crypto helper 5 starting work-order 26 for state #23 | parent state #23: MAIN_R1(open IKE SA) => MAIN_R2(open IKE SA) | crypto helper 5 doing compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 26 | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | peer's g: 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | peer's g: 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | peer's g: a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | peer's g: 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | peer's g: 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | peer's g: fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | libevent_free: release ptr-libevent@0x55a9006c2918 | peer's g: 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | peer's g: 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | peer's g: d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | peer's g: 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | peer's g: 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | peer's g: 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | peer's g: 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | peer's g: c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a9006ca7a8 | peer's g: 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | peer's g: d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | Started DH shared-secret computation in NSS: | sending 372 bytes for STATE_MAIN_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | 14 00 00 24 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 | 2c de ee 0e 47 06 4e 67 5b f5 af a8 04 1e 77 48 | ae 4b 38 84 14 00 00 18 2c f9 9b ce 8a 99 4b af | 71 e4 59 76 c2 c2 60 ec c6 dc 0b 90 00 00 00 18 | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a9006ca7a8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | #23 STATE_MAIN_R2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.655999 "east" #23: STATE_MAIN_R2: sent MR2, expecting MI3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.471 milliseconds in resume sending helper answer | stop processing: state #23 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14bc007988 | new : g_ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14bc0026e8: computed shared DH secret key@0x55a9006bd630 | dh-shared : g^ir-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a9006cb888 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d1184700 | result: psk-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a9006a9280 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846e8 | result: psk-key@0x55a9006aad30 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a9006a9280 | SKEYID psk prf: created sha context 0x7f14c0003b00 from psk-key@0x55a9006aad30 | SKEYID psk prf: begin sha with context 0x7f14c0003b00 from psk-key@0x55a9006aad30 | SKEYID psk: release clone-key@0x55a9006aad30 | SKEYID psk PRF sha crypt-prf@0x7f14c0003948 | SKEYID psk PRF sha update Ni-bytes@0x55a9006cb8ac (length 32) | c1 70 9e 94 01 66 b5 85 d4 22 6c c1 22 f7 36 cd | 25 d8 9a 0f fb 94 2c 70 fe a4 1b de 54 89 d9 7c | SKEYID psk PRF sha update Nr-bytes@0x55a9006cb8cc (length 32) | 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 2c de ee 0e | 47 06 4e 67 5b f5 af a8 04 1e 77 48 ae 4b 38 84 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d1184720 | result: final-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a9280 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d1184708 | result: final-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a9280 | SKEYID psk PRF sha final-key@0x55a9006aad30 (size 20) | SKEYID psk: key-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_d: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d1184718 | result: clone-key@0x55a9006a9280 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f14c0003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d prf: begin sha with context 0x7f14c0003b00 from SKEYID-key@0x55a9006a9280 | SKEYID_d: release clone-key@0x55a9006a9280 | SKEYID_d PRF sha crypt-prf@0x7f14c0001278 | SKEYID_d PRF sha update g^xy-key@0x55a9006bd630 (size 256) | SKEYID_d: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f8 ec 09 e0 c5 b9 ba 1b 3d 8c 90 9a b7 75 44 06 be a5 46 07 a9 42 44 cf 5d 1c 0c f7 1d 2c 81 b9 3b 18 bb c3 4b 12 8a 6a cc 5a 87 ff 8d f5 b4 1e ed 5c 91 6d 6f b5 29 89 ef 73 e0 42 e0 55 c4 bd a0 81 b9 d4 82 1f 03 09 be 29 d1 79 e5 e3 75 eb 8e de 33 36 39 50 81 2a 60 6b 4b 4a c3 28 0a f8 d6 95 07 a2 62 57 53 5c 7b 6a 1f 05 81 51 f5 e9 01 b9 ae 20 7b b3 73 2c d1 31 04 42 af 11 83 15 9c 48 5d a4 7f 7e d6 9b 4f 27 1b 5a d6 f0 d8 6f e9 3a 40 c3 38 a6 6e 7f 09 02 7f e2 0d 6f 97 14 03 aa a1 03 2c d7 94 94 26 82 d8 b6 55 5a b1 fc d1 6c ec b3 b1 6b 80 84 5a 2c 52 fc cf 20 c6 f7 e0 b4 fc 0a b9 ef b3 7c 61 96 d2 4c d9 46 b8 19 bf 05 c9 fd 4b c7 64 43 72 f6 b7 93 58 eb cb 12 e3 ce e6 50 82 07 a0 2c 55 7f 66 22 ab 41 7a b6 3f a4 78 ba 55 ef 39 3c b8 a1 4d 77 f7 1c 66 74 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c00014c8 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_d PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_d PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d1184720 | result: final-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a900622080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d1184708 | result: final-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a900622080 | SKEYID_d PRF sha final-key@0x55a9006a9280 (size 20) | SKEYID_d: key-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_a: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846f8 | result: clone-key@0x55a900622080 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f14c0003b00 from SKEYID-key@0x55a900622080 | SKEYID_a prf: begin sha with context 0x7f14c0003b00 from SKEYID-key@0x55a900622080 | SKEYID_a: release clone-key@0x55a900622080 | SKEYID_a PRF sha crypt-prf@0x7f14c0003948 | SKEYID_a PRF sha update SKEYID_d-key@0x55a9006a9280 (size 20) | SKEYID_a: SKEYID_d-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a9280 | nss hmac digest hack: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921235: f2 31 bb bc a2 9f 3b 53 b7 cf 8b cb 5f 9a f7 af 1b b8 43 09 10 46 1f a9 c9 ed c3 70 96 b7 05 56 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c00039e8 | unwrapped: 64 6f 5b d2 eb fa 73 76 db b3 4e e2 9d a3 73 c8 | unwrapped: fc b7 8f 2d 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a9006bd630 (size 256) | SKEYID_a: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f8 ec 09 e0 c5 b9 ba 1b 3d 8c 90 9a b7 75 44 06 be a5 46 07 a9 42 44 cf 5d 1c 0c f7 1d 2c 81 b9 3b 18 bb c3 4b 12 8a 6a cc 5a 87 ff 8d f5 b4 1e ed 5c 91 6d 6f b5 29 89 ef 73 e0 42 e0 55 c4 bd a0 81 b9 d4 82 1f 03 09 be 29 d1 79 e5 e3 75 eb 8e de 33 36 39 50 81 2a 60 6b 4b 4a c3 28 0a f8 d6 95 07 a2 62 57 53 5c 7b 6a 1f 05 81 51 f5 e9 01 b9 ae 20 7b b3 73 2c d1 31 04 42 af 11 83 15 9c 48 5d a4 7f 7e d6 9b 4f 27 1b 5a d6 f0 d8 6f e9 3a 40 c3 38 a6 6e 7f 09 02 7f e2 0d 6f 97 14 03 aa a1 03 2c d7 94 94 26 82 d8 b6 55 5a b1 fc d1 6c ec b3 b1 6b 80 84 5a 2c 52 fc cf 20 c6 f7 e0 b4 fc 0a b9 ef b3 7c 61 96 d2 4c d9 46 b8 19 bf 05 c9 fd 4b c7 64 43 72 f6 b7 93 58 eb cb 12 e3 ce e6 50 82 07 a0 2c 55 7f 66 22 ab 41 7a b6 3f a4 78 ba 55 ef 39 3c b8 a1 4d 77 f7 1c 66 74 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c0004998 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_a PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_a PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d1184700 | result: final-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006acb70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846e8 | result: final-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006acb70 | SKEYID_a PRF sha final-key@0x55a900622080 (size 20) | SKEYID_a: key-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a9006aad30 (size 20) | SKEYID_e: SKEYID-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d1184708 | result: clone-key@0x55a9006acb70 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f14c0003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e prf: begin sha with context 0x7f14c0003b00 from SKEYID-key@0x55a9006acb70 | SKEYID_e: release clone-key@0x55a9006acb70 | SKEYID_e PRF sha crypt-prf@0x7f14c0001278 | SKEYID_e PRF sha update SKEYID_a-key@0x55a900622080 (size 20) | SKEYID_e: SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a900622080 | nss hmac digest hack: symkey-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1088532: 54 8f b7 e7 c0 0e 64 8c e6 34 1f b8 77 08 86 4e 9c dd 38 c7 ca 92 f2 3e ab 41 f4 f4 72 50 d1 0f | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c0003998 | unwrapped: 5b e0 51 57 09 37 8d 17 2f 25 99 38 d1 c6 e3 35 | unwrapped: 67 d9 fc de 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a9006bd630 (size 256) | SKEYID_e: g^xy-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006bd630 | nss hmac digest hack: symkey-key@0x55a9006bd630 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: f8 ec 09 e0 c5 b9 ba 1b 3d 8c 90 9a b7 75 44 06 be a5 46 07 a9 42 44 cf 5d 1c 0c f7 1d 2c 81 b9 3b 18 bb c3 4b 12 8a 6a cc 5a 87 ff 8d f5 b4 1e ed 5c 91 6d 6f b5 29 89 ef 73 e0 42 e0 55 c4 bd a0 81 b9 d4 82 1f 03 09 be 29 d1 79 e5 e3 75 eb 8e de 33 36 39 50 81 2a 60 6b 4b 4a c3 28 0a f8 d6 95 07 a2 62 57 53 5c 7b 6a 1f 05 81 51 f5 e9 01 b9 ae 20 7b b3 73 2c d1 31 04 42 af 11 83 15 9c 48 5d a4 7f 7e d6 9b 4f 27 1b 5a d6 f0 d8 6f e9 3a 40 c3 38 a6 6e 7f 09 02 7f e2 0d 6f 97 14 03 aa a1 03 2c d7 94 94 26 82 d8 b6 55 5a b1 fc d1 6c ec b3 b1 6b 80 84 5a 2c 52 fc cf 20 c6 f7 e0 b4 fc 0a b9 ef b3 7c 61 96 d2 4c d9 46 b8 19 bf 05 c9 fd 4b c7 64 43 72 f6 b7 93 58 eb cb 12 e3 ce e6 50 82 07 a0 2c 55 7f 66 22 ab 41 7a b6 3f a4 78 ba 55 ef 39 3c b8 a1 4d 77 f7 1c 66 74 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c00014c8 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_e PRF sha update CKI_i-bytes@0x55a9006cbaec (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_e PRF sha update CKI_r-bytes@0x55a9006cbaf4 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d1184710 | result: final-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006a3700 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846f8 | result: final-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006a3700 | SKEYID_e PRF sha final-key@0x55a9006acb70 (size 20) | SKEYID_e: key-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x55a9006acb70 (size 20) | appendix_b: SKEYID_e-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846e8 | result: clone-key@0x55a9006a3700 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f14c0003b00 from SKEYID_e-key@0x55a9006a3700 | appendix_b prf: begin sha with context 0x7f14c0003b00 from SKEYID_e-key@0x55a9006a3700 | appendix_b: release clone-key@0x55a9006a3700 | appendix_b PRF sha crypt-prf@0x7f14c0003948 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d11846f0 | result: final-key@0x55a9006c2720 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006c2720 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846d8 | result: final-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006c2720 | appendix_b PRF sha final-key@0x55a9006a3700 (size 20) | appendix_b: key-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x55a9006a3700 | Kn PRF sha init SKEYID_e-key@0x55a9006acb70 (size 20) | Kn: SKEYID_e-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006acb70 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846e8 | result: clone-key@0x55a9006c2720 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f14c0003b00 from SKEYID_e-key@0x55a9006c2720 | Kn prf: begin sha with context 0x7f14c0003b00 from SKEYID_e-key@0x55a9006c2720 | Kn: release clone-key@0x55a9006c2720 | Kn PRF sha crypt-prf@0x7f14c0001278 | Kn PRF sha update old_k-key@0x55a9006a3700 (size 20) | Kn: old_k-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a9006a3700 | nss hmac digest hack: symkey-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-921289: 24 4c 66 ef 3a 28 3c 27 4c 6f 83 e7 20 d4 64 7d be 9a 7e 10 32 17 50 2f a3 33 a8 e9 4c a0 c5 a8 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 32 bytes at 0x7f14c00039e8 | unwrapped: e8 4c f6 b3 2a bb 49 ca c8 83 87 b7 62 41 25 96 | unwrapped: 61 84 98 3d 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f14d11846f0 | result: final-key@0x55a9006c4f70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a9006c4f70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d11846d8 | result: final-key@0x55a9006c2720 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a9006c4f70 | Kn PRF sha final-key@0x55a9006c2720 (size 20) | Kn: key-key@0x55a9006c2720 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a9006a3700 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f14d1184768 | result: result-key@0x55a9006c4f70 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x55a9006a3700 | appendix_b_keymat_e: release old_k#N-key@0x55a9006a3700 | appendix_b_keymat_e: release old_k#final-key@0x55a9006c2720 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a9006c4f70 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f14d1184768 | result: cryptkey-key@0x55a9006c2720 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x55a9006c4f70 | NSS: pointers skeyid_d 0x55a9006a9280, skeyid_a 0x55a900622080, skeyid_e 0x55a9006acb70, enc_key 0x55a9006c2720 | DH_i: 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | DH_i: 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | DH_i: a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | DH_i: 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | DH_i: 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | DH_i: fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | DH_i: 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | DH_i: 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | DH_i: d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | DH_i: 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | DH_i: 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | DH_i: 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | DH_i: 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | DH_i: c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | DH_i: 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | DH_i: d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | DH_r: 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | DH_r: c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | DH_r: d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | DH_r: e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | DH_r: 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | DH_r: 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | DH_r: 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | DH_r: 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | DH_r: e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | DH_r: f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | DH_r: c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | DH_r: 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | DH_r: 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | DH_r: ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | DH_r: 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | DH_r: f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a9006cb8ec (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | new IV hash sha digest GR-bytes@0x55a9006cb9ec (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | new IV hash sha final chunk@0x7f14c00039e8 (length 20) | 5d c0 72 ff 13 af ff a1 4a a1 28 6e 13 5e 12 86 | 6b e1 ab de | crypto helper 5 finished compute dh+iv (V1 Phase 1) (main_inI2_outR2_tail); request ID 26 time elapsed 0.001729 seconds | (#23) spent 1.71 milliseconds in crypto helper computing work-order 26: main_inI2_outR2_tail (pcr) | crypto helper 5 sending results from work-order 26 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f14c0001fa8 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 26 | calling continuation function 0x55a8ffe8cb50 | main_inI2_outR2_calcdone for #23: calculate DH finished | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1015) | DH secret MODP2048@0x7f14bc0026e8: transferring ownership from helper IKEv1 DH+IV to state #23 | stop processing: state #23 connection "east" from 192.1.2.45:500 (in main_inI2_outR2_continue2() at ikev1_main.c:1028) | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.0215 milliseconds in resume sending helper answer | processing: STOP state #0 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14c0001fa8 | spent 0.00297 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 e4 e6 06 d9 | 10 17 ee df 5f 07 0d b8 63 40 37 47 ce f4 83 c2 | ed f5 f8 2f ad 91 ab 7a bf f8 1d 63 6f 82 75 67 | b5 82 2a 25 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_R2 (find_state_ikev1) | start processing: state #23 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | received encrypted packet from 192.1.2.45:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 5d c0 72 ff 13 af ff a1 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 6f 82 75 67 b5 82 2a 25 | decrypted payload (starts at offset -40): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 77 65 73 74 00 00 00 18 50 45 05 2e | d7 12 35 74 f9 e2 ee 65 ff 71 c9 e4 0f 3a a4 97 | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 77 65 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inI3_outR3' HASH payload not checked early "east" #23: Peer ID is ID_FQDN: '@west' | X509: no CERT payloads to process | refine_host_connection for IKEv1: starting with "east" | match_id a=@west | b=@west | results matched | refine_host_connection: checking "east" against "east", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) | Warning: not switching back to template of current instance | No IDr payload received from peer | refine_host_connection: checked east against east, now for see if best | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | returning because exact peer id match | offered CA: '%none' | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482658 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c80041f0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14c80041f0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x7f14c4003978 | hmac PRF sha update data-bytes@0x7f14c4003db8 (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | hmac PRF sha update data-bytes@0x55a9006c1160 (length 8) | da c7 ab 6d 01 b2 f8 c9 | hmac PRF sha update data-bytes@0x55a9006c1168 (length 8) | 6d ef 71 0c f6 3c c0 44 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f14b8002b7c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x55a9006c5518 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffef94827e0 (length 20) | 50 45 05 2e d7 12 35 74 f9 e2 ee 65 ff 71 c9 e4 | 0f 3a a4 97 | received 'Main' message HASH_I data ok | authentication succeeded | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 65 61 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a9006aad30 (size 20) | hmac: symkey-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006aad30 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94826f8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14c80041f0 from symkey-key@0x55a9006c4f70 | hmac prf: begin sha with context 0x7f14c80041f0 from symkey-key@0x55a9006c4f70 | hmac: release clone-key@0x55a9006c4f70 | hmac PRF sha crypt-prf@0x7f14c00039e8 | hmac PRF sha update data-bytes@0x7f14bc003618 (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | hmac PRF sha update data-bytes@0x7f14c4003db8 (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | hmac PRF sha update data-bytes@0x55a9006c1168 (length 8) | 6d ef 71 0c f6 3c c0 44 | hmac PRF sha update data-bytes@0x55a9006c1160 (length 8) | da c7 ab 6d 01 b2 f8 c9 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f14b8002b7c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x55a8fff8a8e0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffef9482a10 (length 20) | 90 6b c1 81 cc 48 f5 cf 3c 35 85 8d 56 b0 e7 90 | e4 b1 2c f4 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload | HASH_R 90 6b c1 81 cc 48 f5 cf 3c 35 85 8d 56 b0 e7 90 | HASH_R e4 b1 2c f4 | emitting length of ISAKMP Hash Payload: 24 | encrypting: 08 00 00 0c 02 00 00 00 65 61 73 74 00 00 00 18 | encrypting: 90 6b c1 81 cc 48 f5 cf 3c 35 85 8d 56 b0 e7 90 | encrypting: e4 b1 2c f4 | IV: 6f 82 75 67 b5 82 2a 25 | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: ae a7 26 1a fc db 67 ba | last encrypted block of Phase 1: | ae a7 26 1a fc db 67 ba | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 | parent state #23: MAIN_R2(open IKE SA) => MAIN_R3(established IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_R3: retransmits: cleared | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a9006ca7a8 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 68 bytes for STATE_MAIN_R2 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 73 e5 dc 5f | d1 39 97 05 65 f7 45 9b fe 78 6d 2c f9 51 3c 7e | ca dc bf 7f b3 b6 16 92 20 f7 09 69 ae a7 26 1a | fc db 67 ba | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a9006ca7a8 | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f14bc007988 size 128 | pstats #23 ikev1.isakmp established "east" #23: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #23 | #23 spent 0.621 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.765 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00239 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 ad 44 2b 49 | fa b3 bb 5c 86 37 b4 1d c0 e1 76 a3 7e 71 77 90 | 46 a7 65 ef 12 5f 50 84 70 25 d9 85 f0 c4 33 b0 | 58 27 18 00 28 b7 09 51 eb 33 17 4b 4c 00 fa 2c | c9 dd 10 1b 8b 7f 3f 2d ac f2 14 a9 77 3d 29 97 | ea d6 e8 51 8d 5e 55 a2 59 45 ac 49 f8 47 f7 c2 | fc 2d 51 1c 3d 96 85 4a 4a 55 e2 dc 88 76 46 fb | 46 1e 8c da 86 0b 9d dc 60 d0 1d f1 ad da b0 03 | e3 65 d1 fb 3d aa 03 a6 a1 76 21 fc 30 1e 90 70 | 88 b7 89 41 7f 41 63 6f cb dc 2a a2 49 66 38 86 | f0 4d bb e8 ad e4 41 b1 de af 39 d8 89 79 35 ff | f4 4a a5 a2 7f f6 da 50 36 0e 71 9e 1b 24 2b 4d | 37 7e 0e d2 18 28 64 e0 a9 82 ba 09 0d d6 39 b0 | e7 d7 03 8f 09 89 7a 6e 1f 52 23 b9 65 c8 79 ae | c5 16 d8 09 7b 23 be e3 ba 90 98 0f 00 3d 31 dc | 99 1e 7d ed f1 93 28 43 07 e8 b6 31 02 21 32 52 | 22 04 00 18 44 a4 08 c7 ef ca 23 98 b7 ba 62 d5 | 4f dd 7e e1 c5 6f a3 83 57 a4 95 56 fd 58 1a cd | b5 9e 6b 64 e0 08 e6 95 2b 2f 95 eb 8c f7 eb cb | ed df b5 09 63 85 ea 22 1e 98 fc 3b 14 c2 8c 18 | 91 a5 96 e1 54 88 12 f2 0c 4f 32 fc 33 7a 8c 82 | ae 12 6d 78 aa 42 e6 ed cb 7f fc 28 67 a6 26 7c | ba c6 71 af 24 a5 58 33 4f 78 6b 2b 90 fd ed ae | 3a f7 a5 b2 52 e0 e6 cb 5e a5 c1 c4 09 d7 fa 3f | b2 02 8e b4 0c 29 64 b3 a0 22 17 11 37 47 60 c4 | c9 aa bd 63 bc 1f 28 98 5c d0 7b 3b 1e 13 76 54 | 7c 21 66 93 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #23 in MAIN_R3 (find_state_ikev1) | start processing: state #23 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1607) | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | 3e f0 5c a0 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | 7b 2d 21 b9 e4 78 70 18 b8 5d d7 3a b2 e4 a1 7f | 21 17 89 bc | #23 is idle | #23 idle | received encrypted packet from 192.1.2.45:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 7b 2d 21 b9 e4 78 70 18 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 1e 13 76 54 7c 21 66 93 | decrypted payload (starts at offset -408): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 01 00 00 18 | 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 92 5f 64 98 | 13 da 3c 44 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 44 48 a7 7a 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 0b 71 ab f5 | a6 da 00 6c 13 7c 92 1d 86 09 54 bb 9a 5b f4 3c | 9a 58 e9 15 be 49 bd 30 18 9e da ee 05 00 01 04 | 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe | 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 | 3b df 0f c2 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 | 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 | 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 | ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba | 24 75 cb ea 88 11 7c 74 94 93 07 ff a4 7e 12 06 | 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 ae ed c7 eb | 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee 98 87 50 bd | 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad | 74 98 e9 15 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 | 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e | 86 9a 4e e4 a8 60 14 60 01 bf ef 26 25 44 b7 b1 | ae e6 4d b1 70 eb 88 fa 62 dd fc 03 47 11 06 9b | df cd 66 b9 74 3f b4 4c b3 82 31 35 51 82 94 d6 | c7 54 47 d0 7f 35 71 a8 2e da c5 69 2b 3c 21 ed | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1) prf: begin sha with context 0x7f14c80041f0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1): release clone-key@0x55a9006c4f70 | HASH(1) PRF sha crypt-prf@0x7f14c00039e8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update payload-bytes@0x55a9006c2bfc (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 44 48 a7 7a 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 0b 71 ab f5 a6 da 00 6c | 13 7c 92 1d 86 09 54 bb 9a 5b f4 3c 9a 58 e9 15 | be 49 bd 30 18 9e da ee 05 00 01 04 7e 6e e8 7e | 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe 62 ec 63 28 | de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 3b df 0f c2 | 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 55 bd 77 1a | 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 68 f2 06 79 | 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 ae 6e 1e d1 | 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba 24 75 cb ea | 88 11 7c 74 94 93 07 ff a4 7e 12 06 11 cf 0f 14 | be 3c dc b3 98 bf 6c 87 ae ed c7 eb 87 3c 4f 48 | e1 88 28 9b 31 0f 19 ee 98 87 50 bd 2b ed 25 b3 | a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad 74 98 e9 15 | 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 5f bd 5d 51 | 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e 86 9a 4e e4 | a8 60 14 60 01 bf ef 26 25 44 b7 b1 ae e6 4d b1 | 70 eb 88 fa 62 dd fc 03 47 11 06 9b df cd 66 b9 | 74 3f b4 4c b3 82 31 35 51 82 94 d6 c7 54 47 d0 | 7f 35 71 a8 2e da c5 69 2b 3c 21 ed 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 92 5f 64 98 | 13 da 3c 44 | quick_inI1_outR1 HASH(1): | 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 92 5f 64 98 | 13 da 3c 44 | received 'quick_inI1_outR1' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.1.0/24 | peer client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.2.0/24 | our client protocol/port is 0/0 "east" #23: the peer proposed: 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | find_client_connection starting with east | looking for 192.0.2.0/24:0/0 -> 192.0.1.0/24:0/0 | concrete checking against sr#0 192.0.2.0/24 -> 192.0.1.0/24 | client wildcard: no port wildcard: no virtual: no | creating state object #24 at 0x55a9006cade8 | State DB: adding IKEv1 state #24 in UNDEFINED | pstats #24 ikev1.ipsec started | duplicating state object #23 "east" as #24 for IPSEC SA | #24 setting local endpoint to 192.1.2.23:500 from #23.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a9006aad30 | duplicate_state: reference st_skey_d_nss-key@0x55a9006a9280 | duplicate_state: reference st_skey_ai_nss-key@0x55a900622080 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a9006acb70 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a9006c2720 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #23 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | start processing: state #24 connection "east" from 192.1.2.45:500 (in quick_inI1_outR1_tail() at ikev1_quick.c:1295) | child state #24: UNDEFINED(ignore) => QUICK_R0(established CHILD SA) | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 44 48 a7 7a | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe | 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 | 3b df 0f c2 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 | 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 | 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 | ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba | 24 75 cb ea 88 11 7c 74 94 93 07 ff a4 7e 12 06 | 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 ae ed c7 eb | 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee 98 87 50 bd | 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad | 74 98 e9 15 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 | 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e | 86 9a 4e e4 a8 60 14 60 01 bf ef 26 25 44 b7 b1 | ae e6 4d b1 70 eb 88 fa 62 dd fc 03 47 11 06 9b | df cd 66 b9 74 3f b4 4c b3 82 31 35 51 82 94 d6 | c7 54 47 d0 7f 35 71 a8 2e da c5 69 2b 3c 21 ed | adding quick_outI1 KE work-order 27 for state #24 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14c8004218 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #24 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2648) | crypto helper 3 resuming | suspending state #24 and saving MD | crypto helper 3 starting work-order 27 for state #24 | #24 is busy; has a suspended MD | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 27 | #23 spent 0.178 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #24 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | NSS: Value of Prime: | spent 0.456 milliseconds in comm_handle_cb() reading and processing packet | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f14b4005f58: created | NSS: Local DH MODP2048 secret (pointer): 0x7f14b4005f58 | NSS: Public DH wire value: | 08 c2 06 a8 9c 06 6a 98 da cd 33 53 b8 60 98 dd | e3 1d ab 27 8e fd f5 05 21 91 69 81 d0 4e 01 1b | d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 ac fe 54 82 | ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d | 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 | 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 | ce 0f da 53 60 a3 6a e5 92 be d0 fc 19 36 95 e9 | a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 | cb a6 2b 01 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 | 29 5f 25 62 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 | 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f | 59 bb 69 57 2c ca 49 e5 e5 db ce 51 63 01 9e 7b | 52 f2 3d 79 93 44 7e da 1f 32 9b e2 a3 05 ee bd | 76 ab 15 7d 49 7b 77 62 57 73 10 5a 4d 3c e2 db | e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 | 82 46 87 df 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 | Generated nonce: a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | Generated nonce: e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 27 time elapsed 0.000694 seconds | (#24) spent 0.693 milliseconds in crypto helper computing work-order 27: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 27 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f14b4003ad8 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 27 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue1 for #24: calculated ke+nonce, calculating DH | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f14b4005f58: transferring ownership from helper KE to state #24 | started looking for secret for @east->@west of kind PKK_PSK | actually looking for secret for @east->@west of kind PKK_PSK | line 1: key type PKK_PSK(@east) to type PKK_PSK | 1: compared key @west to @east / @west -> 004 | 2: compared key @east to @east / @west -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a900617c48 (line=1) | concluding with best_match=014 best=0x55a900617c48 (lineno=1) | DH secret MODP2048@0x7f14b4005f58: transferring ownership from state #24 to helper IKEv1 DH | adding quick outR1 DH work-order 28 for state #24 | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14c8004218 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f14c8004218 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x55a9006c2918 size 128 | suspending state #24 and saving MD | #24 is busy; has a suspended MD | resume sending helper answer for #24 suppresed complete_v1_state_transition() and stole MD | crypto helper 6 resuming | #24 spent 0.0502 milliseconds in resume sending helper answer | crypto helper 6 starting work-order 28 for state #24 | stop processing: state #24 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 28 | libevent_free: release ptr-libevent@0x7f14b4003ad8 | peer's g: 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe | peer's g: 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 | peer's g: 3b df 0f c2 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 | peer's g: 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 | peer's g: 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 | peer's g: ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba | peer's g: 24 75 cb ea 88 11 7c 74 94 93 07 ff a4 7e 12 06 | peer's g: 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 ae ed c7 eb | peer's g: 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee 98 87 50 bd | peer's g: 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad | peer's g: 74 98 e9 15 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 | peer's g: 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e | peer's g: 86 9a 4e e4 a8 60 14 60 01 bf ef 26 25 44 b7 b1 | peer's g: ae e6 4d b1 70 eb 88 fa 62 dd fc 03 47 11 06 9b | peer's g: df cd 66 b9 74 3f b4 4c b3 82 31 35 51 82 94 d6 | peer's g: c7 54 47 d0 7f 35 71 a8 2e da c5 69 2b 3c 21 ed | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f14b4005f58: computed shared DH secret key@0x55a9006c4f70 | dh-shared : g^ir-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outR1 DH); request ID 28 time elapsed 0.0007 seconds | (#24) spent 0.687 milliseconds in crypto helper computing work-order 28: quick outR1 DH (pcr) | crypto helper 6 sending results from work-order 28 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f14b8002888 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 28 | calling continuation function 0x55a8ffe8cb50 | quick_inI1_outR1_cryptocontinue2 for #24: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 44 48 a7 7a | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x909095ca for esp.0@192.1.2.23 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 90 90 95 ca | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | emitting 20 raw bytes of attributes into ISAKMP Transform Payload (ESP) | attributes 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | attributes 80 05 00 02 | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 "east" #24: responding to Quick Mode proposal {msgid:3ef05ca0} "east" #24: us: 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east] "east" #24: them: 192.1.2.45<192.1.2.45>[@west]===192.0.1.0/24 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Nr into ISAKMP Nonce Payload | Nr a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | Nr e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | emitting length of ISAKMP Nonce Payload: 36 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 08 c2 06 a8 9c 06 6a 98 da cd 33 53 b8 60 98 dd | keyex value e3 1d ab 27 8e fd f5 05 21 91 69 81 d0 4e 01 1b | keyex value d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 ac fe 54 82 | keyex value ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d | keyex value 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 | keyex value 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 | keyex value ce 0f da 53 60 a3 6a e5 92 be d0 fc 19 36 95 e9 | keyex value a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 | keyex value cb a6 2b 01 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 | keyex value 29 5f 25 62 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 | keyex value 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f | keyex value 59 bb 69 57 2c ca 49 e5 e5 db ce 51 63 01 9e 7b | keyex value 52 f2 3d 79 93 44 7e da 1f 32 9b e2 a3 05 ee bd | keyex value 76 ab 15 7d 49 7b 77 62 57 73 10 5a 4d 3c e2 db | keyex value e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 | keyex value 82 46 87 df 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 | emitting length of ISAKMP Key Exchange Payload: 260 | DH secret MODP2048@0x7f14b4005f58: transferring ownership from helper IKEv1 DH to state #24 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 01 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 8 raw bytes of ID body into ISAKMP Identification Payload (IPsec DOI) | ID body c0 00 02 00 ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482648 | result: clone-key@0x55a9006a3700 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006a3700 | HASH(1) prf: begin sha with context 0x7f14cc002b50 from SKEYID_a-key@0x55a9006a3700 | HASH(1): release clone-key@0x55a9006a3700 | HASH(1) PRF sha crypt-prf@0x55a9006c1aa8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948272c (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | HASH(1) PRF sha update payload-bytes@0x55a8fff8a8f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 90 90 95 ca 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 a0 84 fb db d8 f7 98 80 | f2 e0 15 e6 d6 79 5d 81 e0 9c f6 60 55 5b b7 76 | 2a 74 47 d3 5b e8 33 5e 05 00 01 04 08 c2 06 a8 | 9c 06 6a 98 da cd 33 53 b8 60 98 dd e3 1d ab 27 | 8e fd f5 05 21 91 69 81 d0 4e 01 1b d5 a1 62 01 | dc fe 3a 97 fa c5 3b 71 ac fe 54 82 ff 0d bd 18 | 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d 80 ec 8f 72 | 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 95 8d 3a 47 | 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 ce 0f da 53 | 60 a3 6a e5 92 be d0 fc 19 36 95 e9 a3 83 9c 14 | e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 cb a6 2b 01 | 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 29 5f 25 62 | 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 00 30 48 6e | 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f 59 bb 69 57 | 2c ca 49 e5 e5 db ce 51 63 01 9e 7b 52 f2 3d 79 | 93 44 7e da 1f 32 9b e2 a3 05 ee bd 76 ab 15 7d | 49 7b 77 62 57 73 10 5a 4d 3c e2 db e0 1f f4 43 | 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 82 46 87 df | 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a8fff8a8e0 (length 20) | 37 6e ce b6 e9 cc 59 81 36 92 32 32 30 e6 9e 56 | 2b 4f d3 7b | quick inR1 outI2 HASH(2): | 37 6e ce b6 e9 cc 59 81 36 92 32 32 30 e6 9e 56 | 2b 4f d3 7b | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006a3700 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac: release clone-key@0x55a9006a3700 | hmac PRF sha crypt-prf@0x7f14c4003978 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c8004ec8 | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006caff0 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x55a9006cafd0 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f14c0002b78 (length 20) | 1e 2c 01 c6 aa 26 74 ca c7 f2 b0 ce 0f 1c 76 c0 | 1f 03 0b 70 | hmac PRF sha final-bytes@0x55a9006bf2c8 (length 20) | 52 b8 cc 80 6e 2f 75 68 bd 3b e1 e7 6d cd af b3 | 5e e5 fc 47 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c80031d8 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006a3700 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac: release clone-key@0x55a9006a3700 | hmac PRF sha crypt-prf@0x55a9006c1aa8 | hmac PRF sha update data-bytes@0x7f14c0002b78 (length 20) | 1e 2c 01 c6 aa 26 74 ca c7 f2 b0 ce 0f 1c 76 c0 | 1f 03 0b 70 | hmac PRF sha update data-bytes@0x55a9006bf2c8 (length 20) | 52 b8 cc 80 6e 2f 75 68 bd 3b e1 e7 6d cd af b3 | 5e e5 fc 47 | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006caff0 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x55a9006cafd0 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f14c0002b8c (length 20) | ed a7 4f 52 24 32 59 97 cc 2e b7 e6 05 7f ae 7e | 17 70 ed 66 | hmac PRF sha final-bytes@0x55a9006bf2dc (length 20) | b0 25 51 57 9c 8b 26 de f5 9e c3 74 70 77 96 ef | 23 b8 f8 1e | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006a3700 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac prf: begin sha with context 0x7f14cc002b50 from symkey-key@0x55a9006a3700 | hmac: release clone-key@0x55a9006a3700 | hmac PRF sha crypt-prf@0x7f14c4003978 | hmac PRF sha init symkey-key@0x55a9006a9280 (size 20) | hmac: symkey-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a9006a9280 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94825c8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac prf: begin sha with context 0x55a9006c18b0 from symkey-key@0x55a9006ac790 | hmac: release clone-key@0x55a9006ac790 | hmac PRF sha crypt-prf@0x7f14c8004ec8 | hmac PRF sha update data-bytes@0x7f14c0002b8c (length 20) | ed a7 4f 52 24 32 59 97 cc 2e b7 e6 05 7f ae 7e | 17 70 ed 66 | hmac PRF sha update data-bytes@0x55a9006bf2dc (length 20) | b0 25 51 57 9c 8b 26 de f5 9e c3 74 70 77 96 ef | 23 b8 f8 1e | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x7f14c8000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a9006c4f70 (size 256) | hmac: g^xy-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a9006c4f70 | nss hmac digest hack: symkey-key@0x55a9006c4f70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a90061bec0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a9006a5fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1105199: 3f 0a 9e b4 70 7b d4 e4 33 b3 34 50 10 f0 10 7e 59 43 b7 f2 3a 44 02 4a e7 7d b9 79 7d 0b a1 1c 82 bf 00 f1 57 a8 fe c5 23 43 1b a9 6b bf 71 a8 45 6f 24 3f a0 ae 82 1e 60 86 6b 36 5a b4 3c 40 62 6e 3c e7 e0 31 e6 a0 b9 ae 7f 68 e7 48 e2 aa 56 c3 50 96 14 6b 9a 62 2f d1 de 21 c5 f4 aa c0 db 40 aa 31 c4 6b 66 e1 b5 88 ac 89 b8 53 45 58 63 17 9b 24 2a 1b 21 6b 7a 1c 8c 8e a9 66 c4 ff 76 8e 8e 34 29 9c 0d 01 7c 49 72 67 2b a7 00 63 d5 dd 59 49 c2 ec 05 21 a7 0c d0 48 ff fc 0a 94 6d 58 c9 f0 3e 70 77 ab 3b 48 f8 90 2d e4 26 1d 36 6d 17 fa 51 46 a5 3d 3c f4 f4 81 89 4d 2b c0 ad d7 1e f8 7d 52 0a 0f 33 85 b9 bd 50 22 ab 41 22 0b 56 50 ea 2a e6 9b 34 1f c1 ce 04 b7 bc 4b c2 2c 82 46 51 da bb 6b 8e 12 7b 07 96 eb 88 08 e4 00 38 d0 81 0f af b9 55 2c 53 43 ce 9d f9 90 | nss hmac digest hack: release slot-key-key@0x55a9006a5fa0 | nss hmac digest hack extracted len 256 bytes at 0x55a9006c0a98 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffef94826fc (length 1) | 03 | hmac PRF sha update data-bytes@0x55a9006caff0 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x55a9006cafd0 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f14c0002ba0 (length 20) | 35 32 81 b5 fd 2a 79 23 62 a4 99 e1 1b 4a 0a 38 | 4a d7 05 97 | hmac PRF sha final-bytes@0x55a9006bf2f0 (length 20) | ca 17 64 0d a4 07 de 9d 29 f3 c5 e9 ea b1 19 8d | 6e a3 2f e1 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self | install_inbound_ipsec_sa() checking if we can route | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | routing is easy, or has resolvable near-conflict | checking if this is a replacement state | st=0x55a9006cade8 ost=(nil) st->serialno=#24 ost->serialno=#0 | installing outgoing SA now as refhim=0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.4448a77a@192.1.2.45 included non-error error | outgoing SA has refhim=0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'east' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.909095ca@192.1.2.23 included non-error error | priority calculation of connection "east" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | encrypting: 01 00 00 18 37 6e ce b6 e9 cc 59 81 36 92 32 32 | encrypting: 30 e6 9e 56 2b 4f d3 7b 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 90 90 95 ca | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | encrypting: e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | encrypting: 05 00 01 04 08 c2 06 a8 9c 06 6a 98 da cd 33 53 | encrypting: b8 60 98 dd e3 1d ab 27 8e fd f5 05 21 91 69 81 | encrypting: d0 4e 01 1b d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 | encrypting: ac fe 54 82 ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 | encrypting: e2 06 fc 1d 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 | encrypting: 2e 91 ae 13 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 | encrypting: e0 57 ea 64 ce 0f da 53 60 a3 6a e5 92 be d0 fc | encrypting: 19 36 95 e9 a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 | encrypting: 9f 85 c2 95 cb a6 2b 01 8d 27 ae e7 ea bf e8 92 | encrypting: 2c 5e 03 38 29 5f 25 62 2d 03 75 18 21 ff 00 60 | encrypting: a9 6f 5b d1 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a | encrypting: 1b d4 c5 0f 59 bb 69 57 2c ca 49 e5 e5 db ce 51 | encrypting: 63 01 9e 7b 52 f2 3d 79 93 44 7e da 1f 32 9b e2 | encrypting: a3 05 ee bd 76 ab 15 7d 49 7b 77 62 57 73 10 5a | encrypting: 4d 3c e2 db e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 | encrypting: ef e5 4f b9 82 46 87 df 96 1d 5c 7b 86 ca db 9c | encrypting: 30 d6 1e 91 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 1e 13 76 54 7c 21 66 93 | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 2f 95 23 d6 69 f8 86 ab | finished processing quick inI1 | complete v1 state transition with STF_OK | [RE]START processing: state #24 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #24 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 | child state #24: QUICK_R0(established CHILD SA) => QUICK_R1(established CHILD SA) | event_already_set, deleting event | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a9006c2918 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f14c8004218 | sending reply packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 436 bytes for STATE_QUICK_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #24) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 ee 2a ed d6 | 48 ae 98 0d 29 80 85 c4 41 c7 0d 08 0d 75 d1 8b | fb 41 b3 75 cb 52 25 03 19 6f aa d3 22 a0 18 a6 | 55 f7 80 6c 3d 9c a6 22 e7 61 35 3a b1 fd 0c 9c | e3 1d 35 4d 15 dd eb 1d a0 fa dd 81 a1 ac 94 87 | d0 e1 94 df de 0a cc 61 55 22 87 1d d5 7c 17 02 | 73 6c 58 d4 84 81 bb 2d b6 b5 d4 9e 2a 82 d4 be | cf 55 22 4b d3 cd a4 93 fb 2b 09 ab 7b e9 44 0d | c6 f9 0b 6f 50 be 02 aa e2 21 e8 88 b1 80 2b ee | 3a 7d 69 db d2 74 b1 e9 20 47 7e 54 bf 4b 2a 8d | 09 02 3d ff de dd 72 f6 09 42 06 9f f0 af 54 5c | 46 66 f8 35 20 5e 78 b4 cd 0a f2 8f 78 e1 71 37 | c5 dd 40 9a 92 65 1f c8 d1 a8 8e 9d 4d 1f 4a ed | 89 a2 1a ca 6b d7 57 b9 58 98 ee bc 08 62 10 16 | 24 ae e8 ec d9 33 9b cc ad d1 88 c9 fd 32 cb 68 | db 21 cb 86 2f 93 ce 41 8d 50 52 6d db 6c 58 af | b9 29 b3 b6 d4 c5 ef 7c 19 88 55 97 7a cc 23 60 | ef 72 04 63 91 00 be 5b a2 00 14 54 b8 56 b5 51 | 02 4e 17 87 47 4a 5d 67 aa 01 de 60 90 ae 77 01 | af 08 cd 5d 82 df c3 39 b6 38 51 6f e4 41 b7 14 | a2 d6 06 1e 6a 30 f2 ff 2d bb a4 31 93 e4 3b 62 | 2b af 52 47 da 88 d0 7e 15 48 9f 71 2a 1e 67 90 | 44 70 d4 31 22 76 33 d9 01 5f c4 7b 30 9d e2 b7 | 23 c3 c1 ad 65 24 b2 7e 5b 03 0d 5c 3a f7 cb 5e | e0 17 06 e9 cb e7 29 34 4e 69 5e f5 a6 6c b6 91 | 46 29 6a 67 ee 4d 1e 41 87 15 6d 8f 2f 95 23 d6 | 69 f8 86 ab | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x7f14c8004218 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f14b4003ad8 size 128 | #24 STATE_QUICK_R1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.666728 | pstats #24 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #24: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 tunnel mode {ESP=>0x4448a77a <0x909095ca xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 1.65 milliseconds in resume sending helper answer | stop processing: state #24 connection "east" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f14b8002888 | spent 0.00297 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 52 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 00 34 5f f6 b0 34 | a2 60 33 8a 9c 2b f2 c3 b9 c5 0e cc 42 0e 5e 9c | 1c c7 b3 bb | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | length: 52 (0x34) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #24 in QUICK_R1 (find_state_ikev1) | start processing: state #24 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1633) | #24 is idle | #24 idle | received encrypted packet from 192.1.2.45:500 | decrypting 24 bytes using algorithm 3DES_CBC | IV before: 2f 95 23 d6 69 f8 86 ab | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 42 0e 5e 9c 1c c7 b3 bb | decrypted payload (starts at offset -24): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 00 34 00 00 00 18 | a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 bf 4d 95 60 | aa 86 92 3c | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c1690 from SKEYID_a-key@0x55a9006ac790 | HASH(1) prf: begin sha with context 0x55a9006c1690 from SKEYID_a-key@0x55a9006ac790 | HASH(1): release clone-key@0x55a9006ac790 | HASH(1) PRF sha crypt-prf@0x7f14c80031d8 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f14c00039e8 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | HASH(1) PRF sha update Nr_b-bytes@0x7f14b40030c8 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 bf 4d 95 60 | aa 86 92 3c | quick_inI2 HASH(3): | a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 bf 4d 95 60 | aa 86 92 3c | received 'quick_inI2' message HASH(3) data ok | install_ipsec_sa() for #24: outbound only | could_route called for east (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | sr for #24: prospective erouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" prospective erouted: self; eroute owner: self | route_and_eroute with c: east (next: none) ero:east esr:{(nil)} ro:east rosr:{(nil)} and state: #24 | priority calculation of connection "east" is 0xfe7e7 | eroute_connection replace eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45>tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x4448a77a SPI_OUT=0x909 | popen cmd is 1020 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' : | cmd( 160):PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1638: | cmd( 320):8' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKE: | cmd( 640):V1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO: | cmd( 720):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_IN: | cmd( 800):FO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_: | cmd( 880):CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED=: | cmd( 960):'no' SPI_IN=0x4448a77a SPI_OUT=0x909095ca ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | route_and_eroute: instance "east", setting eroute_owner {spd=0x55a9006be648,sr=0x55a9006be648} to #24 (was #0) (newest_ipsec_sa=#0) | #23 spent 0.69 milliseconds in install_ipsec_sa() | inI2: instance east[0], setting IKEv1 newest_ipsec_sa to #24 (was #0) (spd.eroute=#24) cloned from #23 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #24 connection "east" from 192.1.2.45:500 (in complete_v1_state_transition() at ikev1.c:2673) | #24 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 | child state #24: QUICK_R1(established CHILD SA) => QUICK_R2(established CHILD SA) | event_already_set, deleting event | state #24 requesting EVENT_RETRANSMIT to be deleted | #24 STATE_QUICK_R2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f14b4003ad8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f14c8004218 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f14c8004218 | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f14b8002888 size 128 | pstats #24 ikev1.ipsec established | NAT-T: encaps is 'auto' "east" #24: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x4448a77a <0x909095ca xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | #24 spent 0.762 milliseconds in process_packet_tail() | stop processing: from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #24 connection "east" from 192.1.2.45:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.97 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00342 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00278 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 c0 25 9f b7 00 00 00 44 6e 73 e6 9e | ed 98 c7 37 3c 2b 06 b8 31 b3 1a c8 c7 31 d7 b4 | 64 fb b1 94 7a 07 ce 81 62 38 8b c3 d1 b2 d2 05 | 25 49 45 90 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3223691191 (0xc0259fb7) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #24; msgid=00000000 st_msgid=3ef05ca0 st_msgid_phase15=00000000 | peer and cookies match on #23; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #23 found, in STATE_MAIN_R3 | State DB: found IKEv1 state #23 in MAIN_R3 (find_v1_info_state) | start processing: state #23 connection "east" from 192.1.2.45:500 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef9482f4c (length 4) | c0 25 9f b7 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | d8 56 99 9a f2 f2 1f 46 5c 5f e9 e9 6b 78 35 82 | 21 c2 54 cd | #23 is idle | #23 idle | received encrypted packet from 192.1.2.45:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: d8 56 99 9a f2 f2 1f 46 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: d1 b2 d2 05 25 49 45 90 | decrypted payload (starts at offset -40): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 c0 25 9f b7 00 00 00 44 0c 00 00 18 | c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b 21 2e 02 c3 | 06 73 99 a1 00 00 00 10 00 00 00 01 03 04 00 01 | 44 48 a7 7a | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_D (0xc) | length: 24 (0x18) | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0 | ***parse ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9482ca8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006ac790 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006ac790 | HASH(1): release clone-key@0x55a9006ac790 | HASH(1) PRF sha crypt-prf@0x7f14c80031d8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef9482d8c (length 4) | c0 25 9f b7 | HASH(1) PRF sha update payload-bytes@0x55a9006c552c (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 44 48 a7 7a | HASH(1) PRF sha final-bytes@0x7ffef9482e10 (length 20) | c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b 21 2e 02 c3 | 06 73 99 a1 | informational HASH(1): | c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b 21 2e 02 c3 | 06 73 99 a1 | received 'informational' message HASH(1) data ok | parsing 4 raw bytes of ISAKMP Delete Payload into SPI | SPI 44 48 a7 7a | FOR_EACH_STATE_... in find_phase2_state_to_delete | start processing: connection "east" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515) "east" #23: received Delete SA(0x4448a77a) payload: deleting IPsec State #24 | pstats #24 ikev1.ipsec deleted completed | suspend processing: state #23 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) | start processing: state #24 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #24: deleting other state #24 (STATE_QUICK_R2) aged 0.062s and sending notification | child state #24: QUICK_R2(established CHILD SA) => delete | get_sa_info esp.4448a77a@192.1.2.45 | get_sa_info esp.909095ca@192.1.2.23 "east" #24: ESP traffic information: in=84B out=84B | #24 send IKEv1 delete notification for STATE_QUICK_R2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 827947480 (0x315979d8) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 90 90 95 ca | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef94804e8 | result: clone-key@0x55a9006ac790 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006ac790 | HASH(1) prf: begin sha with context 0x55a9006c18b0 from SKEYID_a-key@0x55a9006ac790 | HASH(1): release clone-key@0x55a9006ac790 | HASH(1) PRF sha crypt-prf@0x7f14c8004ec8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef94805cc (length 4) | 31 59 79 d8 | HASH(1) PRF sha update payload-bytes@0x7ffef9480974 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 90 90 95 ca | HASH(1) PRF sha final-bytes@0x7ffef9480960 (length 20) | 34 f2 85 a0 ad 9d f0 14 bd 80 42 5c 15 36 b9 5e | 6f 37 77 5f | send delete HASH(1): | 34 f2 85 a0 ad 9d f0 14 bd 80 42 5c 15 36 b9 5e | 6f 37 77 5f | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef94805dc (length 4) | 31 59 79 d8 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | ba 77 2e f6 47 21 ef 12 2b 89 f8 41 da d3 34 c2 | a6 86 f1 b0 | encrypting: 0c 00 00 18 34 f2 85 a0 ad 9d f0 14 bd 80 42 5c | encrypting: 15 36 b9 5e 6f 37 77 5f 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 90 90 95 ca | IV: ba 77 2e f6 47 21 ef 12 2b 89 f8 41 da d3 34 c2 | IV: a6 86 f1 b0 | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 49 a0 7b a3 8d 8a 4d 39 | sending 68 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 31 59 79 d8 00 00 00 44 e3 22 1f b2 | 59 77 9a 28 0a 4b 57 5d 2e f4 2d 4d 20 a8 bb 1e | f7 d9 8b 12 09 35 f2 ef 91 8d 06 a9 49 a0 7b a3 | 8d 8a 4d 39 | state #24 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14b8002888 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f14c8004218 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844018' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x4448a77a | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east: | cmd( 160):' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844018' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x4448a77a SPI_OUT=0x909095ca ipsec _updown 2>&1: | shunt_eroute() called for connection 'east' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.4448a77a@192.1.2.45 | netlink response for Del SA esp.4448a77a@192.1.2.45 included non-error error | priority calculation of connection "east" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.909095ca@192.1.2.23 | netlink response for Del SA esp.909095ca@192.1.2.23 included non-error error | stop processing: connection "east" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection east | State DB: deleting IKEv1 state #24 in QUICK_R2 | child state #24: QUICK_R2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14b4005f58: destroyed | stop processing: state #24 from 192.1.2.45:500 (in delete_state() at state.c:1143) | resume processing: state #23 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006c4f70 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006c2720 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | connection 'east' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #23 | state #22 | suspend processing: state #23 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #22 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #22 ikev1.isakmp deleted other | [RE]START processing: state #22 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #22: deleting state (STATE_MAIN_R0) aged 0.523s and NOT sending notification | parent state #22: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #22 in MAIN_R0 | parent state #22: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #22 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #23 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #21 | suspend processing: state #23 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #21 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #21 ikev1.isakmp deleted other | [RE]START processing: state #21 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #21: deleting state (STATE_MAIN_R0) aged 1.024s and NOT sending notification | parent state #21: MAIN_R0(half-open IKE SA) => delete | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #21 in MAIN_R0 | parent state #21: MAIN_R0(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #21 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | resume processing: state #23 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #23 | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #23 ikev1.isakmp deleted completed | [RE]START processing: state #23 connection "east" from 192.1.2.45:500 (in delete_state() at state.c:879) "east" #23: deleting state (STATE_MAIN_R3) aged 0.083s and sending notification | parent state #23: MAIN_R3(established IKE SA) => delete | #23 send IKEv1 delete notification for STATE_MAIN_R3 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 235834792 (0xe0e8da8) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI da c7 ab 6d 01 b2 f8 c9 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 6d ef 71 0c f6 3c c0 44 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a900622080 (size 20) | HASH(1): SKEYID_a-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a900622080 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffef9480488 | result: clone-key@0x55a9006c4f70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a9006bf2a0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1) prf: begin sha with context 0x55a9006bf2a0 from SKEYID_a-key@0x55a9006c4f70 | HASH(1): release clone-key@0x55a9006c4f70 | HASH(1) PRF sha crypt-prf@0x7f14c80031d8 | HASH(1) PRF sha update M-ID-bytes@0x7ffef948056c (length 4) | 0e 0e 8d a8 | HASH(1) PRF sha update payload-bytes@0x7ffef9480914 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 da c7 ab 6d | 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | HASH(1) PRF sha final-bytes@0x7ffef9480900 (length 20) | e4 2c c9 95 67 55 6f 54 1d fe 3b 3c 52 c5 9f 77 | f5 01 74 17 | send delete HASH(1): | e4 2c c9 95 67 55 6f 54 1d fe 3b 3c 52 c5 9f 77 | f5 01 74 17 | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a9006c1058 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffef948057c (length 4) | 0e 0e 8d a8 | Phase 2 IV hash sha final bytes@0x55a9006c0fd8 (length 20) | a8 d1 57 c3 b0 bc 45 bb bb 18 ee 17 28 57 8d 86 | d9 82 75 f5 | encrypting: 0c 00 00 18 e4 2c c9 95 67 55 6f 54 1d fe 3b 3c | encrypting: 52 c5 9f 77 f5 01 74 17 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c | encrypting: f6 3c c0 44 | IV: a8 d1 57 c3 b0 bc 45 bb bb 18 ee 17 28 57 8d 86 | IV: d9 82 75 f5 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: b8 17 93 e3 ba ee 86 bf | sending 84 bytes for delete notify through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 0e 0e 8d a8 00 00 00 54 7c 29 78 5a | 41 ef eb 2f 68 b5 01 3c 6c 15 08 25 f6 a7 4c 1f | cc da 1b a4 11 20 ad 9e cd 87 4c 46 d0 e3 4c b6 | 40 c1 5d fd 49 21 7d 18 3f a1 b2 3f b8 17 93 e3 | ba ee 86 bf | state #23 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f14bc007988 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a9006ca7a8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection east | State DB: deleting IKEv1 state #23 in MAIN_R3 | parent state #23: MAIN_R3(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f14bc0026e8: destroyed | stop processing: state #23 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a9006bd630 | delete_state: release st->st_skeyid_nss-key@0x55a9006aad30 | delete_state: release st->st_skey_d_nss-key@0x55a9006a9280 | delete_state: release st->st_skey_ai_nss-key@0x55a900622080 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a9006acb70 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a9006c2720 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2556) | processing: STOP connection NULL (in accept_delete() at ikev1_main.c:2559) | del: | in statetime_start() with no state | complete v1 state transition with STF_IGNORE | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 1.87 milliseconds in comm_handle_cb() reading and processing packet | spent 0.00153 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 3f b1 1c 72 00 00 00 54 d2 38 2f 68 | 23 4b c6 cc 77 2c 09 0c 93 30 97 56 fb d9 b8 ff | 6b 7d 36 ae ec ea 79 3b cb 9c 7f 55 48 b7 a5 52 | 6c ca b6 03 4e 0b 13 39 d0 45 a5 05 89 4a c0 5e | 2d cf cb 87 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1068571762 (0x3fb11c72) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x3fb11c72 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | da c7 ab 6d 01 b2 f8 c9 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 6d ef 71 0c f6 3c c0 44 | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0812 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00418 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.387 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | start processing: connection "east" (in delete_connection() at connections.c:189) | Deleting states for connection - including all other IPsec SA's of this IKE SA | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'east' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "east" is 0xfe7e7 | priority calculation of connection "east" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn east mark 0/00000000, 0/00000000 vs | conn east mark 0/00000000, 0/00000000 | route owner of "east" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@east' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='east' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='@e: | cmd( 160):ast' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='@west' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. "east": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a9006bf198 | flush revival: connection 'east' wasn't on the list | stop processing: connection "east" (in discard_connection() at connections.c:249) | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.2.254:4500 shutting down interface eth0/eth0 192.0.2.254:500 shutting down interface eth1/eth1 192.1.2.23:4500 shutting down interface eth1/eth1 192.1.2.23:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x55a9006b1e58 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdb68 | libevent_free: release ptr-libevent@0x55a9006457d8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdc18 | libevent_free: release ptr-libevent@0x55a900647e18 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdcc8 | libevent_free: release ptr-libevent@0x55a9006490c8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bdd78 | libevent_free: release ptr-libevent@0x55a90061c4e8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bde28 | libevent_free: release ptr-libevent@0x55a90061c1d8 | free_event_entry: release EVENT_NULL-pe@0x55a9006bded8 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x55a9006b1f08 | free_event_entry: release EVENT_NULL-pe@0x55a9006a5c48 | libevent_free: release ptr-libevent@0x55a900647388 | free_event_entry: release EVENT_NULL-pe@0x55a9006a5bd8 | libevent_free: release ptr-libevent@0x55a9006894a8 | free_event_entry: release EVENT_NULL-pe@0x55a9006a5098 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x55a900644ee8 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x55a90064daa8 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x55a9006bd348 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x55a9006bd588 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x55a9006bd458 | libevent_free: release ptr-libevent@0x55a9006a0518 | libevent_free: release ptr-libevent@0x55a9006a04c8 | libevent_free: release ptr-libevent@0x7f14c8003e78 | libevent_free: release ptr-libevent@0x55a9006a0418 | libevent_free: release ptr-libevent@0x55a9006bd0d8 | libevent_free: release ptr-libevent@0x55a9006bd288 | libevent_free: release ptr-libevent@0x55a9006a06c8 | libevent_free: release ptr-libevent@0x55a9006a5868 | libevent_free: release ptr-libevent@0x55a9006a5d58 | libevent_free: release ptr-libevent@0x55a9006bdf48 | libevent_free: release ptr-libevent@0x55a9006bde98 | libevent_free: release ptr-libevent@0x55a9006bdde8 | libevent_free: release ptr-libevent@0x55a9006bdd38 | libevent_free: release ptr-libevent@0x55a9006bdc88 | libevent_free: release ptr-libevent@0x55a9006bdbd8 | libevent_free: release ptr-libevent@0x55a900644018 | libevent_free: release ptr-libevent@0x55a9006bd308 | libevent_free: release ptr-libevent@0x55a9006bd2c8 | libevent_free: release ptr-libevent@0x55a9006bd248 | libevent_free: release ptr-libevent@0x55a9006bd418 | libevent_free: release ptr-libevent@0x55a9006bd118 | libevent_free: release ptr-libevent@0x55a90061b908 | libevent_free: release ptr-libevent@0x55a90061bd38 | libevent_free: release ptr-libevent@0x55a900644388 | releasing global libevent data | libevent_free: release ptr-libevent@0x55a90061bba8 | libevent_free: release ptr-libevent@0x55a90061bcd8 | libevent_free: release ptr-libevent@0x55a90061bdd8 leak detective found no leaks