FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:4988 core dump dir: /tmp secrets file: /etc/ipsec.secrets leak-detective enabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x55a4ef9d4ba8 size 40 | libevent_malloc: new ptr-libevent@0x55a4ef9d4cd8 size 40 | libevent_malloc: new ptr-libevent@0x55a4ef9d4dd8 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x55a4efa59488 size 56 | libevent_malloc: new ptr-libevent@0x55a4ef9fd418 size 664 | libevent_malloc: new ptr-libevent@0x55a4efa594f8 size 24 | libevent_malloc: new ptr-libevent@0x55a4efa59548 size 384 | libevent_malloc: new ptr-libevent@0x55a4efa59448 size 16 | libevent_malloc: new ptr-libevent@0x55a4ef9d4908 size 40 | libevent_malloc: new ptr-libevent@0x55a4ef9d4d38 size 48 | libevent_realloc: new ptr-libevent@0x55a4ef9fd0a8 size 256 | libevent_malloc: new ptr-libevent@0x55a4efa596f8 size 16 | libevent_free: release ptr-libevent@0x55a4efa59488 | libevent initialized | libevent_realloc: new ptr-libevent@0x55a4efa59488 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds | encryption algorithm assertion checks | encryption algorithm AES_CCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 ESP ID id: 16 enum name: AES_CCM_C | IKEv2 ID id: 16 enum name: AES_CCM_C | encryption algorithm AES_CCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 ESP ID id: 15 enum name: AES_CCM_B | IKEv2 ID id: 15 enum name: AES_CCM_B | encryption algorithm AES_CCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 ESP ID id: 14 enum name: AES_CCM_A | IKEv2 ID id: 14 enum name: AES_CCM_A | encryption algorithm 3DES_CBC, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 3, IKEv2 id: 3 | IKEv1 OAKLEY ID id: 5 enum name: 3DES_CBC | IKEv1 ESP ID id: 3 enum name: 3DES | IKEv2 ID id: 3 enum name: 3DES | encryption algorithm CAMELLIA_CTR, IKEv1 OAKLEY id: 24, IKEv1 ESP_INFO id: 24, IKEv2 id: 24 | IKEv1 OAKLEY ID id: 24 enum name: CAMELLIA_CTR | IKEv1 ESP ID id: 24 enum name: CAMELLIA_CTR | IKEv2 ID id: 24 enum name: CAMELLIA_CTR | encryption algorithm CAMELLIA_CBC, IKEv1 OAKLEY id: 8, IKEv1 ESP_INFO id: 22, IKEv2 id: 23 | IKEv1 OAKLEY ID id: 8 enum name: CAMELLIA_CBC | IKEv1 ESP ID id: 22 enum name: CAMELLIA | IKEv2 ID id: 23 enum name: CAMELLIA_CBC | encryption algorithm AES_GCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 20, IKEv2 id: 20 | IKEv1 ESP ID id: 20 enum name: AES_GCM_C | IKEv2 ID id: 20 enum name: AES_GCM_C | encryption algorithm AES_GCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 19, IKEv2 id: 19 | IKEv1 ESP ID id: 19 enum name: AES_GCM_B | IKEv2 ID id: 19 enum name: AES_GCM_B | encryption algorithm AES_GCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 ESP ID id: 18 enum name: AES_GCM_A | IKEv2 ID id: 18 enum name: AES_GCM_A | encryption algorithm AES_CTR, IKEv1 OAKLEY id: 13, IKEv1 ESP_INFO id: 13, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 13 enum name: AES_CTR | IKEv1 ESP ID id: 13 enum name: AES_CTR | IKEv2 ID id: 13 enum name: AES_CTR | encryption algorithm AES_CBC, IKEv1 OAKLEY id: 7, IKEv1 ESP_INFO id: 12, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 7 enum name: AES_CBC | IKEv1 ESP ID id: 12 enum name: AES | IKEv2 ID id: 12 enum name: AES_CBC | encryption algorithm SERPENT_CBC, IKEv1 OAKLEY id: 65004, IKEv1 ESP_INFO id: 252, IKEv2 id: 65004 | IKEv1 OAKLEY ID id: 65004 enum name: SERPENT_CBC | IKEv1 ESP ID id: 252 enum name: SERPENT | IKEv2 ID id: 65004 enum name: SERPENT_CBC | encryption algorithm TWOFISH_CBC, IKEv1 OAKLEY id: 65005, IKEv1 ESP_INFO id: 253, IKEv2 id: 65005 | IKEv1 OAKLEY ID id: 65005 enum name: TWOFISH_CBC | IKEv1 ESP ID id: 253 enum name: TWOFISH | IKEv2 ID id: 65005 enum name: TWOFISH_CBC | encryption algorithm TWOFISH_SSH, IKEv1 OAKLEY id: 65289, IKEv1 ESP_INFO id: -1, IKEv2 id: 65289 | IKEv1 OAKLEY ID id: 65289 enum name: TWOFISH_CBC_SSH | IKEv2 ID id: 65289 enum name: TWOFISH_CBC_SSH | encryption algorithm NULL_AUTH_AES_GMAC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 23, IKEv2 id: 21 | IKEv1 ESP ID id: 23 enum name: NULL_AUTH_AES_GMAC | IKEv2 ID id: 21 enum name: NULL_AUTH_AES_GMAC | encryption algorithm NULL, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 11, IKEv2 id: 11 | IKEv1 ESP ID id: 11 enum name: NULL | IKEv2 ID id: 11 enum name: NULL | encryption algorithm CHACHA20_POLY1305, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 28 | IKEv2 ID id: 28 enum name: CHACHA20_POLY1305 Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 | hash algorithm assertion checks | hash algorithm MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | hash algorithm SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | hash algorithm SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | hash algorithm SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | hash algorithm SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 | PRF algorithm assertion checks | PRF algorithm HMAC_MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5 | PRF algorithm HMAC_SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1 | PRF algorithm HMAC_SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv2 ID id: 5 enum name: HMAC_SHA2_256 | PRF algorithm HMAC_SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: 6 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv2 ID id: 6 enum name: HMAC_SHA2_384 | PRF algorithm HMAC_SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: 7 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv2 ID id: 7 enum name: HMAC_SHA2_512 | PRF algorithm AES_XCBC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 4 | IKEv2 ID id: 4 enum name: AES128_XCBC PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc | integrity algorithm assertion checks | integrity algorithm HMAC_MD5_96, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: 1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv1 ESP ID id: 1 enum name: HMAC_MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5_96 | integrity algorithm HMAC_SHA1_96, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: 2, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv1 ESP ID id: 2 enum name: HMAC_SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1_96 | integrity algorithm HMAC_SHA2_512_256, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: 7, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv1 ESP ID id: 7 enum name: HMAC_SHA2_512 | IKEv2 ID id: 14 enum name: HMAC_SHA2_512_256 | integrity algorithm HMAC_SHA2_384_192, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 6, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv1 ESP ID id: 6 enum name: HMAC_SHA2_384 | IKEv2 ID id: 13 enum name: HMAC_SHA2_384_192 | integrity algorithm HMAC_SHA2_256_128, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: 5, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv1 ESP ID id: 5 enum name: HMAC_SHA2_256 | IKEv2 ID id: 12 enum name: HMAC_SHA2_256_128 | integrity algorithm HMAC_SHA2_256_TRUNCBUG, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 252, IKEv2 id: -1 | IKEv1 ESP ID id: 252 enum name: HMAC_SHA2_256_TRUNCBUG | integrity algorithm AES_XCBC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 9, IKEv2 id: 5 | IKEv1 ESP ID id: 9 enum name: AES_XCBC | IKEv2 ID id: 5 enum name: AES_XCBC_96 | integrity algorithm AES_CMAC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 250, IKEv2 id: 8 | IKEv1 ESP ID id: 250 enum name: AES_CMAC_96 | IKEv2 ID id: 8 enum name: AES_CMAC_96 | integrity algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 0, IKEv2 id: 0 | IKEv1 ESP ID id: 0 enum name: NONE | IKEv2 ID id: 0 enum name: NONE Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null | DH algorithm assertion checks | DH algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 0 | IKEv2 ID id: 0 enum name: NONE | DH algorithm MODP1536, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 5, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 5 enum name: MODP1536 | IKEv1 ESP ID id: 5 enum name: MODP1536 | IKEv2 ID id: 5 enum name: MODP1536 | DH algorithm MODP2048, IKEv1 OAKLEY id: 14, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 14 enum name: MODP2048 | IKEv1 ESP ID id: 14 enum name: MODP2048 | IKEv2 ID id: 14 enum name: MODP2048 | DH algorithm MODP3072, IKEv1 OAKLEY id: 15, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 OAKLEY ID id: 15 enum name: MODP3072 | IKEv1 ESP ID id: 15 enum name: MODP3072 | IKEv2 ID id: 15 enum name: MODP3072 | DH algorithm MODP4096, IKEv1 OAKLEY id: 16, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 OAKLEY ID id: 16 enum name: MODP4096 | IKEv1 ESP ID id: 16 enum name: MODP4096 | IKEv2 ID id: 16 enum name: MODP4096 | DH algorithm MODP6144, IKEv1 OAKLEY id: 17, IKEv1 ESP_INFO id: 17, IKEv2 id: 17 | IKEv1 OAKLEY ID id: 17 enum name: MODP6144 | IKEv1 ESP ID id: 17 enum name: MODP6144 | IKEv2 ID id: 17 enum name: MODP6144 | DH algorithm MODP8192, IKEv1 OAKLEY id: 18, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 OAKLEY ID id: 18 enum name: MODP8192 | IKEv1 ESP ID id: 18 enum name: MODP8192 | IKEv2 ID id: 18 enum name: MODP8192 | DH algorithm DH19, IKEv1 OAKLEY id: 19, IKEv1 ESP_INFO id: -1, IKEv2 id: 19 | IKEv1 OAKLEY ID id: 19 enum name: ECP_256 | IKEv2 ID id: 19 enum name: ECP_256 | DH algorithm DH20, IKEv1 OAKLEY id: 20, IKEv1 ESP_INFO id: -1, IKEv2 id: 20 | IKEv1 OAKLEY ID id: 20 enum name: ECP_384 | IKEv2 ID id: 20 enum name: ECP_384 | DH algorithm DH21, IKEv1 OAKLEY id: 21, IKEv1 ESP_INFO id: -1, IKEv2 id: 21 | IKEv1 OAKLEY ID id: 21 enum name: ECP_521 | IKEv2 ID id: 21 enum name: ECP_521 | DH algorithm DH31, IKEv1 OAKLEY id: 31, IKEv1 ESP_INFO id: -1, IKEv2 id: 31 | IKEv1 OAKLEY ID id: 31 enum name: CURVE25519 | IKEv2 ID id: 31 enum name: CURVE25519 DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed testing AES_GCM_16: empty string | decode_to_chunk: raw_key: input "0xcf063a34d4a9a76c2c86787d3f96db71" | decode_to_chunk: output: | cf 06 3a 34 d4 a9 a7 6c 2c 86 78 7d 3f 96 db 71 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0470 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0458 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: salted IV: input "0x113b9785971864c83b01c787" | decode_to_chunk: output: | 11 3b 97 85 97 18 64 c8 3b 01 c7 87 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "" | decode_to_chunk: output: | | decode_to_chunk: ciphertext: input "" | decode_to_chunk: output: | | decode_to_chunk: tag: input "0x72ac8493e3a5228b5d130a69d2510e42" | decode_to_chunk: output: | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: release sym_key-key@0x55a4efa5af10 | test_gcm_vector: passed one block | decode_to_chunk: raw_key: input "0xe98b72a9881a84ca6b76e0f43e68647a" | decode_to_chunk: output: | e9 8b 72 a9 88 1a 84 ca 6b 76 e0 f4 3e 68 64 7a | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0470 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0458 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: salted IV: input "0x8b23299fde174053f3d652ba" | decode_to_chunk: output: | 8b 23 29 9f de 17 40 53 f3 d6 52 ba | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0x28286a321293253c3e0aa2704a278032" | decode_to_chunk: output: | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | decode_to_chunk: ciphertext: input "0x5a3c1cf1985dbb8bed818036fdd5ab42" | decode_to_chunk: output: | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | decode_to_chunk: tag: input "0x23c7ab0f952b7091cd324835043b5eb5" | decode_to_chunk: output: | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: release sym_key-key@0x55a4efa5af10 | test_gcm_vector: passed two blocks | decode_to_chunk: raw_key: input "0xbfd414a6212958a607a0f5d3ab48471d" | decode_to_chunk: output: | bf d4 14 a6 21 29 58 a6 07 a0 f5 d3 ab 48 47 1d | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0470 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0458 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: salted IV: input "0x86d8ea0ab8e40dcc481cd0e2" | decode_to_chunk: output: | 86 d8 ea 0a b8 e4 0d cc 48 1c d0 e2 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0xa6b76a066e63392c9443e60272ceaeb9d25c991b0f2e55e2804e168c05ea591a" | decode_to_chunk: output: | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | decode_to_chunk: ciphertext: input "0x62171db33193292d930bf6647347652c1ef33316d7feca99d54f1db4fcf513f8" | decode_to_chunk: output: | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | decode_to_chunk: tag: input "0xc28280aa5c6c7a8bd366f28c1cfd1f6e" | decode_to_chunk: output: | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: release sym_key-key@0x55a4efa5af10 | test_gcm_vector: passed two blocks with associated data | decode_to_chunk: raw_key: input "0x006c458100fc5f4d62949d2c833b82d1" | decode_to_chunk: output: | 00 6c 45 81 00 fc 5f 4d 62 94 9d 2c 83 3b 82 d1 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0470 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0458 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_GCM) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: salted IV: input "0xa4e9c4bc5725a21ff42c82b2" | decode_to_chunk: output: | a4 e9 c4 bc 57 25 a2 1f f4 2c 82 b2 | decode_to_chunk: AAD: input "0x2efb14fb3657cdd6b9a8ff1a5f5a39b9" | decode_to_chunk: output: | 2e fb 14 fb 36 57 cd d6 b9 a8 ff 1a 5f 5a 39 b9 | decode_to_chunk: plaintext: input "0xf381d3bfbee0a879f7a4e17b623278cedd6978053dd313530a18f1a836100950" | decode_to_chunk: output: | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | decode_to_chunk: ciphertext: input "0xf39b4db3542d8542fb73fd2d66be568f26d7f814b3f87d1eceac3dd09a8d697e" | decode_to_chunk: output: | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | decode_to_chunk: tag: input "0x39f045cb23b698c925db134d56c5" | decode_to_chunk: output: | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: decrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: encrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: release sym_key-key@0x55a4efa5af10 | test_gcm_vector: passed testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E" | decode_to_chunk: output: | ae 68 52 f8 12 10 67 cc 4b f7 a5 76 55 77 f3 9e | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 128-bit key passed Encrypting 32 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63" | decode_to_chunk: output: | 7e 24 06 78 17 fa e0 d7 43 d6 ce 1f 32 53 91 63 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 128-bit key passed Encrypting 36 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC" | decode_to_chunk: output: | 76 91 be 03 5e 50 20 a8 ac 6e 61 85 29 f9 a0 dc | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 128-bit key passed Encrypting 16 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED86 3D 06 CC FD B7 85 15" | decode_to_chunk: output: | 16 af 5b 14 5f c9 f5 79 c1 75 f9 3e 3b fb 0e ed | 86 3d 06 cc fd b7 85 15 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 192-bit key passed Encrypting 32 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C67 8C 3D B8 E6 F6 A9 1A" | decode_to_chunk: output: | 7c 5c b2 40 1b 3d c3 3c 19 e7 34 08 19 e0 f6 9c | 67 8c 3d b8 e6 f6 a9 1a | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 192-bit key passed Encrypting 36 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9BF5 9B 60 A7 86 D3 E0 FE" | decode_to_chunk: output: | 02 bf 39 1e e8 ec b1 59 b9 59 61 7b 09 65 27 9b | f5 9b 60 a7 86 d3 e0 fe | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a4efa5c790 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (24-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 192-bit key passed Encrypting 16 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0x77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04" | decode_to_chunk: output: | 77 6b ef f2 85 1d b0 6f 4c 8a 05 42 c8 69 6f 6c | 6a 81 af 1e ec 96 b4 d3 7f c1 d6 89 e6 c1 c1 04 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 256-bit key passed Encrypting 32 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xF6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84" | decode_to_chunk: output: | f6 d6 6d 6b d5 2d 59 bb 07 96 36 58 79 ef f8 86 | c6 6d d5 1a 5b 6a 99 74 4b 50 59 0c 87 a2 38 84 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 256-bit key passed Encrypting 36 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xFF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D" | decode_to_chunk: output: | ff 7a 61 7c e6 91 48 e4 f1 72 6e 2f 43 58 1d e2 | aa 62 d9 f8 05 53 2e df f1 ee d6 87 fb 54 15 3d | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x55a4efa5c790 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (32-bytes, AES_CTR) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 256-bit key passed testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x06a9214036b8a15b512e03d534120006" | decode_to_chunk: output: | 06 a9 21 40 36 b8 a1 5b 51 2e 03 d5 34 12 00 06 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: ciphertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: cipertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key passed Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0xc286696d887c9aa0611bbb3e2025a45a" | decode_to_chunk: output: | c2 86 69 6d 88 7c 9a a0 61 1b bb 3e 20 25 a4 5a | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: ciphertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: cipertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key passed Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x6c3ea0477630ce21a2ce334aa746c2cd" | decode_to_chunk: output: | 6c 3e a0 47 76 30 ce 21 a2 ce 33 4a a7 46 c2 cd | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | decode_to_chunk: ciphertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: cipertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key passed Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x56e47a38c5598974bc46903dba290349" | decode_to_chunk: output: | 56 e4 7a 38 c5 59 89 74 bc 46 90 3d ba 29 03 49 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04d0 | result: symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04b8 | result: symkey-key@0x55a4efa5af10 (16-bytes, AES_CBC) | symkey: release tmp-key@0x55a4efa5c790 | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | decode_to_chunk: ciphertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: cipertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x55a4efa5af10 | test_ctr_vector: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key passed testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "" | decode_to_chunk: output: | | decode_to_chunk: test_prf_vector: input "0x75f0251d528ac01c4573dfd584d79f29" | decode_to_chunk: output: | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e278 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5c790 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5c790 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa5e328 (length 0) | | XCBC: data | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-283278448: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ec28 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5f210 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x55a4efa5af10 | PRF chunk interface: release key-key@0x55a4efa5c790 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e938 (length 16) | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | chunk output 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5c790 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF symkey interface PRF aes_xcbc update symkey message-key@(nil) (size 0) | PRF symkey interface: symkey message-key@NULL | symkey message NULL key has no bytes | XCBC: data | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1023: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e238 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa60a90 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x55a4efa5f210 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa60a90 | PRF symkey interface: release key-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5f210 (size 16) | PRF symkey interface: key-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracting all 16 bytes of key@0x55a4efa5f210 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: 5d 9f 4f ee 51 35 9f e0 cd 55 13 6c 2e 0c b6 96 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracted len 16 bytes at 0x55a4efa5e8f8 | unwrapped: 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | test_prf_vector: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input passed | test_prf_vector: release symkey-key@0x55a4efa5f210 | test_prf_vector: release message-key@NULL | test_prf_vector: release key-key@0x55a4efa5c790 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102" | decode_to_chunk: output: | 00 01 02 | decode_to_chunk: test_prf_vector: input "0x5b376580ae2f19afe7219ceef172756f" | decode_to_chunk: output: | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e328 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5f210 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5f210 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5c790 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa5e8f8 (length 3) | 00 01 02 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-283278448: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5c790 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5af10 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x55a4efa5c790 | PRF chunk interface: release key-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5ede8 (length 16) | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | chunk output 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5f210 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa60a90 (19-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 3 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 3-bytes | base: base-key@0x55a4efa60a90 (19-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa5af10 (3-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa5af10 (size 3) | PRF symkey interface: symkey message-key@0x55a4efa5af10 (3-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 3 bytes of key@0x55a4efa5af10 | symkey message: symkey-key@0x55a4efa5af10 (3-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (3-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394144: 6b 12 5f aa 74 69 6a ad 70 ba bb bc 00 e9 a1 7c | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 16 bytes at 0x55a4efa5e238 | unwrapped: 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ec28 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa60a90 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x55a4efa60a90 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa60a90 (size 16) | PRF symkey interface: key-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracting all 16 bytes of key@0x55a4efa60a90 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: af 8f 77 35 28 69 62 0e 15 b6 55 ec 93 b5 e7 20 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracted len 16 bytes at 0x55a4efa5e238 | unwrapped: 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | test_prf_vector: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input passed | test_prf_vector: release symkey-key@0x55a4efa60a90 | test_prf_vector: release message-key@0x55a4efa5af10 | test_prf_vector: release key-key@0x55a4efa5f210 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xd2a246fa349b68a79998a4394ff7a263" | decode_to_chunk: output: | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e8f8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5af10 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5af10 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa5e238 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e368 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa60a90 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x55a4efa5f210 | PRF chunk interface: release key-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e278 (length 16) | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | chunk output d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5af10 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa60a90 (size 16) | PRF symkey interface: symkey message-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 16 bytes of key@0x55a4efa60a90 | symkey message: symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 16 bytes at 0x55a4efa5ec28 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5c790 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x55a4efa5c790 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5c790 (size 16) | PRF symkey interface: key-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracting all 16 bytes of key@0x55a4efa5c790 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: aa 14 6d 1f 44 33 d5 e7 63 c4 d8 aa 90 b1 e9 32 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracted len 16 bytes at 0x55a4efa5ec28 | unwrapped: d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | test_prf_vector: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input passed | test_prf_vector: release symkey-key@0x55a4efa5c790 | test_prf_vector: release message-key@0x55a4efa60a90 | test_prf_vector: release key-key@0x55a4efa5af10 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e238 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa60a90 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa60a90 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa59738 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa60a90 | K: symkey-key@0x55a4efa60a90 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5c790 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a4efa5af10 | PRF chunk interface: release key-key@0x55a4efa60a90 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e278 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa60a90 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5f210 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5f210 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa5c790 (size 20) | PRF symkey interface: symkey message-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a4efa5c790 | symkey message: symkey-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 22 63 4a 51 d3 16 00 77 aa 71 ed 94 80 0c 8e a9 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 32 bytes at 0x55a4efa5e0d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a4efa5f210 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5f210 (size 16) | PRF symkey interface: key-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracting all 16 bytes of key@0x55a4efa5f210 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: cd bd 2a 20 fe bd 69 32 9e b3 b4 ab 06 60 4f 3c | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | test_prf_vector: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input passed | test_prf_vector: release symkey-key@0x55a4efa5f210 | test_prf_vector: release message-key@0x55a4efa5c790 | test_prf_vector: release key-key@0x55a4efa60a90 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: test_prf_vector: input "0xf54f0ec8d2b9f3d36807734bd5283fd4" | decode_to_chunk: output: | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5ec28 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5c790 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5c790 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa60a90 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa59738 (length 32) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e938 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa60a90 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5f210 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x55a4efa60a90 | PRF chunk interface: release key-key@0x55a4efa5c790 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5ed48 (length 16) | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | chunk output f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5c790 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa60a90 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5af10 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x55a4efa5af10 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa5f210 (size 32) | PRF symkey interface: symkey message-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 32 bytes of key@0x55a4efa5f210 | symkey message: symkey-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (32-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 95 0f d6 36 64 fa 7f 1e cd ac 4d 30 27 cc 2a e2 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 32 bytes at 0x55a4efa5e0d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x55a4efa60a90 | K: symkey-key@0x55a4efa60a90 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x55a4efa5af10 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5af10 (size 16) | PRF symkey interface: key-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracting all 16 bytes of key@0x55a4efa5af10 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: b5 2e bd 3c fd 51 cf ef ba 86 34 6c 9b b4 31 36 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | test_prf_vector: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input passed | test_prf_vector: release symkey-key@0x55a4efa5af10 | test_prf_vector: release message-key@0x55a4efa5f210 | test_prf_vector: release key-key@0x55a4efa5c790 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | decode_to_chunk: test_prf_vector: input "0xbecbb3bccdb518a30677d5481fb6b4d8" | decode_to_chunk: output: | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e238 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5f210 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5f210 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5c790 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa5ed88 (length 34) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e368 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5c790 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5af10 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x55a4efa5c790 | PRF chunk interface: release key-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e278 (length 16) | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | chunk output be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5f210 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa60a90 (50-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 34 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 34-bytes | base: base-key@0x55a4efa60a90 (50-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa5af10 (34-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa5af10 (size 34) | PRF symkey interface: symkey message-key@0x55a4efa5af10 (34-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 34 bytes of key@0x55a4efa5af10 | symkey message: symkey-key@0x55a4efa5af10 (34-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (34-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 95 0f d6 36 64 fa 7f 1e cd ac 4d 30 27 cc 2a e2 c8 ac cb 83 cb 0c 8c fb ec 1a ad 2f d7 d8 64 2e | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 48 bytes at 0x55a4efa5ef88 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | unwrapped: 20 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e8f8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa60a90 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x55a4efa60a90 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa60a90 (size 16) | PRF symkey interface: key-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracting all 16 bytes of key@0x55a4efa60a90 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: b2 6e da f6 e3 9a de a8 7f 7f af d7 ed fd 07 54 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracted len 16 bytes at 0x55a4efa5e8f8 | unwrapped: be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | test_prf_vector: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input passed | test_prf_vector: release symkey-key@0x55a4efa60a90 | test_prf_vector: release message-key@0x55a4efa5af10 | test_prf_vector: release key-key@0x55a4efa5f210 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xf0dafee895db30253761103b5d84528f" | decode_to_chunk: output: | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e8f8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5af10 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa5af10 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa63bb8 (length 1000) | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540028960: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e368 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa60a90 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x55a4efa5f210 | PRF chunk interface: release key-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5ed48 (length 16) | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | chunk output f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5f210 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5af10 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa59738 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5c790 (1016-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 1000 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 1000-bytes | base: base-key@0x55a4efa5c790 (1016-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa60a90 (1000-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa60a90 (size 1000) | PRF symkey interface: symkey message-key@0x55a4efa60a90 (1000-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 1000 bytes of key@0x55a4efa60a90 | symkey message: symkey-key@0x55a4efa60a90 (1000-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (1000-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 1008 | wrapper: (SECItemType)-283394144: 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 1008 bytes at 0x55a4efa661b8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5c790 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x55a4efa5c790 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5c790 (size 16) | PRF symkey interface: key-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracting all 16 bytes of key@0x55a4efa5c790 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: 7c 83 4b 62 dc e4 4d cf 06 82 0f 7a 67 5e 90 b4 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: release slot-key-key@0x55a4efa5f030 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | test_prf_vector: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input passed | test_prf_vector: release symkey-key@0x55a4efa5c790 | test_prf_vector: release message-key@0x55a4efa60a90 | test_prf_vector: release key-key@0x55a4efa5af10 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5ede8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa60a90 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: key-key@0x55a4efa60a90 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa59738 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa60a90 | K: symkey-key@0x55a4efa60a90 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e938 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5c790 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a4efa5af10 | PRF chunk interface: release key-key@0x55a4efa60a90 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e278 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa60a90 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: key symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5f210 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5f210 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa5c790 (size 20) | PRF symkey interface: symkey message-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a4efa5c790 | symkey message: symkey-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 22 63 4a 51 d3 16 00 77 aa 71 ed 94 80 0c 8e a9 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 32 bytes at 0x55a4efa5e0d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x55a4efa5f210 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5f210 (size 16) | PRF symkey interface: key-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracting all 16 bytes of key@0x55a4efa5f210 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): symkey-key@0x55a4efa5f210 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: cd bd 2a 20 fe bd 69 32 9e b3 b4 ab 06 60 4f 3c | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): release slot-key-key@0x55a4efa5f030 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracted len 16 bytes at 0x55a4efa5ed48 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) passed | test_prf_vector: release symkey-key@0x55a4efa5f210 | test_prf_vector: release message-key@0x55a4efa5c790 | test_prf_vector: release key-key@0x55a4efa60a90 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) | decode_to_chunk: test_prf_vector: input "0x00010203040506070809" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x0fa087af7d866e7653434e602fdde835" | decode_to_chunk: output: | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa5e8f8 (length 10) | 00 01 02 03 04 05 06 07 08 09 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa5c790 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x55a4efa5c790 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa60a90 (10-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa5c790 | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x55a4efa60a90 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa60a90 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03f0 | result: tmp+=0-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa60a90 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0418 | result: PRF chunk interface-key@0x55a4efa5f210 (16-bytes, AES_ECB) | PRF chunk interface: release tmp-key@0x55a4efa5c790 | PRF chunk interface: release clone-key@0x55a4efa60a90 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa59738 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: e7 bb 45 d4 8e 2d 51 8d 8e 42 9c 13 ce 79 3c 15 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa60a90 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5c790 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x55a4efa60a90 | PRF chunk interface: release key-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5ed48 (length 16) | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | chunk output 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa60a90 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x55a4efa60a90 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5f210 (10-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5f210 (size 10) | PRF symkey interface: key symkey-key@0x55a4efa5f210 (10-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x55a4efa5f210 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa5f210 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0420 | result: tmp+=0-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa5f210 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa60a90 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: PRF symkey interface-key@0x55a4efa5c790 (16-bytes, AES_ECB) | PRF symkey interface: release tmp-key@0x55a4efa60a90 | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa5e038 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa60a90 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa60a90 (size 20) | PRF symkey interface: symkey message-key@0x55a4efa60a90 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a4efa60a90 | symkey message: symkey-key@0x55a4efa60a90 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 22 63 4a 51 d3 16 00 77 aa 71 ed 94 80 0c 8e a9 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 32 bytes at 0x55a4efa5e0d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: e7 bb 45 d4 8e 2d 51 8d 8e 42 9c 13 ce 79 3c 15 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x55a4efa5af10 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa62310 | PRF symkey interface: release key-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa5af10 (size 16) | PRF symkey interface: key-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracting all 16 bytes of key@0x55a4efa5af10 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): symkey-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: fc 3b b9 2e 79 6e 54 11 1e 73 3b 4f 77 5a 00 ea | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): release slot-key-key@0x55a4efa5f030 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) passed | test_prf_vector: release symkey-key@0x55a4efa5af10 | test_prf_vector: release message-key@0x55a4efa60a90 | test_prf_vector: release key-key@0x55a4efa5f210 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0fedcb" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x8cd3c93ae598a9803006ffb67c40e9e4" | decode_to_chunk: output: | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x55a4efa59738 (length 18) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0450 | result: key-key@0x55a4efa60a90 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x55a4efa60a90 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0438 | result: key-key@0x55a4efa5f210 (18-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x55a4efa60a90 | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03f0 | result: key-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03d8 | result: key-key@0x55a4efa60a90 (16-bytes, AES_ECB) | key: release tmp-key@0x55a4efa5af10 | key extracting all 18 bytes of key@0x55a4efa5f210 | key: symkey-key@0x55a4efa5f210 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | key: new slot-key@0x55a4efa5f030 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 16 df 13 90 b6 91 f3 ab 6c 05 42 4d a1 d3 89 f7 | key: release slot-key-key@0x55a4efa5f030 | key extracted len 32 bytes at 0x55a4efa5e0d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x55a4efa60a90 | K: symkey-key@0x55a4efa60a90 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0370 | result: k1-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0358 | result: k1-key@0x55a4efa5af10 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5c790 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x55a4efa5af10 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03f0 | result: key-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03d8 | result: key-key@0x55a4efa5af10 (16-bytes, AES_ECB) | key: release tmp-key@0x55a4efa5c790 | PRF chunk interface: release clone-key@0x55a4efa5f210 | PRF chunk interface PRF aes_xcbc crypt-prf@0x55a4efa5e0d8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x55a4efa5e038 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5af10 | K: symkey-key@0x55a4efa5af10 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: d6 be 75 35 37 39 17 6f 65 f3 32 c4 fc cc e7 14 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e368 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03b0 | result: k1-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0398 | result: k1-key@0x55a4efa5f210 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa5c790 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x55a4efa5f210 | PRF chunk interface: release key-key@0x55a4efa5af10 | PRF chunk interface PRF aes_xcbc final-chunk@0x55a4efa5e8f8 (length 16) | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | chunk output 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa5f210 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x55a4efa5f210 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5af10 (18-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa5f210 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x55a4efa5af10 (size 18) | PRF symkey interface: key symkey-key@0x55a4efa5af10 (18-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0420 | result: key symkey-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0408 | result: key symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x55a4efa5c790 | key symkey extracting all 18 bytes of key@0x55a4efa5af10 | key symkey: symkey-key@0x55a4efa5af10 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | key symkey: new slot-key@0x55a4efa5f030 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 16 df 13 90 b6 91 f3 ab 6c 05 42 4d a1 d3 89 f7 | key symkey: release slot-key-key@0x55a4efa5f030 | key symkey extracted len 32 bytes at 0x55a4efa5e088 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x55a4efa5f210 | K: symkey-key@0x55a4efa5f210 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 76 18 f5 b3 63 20 d1 a3 44 e0 5a d2 db 9c 29 1e | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03a0 | result: k1-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0388 | result: k1-key@0x55a4efa5c790 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa62310 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x55a4efa5c790 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0420 | result: key symkey-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0408 | result: key symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x55a4efa62310 | PRF symkey interface PRF aes_xcbc crypt-prf@0x55a4efa5e088 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa63dc0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x55a4efa62310 (size 20) | PRF symkey interface: symkey message-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x55a4efa62310 | symkey message: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283394144: 25 e2 77 e3 1d 6e 5a 06 dc 71 4f a2 ee 3b 7c 08 22 63 4a 51 d3 16 00 77 aa 71 ed 94 80 0c 8e a9 | symkey message: release slot-key-key@0x55a4efa5f030 | symkey message extracted len 32 bytes at 0x55a4efa63f68 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x55a4efa5c790 | K: symkey-key@0x55a4efa5c790 (16-bytes, AES_ECB) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x55a4efa5f030 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: d6 be 75 35 37 39 17 6f 65 f3 32 c4 fc cc e7 14 | K: release slot-key-key@0x55a4efa5f030 | K extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a03d0 | result: k1-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a03b8 | result: k1-key@0x55a4efa63dc0 (16-bytes, AES_ECB) | k1: release tmp-key@0x55a4efa65820 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x55a4efa63dc0 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0460 | result: xcbc-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0448 | result: xcbc-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x55a4efa65820 | PRF symkey interface: release key-key@0x55a4efa5c790 | PRF symkey interface PRF aes_xcbc final-key@0x55a4efa63dc0 (size 16) | PRF symkey interface: key-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracting all 16 bytes of key@0x55a4efa63dc0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): symkey-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: f6 b0 b0 1d fd 71 3c c9 11 3e 8a 61 19 9d 5b a1 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): release slot-key-key@0x55a4efa5f030 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) passed | test_prf_vector: release symkey-key@0x55a4efa63dc0 | test_prf_vector: release message-key@0x55a4efa62310 | test_prf_vector: release key-key@0x55a4efa5af10 | test_prf_vector: release output-key@NULL testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 | decode_to_chunk: test_prf_vector: input "0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" | decode_to_chunk: output: | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | decode_to_chunk: test_prf_vector: input "Hi There" | decode_to_chunk: output: | 48 69 20 54 68 65 72 65 | decode_to_chunk: test_prf_vector: input "0x9294727a3638bb1c13f48ef8158bfc9d" | decode_to_chunk: output: | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface PRF md5 init key-chunk@0x55a4efa5ede8 (length 16) | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0440 | result: PRF chunk interface-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0428 | result: PRF chunk interface-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a4efa62310 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa5af10 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a4efa63d38 | PRF chunk interface PRF md5 update message-bytes@0x55a4efa5e278 (length 8) | 48 69 20 54 68 65 72 65 | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe5e3a04b0 | result: message-key@0x55a4efa63dc0 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a4efa5af10 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa63dc0 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa63dc0 (size 72) | PRF HMAC inner hash: inner-key@0x55a4efa63dc0 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e328 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0340 | result: PRF HMAC inner hash-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0328 | result: PRF HMAC inner hash-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa5c790 | PRF chunk interface: release inner-key@0x55a4efa63dc0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03b0 | result: result-key@0x55a4efa63dc0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a0398 | result: result-key@0x55a4efa5c790 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa63dc0 | PRF chunk interface: release hashed-inner-key@0x55a4efa5af10 | PRF chunk interface: release key-key@0x55a4efa62310 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa5c790 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa5c790 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a4efa5e368 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface: release outer-key@0x55a4efa5c790 | PRF chunk interface PRF md5 final-chunk@0x55a4efa5e368 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | chunk output 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa62310 | PRF symkey interface PRF md5 init key symkey-key@0x55a4efa5c790 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a4efa5c790 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa5c790 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a4efa63f68 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa65820 (24-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 8 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 8-bytes | base: base-key@0x55a4efa65820 (24-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa63dc0 (8-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa65820 | PRF symkey interface PRF md5 update symkey message-key@0x55a4efa63dc0 (size 8) | PRF symkey interface: symkey message-key@0x55a4efa63dc0 (8-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a04d8 | result: result-key@0x55a4efa65820 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa5af10 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa65820 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa65820 (size 72) | PRF HMAC inner hash: inner-key@0x55a4efa65820 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e368 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0360 | result: PRF HMAC inner hash-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0348 | result: PRF HMAC inner hash-key@0x55a4efa5af10 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa65c00 | PRF symkey interface: release inner-key@0x55a4efa65820 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03d0 | result: result-key@0x55a4efa65820 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa65820 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a03b8 | result: result-key@0x55a4efa65c00 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa65820 | PRF symkey interface: release hashed-inner-key@0x55a4efa5af10 | PRF symkey interface: release key-key@0x55a4efa62310 | PRF HMAC outer hash hash md5 outer-key@0x55a4efa65c00 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa65c00 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa65c00 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a4efa5e368 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0420 | result: PRF HMAC outer hash-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0408 | result: PRF HMAC outer hash-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a4efa5af10 | PRF symkey interface: release outer-key@0x55a4efa65c00 | : hashed-outer-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a4efa62310 (size 16) | PRF symkey interface: key-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 1 extracting all 16 bytes of key@0x55a4efa62310 | RFC 2104: MD5_HMAC test 1: symkey-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 1: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: dc ff f1 6e 99 ec ca 61 0a 00 e5 9d f1 23 f2 37 | RFC 2104: MD5_HMAC test 1: release slot-key-key@0x55a4efa5f030 | RFC 2104: MD5_HMAC test 1 extracted len 16 bytes at 0x55a4efa5e328 | unwrapped: 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | test_prf_vector: RFC 2104: MD5_HMAC test 1 passed | test_prf_vector: release symkey-key@0x55a4efa62310 | test_prf_vector: release message-key@0x55a4efa63dc0 | test_prf_vector: release key-key@0x55a4efa5c790 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 2 | decode_to_chunk: test_prf_vector: input "Jefe" | decode_to_chunk: output: | 4a 65 66 65 | decode_to_chunk: test_prf_vector: input "what do ya want for nothing?" | decode_to_chunk: output: | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | decode_to_chunk: test_prf_vector: input "0x750c783e6ab0b503eaa86e310a5db738" | decode_to_chunk: output: | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface PRF md5 init key-chunk@0x55a4efa5e8f8 (length 4) | 4a 65 66 65 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0440 | result: PRF chunk interface-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0428 | result: PRF chunk interface-key@0x55a4efa5c790 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a4efa63dc0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa5c790 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa5c790 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a4efa65b88 | PRF chunk interface PRF md5 update message-bytes@0x55a4efa59738 (length 28) | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe5e3a04b0 | result: message-key@0x55a4efa62310 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a4efa5c790 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa62310 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa62310 (size 92) | PRF HMAC inner hash: inner-key@0x55a4efa62310 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e328 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0340 | result: PRF HMAC inner hash-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0328 | result: PRF HMAC inner hash-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa65c00 | PRF chunk interface: release inner-key@0x55a4efa62310 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03b0 | result: result-key@0x55a4efa62310 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a0398 | result: result-key@0x55a4efa65c00 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa62310 | PRF chunk interface: release hashed-inner-key@0x55a4efa5c790 | PRF chunk interface: release key-key@0x55a4efa63dc0 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa65c00 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa65c00 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a4efa5e278 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface: release outer-key@0x55a4efa65c00 | PRF chunk interface PRF md5 final-chunk@0x55a4efa5e278 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | chunk output 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa65c00 (4-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa63dc0 | PRF symkey interface PRF md5 init key symkey-key@0x55a4efa65c00 (size 4) | PRF symkey interface: key symkey-key@0x55a4efa65c00 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a4efa65c00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa65c00 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa65c00 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a4efa63d38 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5af10 (44-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 28 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 28-bytes | base: base-key@0x55a4efa5af10 (44-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa62310 (28-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5af10 | PRF symkey interface PRF md5 update symkey message-key@0x55a4efa62310 (size 28) | PRF symkey interface: symkey message-key@0x55a4efa62310 (28-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a04d8 | result: result-key@0x55a4efa5af10 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa5c790 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa5af10 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa5af10 (size 92) | PRF HMAC inner hash: inner-key@0x55a4efa5af10 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e278 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0360 | result: PRF HMAC inner hash-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0348 | result: PRF HMAC inner hash-key@0x55a4efa5c790 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa65820 | PRF symkey interface: release inner-key@0x55a4efa5af10 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03d0 | result: result-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5af10 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a03b8 | result: result-key@0x55a4efa65820 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa5af10 | PRF symkey interface: release hashed-inner-key@0x55a4efa5c790 | PRF symkey interface: release key-key@0x55a4efa63dc0 | PRF HMAC outer hash hash md5 outer-key@0x55a4efa65820 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa65820 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa65820 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a4efa5e278 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0420 | result: PRF HMAC outer hash-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5c790 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0408 | result: PRF HMAC outer hash-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a4efa5c790 | PRF symkey interface: release outer-key@0x55a4efa65820 | : hashed-outer-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a4efa63dc0 (size 16) | PRF symkey interface: key-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 2 extracting all 16 bytes of key@0x55a4efa63dc0 | RFC 2104: MD5_HMAC test 2: symkey-key@0x55a4efa63dc0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 2: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: eb 50 e1 76 05 3d 42 1a f4 8b 46 64 ec 85 c5 de | RFC 2104: MD5_HMAC test 2: release slot-key-key@0x55a4efa5f030 | RFC 2104: MD5_HMAC test 2 extracted len 16 bytes at 0x55a4efa5e328 | unwrapped: 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | test_prf_vector: RFC 2104: MD5_HMAC test 2 passed | test_prf_vector: release symkey-key@0x55a4efa63dc0 | test_prf_vector: release message-key@0x55a4efa62310 | test_prf_vector: release key-key@0x55a4efa65c00 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 3 | decode_to_chunk: test_prf_vector: input "0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" | decode_to_chunk: output: | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | decode_to_chunk: test_prf_vector: input "0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" | decode_to_chunk: output: | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | decode_to_chunk: test_prf_vector: input "0x56be34521d144c88dbb8c733f0e8b3f6" | decode_to_chunk: output: | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface PRF md5 init key-chunk@0x55a4efa5ede8 (length 16) | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0440 | result: PRF chunk interface-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0428 | result: PRF chunk interface-key@0x55a4efa65c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x55a4efa62310 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa65c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa65c00 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa65c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x55a4efa65bd8 | PRF chunk interface PRF md5 update message-bytes@0x55a4efa5e128 (length 50) | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa65c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe5e3a04b0 | result: message-key@0x55a4efa63dc0 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x55a4efa65c00 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa63dc0 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa63dc0 (size 114) | PRF HMAC inner hash: inner-key@0x55a4efa63dc0 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e278 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0340 | result: PRF HMAC inner hash-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65820 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0328 | result: PRF HMAC inner hash-key@0x55a4efa65c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa65820 | PRF chunk interface: release inner-key@0x55a4efa63dc0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03b0 | result: result-key@0x55a4efa63dc0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa63dc0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a0398 | result: result-key@0x55a4efa65820 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa63dc0 | PRF chunk interface: release hashed-inner-key@0x55a4efa65c00 | PRF chunk interface: release key-key@0x55a4efa62310 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa65820 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa65820 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x55a4efa5e328 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface: release outer-key@0x55a4efa65820 | PRF chunk interface PRF md5 final-chunk@0x55a4efa5e328 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | chunk output 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: key symkey-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa62310 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: key symkey-key@0x55a4efa65820 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x55a4efa62310 | PRF symkey interface PRF md5 init key symkey-key@0x55a4efa65820 (size 16) | PRF symkey interface: key symkey-key@0x55a4efa65820 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x55a4efa65820 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa65820 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a0380 | result: trimed key-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x55a4efa65820 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03c0 | result: result-key@0x55a4efa65c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x55a4efa5e0d8 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a04c0 | result: message symkey-key@0x55a4efa5c790 (66-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 50 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 50-bytes | base: base-key@0x55a4efa5c790 (66-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a04a8 | result: message symkey-key@0x55a4efa63dc0 (50-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x55a4efa5c790 | PRF symkey interface PRF md5 update symkey message-key@0x55a4efa63dc0 (size 50) | PRF symkey interface: symkey message-key@0x55a4efa63dc0 (50-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa65c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a04d8 | result: result-key@0x55a4efa5c790 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa65c00 | PRF HMAC inner hash hash md5 inner-key@0x55a4efa5c790 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x55a4efa5c790 (size 114) | PRF HMAC inner hash: inner-key@0x55a4efa5c790 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x55a4efa5e328 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0360 | result: PRF HMAC inner hash-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa5af10 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0348 | result: PRF HMAC inner hash-key@0x55a4efa65c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x55a4efa5af10 | PRF symkey interface: release inner-key@0x55a4efa5c790 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa62310 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe5e3a03d0 | result: result-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x55a4efa5c790 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe5e3a03b8 | result: result-key@0x55a4efa5af10 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x55a4efa5c790 | PRF symkey interface: release hashed-inner-key@0x55a4efa65c00 | PRF symkey interface: release key-key@0x55a4efa62310 | PRF HMAC outer hash hash md5 outer-key@0x55a4efa5af10 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x55a4efa5af10 (size 80) | PRF HMAC outer hash: outer-key@0x55a4efa5af10 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x55a4efa5e328 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe5e3a0420 | result: PRF HMAC outer hash-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e3a0408 | result: PRF HMAC outer hash-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x55a4efa65c00 | PRF symkey interface: release outer-key@0x55a4efa5af10 | : hashed-outer-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x55a4efa62310 (size 16) | PRF symkey interface: key-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 3 extracting all 16 bytes of key@0x55a4efa62310 | RFC 2104: MD5_HMAC test 3: symkey-key@0x55a4efa62310 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 3: new slot-key@0x55a4efa5f030 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-283394198: 9b e2 15 f1 84 44 b3 ef 04 33 09 e9 db 5f 14 7d | RFC 2104: MD5_HMAC test 3: release slot-key-key@0x55a4efa5f030 | RFC 2104: MD5_HMAC test 3 extracted len 16 bytes at 0x55a4efa5e278 | unwrapped: 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | test_prf_vector: RFC 2104: MD5_HMAC test 3 passed | test_prf_vector: release symkey-key@0x55a4efa62310 | test_prf_vector: release message-key@0x55a4efa63dc0 | test_prf_vector: release key-key@0x55a4efa65820 | test_prf_vector: release output-key@NULL 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 | starting up helper thread 0 started thread for crypto helper 1 | status value returned by setting the priority of this thread (crypto helper 0) 22 | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 1) 22 started thread for crypto helper 2 | starting up helper thread 2 | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 0 waiting (nothing to do) started thread for crypto helper 3 | starting up helper thread 3 | crypto helper 1 waiting (nothing to do) | status value returned by setting the priority of this thread (crypto helper 3) 22 | crypto helper 3 waiting (nothing to do) | crypto helper 2 waiting (nothing to do) started thread for crypto helper 4 | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) started thread for crypto helper 5 | starting up helper thread 5 | status value returned by setting the priority of this thread (crypto helper 5) 22 | crypto helper 5 waiting (nothing to do) started thread for crypto helper 6 | starting up helper thread 6 | checking IKEv1 state table | status value returned by setting the priority of this thread (crypto helper 6) 22 | crypto helper 6 waiting (nothing to do) | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55a4efa5e128 | libevent_malloc: new ptr-libevent@0x55a4efa426d8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa5e8f8 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55a4efa5ec68 | libevent_malloc: new ptr-libevent@0x55a4ef9ff9e8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa5ede8 size 16 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e020b (length 11) | 4b 41 4d 45 2f 72 61 63 6f 6f 6e | vendor id hash md5 final bytes@0x55a4efa5e328 (length 16) | 70 03 cb c1 09 7d be 9c 26 00 ba 69 83 bc 8b 35 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1000 (length 46) | 4e 4c 42 53 5f 50 52 45 53 45 4e 54 28 4e 4c 42 | 2f 4d 53 43 53 20 66 61 73 74 20 66 61 69 6c 6f | 76 65 72 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x55a4efa5e368 (length 16) | ec 22 62 b5 12 32 63 83 67 12 3b ce 3d 37 3c 5e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1030 (length 32) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 28 41 | 75 74 68 49 50 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x55a4efa5ed48 (length 16) | 6f fe a4 ae ec 37 f4 9a 02 6f 97 cf b5 53 30 6d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e038e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x55a4efa5e938 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x55a4efa5ee28 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e03a0 (length 23) | 4d 69 63 72 6f 73 6f 66 74 20 58 62 6f 78 20 4f | 6e 65 20 32 30 31 33 | vendor id hash md5 final bytes@0x55a4efa5e238 (length 16) | 8a a3 94 cf 8a 55 77 dc 31 10 c1 13 b0 27 a4 f2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e03b8 (length 22) | 58 62 6f 78 20 49 4b 45 76 32 20 4e 65 67 6f 74 | 69 61 74 69 6f 6e | vendor id hash md5 final bytes@0x55a4efa5ec28 (length 16) | aa 28 1f cc d6 8c f8 a8 dc b8 5c c0 a7 10 40 2a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e03cf (length 28) | 4d 53 46 54 20 49 50 73 65 63 20 53 65 63 75 72 | 69 74 79 20 52 65 61 6c 6d 20 49 64 | vendor id hash md5 final bytes@0x55a4efa65d68 (length 16) | 68 6a 8c bd fe 63 4b 40 51 46 fb 2b af 33 e9 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1080 (length 39) | 41 20 47 53 53 2d 41 50 49 20 41 75 74 68 65 6e | 74 69 63 61 74 69 6f 6e 20 4d 65 74 68 6f 64 20 | 66 6f 72 20 49 4b 45 | vendor id hash md5 final bytes@0x55a4efa6b0c8 (length 16) | ad 2c 0d d0 b9 c3 20 83 cc ba 25 b8 86 1e c4 55 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e03ec (length 6) | 47 53 53 41 50 49 | vendor id hash md5 final bytes@0x55a4efa6b108 (length 16) | 62 1b 04 bb 09 88 2a c1 e1 59 35 fe fa 24 ae ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e03f3 (length 12) | 53 53 48 20 53 65 6e 74 69 6e 65 6c | vendor id hash md5 final bytes@0x55a4efa6b148 (length 16) | 05 41 82 a0 7c 7a e2 06 f9 d2 cf 9d 24 32 c4 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0400 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b188 (length 16) | b9 16 23 e6 93 ca 18 a5 4c 6a 27 78 55 23 05 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0411 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 32 | vendor id hash md5 final bytes@0x55a4efa6b1c8 (length 16) | 54 30 88 8d e0 1a 31 a6 fa 8f 60 22 4e 44 99 58 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0422 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 33 | vendor id hash md5 final bytes@0x55a4efa6b208 (length 16) | 7e e5 cb 85 f7 1c e2 59 c9 4a 5c 73 1e e4 e7 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0433 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | vendor id hash md5 final bytes@0x55a4efa6b248 (length 16) | 63 d9 a1 a7 00 94 91 b5 a0 a6 fd eb 2a 82 84 f0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0444 (length 18) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b288 (length 16) | eb 4b 0d 96 27 6b 4e 22 0a d1 62 21 a7 b2 a5 e6 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e10a8 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b2c8 (length 16) | fb f4 76 14 98 40 31 fa 8e 3b b6 19 80 89 b2 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e10e0 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b308 (length 16) | 19 52 dc 91 ac 20 f6 46 fb 01 cf 42 a3 3a ee 30 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1118 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a4efa6b348 (length 16) | e8 bf fa 64 3e 5c 8f 2c d1 0f da 73 70 b6 eb e5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1150 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b388 (length 16) | c1 11 1b 2d ee 8c bc 3d 62 05 73 ec 57 aa b9 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1188 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a4efa6b3c8 (length 16) | 09 ec 27 bf bc 09 c7 58 23 cf ec bf fe 56 5a 2e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e11c0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b408 (length 16) | 7f 21 a5 96 e4 e3 18 f0 b2 f4 94 4c 23 84 cb 84 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e11f8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b448 (length 16) | 28 36 d1 fd 28 07 bc 9e 5a e3 07 86 32 04 51 ec | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1230 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b488 (length 16) | a6 8d e7 56 a9 c5 22 9b ae 66 49 80 40 95 1a d5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1268 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a4efa6b4c8 (length 16) | 3f 23 72 86 7e 23 7c 1c d8 25 0a 75 55 9c ae 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e12a0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b508 (length 16) | 0e 58 d5 77 4d f6 02 00 7d 0b 02 44 36 60 f7 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e12d8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b548 (length 16) | f5 ce 31 eb c2 10 f4 43 50 cf 71 26 5b 57 38 0f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1310 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b588 (length 16) | f6 42 60 af 2e 27 42 da dd d5 69 87 06 8a 99 a0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1348 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a4efa6b5c8 (length 16) | 7a 54 d3 bd b3 b1 e6 d9 23 89 20 64 be 2d 98 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1380 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b608 (length 16) | 9a a1 f3 b4 34 72 a4 5d 5f 50 6a eb 26 0c f2 14 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e13b8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a4efa6b648 (length 16) | 68 80 c7 d0 26 09 91 14 e4 86 c5 54 30 e7 ab ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e13f0 (length 41) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 50 4c 55 54 4f 5f 53 45 4e 44 53 | 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe5e3a05a0 (length 16) | 44 76 1b d7 6b 80 85 41 74 87 ee 8a 51 cf fc f3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1420 (length 53) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 50 4c 55 54 4f 5f 53 45 4e 44 53 5f 56 45 4e | 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe5e3a05a0 (length 16) | b7 0e 8a c3 92 b1 6e 05 48 2f c4 dc 36 10 91 68 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1458 (length 58) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 4c 44 41 50 20 50 4c 55 54 4f 5f 53 45 4e 44 | 53 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe5e3a05a0 (length 16) | 97 1d ea 93 c3 c2 06 74 f9 ae 35 40 83 de 3e 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0531 (length 14) | 4f 70 65 6e 73 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x7ffe5e3a05a0 (length 16) | 08 72 0b ee 9e 28 95 3c e0 8f 0a 18 b6 e2 9d da | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e14c0 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 31 | vendor id hash md5 final bytes@0x55a4efa6b808 (length 16) | 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e14e8 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 32 | vendor id hash md5 final bytes@0x55a4efa6b848 (length 16) | 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0559 (length 10) | 45 53 50 54 68 72 75 4e 41 54 | vendor id hash md5 final bytes@0x55a4efa6b888 (length 16) | 50 76 0f 62 4c 63 e5 c5 3e ea 38 6c 68 5c a0 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1510 (length 38) | 64 72 61 66 74 2d 68 75 74 74 75 6e 65 6e 2d 69 | 70 73 65 63 2d 65 73 70 2d 69 6e 2d 75 64 70 2d | 30 30 2e 74 78 74 | vendor id hash md5 final bytes@0x55a4efa6b8c8 (length 16) | 6a 74 34 c1 9d 7e 36 34 80 90 a0 23 34 c9 c8 05 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0564 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 30 | vendor id hash md5 final bytes@0x55a4efa6b908 (length 16) | 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0582 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 31 | vendor id hash md5 final bytes@0x55a4efa6b948 (length 16) | 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e05a0 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 | vendor id hash md5 final bytes@0x55a4efa6b988 (length 16) | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1538 (length 30) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 0a | vendor id hash md5 final bytes@0x55a4efa6b9c8 (length 16) | 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e05be (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 33 | vendor id hash md5 final bytes@0x55a4efa6ba08 (length 16) | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e05dc (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 34 | vendor id hash md5 final bytes@0x55a4efa6ba48 (length 16) | 99 09 b6 4e ed 93 7c 65 73 de 52 ac e9 52 fa 6b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e05fa (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 35 | vendor id hash md5 final bytes@0x55a4efa6ba88 (length 16) | 80 d0 bb 3d ef 54 56 5e e8 46 45 d4 c8 5c e3 ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0618 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 36 | vendor id hash md5 final bytes@0x55a4efa6bac8 (length 16) | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0636 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 37 | vendor id hash md5 final bytes@0x55a4efa6bb08 (length 16) | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0654 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 38 | vendor id hash md5 final bytes@0x55a4efa6bb48 (length 16) | 8f 8d 83 82 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0672 (length 26) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 | vendor id hash md5 final bytes@0x55a4efa6bb88 (length 16) | 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e068d (length 8) | 52 46 43 20 33 39 34 37 | vendor id hash md5 final bytes@0x55a4efa6bbc8 (length 16) | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e94f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x55a4efa6bc88 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e073d (length 19) | 56 69 64 2d 49 6e 69 74 69 61 6c 2d 43 6f 6e 74 | 61 63 74 | vendor id hash md5 final bytes@0x55a4efa6bcc8 (length 16) | 26 24 4d 38 ed db 61 b3 17 2a 36 e3 d0 cf b8 19 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e1058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x55a4efa6bd08 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e038e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x55a4efa6bd48 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0751 (length 14) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 | vendor id hash md5 final bytes@0x55a4efa6bd88 (length 16) | 21 4c a4 fa ff a7 f3 2d 67 48 e5 30 33 95 ae 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1cf8dd (length 10) | 73 74 72 6f 6e 67 53 77 61 6e | vendor id hash md5 final bytes@0x55a4efa6bdc8 (length 16) | 88 2f e5 6d 6f d2 0d bc 22 51 61 3b 2e be 5b eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0760 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x55a4efa6be08 (length 16) | 2c e9 c9 46 a4 c8 79 bf 11 b5 0b 76 cc 56 92 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0771 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x55a4efa6be48 (length 16) | 9d bb af cf 1d b0 dd 59 5a e0 65 29 40 03 ad 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0782 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 32 | vendor id hash md5 final bytes@0x55a4efa6be88 (length 16) | 77 e8 ee a6 f5 56 a4 99 de 3f fe 7f 7f 95 66 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0793 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 33 | vendor id hash md5 final bytes@0x55a4efa6bec8 (length 16) | b1 81 b1 8e 11 4f c2 09 b3 c6 e2 6c 3a 80 71 8e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 34 | vendor id hash md5 final bytes@0x55a4efa6bf08 (length 16) | 1e f2 83 f8 35 49 b5 ff 96 08 b6 d6 34 f8 4d 75 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 35 | vendor id hash md5 final bytes@0x55a4efa6bf48 (length 16) | dd 18 0d 21 e5 ce 65 5a 76 8b a3 22 11 dd 8a d9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 36 | vendor id hash md5 final bytes@0x55a4efa6bf88 (length 16) | 4c 90 13 69 46 57 7b 51 91 9d 8d 9a 6b 8e 4a 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 37 | vendor id hash md5 final bytes@0x55a4efa6bfc8 (length 16) | ab 07 46 22 1c c8 fd 0d 52 38 f7 3a 9b 3d a5 57 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x55a4efa6c008 (length 16) | 47 94 ce f6 84 34 22 98 0d 1a 3d 06 af 41 c5 cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e07f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | vendor id hash md5 final bytes@0x55a4efa6c048 (length 16) | d3 f1 c4 88 c3 68 17 5d 5f 40 a8 f5 ca 5f 5e 12 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e080a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c088 (length 16) | 15 a1 ac e7 ee 52 fd df ef 04 f9 28 db 2d d1 34 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e081b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c0c8 (length 16) | 58 49 ab 6d 8b ea bd 6e 4d 09 e5 a3 b8 8c 08 9a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e082c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 34 | vendor id hash md5 final bytes@0x55a4efa6c108 (length 16) | 31 2f 9c b1 a6 b9 0e 19 de 75 28 c9 04 ac 30 87 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e083d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 35 | vendor id hash md5 final bytes@0x55a4efa6c148 (length 16) | bf 0f bf 73 06 eb b7 82 70 42 d8 93 53 98 86 e2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e084e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 36 | vendor id hash md5 final bytes@0x55a4efa6c188 (length 16) | d1 96 83 36 8a f4 b0 ed c2 1c cd e9 82 b1 d1 b0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e085f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 37 | vendor id hash md5 final bytes@0x55a4efa6c1c8 (length 16) | ea 84 0a a4 df c9 71 2d 6c 32 b5 a1 6e b3 29 a3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0870 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 38 | vendor id hash md5 final bytes@0x55a4efa6c208 (length 16) | 66 a2 04 55 07 c1 19 da 78 a4 66 62 59 cd ea 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0881 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 39 | vendor id hash md5 final bytes@0x55a4efa6c248 (length 16) | 78 fd d2 87 de f0 1a 3f 07 4b 53 69 ea b4 fd 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0892 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 30 | vendor id hash md5 final bytes@0x55a4efa6c288 (length 16) | bf 3a 89 ae 5b ef 8e 72 d4 4d ac 8b b8 8d 7d 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08a4 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 31 | vendor id hash md5 final bytes@0x55a4efa6c2c8 (length 16) | b7 bd 9f 2f 97 8e 32 59 a7 aa 9f 7a 13 96 ad 6c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08b6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a4efa6c308 (length 16) | 9f 68 90 13 25 a9 72 89 43 35 30 2a 95 31 ab 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08c7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a4efa6c348 (length 16) | ba b2 53 f4 cb 10 a8 10 8a 7c 92 7c 56 c8 78 86 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08d8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c388 (length 16) | 2a 51 7d 0d 23 c3 7d 08 bc e7 c2 92 a0 21 7b 39 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08e9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c3c8 (length 16) | 2d 1f 40 61 18 fb d5 d2 84 74 79 1f fa 00 48 8a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e08fa (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 38 | vendor id hash md5 final bytes@0x55a4efa6c408 (length 16) | 8c 4a 3b cb 72 9b 11 f7 03 d2 2a 5b 39 64 0c a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e090b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 37 | vendor id hash md5 final bytes@0x55a4efa6c448 (length 16) | 3a 0d 4e 7c a4 e4 92 ed 4d fe 47 6d 1a c6 01 8b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e091c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 36 | vendor id hash md5 final bytes@0x55a4efa6c488 (length 16) | fe 3f 49 70 6e 26 a9 fb 36 a8 7b fc e9 ea 36 ce | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e092d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 35 | vendor id hash md5 final bytes@0x55a4efa6c4c8 (length 16) | 4c 7e fa 31 b3 9e 51 04 32 a3 17 57 0d 97 bb b9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e093e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 34 | vendor id hash md5 final bytes@0x55a4efa6c508 (length 16) | 76 c7 2b fd 39 84 24 dd 00 1b 86 d0 01 2f e0 61 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e094f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c548 (length 16) | fb 46 41 ad 0e eb 2a 34 49 1d 15 f4 ef f5 10 63 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0960 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c588 (length 16) | 29 99 32 27 7b 7d fe 38 2c e2 34 65 33 3a 7d 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0971 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 31 | vendor id hash md5 final bytes@0x55a4efa6c5c8 (length 16) | e3 7f 2d 5b a8 9a 62 cd 20 2e e2 7d ac 06 c8 a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0982 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 30 | vendor id hash md5 final bytes@0x55a4efa6c608 (length 16) | 32 f0 e9 b9 c0 6d fe 8c 9a d5 59 9a 63 69 71 a1 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0993 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c648 (length 16) | 7f 50 cc 4e bf 04 c2 d9 da 73 ab fd 69 b7 7a a2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c688 (length 16) | a1 94 e2 aa dd d0 ba fb 95 25 3d d9 6d c7 33 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 31 | vendor id hash md5 final bytes@0x55a4efa6c6c8 (length 16) | 81 34 87 85 82 12 17 85 ba 65 ea 34 5d 6b a7 24 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 30 | vendor id hash md5 final bytes@0x55a4efa6c708 (length 16) | 07 fa 12 8e 47 54 f9 44 7b 1d d4 63 74 ee f3 60 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 34 | vendor id hash md5 final bytes@0x55a4efa6c748 (length 16) | b9 27 f9 52 19 a0 fe 36 00 db a3 c1 18 2a e5 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c788 (length 16) | b2 86 0e 78 37 f7 11 be f3 d0 ee b1 06 87 2d ed | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e09f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c7c8 (length 16) | 5b 1c d6 fe 7d 05 0e da 6c 93 87 1c 10 7d b3 d2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a0a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 31 | vendor id hash md5 final bytes@0x55a4efa6c808 (length 16) | 66 af bc 12 bb fe 6c e1 08 b1 f6 9f 4b c9 17 b7 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a1b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 30 | vendor id hash md5 final bytes@0x55a4efa6c848 (length 16) | 3f 32 66 49 9f fd bd 85 95 0e 70 22 98 06 28 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a2c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 37 | vendor id hash md5 final bytes@0x55a4efa6c888 (length 16) | 1f 44 42 29 6b 83 d7 e3 3a 8b 45 20 9b a0 e5 90 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a3d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 36 | vendor id hash md5 final bytes@0x55a4efa6c8c8 (length 16) | 3c 5e ba 3d 85 64 92 8e 32 ae 43 c3 d9 92 4d ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a4e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 35 | vendor id hash md5 final bytes@0x55a4efa6c908 (length 16) | 3f 26 7e d6 21 ad a7 ee 6c 7d 88 93 cc b0 b1 4b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a5f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 34 | vendor id hash md5 final bytes@0x55a4efa6c948 (length 16) | 7a 6b f5 b7 df 89 64 2a 75 a7 8e f7 d6 57 c1 c0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a70 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 33 | vendor id hash md5 final bytes@0x55a4efa6c988 (length 16) | df 5b 1f 0f 1d 56 79 d9 f8 51 2b 16 c5 5a 60 65 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a81 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 32 | vendor id hash md5 final bytes@0x55a4efa6c9c8 (length 16) | 86 1c e5 eb 72 16 4b 19 0e 9e 62 9a 31 cf 49 01 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0a92 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 31 | vendor id hash md5 final bytes@0x55a4efa6ca08 (length 16) | 9a 4a 46 48 f6 0f 8e da 7c fc bf e2 71 ee 5b 7d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0aa3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 30 | vendor id hash md5 final bytes@0x55a4efa6ca48 (length 16) | 9e b3 d9 07 ed 7a da 4e 3c bc ac b9 17 ab c8 e4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0ab4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 34 | vendor id hash md5 final bytes@0x55a4efa6ca88 (length 16) | 48 5a 70 36 1b 44 33 b3 1d ea 1c 6b e0 df 24 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0ac5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 33 | vendor id hash md5 final bytes@0x55a4efa6cac8 (length 16) | 98 2b 7a 06 3a 33 c1 43 a8 ea dc 88 24 9f 6b cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0ad6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 32 | vendor id hash md5 final bytes@0x55a4efa6cb08 (length 16) | e7 a3 fd 0c 6d 77 1a 8f 1b 8a 86 a4 16 9c 9e a4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0ae7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 31 | vendor id hash md5 final bytes@0x55a4efa6cb48 (length 16) | 75 b0 65 3c b2 81 eb 26 d3 1e de 38 c8 e1 e2 28 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0af8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 30 | vendor id hash md5 final bytes@0x55a4efa6cb88 (length 16) | e8 29 c8 81 49 ba b3 c0 ce e8 5d a6 0e 18 ae 9b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b09 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 32 | vendor id hash md5 final bytes@0x55a4efa6cbc8 (length 16) | 42 a4 83 4c 92 ab 9a 77 77 06 3a fa 25 4b cb 69 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b1a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 31 | vendor id hash md5 final bytes@0x55a4efa6cc08 (length 16) | f6 97 c1 af cc 2e c8 dd cd f9 9d c7 af 03 a6 7f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b2b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 30 | vendor id hash md5 final bytes@0x55a4efa6cc48 (length 16) | b8 f9 2b 2f a2 d3 fe 5f e1 58 34 4b da 1c c6 ae | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b3c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 32 | vendor id hash md5 final bytes@0x55a4efa6cc88 (length 16) | 99 dc 7c c8 23 37 6b 3b 33 d0 43 57 89 6a e0 7b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b4d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 31 | vendor id hash md5 final bytes@0x55a4efa6ccc8 (length 16) | d9 11 8b 1e 9d e5 ef ce d9 cc 9d 88 3f 21 68 ff | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e0b5e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x55a4efa6cd08 (length 16) | 85 b6 cb ec 48 0d 5c 8c d9 88 2c 82 5a c2 c2 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x55a4ef1e94f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x55a4efa6cd48 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55a4efa5ecd8 | libevent_malloc: new ptr-libevent@0x55a4efa6b018 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa761e8 size 16 | libevent_realloc: new ptr-libevent@0x55a4efa76228 size 256 | libevent_malloc: new ptr-libevent@0x55a4efa76358 size 8 | libevent_realloc: new ptr-libevent@0x55a4ef9feb18 size 144 | libevent_malloc: new ptr-libevent@0x55a4efa06aa8 size 152 | libevent_malloc: new ptr-libevent@0x55a4efa76398 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x55a4efa763d8 size 8 | libevent_malloc: new ptr-libevent@0x55a4efa76418 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x55a4efa764e8 size 8 | libevent_malloc: new ptr-libevent@0x55a4efa76528 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x55a4efa765f8 size 8 | libevent_realloc: release ptr-libevent@0x55a4ef9feb18 | libevent_realloc: new ptr-libevent@0x55a4efa76638 size 256 | libevent_malloc: new ptr-libevent@0x55a4efa76768 size 152 | signal event handler PLUTO_SIGSYS installed | created addconn helper (pid:5056) using fork+execve | forked child 5056 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.45:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.45:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.1.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.1.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x55a4efa76d48 | libevent_malloc: new ptr-libevent@0x55a4efa6af68 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa76db8 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76df8 | libevent_malloc: new ptr-libevent@0x55a4efa00268 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa76e68 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76ea8 | libevent_malloc: new ptr-libevent@0x55a4efa00ea8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa76f18 size 16 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76f58 | libevent_malloc: new ptr-libevent@0x55a4efa020c8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa76fc8 size 16 | setup callback for interface eth0 192.0.1.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x55a4efa77008 | libevent_malloc: new ptr-libevent@0x55a4ef9d54e8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa77078 size 16 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x55a4efa770b8 | libevent_malloc: new ptr-libevent@0x55a4ef9d51d8 size 128 | libevent_malloc: new ptr-libevent@0x55a4efa77128 size 16 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x55a4ef9d0c48) PKK_PSK: @west | id type added to secret(0x55a4ef9d0c48) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.09 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 | no interfaces to sort | libevent_free: release ptr-libevent@0x55a4efa6af68 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76d48 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76d48 | libevent_malloc: new ptr-libevent@0x55a4efa6af68 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x55a4efa00268 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76df8 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76df8 | libevent_malloc: new ptr-libevent@0x55a4efa00268 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x55a4efa00ea8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76ea8 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76ea8 | libevent_malloc: new ptr-libevent@0x55a4efa00ea8 size 128 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | libevent_free: release ptr-libevent@0x55a4efa020c8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76f58 | add_fd_read_event_handler: new ethX-pe@0x55a4efa76f58 | libevent_malloc: new ptr-libevent@0x55a4efa020c8 size 128 | setup callback for interface eth0 192.0.1.254:500 fd 19 | libevent_free: release ptr-libevent@0x55a4ef9d54e8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa77008 | add_fd_read_event_handler: new ethX-pe@0x55a4efa77008 | libevent_malloc: new ptr-libevent@0x55a4ef9d54e8 size 128 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | libevent_free: release ptr-libevent@0x55a4ef9d51d8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa770b8 | add_fd_read_event_handler: new ethX-pe@0x55a4efa770b8 | libevent_malloc: new ptr-libevent@0x55a4ef9d51d8 size 128 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x55a4ef9d0c48) PKK_PSK: @west | id type added to secret(0x55a4ef9d0c48) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.213 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 5056 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.0132 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.054 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.127 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #1 at 0x55a4efa78798 | State DB: adding IKEv1 state #1 in UNDEFINED | pstats #1 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #1 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #1: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #1 "aes128" "aes128" #1: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa78188 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | #1 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.730996 | #1 spent 0.401 milliseconds in main_outI1() | stop processing: state #1 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.459 milliseconds in whack | spent 0.00254 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #1 in MAIN_I1 (find_state_ikev1_init) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 1 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.157 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.295 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 1 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f233c003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f233c003a28 | NSS: Public DH wire value: | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | Generated nonce: 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 40 14 5e 69 | Generated nonce: 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 48 c0 27 34 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 1 time elapsed 0.000674 seconds | (#1) spent 0.677 milliseconds in crypto helper computing work-order 1: outI2 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f233c002888 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #1: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f233c003a28: transferring ownership from helper KE to state #1 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | keyex value 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | keyex value 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | keyex value eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | keyex value 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | keyex value af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | keyex value d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | keyex value 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | keyex value 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | keyex value 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | keyex value 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | keyex value f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | keyex value 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | keyex value 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | keyex value 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | keyex value af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 40 14 5e 69 | Ni 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 48 c0 27 34 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | natd_hash: hash= 1d 15 2a e8 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | NAT-D 1d 15 2a e8 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | natd_hash: hash= cf 88 a0 19 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | NAT-D cf 88 a0 19 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #1: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | 14 00 00 24 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 | 40 14 5e 69 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 | 48 c0 27 34 14 00 00 18 4b 17 2b b5 11 ec a0 9b | d6 b0 f4 a7 7f b5 18 09 1d 15 2a e8 00 00 00 18 | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | #1 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.732916 "aes128" #1: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.376 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f233c002888 | spent 0.00347 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | 14 00 00 24 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b | c5 67 d6 75 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa | 7d 90 c7 7b 14 00 00 18 be 23 b9 9d 36 6e 08 10 | 35 c1 1f 12 cf 13 74 81 cf 88 a0 19 00 00 00 18 | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I2 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f233c003a28: transferring ownership from state #1 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 2 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.101 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.27 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 2 for state #1 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 | peer's g: 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | peer's g: c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | peer's g: 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | peer's g: 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | peer's g: 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | peer's g: be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | peer's g: 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | peer's g: fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | peer's g: ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | peer's g: 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | peer's g: 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | peer's g: 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | peer's g: 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | peer's g: be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | peer's g: 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | peer's g: b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f233c003a28: computed shared DH secret key@0x55a4efa65820 | dh-shared : g^ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7b6b8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: psk-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: psk-key@0x55a4efa63dc0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa62310 | SKEYID psk prf: created sha context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk prf: begin sha with context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk: release clone-key@0x55a4efa63dc0 | SKEYID psk PRF sha crypt-prf@0x7f2334001108 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7b6dc (length 32) | 96 56 55 b0 4f 6c e1 ba 33 c3 39 73 40 14 5e 69 | 91 24 e7 3c b1 3f f9 0a 58 62 5a d3 48 c0 27 34 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7b6fc (length 32) | 15 47 48 5d 39 4f 1b 2a 6f a6 b9 3b c5 67 d6 75 | 1b b4 fd 69 ec b7 d8 f3 ca f0 58 aa 7d 90 c7 7b | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID psk PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID psk: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e718 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d: release clone-key@0x55a4efa62310 | SKEYID_d PRF sha crypt-prf@0x7f23340010b8 | SKEYID_d PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_d: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: cb a6 7d 41 dd c6 3e bf ed 9a a4 0a e4 2e 8f 31 00 09 dc a4 a6 a2 f1 32 88 d2 f9 26 28 c2 76 d2 50 cb bd 40 e2 e3 ae f5 f6 ba 52 0c 11 71 02 39 76 69 f3 d1 a3 3b 58 16 3a b3 ef a1 e6 57 99 0e 7e ef 88 15 82 95 6d 92 9a d7 6f dd 0a 31 c7 af 39 17 e1 6c 2d 86 8b 46 86 f0 c8 d3 6a 4a f2 ed 46 27 51 e3 b5 ef 9e 14 34 79 f9 0f a3 e8 5a 50 e4 14 2f eb 50 87 fc 69 3f 59 55 0d e5 b8 65 07 61 aa 96 37 2e 2a 64 ad 98 0e 33 3d 7c c5 e2 76 e3 4d cf 19 85 64 6d ab f2 ed 58 32 bf f6 56 01 b2 1f 16 85 0c c3 9c 04 d6 33 d6 7a bb 95 a5 d0 85 69 5a df af b8 43 e8 74 3a c7 0a 63 fe 84 0c a0 6b 78 10 ac 80 ab ac 83 c8 ec 59 5f 0b 15 35 f6 a4 a4 c9 4d 57 e0 3a de 20 5e f6 f1 4e 27 3b 0b b9 99 06 db 93 9a ad 20 bf 2a d2 88 30 79 d5 53 a1 9a d1 5c 0c 3c 2a e0 cd 86 a6 78 e5 6a 3f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7b91c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7b924 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID_d PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_d: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a: release clone-key@0x55a4efa5af10 | SKEYID_a PRF sha crypt-prf@0x7f2334001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa62310 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 79 e2 37 07 15 bc ae 9a e4 27 18 c6 de a9 62 47 1c fd fc a0 18 39 c6 33 81 13 e5 f8 84 58 f4 0f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340030c8 | unwrapped: 70 78 8a 5d 99 e7 3b 38 7a 16 e2 55 22 fd c6 4d | unwrapped: 40 be 86 70 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_a: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: cb a6 7d 41 dd c6 3e bf ed 9a a4 0a e4 2e 8f 31 00 09 dc a4 a6 a2 f1 32 88 d2 f9 26 28 c2 76 d2 50 cb bd 40 e2 e3 ae f5 f6 ba 52 0c 11 71 02 39 76 69 f3 d1 a3 3b 58 16 3a b3 ef a1 e6 57 99 0e 7e ef 88 15 82 95 6d 92 9a d7 6f dd 0a 31 c7 af 39 17 e1 6c 2d 86 8b 46 86 f0 c8 d3 6a 4a f2 ed 46 27 51 e3 b5 ef 9e 14 34 79 f9 0f a3 e8 5a 50 e4 14 2f eb 50 87 fc 69 3f 59 55 0d e5 b8 65 07 61 aa 96 37 2e 2a 64 ad 98 0e 33 3d 7c c5 e2 76 e3 4d cf 19 85 64 6d ab f2 ed 58 32 bf f6 56 01 b2 1f 16 85 0c c3 9c 04 d6 33 d6 7a bb 95 a5 d0 85 69 5a df af b8 43 e8 74 3a c7 0a 63 fe 84 0c a0 6b 78 10 ac 80 ab ac 83 c8 ec 59 5f 0b 15 35 f6 a4 a4 c9 4d 57 e0 3a de 20 5e f6 f1 4e 27 3b 0b b9 99 06 db 93 9a ad 20 bf 2a d2 88 30 79 d5 53 a1 9a d1 5c 0c 3c 2a e0 cd 86 a6 78 e5 6a 3f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7b91c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7b924 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: final-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65c00 | SKEYID_a PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_a: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: clone-key@0x55a4efa65c00 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e: release clone-key@0x55a4efa65c00 | SKEYID_e PRF sha crypt-prf@0x7f23340010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa5af10 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: 87 c0 b9 90 e4 1d 94 e0 40 6c a8 5a b9 e1 fc 7f e0 62 d3 68 9e 93 b3 2c 29 76 cc 9c e0 78 df 3c | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2334001158 | unwrapped: f7 78 d6 90 f8 e9 fb c6 28 1c 77 3f 95 26 65 54 | unwrapped: 19 63 4b 7e 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_e: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: cb a6 7d 41 dd c6 3e bf ed 9a a4 0a e4 2e 8f 31 00 09 dc a4 a6 a2 f1 32 88 d2 f9 26 28 c2 76 d2 50 cb bd 40 e2 e3 ae f5 f6 ba 52 0c 11 71 02 39 76 69 f3 d1 a3 3b 58 16 3a b3 ef a1 e6 57 99 0e 7e ef 88 15 82 95 6d 92 9a d7 6f dd 0a 31 c7 af 39 17 e1 6c 2d 86 8b 46 86 f0 c8 d3 6a 4a f2 ed 46 27 51 e3 b5 ef 9e 14 34 79 f9 0f a3 e8 5a 50 e4 14 2f eb 50 87 fc 69 3f 59 55 0d e5 b8 65 07 61 aa 96 37 2e 2a 64 ad 98 0e 33 3d 7c c5 e2 76 e3 4d cf 19 85 64 6d ab f2 ed 58 32 bf f6 56 01 b2 1f 16 85 0c c3 9c 04 d6 33 d6 7a bb 95 a5 d0 85 69 5a df af b8 43 e8 74 3a c7 0a 63 fe 84 0c a0 6b 78 10 ac 80 ab ac 83 c8 ec 59 5f 0b 15 35 f6 a4 a4 c9 4d 57 e0 3a de 20 5e f6 f1 4e 27 3b 0b b9 99 06 db 93 9a ad 20 bf 2a d2 88 30 79 d5 53 a1 9a d1 5c 0c 3c 2a e0 cd 86 a6 78 e5 6a 3f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: f3 f4 5a c4 89 14 3c 5a b3 19 7e 49 a9 83 c5 05 | unwrapped: 5a 10 42 00 7c d2 f4 8b 03 43 c5 fa 96 37 8e df | unwrapped: 7f 84 c8 58 fb 09 36 88 bf 31 dd 3f e8 66 fa e0 | unwrapped: 32 6c e2 be ab 29 d6 8e 1c 40 d0 9c 6e a1 c7 07 | unwrapped: ad 84 9d a7 64 3f 76 6a 9d c4 7f cf d3 37 a4 b2 | unwrapped: fa 18 c0 88 a2 ec 44 71 0a 3f d8 34 cd e7 a6 15 | unwrapped: 03 5f 2f da 81 0c 1d 80 81 df bd 57 a9 5c 6f a2 | unwrapped: cb 73 3c 9c 7d fd 78 d4 f1 4e 3d 8e 79 59 10 fb | unwrapped: ab d8 72 07 65 d1 fa 8d ff cd 9c e3 85 5a ba b3 | unwrapped: 47 13 40 75 8e 78 6d 44 27 10 27 f8 d2 8a fc 0b | unwrapped: 52 7a d2 09 ae ac 5d c7 9a ef 83 17 af bf 22 39 | unwrapped: ac 36 fa 32 ce 17 d4 fa 35 7e 84 d3 1c 3c 4c 80 | unwrapped: 80 36 d8 74 95 72 31 76 ed b5 69 34 62 b2 c6 53 | unwrapped: 0d 89 6d 7e 49 92 20 21 4b dc 93 dd 77 52 8e 9a | unwrapped: 8b 11 0b 01 cc ec 3e f6 58 95 a5 c6 f8 21 54 51 | unwrapped: 9d fe 3e a3 7a 80 62 8e 6e 8b 53 d4 18 fe ed 38 | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7b91c (length 8) | f7 4b 09 d9 49 aa b6 8e | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7b924 (length 8) | 7b 78 5d 26 90 76 e5 74 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e710 | result: final-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5c790 | SKEYID_e PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID_e: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e768 | result: keymat-key@0x55a4efa5c790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa62310, skeyid_a 0x55a4efa5af10, skeyid_e 0x55a4efa65c00, enc_key 0x55a4efa5c790 | DH_i: 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | DH_i: 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | DH_i: 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | DH_i: eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | DH_i: 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | DH_i: af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | DH_i: d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | DH_i: 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | DH_i: 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | DH_i: 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | DH_i: 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | DH_i: f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | DH_i: 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | DH_i: 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | DH_i: 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | DH_i: af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | DH_r: 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | DH_r: c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | DH_r: 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | DH_r: 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | DH_r: 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | DH_r: be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | DH_r: 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | DH_r: fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | DH_r: ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | DH_r: 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | DH_r: 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | DH_r: 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | DH_r: 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | DH_r: be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | DH_r: 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | DH_r: b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7b71c (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | new IV hash sha digest GR-bytes@0x55a4efa7b81c (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | new IV hash sha final chunk@0x7f2334001158 (length 20) | cb 49 5e c0 46 e5 cc d6 05 f6 db ff 16 f3 5b dd | 3b c5 ec fa | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.002122 seconds | (#1) spent 2.12 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f2334003978 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 2 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #1: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f233c003a28: transferring ownership from helper IKEv1 DH+IV to state #1 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | cf 88 a0 19 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | natd_hash: hash= cf 88 a0 19 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | f7 4b 09 d9 49 aa b6 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 7b 78 5d 26 90 76 e5 74 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f7 4b 09 d9 49 aa b6 8e | natd_hash: rcookie= 7b 78 5d 26 90 76 e5 74 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | natd_hash: hash= 1d 15 2a e8 | expected NAT-D(me): be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | expected NAT-D(me): cf 88 a0 19 | expected NAT-D(him): | 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | 1d 15 2a e8 | received NAT-D: be 23 b9 9d 36 6e 08 10 35 c1 1f 12 cf 13 74 81 | received NAT-D: cf 88 a0 19 | received NAT-D: 4b 17 2b b5 11 ec a0 9b d6 b0 f4 a7 7f b5 18 09 | received NAT-D: 1d 15 2a e8 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa78218 | hmac PRF sha update data-bytes@0x7f233c000b48 (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | f7 4b 09 d9 49 aa b6 8e | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 7b 78 5d 26 90 76 e5 74 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 1d 84 b4 92 30 62 70 60 7a 98 e0 6e 28 40 88 55 | da 6c 1a e9 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 1d 84 b4 92 30 62 70 60 7a 98 e0 6e 28 40 88 55 | HASH_I da 6c 1a e9 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 1d 84 b4 92 30 62 70 60 7a 98 e0 6e 28 40 88 55 | encrypting: da 6c 1a e9 | IV: cb 49 5e c0 46 e5 cc d6 05 f6 db ff 16 f3 5b dd | IV: 3b c5 ec fa | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 0f 99 8b 75 fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #1: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c 05 8e 2e d5 | fa 92 f2 ce 64 77 a8 e0 d6 c6 81 ae 9d ff b3 d2 | a7 bd 53 4d 5d 0e a9 b1 2b c8 cc 0e 0f 99 8b 75 | fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x55a4efa7aa28 size 128 | #1 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.738627 "aes128" #1: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.512 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2334003978 | spent 0.0028 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c f4 7a 1e 74 | a3 f1 67 a3 30 bd 5d 36 25 07 18 f2 85 09 eb 78 | 1b 88 fb a8 2d 07 51 20 54 35 b6 37 a8 fb a9 86 | af 72 02 20 bf 03 ce 91 1c ee fa 4d | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I3 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 0f 99 8b 75 fc b9 45 4c f2 ed 17 5f d1 c7 8b 3c | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | decrypted payload (starts at offset -48): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 4d a0 68 45 | 07 46 5c b8 99 c8 a1 8a fd b7 ee 8b d8 22 92 c2 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #1: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f2334001158 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 256) | 1d a1 37 55 88 42 7f 08 d8 25 65 fc 48 63 33 7a | c7 07 d6 7b d4 1f 1d a3 1b 67 73 3c 59 d7 1f 92 | 08 53 74 e3 32 e1 f4 03 21 a1 af 8f 95 5d 40 12 | 55 c1 98 8b 10 6f b5 1e 2e 96 8e 58 e3 c1 1e 4b | 7d 1c 1d e3 a0 09 12 7f 72 67 d2 c3 3b 8c 2c 9a | be 3c d0 6e 53 c1 64 28 d5 17 d3 93 7f d9 a8 0e | 41 af f9 7c 4f 30 3d 52 27 55 3f f0 f5 de 38 75 | fa 29 d1 30 9c 5a 28 7c 71 02 a4 9b 0e 98 ff 69 | ca 00 f6 fe 80 67 19 85 ea 91 b7 b8 b0 93 5e 4f | 93 5c d1 22 98 ab 03 ca 99 eb cb 02 ec 3f 36 83 | 4c af 5d f2 a0 7c d9 9a f6 27 15 1d 7a 75 89 07 | 54 64 ef d7 57 25 f1 ac ce d5 62 05 76 3f 6a 8e | 96 b1 5e 38 51 77 89 40 ae fb f7 ea a0 75 a4 54 | be b5 7b 44 38 c5 23 c6 1f 15 b8 c6 f9 70 dc f3 | 5c df a1 70 ce 32 36 c6 3a f0 79 96 53 f8 41 87 | b8 a2 ee 89 a0 78 a4 c4 f6 21 df 95 ac 6b f2 0e | hmac PRF sha update data-bytes@0x7f233c000b48 (length 256) | 40 2e a4 1f aa e7 66 34 4f a2 9f 7e 4c 28 a6 c2 | 7e 14 4d 9d 4c 03 ba 8f 2f e1 eb 10 08 dc 1b af | 82 cd 15 29 25 aa 98 3b cd 3d 7f 70 0c b7 42 a7 | eb 85 88 b1 81 d9 07 8a 4e 97 6c 5e 7b 14 16 19 | 23 4b c9 59 4b 0b b8 b0 db 3e 1c 62 90 00 f5 28 | af 82 73 01 70 ae b1 1a 5e 73 04 65 a7 c8 47 33 | d0 80 9d 47 9d 72 68 ea 36 75 b7 4c 10 12 f7 2b | 37 33 d6 c4 c1 f1 33 d2 ff 8b 8a bb 80 bf a5 de | 80 e5 5d 87 ca b4 a5 31 14 90 26 42 f1 41 5f f4 | 97 e3 ea a1 5e 54 cb d0 6d 99 9f ec 0c 09 91 83 | 91 8d d0 31 c3 e7 23 7f 0f aa c5 bf eb 5f 53 ee | f4 29 8c 99 ca 5e b6 d7 87 ed 91 6c 01 96 25 6f | 76 fc 80 e1 47 46 bb 8b 90 e6 cf dc d1 57 fe 5e | 04 71 cf 47 40 a8 f5 f6 88 0c f2 9b 41 52 6d a1 | 97 77 fe 6c a3 9e 37 2a b2 aa 41 5c 27 c1 bb 5f | af fe 76 12 1a 52 a9 4e fb 66 3b f3 78 57 53 54 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 7b 78 5d 26 90 76 e5 74 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | f7 4b 09 d9 49 aa b6 8e | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4efa768e8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 4d a0 68 45 07 46 5c b8 99 c8 a1 8a fd b7 ee 8b | d8 22 92 c2 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #1: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7aa28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1 | libevent_malloc: new ptr-libevent@0x7f2334003978 size 128 | pstats #1 ikev1.isakmp established "aes128" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #1 | creating state object #2 at 0x55a4efa7b648 | State DB: adding IKEv1 state #2 in UNDEFINED | pstats #2 ikev1.ipsec started | duplicating state object #1 "aes128" as #2 for IPSEC SA | #2 setting local endpoint to 192.1.2.45:500 from #1.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa5c790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #1 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #2 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #2: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:a571835f proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 3 for state #2 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f233c002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x55a4efa7a978 size 128 | stop processing: state #2 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 3 resuming | crypto helper 3 starting work-order 3 for state #2 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 3 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f23380050c8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f23380050c8 | NSS: Public DH wire value: | 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | Generated nonce: c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | Generated nonce: 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 3 time elapsed 0.001137 seconds | (#2) spent 1.13 milliseconds in crypto helper computing work-order 3: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 3 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f2338003f28 size 128 | libevent_realloc: release ptr-libevent@0x55a4efa59488 | libevent_realloc: new ptr-libevent@0x7f2338003e78 size 128 | crypto helper 3 waiting (nothing to do) | resume processing: state #1 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa6a378} | close_any(fd@24) (in release_whack() at state.c:654) | #1 spent 0.507 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.678 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 3 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #2: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x833b16bb for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 83 3b 16 bb | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | Ni 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f23380050c8: transferring ownership from helper KE to state #2 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | keyex value 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | keyex value 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | keyex value b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | keyex value b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | keyex value 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | keyex value b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | keyex value f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | keyex value 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | keyex value 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | keyex value 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | keyex value 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | keyex value 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | keyex value dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | keyex value 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | keyex value be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa78268 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | a5 71 83 5f | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 83 3b 16 bb 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 c0 60 2f 81 | 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 62 fb ea 9b | 83 79 bc ac 01 b2 36 12 47 35 ac 35 05 00 01 04 | 11 3b 7e 7a ae d2 70 1f 31 e0 8c 5d 8d f2 6f 8a | 76 47 5b 41 7a 60 d9 ee d5 db aa 06 6c cb 1b 1a | 2b 05 09 51 3e 21 40 fd 4b 5f 5d 1c 6b 63 86 18 | b7 e5 44 4a da b2 5a b5 eb 4c bb 7e 00 6b 4c 03 | b1 4d 5c 84 57 9d bc 99 17 6a 73 33 bf a0 e8 f3 | 81 81 98 5a 3d 0b f7 7c bb 7f d3 1f da b2 d2 09 | b7 6c a7 c8 8b c5 a0 e3 79 29 95 43 55 db d3 95 | f7 ae d7 19 05 e4 58 b9 98 fd c8 53 a0 e6 c3 62 | 18 44 8c a1 16 ec f5 bf 3f 9d ab da 42 2f 0b fb | 3a 6e ac d0 0c 7f 0b a5 cc 04 2b 9a 3d 8f 22 da | 36 0e e2 ee dd ad 8c 3c 5d 75 e2 05 85 f8 80 07 | 68 5b 3f 14 66 76 11 ea 88 cc 56 c7 55 fd 7b e3 | 21 31 0b 19 5a 1c 37 fc 30 4d 65 40 18 49 3c cd | dd 27 5d 31 ec 04 99 c0 1d 69 11 11 9f d3 c3 73 | 09 b7 8f 90 d1 a7 5a 47 57 5b 24 33 58 35 49 2a | be e0 df 94 07 6c fc 33 11 2d f6 87 a7 0a 11 4b | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a 11 b9 94 3d | b3 c3 92 b4 | outI1 HASH(1): | 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a 11 b9 94 3d | b3 c3 92 b4 | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | a5 71 83 5f | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 28 cb be c8 29 f7 bf fb 4e be 6e a2 9f 5a 39 33 | 82 d5 f5 5f | encrypting: 01 00 00 18 9e 6d d8 56 7a ae eb 6d 5a 1f bd 1a | encrypting: 11 b9 94 3d b3 c3 92 b4 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 83 3b 16 bb | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 | encrypting: c8 6b 7e 96 62 fb ea 9b 83 79 bc ac 01 b2 36 12 | encrypting: 47 35 ac 35 05 00 01 04 11 3b 7e 7a ae d2 70 1f | encrypting: 31 e0 8c 5d 8d f2 6f 8a 76 47 5b 41 7a 60 d9 ee | encrypting: d5 db aa 06 6c cb 1b 1a 2b 05 09 51 3e 21 40 fd | encrypting: 4b 5f 5d 1c 6b 63 86 18 b7 e5 44 4a da b2 5a b5 | encrypting: eb 4c bb 7e 00 6b 4c 03 b1 4d 5c 84 57 9d bc 99 | encrypting: 17 6a 73 33 bf a0 e8 f3 81 81 98 5a 3d 0b f7 7c | encrypting: bb 7f d3 1f da b2 d2 09 b7 6c a7 c8 8b c5 a0 e3 | encrypting: 79 29 95 43 55 db d3 95 f7 ae d7 19 05 e4 58 b9 | encrypting: 98 fd c8 53 a0 e6 c3 62 18 44 8c a1 16 ec f5 bf | encrypting: 3f 9d ab da 42 2f 0b fb 3a 6e ac d0 0c 7f 0b a5 | encrypting: cc 04 2b 9a 3d 8f 22 da 36 0e e2 ee dd ad 8c 3c | encrypting: 5d 75 e2 05 85 f8 80 07 68 5b 3f 14 66 76 11 ea | encrypting: 88 cc 56 c7 55 fd 7b e3 21 31 0b 19 5a 1c 37 fc | encrypting: 30 4d 65 40 18 49 3c cd dd 27 5d 31 ec 04 99 c0 | encrypting: 1d 69 11 11 9f d3 c3 73 09 b7 8f 90 d1 a7 5a 47 | encrypting: 57 5b 24 33 58 35 49 2a be e0 df 94 07 6c fc 33 | encrypting: 11 2d f6 87 a7 0a 11 4b 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 28 cb be c8 29 f7 bf fb 4e be 6e a2 9f 5a 39 33 | IV: 82 d5 f5 5f | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: b3 ae 4a 55 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 8a fd ee 0a | f0 47 ff 03 49 4a 9e b0 46 6f 93 31 c8 fa 30 c3 | f3 ef 30 aa 57 7a 57 94 e7 bf 90 f0 c8 60 0a 12 | f9 4e 94 00 43 5a b8 0d 81 e2 90 0e a8 ed 71 47 | 48 9a fb 74 29 bd 4b c0 af ab 3b 71 3c ff c6 d3 | 46 44 fa af 0c ed 63 1b 59 43 e5 2b 8c d9 27 29 | 3b 6d 8c e6 f2 58 44 df 08 ca f1 f8 34 fa 21 01 | ee d9 1b 5a f5 24 f2 98 45 ca b3 12 41 c1 fd 2a | c2 eb 36 9d d4 1c bd f0 2d ee 14 21 42 7b b8 53 | a3 17 fa 41 dc 86 88 94 34 9b 2e 69 cb 75 a5 61 | 10 29 04 27 5c eb e3 c7 2f 45 32 e8 d4 8c 65 7b | 9a 9d ee b5 ea 34 cc a3 1b 7a 2e df e3 22 f0 ea | 8c c5 04 c1 d1 fb 8c cf 0c 47 37 93 bc 57 27 69 | 20 54 8b e8 5a 80 08 45 a5 f6 a8 7b 54 1d fe c4 | ca fc a1 84 4c 5a 7f 21 04 c0 bf 16 f1 ac ea c6 | eb 3f 79 0d 77 4a 19 af 6f 41 44 54 00 d5 1c c0 | 8c 0b a1 f8 57 a1 16 7d e4 ef 76 6b be 13 09 4f | 0f 80 dc e1 4e 76 ad 9c 12 ec 18 6d a2 7e 58 44 | 6a 02 6b 99 89 e3 b7 3b 2d fd 29 fe 8f 9b c5 86 | ff 51 21 4c e4 d1 90 c6 ee d9 23 9b 8e a7 ce 50 | 1e f8 46 b5 e4 f7 f5 d1 d8 63 13 9e 3a c2 47 f8 | a4 ce e0 17 56 3f 77 03 15 79 4d 77 ab 05 6a 18 | a3 43 c7 8c 2a b7 c3 f9 c6 9b 90 17 66 87 3b b9 | 44 34 d2 92 9a 62 d8 51 47 31 7e b9 e2 ed a5 2f | b3 17 89 45 64 15 e2 b5 81 dc 5c 5e 77 f6 42 1d | 1d e0 b7 d8 fb a4 c3 35 eb 8b ce 35 b3 ae 4a 55 | 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa7a978 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f233c002b78 "aes128" #2: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f233c002b78 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x55a4efa7af08 size 128 | #2 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29295.742764 | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 1.22 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2338003f28 | spent 0.00351 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 6e c6 82 97 | 3b ac 6b 3a 21 b2 27 9d 32 aa 01 b0 13 d9 cc e1 | 11 09 1a 2b 85 a8 3b 84 c1 d4 1d 54 03 79 3f 2b | 87 e2 d7 07 13 9a 5d 2b c1 92 20 c6 28 3e 62 7f | 46 32 b9 ee d6 ed 7c b6 f0 4a 67 9b 90 4a 3b 40 | c4 9d 28 5e 01 ad a9 94 e2 45 2b ae ca e4 a2 5c | a0 c7 74 e4 79 5f 6d 77 ca 43 de 76 7e d0 91 a4 | 18 e8 82 b4 8a b4 a3 d8 e7 51 c0 46 3d ec aa ee | 6e 80 8a ce 55 f4 cd 21 de 7f 09 17 e8 a1 30 5c | de 4e 37 e8 0b 68 6a 9e b9 a2 5d 55 72 09 7f fc | f7 99 47 51 e2 33 1f cb 5b c7 fb 30 a0 e7 44 27 | ba 21 c3 36 11 83 31 19 c3 70 88 b8 70 83 c4 c8 | 72 92 c4 7c 76 f5 2c c1 8c 73 d7 95 4c 22 f2 12 | 65 36 60 2e 28 e8 6d 7f 40 05 86 f7 5f ff 3a 78 | 42 68 6a 03 fe d4 bc c9 54 aa dd 3f d8 f1 e9 4c | bf 09 c9 ff f4 62 0e e3 65 93 f1 1f d5 e5 08 8f | 01 73 ec 65 4c fc 62 f5 aa ae d8 dc be 58 3a 61 | cb 3c 01 3f 7f 8e aa 7c 19 25 ed 2a b2 47 22 2f | 14 06 3e 26 75 d4 9d d9 b0 80 f8 e6 ef ea 9e 53 | 5a f0 2b 6b 7f f5 b5 ae a9 7c 06 c4 40 ce 76 30 | 04 0e 81 5c e4 27 db 45 94 8b 85 79 2f 95 f3 66 | 0e 1b 88 2e 4b b8 10 0a c8 ad 7b 45 ca 9f 36 a1 | 54 72 8a ad 2a 60 e1 c0 e6 6b 8b 4b 20 e8 4d 15 | c9 df 20 99 0f d4 c6 bd ea 52 2d 37 fe 9e c8 45 | 29 4b 52 cf a3 42 c1 21 cf 64 a5 5f 9d eb 33 dd | bb 02 38 68 59 91 cb f8 81 4b ae 1c 0e 64 43 0c | eb cf 00 08 b2 54 73 bf 75 1d 27 2a | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #2 in QUICK_I1 (find_state_ikev1) | start processing: state #2 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #2 is idle | #2 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: b3 ae 4a 55 9b b6 d1 14 54 9e e3 1b e1 65 e7 81 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 0e 64 43 0c eb cf 00 08 b2 54 73 bf 75 1d 27 2a | decrypted payload (starts at offset -416): | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 01 bc 01 00 00 18 | bc a0 96 14 33 d6 66 ae ba 08 96 05 17 74 ea a4 | 2a a6 f4 77 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 21 e8 1d 96 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | 05 00 01 04 ca 5b 13 66 6f fa e2 cf ae 90 6a 56 | 92 fd 44 0b 01 5e f2 64 9f d6 45 1e c0 e5 47 2b | f5 56 0f 3c a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 | 5c 9a 02 5a 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e | 04 93 41 37 68 ae cf 1f 32 39 86 75 4a 04 85 6c | 5f dc 06 da f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 | 82 11 a4 8a c2 82 b2 02 32 57 26 52 ed 2d 6e 4a | 54 9a 37 04 ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 | 13 0e f2 26 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 | 36 bf 2d 13 c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 | 98 3a 14 b7 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 | 04 76 2a 7b 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 | bd ab a9 44 fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd | 9a 4f 65 af 05 3f 0d 10 80 ea 17 75 56 23 24 76 | 02 1f 82 41 ba c6 7a 55 0f 13 26 01 7c 69 05 f6 | b3 3e ce b2 a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce | 23 ab bc 8d 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa78268 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | a5 71 83 5f | HASH(1) PRF sha update Ni_b-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | HASH(1) PRF sha update payload-bytes@0x55a4efa7d78c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 21 e8 1d 96 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 54 d2 08 46 | 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e d6 b3 97 53 | d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 05 00 01 04 | ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | bc a0 96 14 33 d6 66 ae ba 08 96 05 17 74 ea a4 | 2a a6 f4 77 | quick_inR1_outI2 HASH(2): | bc a0 96 14 33 d6 66 ae ba 08 96 05 17 74 ea a4 | 2a a6 f4 77 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 21 e8 1d 96 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f23380050c8: transferring ownership from state #2 to helper IKEv1 DH | adding quick outI2 DH work-order 4 for state #2 | state #2 requesting EVENT_RETRANSMIT to be deleted | #2 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7af08 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f233c002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f233c002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f2338003f28 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #2 and saving MD | #2 is busy; has a suspended MD | #2 spent 0.223 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #2 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.689 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 4 for state #2 | crypto helper 2 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 | peer's g: ca 5b 13 66 6f fa e2 cf ae 90 6a 56 92 fd 44 0b | peer's g: 01 5e f2 64 9f d6 45 1e c0 e5 47 2b f5 56 0f 3c | peer's g: a3 87 04 e6 0e ca 2f d7 ef 73 e7 a3 5c 9a 02 5a | peer's g: 96 3e 94 e5 d9 f9 74 e5 96 f6 b7 8e 04 93 41 37 | peer's g: 68 ae cf 1f 32 39 86 75 4a 04 85 6c 5f dc 06 da | peer's g: f0 49 2e 65 0d 3d 62 d3 e3 3b 2b 23 82 11 a4 8a | peer's g: c2 82 b2 02 32 57 26 52 ed 2d 6e 4a 54 9a 37 04 | peer's g: ec a8 a9 a0 39 4d 85 16 a4 eb 70 98 13 0e f2 26 | peer's g: 9a 60 6e c3 4f fc 42 f1 2b ab 7d b5 36 bf 2d 13 | peer's g: c4 9e 02 03 96 d4 b9 11 20 f0 bf 54 98 3a 14 b7 | peer's g: 9b 1f 14 92 4c 83 74 bc 80 c6 31 15 04 76 2a 7b | peer's g: 9b 3c e7 f2 db 8b 0b 5e 2b 11 08 90 bd ab a9 44 | peer's g: fe a6 37 44 94 e6 f1 d2 eb 88 e6 dd 9a 4f 65 af | peer's g: 05 3f 0d 10 80 ea 17 75 56 23 24 76 02 1f 82 41 | peer's g: ba c6 7a 55 0f 13 26 01 7c 69 05 f6 b3 3e ce b2 | peer's g: a6 1b 45 2a 3c af 49 bd e9 d0 e2 ce 23 ab bc 8d | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f23380050c8: computed shared DH secret key@0x55a4efa76810 | dh-shared : g^ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 2 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 time elapsed 0.000611 seconds | (#2) spent 0.598 milliseconds in crypto helper computing work-order 4: quick outI2 DH (pcr) | crypto helper 2 sending results from work-order 4 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f232c001f78 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 4 | calling continuation function 0x55a4ef163b50 | quick_inR1_outI2_continue for #2: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2775679839 (0xa571835f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f23380050c8: transferring ownership from helper IKEv1 DH to state #2 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ead8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x7f2334001158 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39ebbc (length 4) | a5 71 83 5f | HASH(1) PRF sha update Ni_b-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | HASH(1) PRF sha update Nr_b-bytes@0x55a4efa78218 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b 14 9d 1d c6 | 52 cb 1b d6 | quick_inR1_outI2 HASH(3): | d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b 14 9d 1d c6 | 52 cb 1b d6 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f23380041f0 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f23380041f0 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x55a4efa78268 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa78368 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 8c 9a 5a 7a 6e e3 c9 ce a2 cf 02 43 8d 0f 18 ea 85 38 bf be d3 91 78 12 c2 f8 2e c1 af 1a 66 5e d3 02 94 74 57 cb b1 37 b8 44 ef 1f 59 b9 3e c5 ed f7 6b d0 58 8a 7f de ff 9d 52 12 0d bf e5 ac b9 14 4d 89 a2 8b ae dd f6 a5 d7 b4 64 c6 31 70 6b a9 d9 bc 35 49 20 69 de c5 6e 80 97 e0 26 d7 dc 89 2b 3c 31 d4 fb b3 fd b5 c6 25 9e bf 74 17 a6 c5 3a 0d 0e 32 37 66 4b e0 d1 6f 1e e2 41 86 76 a0 d9 d0 cd 46 67 89 89 0d a9 8c 61 29 df 69 c4 fa 98 02 6c fe 53 b0 fd 28 7b 4c 16 3d ef 6d 68 d8 fc 14 ce 0a 55 97 87 bf c9 f0 a7 43 79 c8 f7 6c aa ad e3 bd 0c 09 c0 74 9a 84 2a 92 7c 55 6c f1 2f 34 ae f5 75 07 6b a3 db fb a1 a1 64 62 57 a3 c8 1d b8 13 d6 2f 04 79 fe dc ce 4a 1a 69 88 34 8a f9 af b0 2b 49 d9 82 17 93 1f 36 9c 48 db 9c fc fb 02 7d dc f7 71 66 41 39 dc 2e a7 63 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa850c8 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 8c 9a 5a 7a 6e e3 c9 ce a2 cf 02 43 8d 0f 18 ea 85 38 bf be d3 91 78 12 c2 f8 2e c1 af 1a 66 5e d3 02 94 74 57 cb b1 37 b8 44 ef 1f 59 b9 3e c5 ed f7 6b d0 58 8a 7f de ff 9d 52 12 0d bf e5 ac b9 14 4d 89 a2 8b ae dd f6 a5 d7 b4 64 c6 31 70 6b a9 d9 bc 35 49 20 69 de c5 6e 80 97 e0 26 d7 dc 89 2b 3c 31 d4 fb b3 fd b5 c6 25 9e bf 74 17 a6 c5 3a 0d 0e 32 37 66 4b e0 d1 6f 1e e2 41 86 76 a0 d9 d0 cd 46 67 89 89 0d a9 8c 61 29 df 69 c4 fa 98 02 6c fe 53 b0 fd 28 7b 4c 16 3d ef 6d 68 d8 fc 14 ce 0a 55 97 87 bf c9 f0 a7 43 79 c8 f7 6c aa ad e3 bd 0c 09 c0 74 9a 84 2a 92 7c 55 6c f1 2f 34 ae f5 75 07 6b a3 db fb a1 a1 64 62 57 a3 c8 1d b8 13 d6 2f 04 79 fe dc ce 4a 1a 69 88 34 8a f9 af b0 2b 49 d9 82 17 93 1f 36 9c 48 db 9c fc fb 02 7d dc f7 71 66 41 39 dc 2e a7 63 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa84d78 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 83 3b 16 bb | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 21 e8 1d 96 | hmac PRF sha update data-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x55a4efa78218 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha update data-bytes@0x55a4efa78218 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha final-bytes@0x7f2334004138 (length 20) | f7 9d c4 a2 95 8b ef 86 be ce 58 ae 41 04 1c ba | 6b c2 1d b4 | hmac PRF sha final-bytes@0x55a4ef9d5918 (length 20) | 12 0e ae 5a 44 bc 6c 17 a0 a2 c8 75 f9 8d a3 1b | 05 1e 95 3f | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa785e8 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f23380041f0 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f23380041f0 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x7f2334001158 | hmac PRF sha update data-bytes@0x7f2334004138 (length 20) | f7 9d c4 a2 95 8b ef 86 be ce 58 ae 41 04 1c ba | 6b c2 1d b4 | hmac PRF sha update data-bytes@0x55a4ef9d5918 (length 20) | 12 0e ae 5a 44 bc 6c 17 a0 a2 c8 75 f9 8d a3 1b | 05 1e 95 3f | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 8c 9a 5a 7a 6e e3 c9 ce a2 cf 02 43 8d 0f 18 ea 85 38 bf be d3 91 78 12 c2 f8 2e c1 af 1a 66 5e d3 02 94 74 57 cb b1 37 b8 44 ef 1f 59 b9 3e c5 ed f7 6b d0 58 8a 7f de ff 9d 52 12 0d bf e5 ac b9 14 4d 89 a2 8b ae dd f6 a5 d7 b4 64 c6 31 70 6b a9 d9 bc 35 49 20 69 de c5 6e 80 97 e0 26 d7 dc 89 2b 3c 31 d4 fb b3 fd b5 c6 25 9e bf 74 17 a6 c5 3a 0d 0e 32 37 66 4b e0 d1 6f 1e e2 41 86 76 a0 d9 d0 cd 46 67 89 89 0d a9 8c 61 29 df 69 c4 fa 98 02 6c fe 53 b0 fd 28 7b 4c 16 3d ef 6d 68 d8 fc 14 ce 0a 55 97 87 bf c9 f0 a7 43 79 c8 f7 6c aa ad e3 bd 0c 09 c0 74 9a 84 2a 92 7c 55 6c f1 2f 34 ae f5 75 07 6b a3 db fb a1 a1 64 62 57 a3 c8 1d b8 13 d6 2f 04 79 fe dc ce 4a 1a 69 88 34 8a f9 af b0 2b 49 d9 82 17 93 1f 36 9c 48 db 9c fc fb 02 7d dc f7 71 66 41 39 dc 2e a7 63 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa850c8 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 8c 9a 5a 7a 6e e3 c9 ce a2 cf 02 43 8d 0f 18 ea 85 38 bf be d3 91 78 12 c2 f8 2e c1 af 1a 66 5e d3 02 94 74 57 cb b1 37 b8 44 ef 1f 59 b9 3e c5 ed f7 6b d0 58 8a 7f de ff 9d 52 12 0d bf e5 ac b9 14 4d 89 a2 8b ae dd f6 a5 d7 b4 64 c6 31 70 6b a9 d9 bc 35 49 20 69 de c5 6e 80 97 e0 26 d7 dc 89 2b 3c 31 d4 fb b3 fd b5 c6 25 9e bf 74 17 a6 c5 3a 0d 0e 32 37 66 4b e0 d1 6f 1e e2 41 86 76 a0 d9 d0 cd 46 67 89 89 0d a9 8c 61 29 df 69 c4 fa 98 02 6c fe 53 b0 fd 28 7b 4c 16 3d ef 6d 68 d8 fc 14 ce 0a 55 97 87 bf c9 f0 a7 43 79 c8 f7 6c aa ad e3 bd 0c 09 c0 74 9a 84 2a 92 7c 55 6c f1 2f 34 ae f5 75 07 6b a3 db fb a1 a1 64 62 57 a3 c8 1d b8 13 d6 2f 04 79 fe dc ce 4a 1a 69 88 34 8a f9 af b0 2b 49 d9 82 17 93 1f 36 9c 48 db 9c fc fb 02 7d dc f7 71 66 41 39 dc 2e a7 63 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa84d78 | unwrapped: 85 dc ee 9a e7 ea d7 99 2b 62 ee 3f 3a fd 0b e9 | unwrapped: da a3 65 26 48 98 5b 63 f7 4c 96 27 cb 05 d1 c4 | unwrapped: b7 6e 6e bf 04 cd eb ae 7b 3a 0d dc 30 e6 1c b3 | unwrapped: 82 e6 85 9d ab 75 33 b5 da d7 02 d0 ca e8 0a ce | unwrapped: 81 0f 22 22 5a 0e 54 24 7b 18 3d 03 be 2e fd 51 | unwrapped: 7a 90 bd 01 38 85 ba ae dc 62 30 41 2e 49 81 12 | unwrapped: 4d 61 0d 97 71 6f 06 94 9c 40 50 c1 7b 6e b7 c3 | unwrapped: 6e 89 f2 fe d5 07 ba 4c 02 e9 65 50 b9 7c 0a 4f | unwrapped: ad 16 c7 bc 3d 76 9a 13 7d 77 56 81 7e 74 80 b2 | unwrapped: 86 0c 25 ca ae eb 09 5f 00 9e aa ae f8 78 1e 88 | unwrapped: 3a 55 de c3 0a ee 76 1b f8 fb 93 d2 a7 9d 28 9f | unwrapped: 78 7b 47 7e 2a a0 59 f9 14 28 a3 1e 28 f3 e5 35 | unwrapped: b3 11 9e 2a b2 a4 c3 7b 2c 84 59 ab ef 59 17 86 | unwrapped: df e8 bd 3f 11 88 4a 99 1f f7 3b 05 07 d3 18 5d | unwrapped: 3a ef 61 91 c6 b5 3c 28 d0 3d 06 00 d2 09 79 88 | unwrapped: 64 36 74 c3 8a 68 4f 87 bc ec bb 64 09 b3 3f ca | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 83 3b 16 bb | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 21 e8 1d 96 | hmac PRF sha update data-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x7f2338002918 (length 32) | c0 60 2f 81 90 9f f6 d5 d6 e7 2f 92 c8 6b 7e 96 | 62 fb ea 9b 83 79 bc ac 01 b2 36 12 47 35 ac 35 | hmac PRF sha update data-bytes@0x55a4efa78218 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha update data-bytes@0x55a4efa78218 (length 32) | 54 d2 08 46 37 2c f3 e8 c0 93 f7 fe 1c 43 1b 5e | d6 b3 97 53 d4 a1 5f 11 f9 40 d3 d8 23 42 f4 79 | hmac PRF sha final-bytes@0x7f233400414c (length 20) | 03 cc 8d 6f ed f6 41 56 7f c0 2e f3 35 89 0c c2 | bd de 3e f0 | hmac PRF sha final-bytes@0x55a4ef9d592c (length 20) | 29 d8 da 02 ff 57 51 b7 32 d2 66 85 43 7e d4 2b | 83 67 b6 a7 | install_ipsec_sa() for #2: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.21e81d96@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.833b16bb@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #2: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x21e81d96 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0x21e81d96 SPI_OUT=0x833b16bb ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x21e81d9 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0x21e81d96 SPI_OUT=0x833b16bb ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x21e81d96 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x21e81d96 SPI_OUT=0x833b16bb ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x55a4efa77778,sr=0x55a4efa77778} to #2 (was #0) (newest_ipsec_sa=#0) | #1 spent 1.78 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 d6 0f 5d 40 93 4b a3 b9 47 4d 54 0b | encrypting: 14 9d 1d c6 52 cb 1b d6 | IV: 0e 64 43 0c eb cf 00 08 b2 54 73 bf 75 1d 27 2a | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: cd 06 54 81 40 79 96 2d 23 da 7a 82 84 50 b7 3e | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #2 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #2: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2338003f28 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f233c002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 20 01 a5 71 83 5f 00 00 00 3c 7e 67 e8 20 | 89 52 08 9f 2d 27 1f eb bb 80 68 b0 cd 06 54 81 | 40 79 96 2d 23 da 7a 82 84 50 b7 3e | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f2338004218 | inserting event EVENT_SA_REPLACE, timeout in 28048 seconds for #2 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | pstats #2 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x21e81d96 <0x833b16bb xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 3.72 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f232c001f78 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00473 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0027 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00255 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.833b16bb@192.1.2.45 | get_sa_info esp.21e81d96@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.103 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #2 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #2 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #2 ikev1.ipsec deleted completed | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #2: deleting state (STATE_QUICK_I2) aged 0.086s and sending notification | child state #2: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.21e81d96@192.1.2.23 | get_sa_info esp.833b16bb@192.1.2.45 "aes128" #2: ESP traffic information: in=84B out=84B | #2 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2214861248 (0x840419c0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 83 3b 16 bb | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x55a4efa78268 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 84 04 19 c0 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 83 3b 16 bb | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | f9 3a 85 0a fd 64 07 25 d4 cd f5 31 b7 c5 72 f3 | 22 bf c6 78 | send delete HASH(1): | f9 3a 85 0a fd 64 07 25 d4 cd f5 31 b7 c5 72 f3 | 22 bf c6 78 | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 84 04 19 c0 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | d4 53 8d ca 71 02 a2 c5 0f 34 b3 4c 6f 56 18 9e | af 24 55 a2 | encrypting: 0c 00 00 18 f9 3a 85 0a fd 64 07 25 d4 cd f5 31 | encrypting: b7 c5 72 f3 22 bf c6 78 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 83 3b 16 bb | IV: d4 53 8d ca 71 02 a2 c5 0f 34 b3 4c 6f 56 18 9e | IV: af 24 55 a2 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8d 51 bf 06 12 fc 25 9f f9 79 a9 73 70 82 a1 4c | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 84 04 19 c0 00 00 00 4c ba f1 9f 3e | 2f 46 bb 36 5d 77 18 6b 32 7f 2f 70 cd 22 5c 6d | b7 4c 09 5b 82 5d ab 71 bd 86 cf 21 8d 51 bf 06 | 12 fc 25 9f f9 79 a9 73 70 82 a1 4c | state #2 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f2338004218 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844010' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x21e81d9 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844010' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0x21e81d96 SPI_OUT=0x833b16bb ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.21e81d96@192.1.2.23 | netlink response for Del SA esp.21e81d96@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.833b16bb@192.1.2.45 | netlink response for Del SA esp.833b16bb@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #2 in QUICK_I2 | child state #2: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f23380050c8: destroyed | stop processing: state #2 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa76810 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #1 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #1 ikev1.isakmp deleted completed | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #1: deleting state (STATE_MAIN_I4) aged 0.107s and sending notification | parent state #1: MAIN_I4(established IKE SA) => delete | #1 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1207279566 (0x47f59fce) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI f7 4b 09 d9 49 aa b6 8e | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 7b 78 5d 26 90 76 e5 74 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2338004fc8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 47 f5 9f ce | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 f7 4b 09 d9 | 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | c4 f9 15 99 46 bc b8 b8 c6 57 21 35 ea f2 36 96 | ea b4 c7 5f | send delete HASH(1): | c4 f9 15 99 46 bc b8 b8 c6 57 21 35 ea f2 36 96 | ea b4 c7 5f | last Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | current Phase 1 IV: a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | a8 fb a9 86 af 72 02 20 bf 03 ce 91 1c ee fa 4d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 47 f5 9f ce | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 8b 22 95 b4 05 84 e7 06 44 72 4c f5 4e 2e 8d 65 | 6a 19 76 61 | encrypting: 0c 00 00 18 c4 f9 15 99 46 bc b8 b8 c6 57 21 35 | encrypting: ea f2 36 96 ea b4 c7 5f 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 | encrypting: 90 76 e5 74 | IV: 8b 22 95 b4 05 84 e7 06 44 72 4c f5 4e 2e 8d 65 | IV: 6a 19 76 61 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 92 0b c4 0b 57 8d 11 a2 88 1f 97 37 00 cb 5f b4 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 47 f5 9f ce 00 00 00 5c 52 89 35 f2 | 54 c0 ec 61 1e 3e 55 dd 61 72 cb 2f 3f f0 5e 18 | ed 52 74 ad d8 ad 70 1f 50 65 94 39 0f b9 b9 90 | de ca 93 3a 1e dd 43 55 df 21 d2 68 92 0b c4 0b | 57 8d 11 a2 88 1f 97 37 00 cb 5f b4 | state #1 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2334003978 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #1 in MAIN_I4 | parent state #1: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f233c003a28: destroyed | stop processing: state #1 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa65820 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.76 milliseconds in whack | spent 0.00175 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 04 43 0c 44 00 00 00 4c a3 0e 77 fa | ad f8 47 91 cf a1 a6 06 17 d6 ce a4 13 51 78 e4 | a5 f2 a2 9b 45 38 7d 0c b8 a4 cb 9b 60 6d 77 c3 | fa c5 85 cd 1d 45 c0 51 d6 3d f2 b1 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 71502916 (0x4430c44) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x04430c44 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f7 4b 09 d9 49 aa b6 8e | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 7b 78 5d 26 90 76 e5 74 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0687 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0166 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.0028 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f7 4b 09 d9 49 aa b6 8e 7b 78 5d 26 90 76 e5 74 | 08 10 05 01 d5 5e c0 80 00 00 00 5c 13 6c 82 dc | 6a c3 79 65 10 a2 71 af 77 5e 12 e3 fb 05 b5 c8 | a7 0b 9b d9 03 47 5f 53 c4 d9 56 2b d8 48 61 fe | a2 1a 7d 66 53 85 d2 c5 4e 24 1c 7b 6c 5e 45 15 | d1 30 68 47 9e 68 57 a6 c1 df e7 57 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f7 4b 09 d9 49 aa b6 8e | responder cookie: | 7b 78 5d 26 90 76 e5 74 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3579756672 (0xd55ec080) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xd55ec080 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f7 4b 09 d9 49 aa b6 8e | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 7b 78 5d 26 90 76 e5 74 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0557 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.791 milliseconds in whack | kernel_process_msg_cb process netlink message | netlink_get: XFRM_MSG_UPDPOLICY message | spent 0.284 milliseconds in kernel message | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0034 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.057 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0521 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0618 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.513 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #3 at 0x55a4efa78798 | State DB: adding IKEv1 state #3 in UNDEFINED | pstats #3 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #3 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #3: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #3 "aes128" "aes128" #3: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | b3 39 ed 04 6c b5 f6 ce | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa769c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #3: IMPAIR: stripping key-length "aes128" #3: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #3) | b3 39 ed 04 6c b5 f6 ce 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3 | libevent_malloc: new ptr-libevent@0x7f232c001f78 size 128 | #3 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29296.298557 | #3 spent 0.48 milliseconds in main_outI1() | stop processing: state #3 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.558 milliseconds in whack | spent 0.00289 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b3 39 ed 04 6c b5 f6 ce a3 8d 70 84 0d 2e 5d 0b | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b3 39 ed 04 6c b5 f6 ce | responder cookie: | a3 8d 70 84 0d 2e 5d 0b | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #3 in MAIN_I1 (find_state_ikev1_init) | start processing: state #3 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #3 is idle | #3 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #3: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #3: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #3 spent 0.00981 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #3 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.148 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x55a4efa782f8 | handling event EVENT_RETRANSMIT for parent state #3 | start processing: state #3 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #3 keying attempt 1 of 0; retransmit 1 "aes128" #3: IMPAIR: retransmit so deleting SA | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #3 ikev1.isakmp failed too-many-retransmits | pstats #3 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #3: deleting state (STATE_MAIN_I1) aged 0.500s and NOT sending notification | parent state #3: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x55a4efa7ad88} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #3 "aes128" #3: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #3 in MAIN_I1 | parent state #3: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #3 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f232c001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | in statetime_stop() and could not find #3 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #4 at 0x55a4efa78798 | State DB: adding IKEv1 state #4 in UNDEFINED | pstats #4 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #4 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #4: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #4 "aes128" "aes128" #4: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | a4 c4 de aa 1a 6d 7f 9a | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa769c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #4: IMPAIR: stripping key-length "aes128" #4: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #4) | a4 c4 de aa 1a 6d 7f 9a 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #4 | libevent_malloc: new ptr-libevent@0x7f232c001f78 size 128 | #4 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29296.799663 | #4 spent 0.627 milliseconds in main_outI1() | stop processing: state #4 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.647 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.0024 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | a4 c4 de aa 1a 6d 7f 9a 98 2a 82 6d 73 9d cd 54 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | a4 c4 de aa 1a 6d 7f 9a | responder cookie: | 98 2a 82 6d 73 9d cd 54 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #4 in MAIN_I1 (find_state_ikev1_init) | start processing: state #4 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #4 is idle | #4 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #4: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #4: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #4 spent 0.00773 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #4 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.111 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0387 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x55a4efa7ad88} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #4 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #4 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #4 ikev1.isakmp deleted other | [RE]START processing: state #4 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #4: deleting state (STATE_MAIN_I1) aged 0.012s and NOT sending notification | parent state #4: MAIN_I1(half-open IKE SA) => delete | state #4 requesting EVENT_RETRANSMIT to be deleted | #4 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f232c001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #4 in MAIN_I1 | parent state #4: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #4 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.197 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.342 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.039 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0495 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.385 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #5 at 0x55a4efa78798 | State DB: adding IKEv1 state #5 in UNDEFINED | pstats #5 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #5 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #5: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #5 "aes128" "aes128" #5: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa785e8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x7f232c001f78 size 128 | #5 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29297.120089 | #5 spent 0.288 milliseconds in main_outI1() | stop processing: state #5 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.339 milliseconds in whack | spent 0.00169 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #5 in MAIN_I1 (find_state_ikev1_init) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 5 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f232c001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x7f232c001f78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #5 and saving MD | #5 is busy; has a suspended MD | #5 spent 0.106 milliseconds in process_packet_tail() | crypto helper 4 resuming | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 4 starting work-order 5 for state #5 | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | crypto helper 4 doing build KE and nonce (outI2 KE); request ID 5 | spent 0.195 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2330003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2330003a28 | NSS: Public DH wire value: | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | Generated nonce: 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 ef 71 c0 99 | Generated nonce: 67 48 5d 27 5d 96 98 be ea 23 83 9e 90 a8 3c 06 | crypto helper 4 finished build KE and nonce (outI2 KE); request ID 5 time elapsed 0.001098 seconds | (#5) spent 1.09 milliseconds in crypto helper computing work-order 5: outI2 KE (pcr) | crypto helper 4 sending results from work-order 5 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f2330002888 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 5 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #5: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2330003a28: transferring ownership from helper KE to state #5 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | keyex value da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | keyex value 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | keyex value 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | keyex value cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | keyex value fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | keyex value 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | keyex value c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | keyex value 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | keyex value d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | keyex value 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | keyex value e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | keyex value 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | keyex value c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | keyex value d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | keyex value 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 ef 71 c0 99 | Ni 67 48 5d 27 5d 96 98 be ea 23 83 9e 90 a8 3c 06 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | natd_hash: hash= e3 8b 49 64 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | NAT-D e3 8b 49 64 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | natd_hash: hash= b5 ff 33 3d | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | NAT-D b5 ff 33 3d | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #5 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #5: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f232c001f78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | 14 00 00 24 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 | ef 71 c0 99 67 48 5d 27 5d 96 98 be ea 23 83 9e | 90 a8 3c 06 14 00 00 18 82 47 a6 bd ea 84 e1 f0 | 30 a2 55 c1 04 e1 53 7a e3 8b 49 64 00 00 00 18 | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a4efa83398 size 128 | #5 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29297.12213 "aes128" #5: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.246 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2330002888 | spent 0.00224 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | 14 00 00 24 50 a1 32 5d ff 11 76 cd c9 81 22 67 | cb ef 69 2c 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 | 8c 91 32 56 14 00 00 18 fe 5e 27 c4 ec e2 b0 0a | a1 62 2b 7a 0f 4d d6 63 b5 ff 33 3d 00 00 00 18 | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I2 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f2330003a28: transferring ownership from state #5 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 6 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa83398 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x7f2330002888 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #5 and saving MD | crypto helper 5 resuming | #5 is busy; has a suspended MD | crypto helper 5 starting work-order 6 for state #5 | #5 spent 0.0877 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 5 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 | peer's g: c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | peer's g: bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | peer's g: 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | peer's g: 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | peer's g: 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | peer's g: c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | peer's g: 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | peer's g: 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | peer's g: 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | peer's g: a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | peer's g: 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | peer's g: c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | peer's g: fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | peer's g: fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | peer's g: 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | peer's g: be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | Started DH shared-secret computation in NSS: | spent 0.26 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f2330003a28: computed shared DH secret key@0x55a4efa5c790 | dh-shared : g^ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234105a700 | result: psk-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a6e8 | result: psk-key@0x55a4efa65c00 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa5af10 | SKEYID psk prf: created sha context 0x7f2324002d60 from psk-key@0x55a4efa65c00 | SKEYID psk prf: begin sha with context 0x7f2324002d60 from psk-key@0x55a4efa65c00 | SKEYID psk: release clone-key@0x55a4efa65c00 | SKEYID psk PRF sha crypt-prf@0x7f2324001108 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | 5f 18 89 0c 60 a7 c9 b1 a0 5a 1d 73 ef 71 c0 99 | 67 48 5d 27 5d 96 98 be ea 23 83 9e 90 a8 3c 06 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 50 a1 32 5d ff 11 76 cd c9 81 22 67 cb ef 69 2c | 9d ef 36 fb 9f 99 e8 82 85 6a 3f b5 8c 91 32 56 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234105a720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a708 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID psk PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID psk: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a718 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2324002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_d prf: begin sha with context 0x7f2324002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_d: release clone-key@0x55a4efa5af10 | SKEYID_d PRF sha crypt-prf@0x7f23240010b8 | SKEYID_d PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_d: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 9e b6 69 cb e1 43 c1 0d b8 83 34 a9 d8 17 4d 24 b3 e8 42 14 1a a6 7a b9 bd cc b6 06 bf 33 cc e3 95 eb fe 1d b4 9b 41 50 b4 b9 ff a5 86 d0 a2 d1 0e 65 08 41 6e ed a2 be 46 59 0e fb 92 38 89 b1 2e 97 92 96 c0 74 42 08 dd 4d b3 37 5c 90 73 53 4a fa 4a b4 0f c0 b9 84 c2 cb 62 57 b6 4d 4c 83 5c 4f 3d 18 94 8d 9c 25 a8 2b 94 29 9e 8b 03 47 dc a6 21 cb 52 96 fe d7 b6 3c f0 2e b3 ba a4 66 41 56 1d 4e fd 81 b2 a2 73 3a b0 e6 e8 0e 0c c4 e9 f5 44 d3 a6 ca e5 8c 11 95 28 ba f3 58 97 21 32 dc 9a 4a 1b 16 ff d3 ba 28 19 0a e7 f5 67 77 64 57 72 c6 3a df b5 44 3d 30 9a 11 8c ee ad 81 c7 c6 54 d4 a4 0c bc 1e 1f 80 c0 f8 b0 fc cb 7d 4e ad 3e 88 74 f3 f7 16 42 01 57 ab 39 d1 3b 17 c4 59 5b 55 c5 bc d6 b2 e6 10 65 22 b9 65 6e 28 e7 cd 53 58 7a 1b 61 2a 3e 50 53 e2 9b 8d ea a1 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2324004f28 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234105a720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a708 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID_d PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_d: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a6f8 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2324002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_a prf: begin sha with context 0x7f2324002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_a: release clone-key@0x55a4efa62310 | SKEYID_a PRF sha crypt-prf@0x7f2324001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa5af10 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 5f 8e cd 28 95 c3 7e e3 13 26 c4 56 48 a5 0b 43 5e 0e a2 70 d1 d5 67 ee a3 77 2b 9e 11 54 d5 39 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23240030c8 | unwrapped: 71 6e 5e 90 4e 91 ca 68 47 19 9f 63 02 9e d2 23 | unwrapped: 52 9b 71 7b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_a: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 9e b6 69 cb e1 43 c1 0d b8 83 34 a9 d8 17 4d 24 b3 e8 42 14 1a a6 7a b9 bd cc b6 06 bf 33 cc e3 95 eb fe 1d b4 9b 41 50 b4 b9 ff a5 86 d0 a2 d1 0e 65 08 41 6e ed a2 be 46 59 0e fb 92 38 89 b1 2e 97 92 96 c0 74 42 08 dd 4d b3 37 5c 90 73 53 4a fa 4a b4 0f c0 b9 84 c2 cb 62 57 b6 4d 4c 83 5c 4f 3d 18 94 8d 9c 25 a8 2b 94 29 9e 8b 03 47 dc a6 21 cb 52 96 fe d7 b6 3c f0 2e b3 ba a4 66 41 56 1d 4e fd 81 b2 a2 73 3a b0 e6 e8 0e 0c c4 e9 f5 44 d3 a6 ca e5 8c 11 95 28 ba f3 58 97 21 32 dc 9a 4a 1b 16 ff d3 ba 28 19 0a e7 f5 67 77 64 57 72 c6 3a df b5 44 3d 30 9a 11 8c ee ad 81 c7 c6 54 d4 a4 0c bc 1e 1f 80 c0 f8 b0 fc cb 7d 4e ad 3e 88 74 f3 f7 16 42 01 57 ab 39 d1 3b 17 c4 59 5b 55 c5 bc d6 b2 e6 10 65 22 b9 65 6e 28 e7 cd 53 58 7a 1b 61 2a 3e 50 53 e2 9b 8d ea a1 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2324003db8 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234105a700 | result: final-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a6e8 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa63dc0 | SKEYID_a PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_a: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a708 | result: clone-key@0x55a4efa63dc0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2324002d60 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e prf: begin sha with context 0x7f2324002d60 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e: release clone-key@0x55a4efa63dc0 | SKEYID_e PRF sha crypt-prf@0x7f23240010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa62310 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: 4d e4 fa 3b a2 62 a7 1d 94 90 cf d5 72 da fc 0d 42 e7 43 f2 11 00 b1 5b 08 68 ce b2 6d 61 18 14 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2324001158 | unwrapped: 1f 5b e9 19 4e 3c 52 da 54 aa 71 ae f5 10 2a 39 | unwrapped: fb 6b 2f ed 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_e: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 9e b6 69 cb e1 43 c1 0d b8 83 34 a9 d8 17 4d 24 b3 e8 42 14 1a a6 7a b9 bd cc b6 06 bf 33 cc e3 95 eb fe 1d b4 9b 41 50 b4 b9 ff a5 86 d0 a2 d1 0e 65 08 41 6e ed a2 be 46 59 0e fb 92 38 89 b1 2e 97 92 96 c0 74 42 08 dd 4d b3 37 5c 90 73 53 4a fa 4a b4 0f c0 b9 84 c2 cb 62 57 b6 4d 4c 83 5c 4f 3d 18 94 8d 9c 25 a8 2b 94 29 9e 8b 03 47 dc a6 21 cb 52 96 fe d7 b6 3c f0 2e b3 ba a4 66 41 56 1d 4e fd 81 b2 a2 73 3a b0 e6 e8 0e 0c c4 e9 f5 44 d3 a6 ca e5 8c 11 95 28 ba f3 58 97 21 32 dc 9a 4a 1b 16 ff d3 ba 28 19 0a e7 f5 67 77 64 57 72 c6 3a df b5 44 3d 30 9a 11 8c ee ad 81 c7 c6 54 d4 a4 0c bc 1e 1f 80 c0 f8 b0 fc cb 7d 4e ad 3e 88 74 f3 f7 16 42 01 57 ab 39 d1 3b 17 c4 59 5b 55 c5 bc d6 b2 e6 10 65 22 b9 65 6e 28 e7 cd 53 58 7a 1b 61 2a 3e 50 53 e2 9b 8d ea a1 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2324004f28 | unwrapped: ab 89 06 85 0b 2f 46 28 a7 ae 70 c9 13 57 4b aa | unwrapped: 05 65 5f b1 3b a0 a6 30 65 60 14 8a 50 6f f9 11 | unwrapped: 7d 42 44 e7 23 ae 95 0f 8b 8a 08 3e b7 65 19 6b | unwrapped: 45 94 3c 77 77 fd a6 bb 0c 3f 1d 8f 63 30 7f c4 | unwrapped: b1 28 5d 10 70 84 78 50 0b b3 e7 11 0a 25 d9 bc | unwrapped: 3f 17 11 17 2e 57 6b f2 d8 b5 f9 e6 32 11 ff ac | unwrapped: e6 61 74 65 b0 07 8d 08 dc b4 14 3e eb 7c db a2 | unwrapped: 21 01 f6 ff 6a 11 c6 65 f5 31 d7 0e 81 bf 22 03 | unwrapped: 34 74 70 35 08 b1 29 75 33 99 67 4d 61 45 a9 30 | unwrapped: e1 80 27 74 b8 55 4a 1f 66 d9 e1 9a 25 ac b9 da | unwrapped: 8c af 05 ab a8 d4 15 ae 73 0c 04 25 2e ca f0 c9 | unwrapped: 4c b1 b9 d2 df 51 c6 c4 ae 75 71 b8 ae 07 81 b9 | unwrapped: 48 a8 cc 41 9e 2a 13 dc 88 cb 61 a7 ad a7 95 26 | unwrapped: 62 24 38 45 f6 fb aa 86 9f 5d 39 09 bb 1a 5b d1 | unwrapped: 7a c0 b3 46 65 cd 67 a1 c8 aa 40 95 0d 48 78 73 | unwrapped: 86 53 91 9d 59 f0 3d 23 ca f7 88 3c 4a f5 87 e1 | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 07 20 8d 8b 21 c0 c2 9f | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 7c 62 05 39 a5 91 5b c7 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234105a710 | result: final-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a6f8 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65820 | SKEYID_e PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID_e: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234105a768 | result: keymat-key@0x55a4efa65820 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa5af10, skeyid_a 0x55a4efa62310, skeyid_e 0x55a4efa63dc0, enc_key 0x55a4efa65820 | DH_i: a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | DH_i: da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | DH_i: 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | DH_i: 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | DH_i: cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | DH_i: fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | DH_i: 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | DH_i: c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | DH_i: 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | DH_i: d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | DH_i: 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | DH_i: e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | DH_i: 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | DH_i: c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | DH_i: d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | DH_i: 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | DH_r: c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | DH_r: bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | DH_r: 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | DH_r: 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | DH_r: 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | DH_r: c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | DH_r: 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | DH_r: 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | DH_r: 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | DH_r: a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | DH_r: 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | DH_r: c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | DH_r: fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | DH_r: fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | DH_r: 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | DH_r: be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | new IV hash sha final chunk@0x7f2324001158 (length 20) | 43 ec cd 6c 73 55 34 81 45 1b fe b0 2a 79 da 9d | 0d b4 75 6a | crypto helper 5 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 time elapsed 0.002061 seconds | (#5) spent 2.05 milliseconds in crypto helper computing work-order 6: aggr outR1 DH (pcr) | crypto helper 5 sending results from work-order 6 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f2324003978 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 6 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #5: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f2330003a28: transferring ownership from helper IKEv1 DH+IV to state #5 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | b5 ff 33 3d | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | natd_hash: hash= b5 ff 33 3d | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 7c 62 05 39 a5 91 5b c7 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 07 20 8d 8b 21 c0 c2 9f | natd_hash: rcookie= 7c 62 05 39 a5 91 5b c7 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | natd_hash: hash= e3 8b 49 64 | expected NAT-D(me): fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | expected NAT-D(me): b5 ff 33 3d | expected NAT-D(him): | 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | e3 8b 49 64 | received NAT-D: fe 5e 27 c4 ec e2 b0 0a a1 62 2b 7a 0f 4d d6 63 | received NAT-D: b5 ff 33 3d | received NAT-D: 82 47 a6 bd ea 84 e1 f0 30 a2 55 c1 04 e1 53 7a | received NAT-D: e3 8b 49 64 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa782a8 | hmac PRF sha update data-bytes@0x7f2330000b48 (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 7c 62 05 39 a5 91 5b c7 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa782fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 49 f7 92 3b 81 d9 06 6d 6c bd f3 db 5a 20 ea 0e | b7 52 ec 2c | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 49 f7 92 3b 81 d9 06 6d 6c bd f3 db 5a 20 ea 0e | HASH_I b7 52 ec 2c | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 49 f7 92 3b 81 d9 06 6d 6c bd f3 db 5a 20 ea 0e | encrypting: b7 52 ec 2c | IV: 43 ec cd 6c 73 55 34 81 45 1b fe b0 2a 79 da 9d | IV: 0d b4 75 6a | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 40 19 be 43 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #5: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2330002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c e2 ab 64 60 | 41 4d 6a 3d 6a 75 88 ea 98 69 83 90 96 ea 15 9f | e8 6f 2c 6d 8d 00 df a9 72 cc 3a 96 40 19 be 43 | 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x55a4efa83398 size 128 | #5 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29297.126146 "aes128" #5: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.374 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2324003978 | spent 0.00208 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c 7a b6 6d c8 | ab 1e aa 00 18 a3 3f 6f c4 54 6a 16 8f db 6d 33 | 1f 92 92 7f 89 c7 ad a6 0f 26 3b 44 98 2b 56 3e | df d9 fa a0 a4 dd 20 9b af 32 1a 7d | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I3 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 40 19 be 43 68 42 ec 4b 9a f1 25 13 02 64 83 a5 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | decrypted payload (starts at offset -48): | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 59 24 9b f1 | 26 20 60 ff c4 d4 e5 cb 92 0b f5 54 fc 4a 62 28 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #5: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f2324001158 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 256) | c9 37 f4 a2 2a 1e 41 4f 13 c4 1d 11 bb 4a bd 25 | bf c3 5e 6e 38 ce b1 e7 8b c4 d3 3f d7 c6 df a1 | 22 ee b9 2f b3 4b 2f 9f f8 f2 e1 18 94 65 8f 4f | 50 e4 3d 47 d7 a2 74 bc 20 fc 1f 00 b2 dd 6c 81 | 3b ca 3a cc 28 a9 5d 73 b1 ce f7 74 56 0f de 43 | c6 5f fc 11 68 db 16 0d 86 ea 0e c2 e6 3a 90 4a | 86 cc 35 84 12 63 61 d7 d2 92 0c f9 be e1 51 71 | 1a 32 4b 5b d0 3a 05 e7 70 d2 ab 6d 7d 17 a3 ff | 83 13 a8 91 ca b0 ba fb 98 1a 72 87 23 2a e4 a4 | a4 d6 51 0a c3 3b 3b 72 c9 fb cc 9b 16 5b 70 47 | 80 2f 39 4d 84 02 c7 fd 60 59 0a f6 ad dc 46 be | c5 37 32 cf 8d f8 d5 ef af 0c ae 44 9e 15 1a e8 | fc a5 5c d3 48 51 83 5d 96 14 d1 37 b7 9d 72 91 | fd f7 11 78 3c f7 12 df 6f 99 2a ba 9a 2b f8 8a | 14 80 51 c1 ca 37 78 24 a3 d0 15 44 88 02 dd 10 | be 72 d6 68 69 78 a6 fa c1 a8 3a e9 80 fc 3c 9d | hmac PRF sha update data-bytes@0x7f2330000b48 (length 256) | a4 3b d8 0d 0c 94 2a 85 98 06 50 26 a5 0a 26 58 | da 60 7f 1b e3 f4 d4 dc 3f b4 a2 c7 e0 60 87 12 | 44 fe ff e1 ec ac f2 46 78 5a 82 72 d9 cc 69 ad | 78 48 48 b1 44 64 ed 22 33 fc a7 17 4f 4b 12 f1 | cf 8b 35 1a 8a 99 17 87 13 08 bb 27 05 43 c3 03 | fc a9 c3 36 00 7e 37 e3 70 46 0d 5e 4f 98 e9 80 | 66 3e 1c 62 85 8e b6 ba 0c f3 37 1b af d0 39 4a | c8 75 36 1f 0a 59 c1 e7 fa c6 88 30 a6 54 ca 06 | 2b 3f c7 c9 4d 84 aa 2f dd 0f 6c cf 0b 88 af 3b | d9 fa 0d 9d d9 d0 cc be 3a 15 be f9 a0 c9 a4 8a | 90 7a f9 f2 3f fa ac 2b 8d be 16 65 9c 21 d8 d2 | e5 31 3c b6 2b 20 09 19 81 41 7b 9d 1c bd 32 a1 | 89 c5 2e ca de 6a 15 09 7b dd 23 3d c4 db 45 35 | c4 45 68 5b 0a cc 97 8f 5f b3 1e a8 7e f4 f6 2a | d8 83 a0 a2 1e c2 99 80 b9 71 de e2 66 a9 21 83 | 0e 4f 0d 42 57 7c bf 05 e8 f3 0f 31 81 a2 d3 ac | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 7c 62 05 39 a5 91 5b c7 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 07 20 8d 8b 21 c0 c2 9f | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa782fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4efa6a398 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 59 24 9b f1 26 20 60 ff c4 d4 e5 cb 92 0b f5 54 | fc 4a 62 28 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #5: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa83398 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa78118 | inserting event EVENT_SA_REPLACE, timeout in 2638 seconds for #5 | libevent_malloc: new ptr-libevent@0x7f2324003978 size 128 | pstats #5 ikev1.isakmp established "aes128" #5: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #5 | creating state object #6 at 0x55a4efa7b648 | State DB: adding IKEv1 state #6 in UNDEFINED | pstats #6 ikev1.ipsec started | duplicating state object #5 "aes128" as #6 for IPSEC SA | #6 setting local endpoint to 192.1.2.45:500 from #5.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa65820 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #5 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #6 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #6: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#5 msgid:33d96713 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 7 for state #6 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6 | libevent_malloc: new ptr-libevent@0x55a4efa7ae58 size 128 | stop processing: state #6 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #5 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa7ad88} | crypto helper 6 resuming | crypto helper 6 starting work-order 7 for state #6 | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 6 doing build KE and nonce (quick_outI1 KE); request ID 7 | #5 spent 0.289 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.385 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2328003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2328003a28 | NSS: Public DH wire value: | 32 1e 0b ba 2a e3 84 81 50 97 b8 66 71 c0 bc e1 | 66 33 b5 81 60 70 42 4b 16 f3 a1 a4 ab d7 37 8c | 9a e6 4d d6 13 57 6e 52 76 bb 5a 2a ce 73 0e dd | aa be f3 2e 87 ce 04 55 c3 55 9c c6 1b 6a 42 c5 | 52 e9 83 3f 9e 31 04 af cb 2b 7c 97 d2 58 ae f9 | fe 5b 75 6c 4f 5c b2 f9 20 fc 2f 63 a8 aa 88 df | 7c 22 d1 70 7c 4f 32 91 3e 3d 43 b5 d7 56 cb 36 | d7 12 ac 08 1a bf 11 72 96 c3 b9 30 e9 17 6d e8 | f3 9d 37 01 3b 82 1c a0 68 ec 7c b2 5e 20 86 7c | 41 f6 dc 95 28 1b 57 5c 77 9b e4 69 6e df 8a 1f | bc c9 9b b7 e9 8e 85 0b 01 0b 9d 32 1b 68 2e cc | b1 14 fb f8 08 b5 db 68 8a 80 cd 79 73 48 5c 2c | e2 f1 54 9a fe e4 4f 36 a2 f4 a9 96 6d e3 96 c7 | b6 ea 33 57 9b 18 f8 f5 43 76 7b 21 c0 a8 f5 6c | bb 1e 9d b3 6c 0a 5d cd 97 df 2b c7 29 58 57 80 | 57 f2 03 73 27 61 8c 27 0b 30 86 62 c8 3a 9f e3 | Generated nonce: 57 8a 2a 9f be a8 82 9f 60 30 f3 be 74 47 ce 56 | Generated nonce: c1 93 a3 54 43 26 74 91 2b a0 15 91 e6 a3 3d 0a | crypto helper 6 finished build KE and nonce (quick_outI1 KE); request ID 7 time elapsed 0.001058 seconds | (#6) spent 1.05 milliseconds in crypto helper computing work-order 7: quick_outI1 KE (pcr) | crypto helper 6 sending results from work-order 7 for state #6 to event queue | scheduling resume sending helper answer for #6 | libevent_malloc: new ptr-libevent@0x7f2328002888 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #6 | start processing: state #6 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 7 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #6: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 869885715 (0x33d96713) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xe4be8051 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI e4 be 80 51 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #6: IMPAIR: stripping key-length "aes128" #6: IMPAIR: duplicating key-length | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 36 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 57 8a 2a 9f be a8 82 9f 60 30 f3 be 74 47 ce 56 | Ni c1 93 a3 54 43 26 74 91 2b a0 15 91 e6 a3 3d 0a | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2328003a28: transferring ownership from helper KE to state #6 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 32 1e 0b ba 2a e3 84 81 50 97 b8 66 71 c0 bc e1 | keyex value 66 33 b5 81 60 70 42 4b 16 f3 a1 a4 ab d7 37 8c | keyex value 9a e6 4d d6 13 57 6e 52 76 bb 5a 2a ce 73 0e dd | keyex value aa be f3 2e 87 ce 04 55 c3 55 9c c6 1b 6a 42 c5 | keyex value 52 e9 83 3f 9e 31 04 af cb 2b 7c 97 d2 58 ae f9 | keyex value fe 5b 75 6c 4f 5c b2 f9 20 fc 2f 63 a8 aa 88 df | keyex value 7c 22 d1 70 7c 4f 32 91 3e 3d 43 b5 d7 56 cb 36 | keyex value d7 12 ac 08 1a bf 11 72 96 c3 b9 30 e9 17 6d e8 | keyex value f3 9d 37 01 3b 82 1c a0 68 ec 7c b2 5e 20 86 7c | keyex value 41 f6 dc 95 28 1b 57 5c 77 9b e4 69 6e df 8a 1f | keyex value bc c9 9b b7 e9 8e 85 0b 01 0b 9d 32 1b 68 2e cc | keyex value b1 14 fb f8 08 b5 db 68 8a 80 cd 79 73 48 5c 2c | keyex value e2 f1 54 9a fe e4 4f 36 a2 f4 a9 96 6d e3 96 c7 | keyex value b6 ea 33 57 9b 18 f8 f5 43 76 7b 21 c0 a8 f5 6c | keyex value bb 1e 9d b3 6c 0a 5d cd 97 df 2b c7 29 58 57 80 | keyex value 57 f2 03 73 27 61 8c 27 0b 30 86 62 c8 3a 9f e3 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa78368 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 33 d9 67 13 | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 388) | 0a 00 00 3c 00 00 00 01 00 00 00 01 00 00 00 30 | 00 03 04 01 e4 be 80 51 00 00 00 24 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 80 06 00 80 04 00 00 24 | 57 8a 2a 9f be a8 82 9f 60 30 f3 be 74 47 ce 56 | c1 93 a3 54 43 26 74 91 2b a0 15 91 e6 a3 3d 0a | 05 00 01 04 32 1e 0b ba 2a e3 84 81 50 97 b8 66 | 71 c0 bc e1 66 33 b5 81 60 70 42 4b 16 f3 a1 a4 | ab d7 37 8c 9a e6 4d d6 13 57 6e 52 76 bb 5a 2a | ce 73 0e dd aa be f3 2e 87 ce 04 55 c3 55 9c c6 | 1b 6a 42 c5 52 e9 83 3f 9e 31 04 af cb 2b 7c 97 | d2 58 ae f9 fe 5b 75 6c 4f 5c b2 f9 20 fc 2f 63 | a8 aa 88 df 7c 22 d1 70 7c 4f 32 91 3e 3d 43 b5 | d7 56 cb 36 d7 12 ac 08 1a bf 11 72 96 c3 b9 30 | e9 17 6d e8 f3 9d 37 01 3b 82 1c a0 68 ec 7c b2 | 5e 20 86 7c 41 f6 dc 95 28 1b 57 5c 77 9b e4 69 | 6e df 8a 1f bc c9 9b b7 e9 8e 85 0b 01 0b 9d 32 | 1b 68 2e cc b1 14 fb f8 08 b5 db 68 8a 80 cd 79 | 73 48 5c 2c e2 f1 54 9a fe e4 4f 36 a2 f4 a9 96 | 6d e3 96 c7 b6 ea 33 57 9b 18 f8 f5 43 76 7b 21 | c0 a8 f5 6c bb 1e 9d b3 6c 0a 5d cd 97 df 2b c7 | 29 58 57 80 57 f2 03 73 27 61 8c 27 0b 30 86 62 | c8 3a 9f e3 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 70 48 47 c5 | ee 89 0a 06 | outI1 HASH(1): | 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 70 48 47 c5 | ee 89 0a 06 | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 33 d9 67 13 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 08 0f c6 fe a2 a1 75 76 a4 b8 3f 79 72 d6 d9 7b | 7d bb 77 7b | encrypting: 01 00 00 18 17 67 9c 24 a6 aa 67 5d c0 b5 ad 87 | encrypting: 70 48 47 c5 ee 89 0a 06 0a 00 00 3c 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 30 00 03 04 01 e4 be 80 51 | encrypting: 00 00 00 24 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 80 06 00 80 04 00 00 24 57 8a 2a 9f be a8 82 9f | encrypting: 60 30 f3 be 74 47 ce 56 c1 93 a3 54 43 26 74 91 | encrypting: 2b a0 15 91 e6 a3 3d 0a 05 00 01 04 32 1e 0b ba | encrypting: 2a e3 84 81 50 97 b8 66 71 c0 bc e1 66 33 b5 81 | encrypting: 60 70 42 4b 16 f3 a1 a4 ab d7 37 8c 9a e6 4d d6 | encrypting: 13 57 6e 52 76 bb 5a 2a ce 73 0e dd aa be f3 2e | encrypting: 87 ce 04 55 c3 55 9c c6 1b 6a 42 c5 52 e9 83 3f | encrypting: 9e 31 04 af cb 2b 7c 97 d2 58 ae f9 fe 5b 75 6c | encrypting: 4f 5c b2 f9 20 fc 2f 63 a8 aa 88 df 7c 22 d1 70 | encrypting: 7c 4f 32 91 3e 3d 43 b5 d7 56 cb 36 d7 12 ac 08 | encrypting: 1a bf 11 72 96 c3 b9 30 e9 17 6d e8 f3 9d 37 01 | encrypting: 3b 82 1c a0 68 ec 7c b2 5e 20 86 7c 41 f6 dc 95 | encrypting: 28 1b 57 5c 77 9b e4 69 6e df 8a 1f bc c9 9b b7 | encrypting: e9 8e 85 0b 01 0b 9d 32 1b 68 2e cc b1 14 fb f8 | encrypting: 08 b5 db 68 8a 80 cd 79 73 48 5c 2c e2 f1 54 9a | encrypting: fe e4 4f 36 a2 f4 a9 96 6d e3 96 c7 b6 ea 33 57 | encrypting: 9b 18 f8 f5 43 76 7b 21 c0 a8 f5 6c bb 1e 9d b3 | encrypting: 6c 0a 5d cd 97 df 2b c7 29 58 57 80 57 f2 03 73 | encrypting: 27 61 8c 27 0b 30 86 62 c8 3a 9f e3 05 00 00 10 | encrypting: 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | encrypting: 04 00 00 00 c0 00 02 00 ff ff ff 00 | IV: 08 0f c6 fe a2 a1 75 76 a4 b8 3f 79 72 d6 d9 7b | IV: 7d bb 77 7b | unpadded size is: 412 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6c 15 50 ad d3 0d 63 04 74 1d a0 1a 2c 55 aa 6b | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #6) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 20 01 33 d9 67 13 00 00 01 bc b4 8c 8d c0 | 51 4f f5 b1 d4 67 4d 04 93 87 4e 37 e0 33 a2 d8 | 57 a3 e6 5d e0 02 48 df fd ba 9d 24 1e 77 db 71 | ff 55 d1 38 17 2a ff 43 8e 04 ab f0 eb 9c 58 2c | b1 7d e1 e7 94 8e ae 5e 61 c8 65 c3 77 b2 a6 68 | 84 1c f0 bf 60 4d de 4b 3a c7 f7 25 72 95 0d 06 | 2e b4 a2 0f 81 73 40 87 d2 96 97 9e 0d c1 d3 ac | be c3 03 9b a1 cb 9e 64 50 5b 90 1c 07 0c f4 70 | ef c2 6a aa f1 d4 66 76 40 ce b4 f0 12 f9 23 99 | ec 73 de 6c 2e 6f e4 1b 9a df 7f 9b e4 07 06 54 | 54 74 4e 63 8a dd ef 73 3f cd 24 40 7f 58 57 98 | 45 01 38 76 a8 8b 51 22 ba 5d 94 d8 8c c6 1a 19 | 85 f6 df 12 16 55 2d 24 2b 52 35 7e d3 2d a6 70 | 93 ed 56 42 87 2d 81 e4 21 5a 4b 14 ff 39 7c 9d | c5 68 f5 53 65 2e 36 1d 02 38 b1 d7 86 0e 2c 1a | 67 67 17 2f 41 d6 32 5a 10 23 4d 8f 8e 48 8c 42 | e9 f8 47 fa 51 7f 1c 5f 05 e2 3c 0b 0c 29 8d fa | 36 f9 b8 63 3c d0 a5 bf c5 40 e8 ab 65 7b 03 2f | 1f 20 1a 52 96 d3 00 93 9b ba 61 c5 e2 94 b6 8f | 8d 3b 7f d1 b8 82 97 81 56 ff 71 70 0a e3 f6 9c | 3d 43 fa 67 97 eb e9 d1 f0 59 3f 96 b6 07 17 d8 | 2b 04 01 e3 d2 4a b7 73 2a 18 d1 e7 9c 60 88 16 | 51 9b f6 a0 d5 6c 65 08 c3 ed 82 1f 3b 6a d3 7e | 5c fa 42 21 77 63 a8 ee 30 08 ba 9a 9e a3 34 35 | 41 24 8c c6 8d 64 89 1b 40 ec 7f 92 29 b1 7a 7c | cf 51 ce 28 02 55 ed 7f 59 57 a9 0e 6c 15 50 ad | d3 0d 63 04 74 1d a0 1a 2c 55 aa 6b | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa7ae58 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #6 | libevent_malloc: new ptr-libevent@0x55a4efa83218 size 128 | #6 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29297.129032 | resume sending helper answer for #6 suppresed complete_v1_state_transition() | #6 spent 0.479 milliseconds in resume sending helper answer | stop processing: state #6 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2328002888 | spent 0.00221 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 09 de e1 11 00 00 00 4c 90 73 21 19 | 44 f9 b2 f2 11 9f e3 a1 54 22 f1 60 a6 3a ca f8 | 96 92 91 c5 bd 3b 69 07 c6 46 8f 35 11 9f 0d 07 | 16 06 70 54 56 9f 6b b0 9f 9b 0d 21 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 165601553 (0x9dee111) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #6; msgid=00000000 st_msgid=33d96713 st_msgid_phase15=00000000 | peer and cookies match on #5; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #5 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #5 in MAIN_I4 (find_v1_info_state) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39f28c (length 4) | 09 de e1 11 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 6d 9e a5 b3 6b 63 5f c9 d7 24 2f 3e ba a6 d0 63 | 68 9e 7c 0b | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 6d 9e a5 b3 6b 63 5f c9 d7 24 2f 3e ba a6 d0 63 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 11 9f 0d 07 16 06 70 54 56 9f 6b b0 9f 9b 0d 21 | decrypted payload (starts at offset -48): | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 09 de e1 11 00 00 00 4c 0b 00 00 18 | 36 ae 95 bc 11 80 d3 78 03 77 32 cc b8 06 aa 70 | d4 e9 15 a6 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2324001158 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 09 de e1 11 | HASH(1) PRF sha update payload-bytes@0x55a4efa6a3ac (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 36 ae 95 bc 11 80 d3 78 03 77 32 cc b8 06 aa 70 | d4 e9 15 a6 | informational HASH(1): | 36 ae 95 bc 11 80 d3 78 03 77 32 cc b8 06 aa 70 | d4 e9 15 a6 | received 'informational' message HASH(1) data ok "aes128" #5: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #5: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #5 spent 0.00519 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.168 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f2330002b78 | handling event EVENT_RETRANSMIT for child state #6 | start processing: state #6 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #6 keying attempt 1 of 0; retransmit 1 "aes128" #6: IMPAIR: retransmit so deleting SA | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #6 ikev1.ipsec failed too-many-retransmits | pstats #6 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #6: deleting state (STATE_QUICK_I1) aged 0.502s and NOT sending notification | child state #6: QUICK_I1(established CHILD SA) => delete | child state #6: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #6 in CHILDSA_DEL | child state #6: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f2328003a28: destroyed | stop processing: state #6 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x55a4efa83218 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | in statetime_stop() and could not find #6 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0451 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #5 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #5 ikev1.isakmp deleted completed | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #5: deleting state (STATE_MAIN_I4) aged 0.523s and sending notification | parent state #5: MAIN_I4(established IKE SA) => delete | #5 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3292834103 (0xc444a937) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 07 20 8d 8b 21 c0 c2 9f | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 7c 62 05 39 a5 91 5b c7 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2328003928 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | c4 44 a9 37 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 07 20 8d 8b | 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 1f 64 ff ce | 5b 40 d1 89 | send delete HASH(1): | c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 1f 64 ff ce | 5b 40 d1 89 | last Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | current Phase 1 IV: 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 98 2b 56 3e df d9 fa a0 a4 dd 20 9b af 32 1a 7d | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | c4 44 a9 37 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | e0 8c 0d cf 76 6d 51 08 99 75 ea d8 da 3e 69 76 | 70 d3 3b e7 | encrypting: 0c 00 00 18 c1 74 a4 3c 9a 77 2e 80 e6 af d2 15 | encrypting: 1f 64 ff ce 5b 40 d1 89 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 | encrypting: a5 91 5b c7 | IV: e0 8c 0d cf 76 6d 51 08 99 75 ea d8 da 3e 69 76 | IV: 70 d3 3b e7 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: fc 46 a2 8a 0f 12 b5 ce ed 23 c9 ca e4 51 16 09 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 c4 44 a9 37 00 00 00 5c 13 c9 ce ee | 4b 64 cb b2 10 24 bf 84 a9 08 5d a6 0a f6 02 7d | c3 0e 95 88 aa 24 c1 42 48 4a 12 92 3b 63 07 69 | e4 2f 99 2b 39 53 4d 08 f9 e3 9a eb fc 46 a2 8a | 0f 12 b5 ce ed 23 c9 ca e4 51 16 09 | state #5 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2324003978 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa78118 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #5 in MAIN_I4 | parent state #5: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f2330003a28: destroyed | stop processing: state #5 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa5c790 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.394 milliseconds in whack | spent 0.00219 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 07 20 8d 8b 21 c0 c2 9f 7c 62 05 39 a5 91 5b c7 | 08 10 05 01 67 69 1d 3c 00 00 00 5c ac b9 ff c0 | 93 76 d3 b8 2b 7f 3e a8 ec db 2c 69 a6 54 7c a6 | 0d eb b3 a0 28 9c f1 f6 fb c7 92 b8 a1 b5 25 d0 | 1f ba 25 b8 79 85 c3 70 ec e5 5c dc c0 85 3f 1c | 6e 07 38 0a c9 cb d4 7b 21 cb 93 52 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 07 20 8d 8b 21 c0 c2 9f | responder cookie: | 7c 62 05 39 a5 91 5b c7 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1734942012 (0x67691d3c) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x67691d3c | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 07 20 8d 8b 21 c0 c2 9f | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 7c 62 05 39 a5 91 5b c7 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0675 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0726 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0497 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.053 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.115 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #7 at 0x55a4efa78798 | State DB: adding IKEv1 state #7 in UNDEFINED | pstats #7 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #7 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #7: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #7 "aes128" "aes128" #7: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | ba df af 49 ce e4 fb 46 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa78218 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #7: IMPAIR: stripping key-length "aes128" #7: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #7) | ba df af 49 ce e4 fb 46 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #7 | libevent_malloc: new ptr-libevent@0x7f2328002888 size 128 | #7 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.063528 | #7 spent 0.441 milliseconds in main_outI1() | stop processing: state #7 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.531 milliseconds in whack | spent 0.00216 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba df af 49 ce e4 fb 46 27 19 c2 c0 d5 02 b5 0c | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba df af 49 ce e4 fb 46 | responder cookie: | 27 19 c2 c0 d5 02 b5 0c | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #7 in MAIN_I1 (find_state_ikev1_init) | start processing: state #7 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #7 is idle | #7 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #7: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #7: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #7 spent 0.00674 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #7 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.108 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x55a4efa78118 | handling event EVENT_RETRANSMIT for parent state #7 | start processing: state #7 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #7 keying attempt 1 of 0; retransmit 1 "aes128" #7: IMPAIR: retransmit so deleting SA | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #7 ikev1.isakmp failed too-many-retransmits | pstats #7 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #7: deleting state (STATE_MAIN_I1) aged 0.501s and NOT sending notification | parent state #7: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x55a4efa6a3f8} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #7 "aes128" #7: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #7 in MAIN_I1 | parent state #7: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #7 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f2328002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | in statetime_stop() and could not find #7 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #8 at 0x55a4efa78798 | State DB: adding IKEv1 state #8 in UNDEFINED | pstats #8 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #8 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #8: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #8 "aes128" "aes128" #8: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | c0 0d 1f 3f 23 31 e7 c9 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa78218 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #8: IMPAIR: stripping key-length "aes128" #8: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #8) | c0 0d 1f 3f 23 31 e7 c9 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #8 | libevent_malloc: new ptr-libevent@0x7f2328002888 size 128 | #8 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.565843 | #8 spent 0.788 milliseconds in main_outI1() | stop processing: state #8 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.808 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00275 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c0 0d 1f 3f 23 31 e7 c9 4b be 3d 9a 40 e0 3e ae | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c0 0d 1f 3f 23 31 e7 c9 | responder cookie: | 4b be 3d 9a 40 e0 3e ae | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #8 in MAIN_I1 (find_state_ikev1_init) | start processing: state #8 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #8 is idle | #8 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #8: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #8: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #8 spent 0.00802 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #8 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.115 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.044 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x55a4efa6a3f8} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #8 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #8 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #8 ikev1.isakmp deleted other | [RE]START processing: state #8 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #8: deleting state (STATE_MAIN_I1) aged 0.015s and NOT sending notification | parent state #8: MAIN_I1(half-open IKE SA) => delete | state #8 requesting EVENT_RETRANSMIT to be deleted | #8 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2328002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #8 in MAIN_I1 | parent state #8: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #8 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.261 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0608 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0517 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0709 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.111 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #9 at 0x55a4efa78798 | State DB: adding IKEv1 state #9 in UNDEFINED | pstats #9 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #9 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #9: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #9 "aes128" "aes128" #9: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa78368 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | 91 60 df 5e b9 66 1e df 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f2328002888 size 128 | #9 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.897661 | #9 spent 0.433 milliseconds in main_outI1() | stop processing: state #9 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.497 milliseconds in whack | spent 0.0021 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #9 in MAIN_I1 (find_state_ikev1_init) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 8 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2328002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f2328002888 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | crypto helper 0 resuming | #9 spent 0.145 milliseconds in process_packet_tail() | crypto helper 0 starting work-order 8 for state #9 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 8 | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.276 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f233c004618: created | NSS: Local DH MODP2048 secret (pointer): 0x7f233c004618 | NSS: Public DH wire value: | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | Generated nonce: b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 f2 3a 96 ad | Generated nonce: 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 b8 69 10 08 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 8 time elapsed 0.001083 seconds | (#9) spent 1.08 milliseconds in crypto helper computing work-order 8: outI2 KE (pcr) | crypto helper 0 sending results from work-order 8 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f233c0047c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 8 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #9: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f233c004618: transferring ownership from helper KE to state #9 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | keyex value 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | keyex value b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | keyex value a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | keyex value 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | keyex value ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | keyex value e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | keyex value db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | keyex value 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | keyex value 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | keyex value c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | keyex value 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | keyex value be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | keyex value b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | keyex value 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | keyex value 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 f2 3a 96 ad | Ni 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 b8 69 10 08 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | natd_hash: hash= e9 c2 c3 c3 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | NAT-D e9 c2 c3 c3 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | natd_hash: hash= 1a b4 4b e3 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | NAT-D 1a b4 4b e3 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #9 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #9: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2328002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | 14 00 00 24 b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 | f2 3a 96 ad 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 | b8 69 10 08 14 00 00 18 3f a7 e6 f3 e0 41 91 80 | 4b aa e1 42 4f 51 70 20 e9 c2 c3 c3 00 00 00 18 | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | #9 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.900019 "aes128" #9: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.348 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f233c0047c8 | spent 0.0027 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | 14 00 00 24 9b 0f f3 67 99 fa 92 10 2e 44 00 25 | 1d eb da d3 0f e5 af 38 45 a7 82 be 91 3d 63 26 | 6e 4e 55 9c 14 00 00 18 a4 94 bd ae 33 6e de e2 | cf ab 6e 4c 82 a5 05 14 1a b4 4b e3 00 00 00 18 | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I2 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f233c004618: transferring ownership from state #9 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 9 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f233c0047c8 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 1 resuming | crypto helper 1 starting work-order 9 for state #9 | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 | peer's g: 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | peer's g: 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | peer's g: c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | peer's g: 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | peer's g: 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | peer's g: de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | peer's g: 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | suspending state #9 and saving MD | peer's g: 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | peer's g: f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | peer's g: 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | peer's g: 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | peer's g: 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | peer's g: 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | peer's g: 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | peer's g: 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | peer's g: 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | Started DH shared-secret computation in NSS: | #9 is busy; has a suspended MD | #9 spent 0.155 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.299 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f233c004618: computed shared DH secret key@0x55a4efa65820 | dh-shared : g^ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: psk-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: psk-key@0x55a4efa63dc0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa62310 | SKEYID psk prf: created sha context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk prf: begin sha with context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk: release clone-key@0x55a4efa63dc0 | SKEYID psk PRF sha crypt-prf@0x7f23340010b8 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | b0 28 ac 87 b1 04 6b c2 e0 f4 5a 02 f2 3a 96 ad | 60 cb fd 5b c4 4e d8 cd 64 17 fc 30 b8 69 10 08 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 9b 0f f3 67 99 fa 92 10 2e 44 00 25 1d eb da d3 | 0f e5 af 38 45 a7 82 be 91 3d 63 26 6e 4e 55 9c | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID psk PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID psk: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e718 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d: release clone-key@0x55a4efa62310 | SKEYID_d PRF sha crypt-prf@0x7f2334001108 | SKEYID_d PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_d: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 06 28 2d af df eb 73 5d 99 fe 6b 4a dc 0d 23 e6 e5 8a 62 54 57 9a 7e 56 8a ba cf e9 25 ef a4 7a 01 39 44 06 06 aa 04 a8 7e 88 b0 c9 4d 5b 67 01 69 87 fc d0 44 9a 17 a4 59 f8 80 28 dd bb 71 b7 83 d0 ee c3 17 9d 98 97 8c 37 d8 cf ad 95 1b 3c 78 ab 75 d1 91 1e 0f 2b 25 20 bd a1 e4 98 d7 f7 e5 e8 cf 62 57 a3 47 07 6c 0b a0 2d 5c e8 c8 7f f5 4e cd 14 b8 5b 54 75 86 1d a5 d0 e8 a7 b9 5c b3 bc aa d6 62 71 9e 3c 43 b9 0e e4 f8 bf b0 46 b5 37 7d 23 86 48 b9 5f 8b a5 cb 45 fb 9c 10 2e a7 25 73 11 ec 91 43 ad d9 f1 e4 a1 07 bf 22 df e6 77 69 01 35 f2 b0 cb 7f 62 fe 74 89 ab 36 a7 cb b0 ac 5d 79 39 ef d9 ad 89 6b 6d 6e ed 4c c2 4f 2a 84 dc 23 11 b2 78 62 68 89 97 66 3a bb 45 2c b9 6d 0c 7f 70 b1 7a 66 26 a8 92 ca 56 1d fd 82 03 b6 1e f3 74 7b 67 cc 64 98 c5 20 8d 9b 71 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID_d PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_d: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a: release clone-key@0x55a4efa5af10 | SKEYID_a PRF sha crypt-prf@0x7f23340010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa62310 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 49 5c 5b 69 f7 4a 3a 6d bf 91 2e 19 39 ce e8 be 30 88 6d 82 a6 31 fd 00 3a 4a f9 c8 79 a8 f7 e4 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340085b8 | unwrapped: c9 db fd 29 12 0e ee c1 f2 45 81 81 09 0b fc aa | unwrapped: 3a 1b 9c 3f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_a: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 06 28 2d af df eb 73 5d 99 fe 6b 4a dc 0d 23 e6 e5 8a 62 54 57 9a 7e 56 8a ba cf e9 25 ef a4 7a 01 39 44 06 06 aa 04 a8 7e 88 b0 c9 4d 5b 67 01 69 87 fc d0 44 9a 17 a4 59 f8 80 28 dd bb 71 b7 83 d0 ee c3 17 9d 98 97 8c 37 d8 cf ad 95 1b 3c 78 ab 75 d1 91 1e 0f 2b 25 20 bd a1 e4 98 d7 f7 e5 e8 cf 62 57 a3 47 07 6c 0b a0 2d 5c e8 c8 7f f5 4e cd 14 b8 5b 54 75 86 1d a5 d0 e8 a7 b9 5c b3 bc aa d6 62 71 9e 3c 43 b9 0e e4 f8 bf b0 46 b5 37 7d 23 86 48 b9 5f 8b a5 cb 45 fb 9c 10 2e a7 25 73 11 ec 91 43 ad d9 f1 e4 a1 07 bf 22 df e6 77 69 01 35 f2 b0 cb 7f 62 fe 74 89 ab 36 a7 cb b0 ac 5d 79 39 ef d9 ad 89 6b 6d 6e ed 4c c2 4f 2a 84 dc 23 11 b2 78 62 68 89 97 66 3a bb 45 2c b9 6d 0c 7f 70 b1 7a 66 26 a8 92 ca 56 1d fd 82 03 b6 1e f3 74 7b 67 cc 64 98 c5 20 8d 9b 71 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: final-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65c00 | SKEYID_a PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_a: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: clone-key@0x55a4efa65c00 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e: release clone-key@0x55a4efa65c00 | SKEYID_e PRF sha crypt-prf@0x7f2334001108 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa5af10 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: ca 33 46 61 c4 07 0e 69 0f c4 ba c4 5f c6 f0 47 0f 97 96 79 e0 ad 72 93 c2 86 1a bc 3b 35 c1 04 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340030c8 | unwrapped: e3 13 1d 44 75 b3 e0 46 f7 5d d0 29 91 b7 9f 27 | unwrapped: 35 b6 e9 88 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_e: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 06 28 2d af df eb 73 5d 99 fe 6b 4a dc 0d 23 e6 e5 8a 62 54 57 9a 7e 56 8a ba cf e9 25 ef a4 7a 01 39 44 06 06 aa 04 a8 7e 88 b0 c9 4d 5b 67 01 69 87 fc d0 44 9a 17 a4 59 f8 80 28 dd bb 71 b7 83 d0 ee c3 17 9d 98 97 8c 37 d8 cf ad 95 1b 3c 78 ab 75 d1 91 1e 0f 2b 25 20 bd a1 e4 98 d7 f7 e5 e8 cf 62 57 a3 47 07 6c 0b a0 2d 5c e8 c8 7f f5 4e cd 14 b8 5b 54 75 86 1d a5 d0 e8 a7 b9 5c b3 bc aa d6 62 71 9e 3c 43 b9 0e e4 f8 bf b0 46 b5 37 7d 23 86 48 b9 5f 8b a5 cb 45 fb 9c 10 2e a7 25 73 11 ec 91 43 ad d9 f1 e4 a1 07 bf 22 df e6 77 69 01 35 f2 b0 cb 7f 62 fe 74 89 ab 36 a7 cb b0 ac 5d 79 39 ef d9 ad 89 6b 6d 6e ed 4c c2 4f 2a 84 dc 23 11 b2 78 62 68 89 97 66 3a bb 45 2c b9 6d 0c 7f 70 b1 7a 66 26 a8 92 ca 56 1d fd 82 03 b6 1e f3 74 7b 67 cc 64 98 c5 20 8d 9b 71 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: b7 ca 6a 24 d5 46 d6 17 cb ac fd f1 5d 72 9e 9b | unwrapped: 39 6e 57 de 3f 52 8c e8 fd 8e ed 51 97 96 4f 37 | unwrapped: 24 50 46 a5 7e ed 3f 4c c6 b3 88 9a a7 82 98 a6 | unwrapped: 62 db d9 15 34 26 74 30 b9 ed 43 5e 4e d2 d8 3e | unwrapped: 5c 31 59 ab 8f 58 2a e5 bf 5f 38 45 48 82 22 fd | unwrapped: bd 4c 07 1c d6 54 91 65 f1 11 6e b4 03 21 b7 c7 | unwrapped: 8b 14 df 8b da 57 8d f9 49 57 6e 0c 38 9e 0b 9b | unwrapped: 4b 89 2f a4 fc 49 53 db 18 be 7a 95 4c 3c 7a 57 | unwrapped: 4d ed f6 06 da ea 46 9a 5f 12 ae f7 84 e3 bf 29 | unwrapped: 6d eb 6e 70 24 a1 35 41 8c d7 54 01 5a 75 2d 73 | unwrapped: 26 a9 bd 96 56 f9 fe ef c8 9e ff 88 2e 2e 55 8c | unwrapped: 08 88 42 3f 8b 41 b9 3e 01 ed 89 99 d0 ba 96 04 | unwrapped: c5 2b b7 01 a9 83 16 53 41 cf c3 83 a1 89 1e 16 | unwrapped: fc f9 95 d3 4e ed e4 a6 65 36 ee de 83 75 32 0b | unwrapped: e8 7c 81 7f 6d 61 68 cb e6 de e2 5d e5 7d 4c 14 | unwrapped: a2 40 f6 34 f3 8c e8 c7 db 75 14 fe b6 2f 56 f2 | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 91 60 df 5e b9 66 1e df | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 52 8e 9e 9b d2 64 d6 41 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e710 | result: final-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5c790 | SKEYID_e PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID_e: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e768 | result: keymat-key@0x55a4efa5c790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa62310, skeyid_a 0x55a4efa5af10, skeyid_e 0x55a4efa65c00, enc_key 0x55a4efa5c790 | DH_i: 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | DH_i: 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | DH_i: b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | DH_i: a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | DH_i: 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | DH_i: ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | DH_i: e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | DH_i: db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | DH_i: 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | DH_i: 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | DH_i: c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | DH_i: 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | DH_i: be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | DH_i: b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | DH_i: 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | DH_i: 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | DH_r: 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | DH_r: 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | DH_r: c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | DH_r: 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | DH_r: 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | DH_r: de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | DH_r: 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | DH_r: 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | DH_r: f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | DH_r: 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | DH_r: 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | DH_r: 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | DH_r: 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | DH_r: 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | DH_r: 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | DH_r: 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | new IV hash sha final chunk@0x7f23340030c8 (length 20) | 64 88 45 da 80 ce 91 fa 2a 5c 11 3a 72 18 3a ac | ae a2 9a 3a | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 time elapsed 0.002025 seconds | (#9) spent 2.01 milliseconds in crypto helper computing work-order 9: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 9 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 9 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #9: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f233c004618: transferring ownership from helper IKEv1 DH+IV to state #9 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | 1a b4 4b e3 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | natd_hash: hash= 1a b4 4b e3 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 91 60 df 5e b9 66 1e df | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 91 60 df 5e b9 66 1e df | natd_hash: rcookie= 52 8e 9e 9b d2 64 d6 41 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | natd_hash: hash= e9 c2 c3 c3 | expected NAT-D(me): a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | expected NAT-D(me): 1a b4 4b e3 | expected NAT-D(him): | 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | e9 c2 c3 c3 | received NAT-D: a4 94 bd ae 33 6e de e2 cf ab 6e 4c 82 a5 05 14 | received NAT-D: 1a b4 4b e3 | received NAT-D: 3f a7 e6 f3 e0 41 91 80 4b aa e1 42 4f 51 70 20 | received NAT-D: e9 c2 c3 c3 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa83258 | hmac PRF sha update data-bytes@0x7f233c003828 (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | hmac PRF sha update data-bytes@0x7f2330000b48 (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 91 60 df 5e b9 66 1e df | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | fc df 29 58 68 20 b7 77 fc 21 98 c7 a7 eb bb ea | dd e6 94 3e | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I fc df 29 58 68 20 b7 77 fc 21 98 c7 a7 eb bb ea | HASH_I dd e6 94 3e | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: fc df 29 58 68 20 b7 77 fc 21 98 c7 a7 eb bb ea | encrypting: dd e6 94 3e | IV: 64 88 45 da 80 ce 91 fa 2a 5c 11 3a 72 18 3a ac | IV: ae a2 9a 3a | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 5d 45 24 0d 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #9: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f233c0047c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 25 3f 31 5a | ec 55 6c 8c af 75 4a ff 88 30 e5 c7 13 28 45 3f | 25 5a 6f 0b df c6 84 4d cc 3a 83 9e 5d 45 24 0d | 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | #9 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.906201 "aes128" #9: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.32 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2334003ad8 | spent 0.00194 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 49 b9 97 ba | 47 56 16 f8 a0 82 4d d9 4a 3e 4d 71 f7 e2 c9 4f | 84 b4 2e af bc 5a 25 01 7f 52 19 99 5e 51 59 7a | f9 21 2d 06 ed 11 51 39 02 cf 91 af | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I3 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 5d 45 24 0d 8a 0a 9a c6 c0 ef f7 b8 4e 92 88 81 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | decrypted payload (starts at offset -48): | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 61 31 87 ec | 16 85 93 0a f8 a2 ad 07 40 8f 39 90 b6 d1 71 9b | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #9: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f23340030c8 | hmac PRF sha update data-bytes@0x7f2330000b48 (length 256) | 7c a9 1a 77 8f 86 ab d1 03 3e 3d 4c df 2a 3b 12 | 3a f9 20 d8 b4 f9 02 a4 f8 ef 0a 24 7d 33 8e 54 | c1 8c 1f 81 4a d2 11 7f e4 15 0d 3a ee 6a 08 dc | 21 a7 0f b7 51 98 6f 37 04 b3 38 70 56 95 f4 13 | 09 10 97 25 48 a1 3c 6a da 1f 6a b2 6a 4a 61 48 | de 8b 52 b3 ba 99 72 b3 0c 23 8f 11 49 ea 61 c8 | 9d 6b 21 90 7f 22 ad 97 86 bd 07 23 32 f1 79 87 | 8c 8d 95 da fd 8b 78 dc 1a 11 a8 57 40 c0 e1 58 | f0 12 f5 04 4f 0f 3e 31 ce 1f ba 14 d2 ca 0e 66 | 29 1f 60 c8 a7 fb 69 dc 4b 8b 33 cd 11 fd 49 f9 | 99 e1 7e 12 1d 84 1b 86 be 0a 9a ab e4 22 6b 8a | 1a 72 e3 24 76 f2 37 e8 32 6b 6c 6b 73 d9 33 d9 | 1e 67 d1 88 a9 0e dd b2 23 eb 6b d7 f7 8e 34 d8 | 57 25 64 3f b3 60 75 f9 a0 96 b2 3b 18 b6 f1 92 | 2c 73 18 ef 8a 4e 6f 6e 23 51 c3 a4 38 f8 3a f2 | 1e 94 6b 4a cb 2b ae 29 d9 ce 6e cb 3c ae 15 ad | hmac PRF sha update data-bytes@0x7f233c003828 (length 256) | 24 76 83 bf 56 88 79 8d 22 7e aa 42 b8 71 c7 ee | 7c a1 f7 ca 79 1e 1b 2c 65 34 bd c9 e7 d8 92 33 | b4 44 6f 2e 28 33 da 1b b0 50 60 2c 7c 74 f2 58 | a4 56 0d 21 dc 44 2e 35 b0 79 ab ad 8c ce 56 2e | 05 7f 6a 2c 8a 6a d8 87 16 5e c3 d2 ed 3d e5 f7 | ee 3c 54 4d 89 c6 e5 13 df 4e 4a ca 34 eb f4 29 | e9 bf 19 ed 4f 9d 79 8c d2 4a da 0d c9 ec b6 09 | db b5 86 5e eb b0 48 17 d3 35 db 8f 69 3d 86 b7 | 14 e5 53 52 45 1b 44 d8 90 59 e7 6e 68 25 7c 74 | 8a 34 7c d4 5f 74 05 d3 d0 51 be 88 71 a4 f6 98 | c2 bc 40 4f 17 c7 00 d7 b2 c9 67 b4 eb f7 a9 b5 | 22 e2 dd 82 fd 0f 79 ad a0 d1 3b f4 98 1c f4 0b | be 90 71 c9 10 e3 25 d6 d3 78 96 77 bf 16 72 1a | b0 16 f6 a8 85 5e 22 fd ef 14 5b f7 d6 07 ba 7a | 6d e0 f2 45 a9 0f 09 ad a4 05 f1 77 6c 44 7d c2 | 10 5c 33 46 6b 76 c0 c4 05 d3 77 96 0f fc 2f 73 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 52 8e 9e 9b d2 64 d6 41 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 91 60 df 5e b9 66 1e df | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4efa7ada8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 61 31 87 ec 16 85 93 0a f8 a2 ad 07 40 8f 39 90 | b6 d1 71 9b | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #9: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2629 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | pstats #9 ikev1.isakmp established "aes128" #9: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #9 | creating state object #10 at 0x55a4efa7b648 | State DB: adding IKEv1 state #10 in UNDEFINED | pstats #10 ikev1.ipsec started | duplicating state object #9 "aes128" as #10 for IPSEC SA | #10 setting local endpoint to 192.1.2.45:500 from #9.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa5c790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #9 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #10 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #10: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#9 msgid:52df9de4 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 10 for state #10 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #10 | libevent_malloc: new ptr-libevent@0x55a4efa83168 size 128 | stop processing: state #10 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #9 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 3 resuming | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa6a3f8} | crypto helper 3 starting work-order 10 for state #10 | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 10 | #9 spent 0.351 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | NSS: Value of Prime: | spent 0.449 milliseconds in comm_handle_cb() reading and processing packet | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2338003188: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2338003188 | NSS: Public DH wire value: | 4f dc 67 41 3e 5d 54 3d a1 d3 d8 59 26 c1 1f 4b | 8a 1d 1b 65 cd 8d 4e 60 15 7a f7 8a cc 7c 3d 01 | 60 ac 70 8f a0 b2 0e eb 18 28 10 1b f3 47 d6 fc | 7e 6f 6e 0e 51 b9 3e 4a 87 1d 8d cc b8 a5 1f ec | 51 ae f6 f4 9f 52 f4 38 8f 71 15 6c d5 9f de ea | 9e d4 dc ca be 4e 22 a0 5f 1a 18 7a d7 25 b2 08 | bb 78 18 96 d6 15 af ff c4 0d 9e 46 02 88 20 6d | fb 43 31 e8 1e 0d 94 de d6 b7 74 73 40 69 ab 8c | df d7 74 9b 1f e3 b1 73 fe 22 67 1e 91 51 4f 30 | ac a7 11 b6 93 3d 03 4c 9c d0 9d f9 3d 58 48 b2 | 11 72 bd 57 95 ba 6a 6c 09 3b 96 d2 af c9 b2 64 | bc 2d 50 08 02 5b c8 8d 76 47 8a 77 9a 5b aa 91 | e0 45 13 8e af 17 af 5c 1f 1d 59 d8 2b 8e 0f e1 | 82 01 7c 51 5d 24 75 a1 1d 0f 90 94 ba 15 b6 1d | 0e 6b 00 14 c6 ee 83 7c 70 b4 52 30 0d 63 53 29 | d4 a3 e6 a2 10 ed e7 67 d1 f5 15 4f c4 1b 80 ff | Generated nonce: e7 57 c1 96 9f 25 9d 4b 1f 18 9c b9 da 18 46 c8 | Generated nonce: 69 05 78 c2 6c f6 7e ff 63 7b 12 83 b6 ca dd 57 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 10 time elapsed 0.001047 seconds | (#10) spent 1.04 milliseconds in crypto helper computing work-order 10: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 10 for state #10 to event queue | scheduling resume sending helper answer for #10 | libevent_malloc: new ptr-libevent@0x7f2338007818 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #10 | start processing: state #10 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 10 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #10: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1390386660 (0x52df9de4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x1c303c0f for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 1c 30 3c 0f | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #10: IMPAIR: stripping key-length "aes128" #10: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni e7 57 c1 96 9f 25 9d 4b 1f 18 9c b9 da 18 46 c8 | Ni 69 05 78 c2 6c f6 7e ff 63 7b 12 83 b6 ca dd 57 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2338003188: transferring ownership from helper KE to state #10 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 4f dc 67 41 3e 5d 54 3d a1 d3 d8 59 26 c1 1f 4b | keyex value 8a 1d 1b 65 cd 8d 4e 60 15 7a f7 8a cc 7c 3d 01 | keyex value 60 ac 70 8f a0 b2 0e eb 18 28 10 1b f3 47 d6 fc | keyex value 7e 6f 6e 0e 51 b9 3e 4a 87 1d 8d cc b8 a5 1f ec | keyex value 51 ae f6 f4 9f 52 f4 38 8f 71 15 6c d5 9f de ea | keyex value 9e d4 dc ca be 4e 22 a0 5f 1a 18 7a d7 25 b2 08 | keyex value bb 78 18 96 d6 15 af ff c4 0d 9e 46 02 88 20 6d | keyex value fb 43 31 e8 1e 0d 94 de d6 b7 74 73 40 69 ab 8c | keyex value df d7 74 9b 1f e3 b1 73 fe 22 67 1e 91 51 4f 30 | keyex value ac a7 11 b6 93 3d 03 4c 9c d0 9d f9 3d 58 48 b2 | keyex value 11 72 bd 57 95 ba 6a 6c 09 3b 96 d2 af c9 b2 64 | keyex value bc 2d 50 08 02 5b c8 8d 76 47 8a 77 9a 5b aa 91 | keyex value e0 45 13 8e af 17 af 5c 1f 1d 59 d8 2b 8e 0f e1 | keyex value 82 01 7c 51 5d 24 75 a1 1d 0f 90 94 ba 15 b6 1d | keyex value 0e 6b 00 14 c6 ee 83 7c 70 b4 52 30 0d 63 53 29 | keyex value d4 a3 e6 a2 10 ed e7 67 d1 f5 15 4f c4 1b 80 ff | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa83398 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 52 df 9d e4 | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 1c 30 3c 0f 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 00 04 00 00 24 e7 57 c1 96 | 9f 25 9d 4b 1f 18 9c b9 da 18 46 c8 69 05 78 c2 | 6c f6 7e ff 63 7b 12 83 b6 ca dd 57 05 00 01 04 | 4f dc 67 41 3e 5d 54 3d a1 d3 d8 59 26 c1 1f 4b | 8a 1d 1b 65 cd 8d 4e 60 15 7a f7 8a cc 7c 3d 01 | 60 ac 70 8f a0 b2 0e eb 18 28 10 1b f3 47 d6 fc | 7e 6f 6e 0e 51 b9 3e 4a 87 1d 8d cc b8 a5 1f ec | 51 ae f6 f4 9f 52 f4 38 8f 71 15 6c d5 9f de ea | 9e d4 dc ca be 4e 22 a0 5f 1a 18 7a d7 25 b2 08 | bb 78 18 96 d6 15 af ff c4 0d 9e 46 02 88 20 6d | fb 43 31 e8 1e 0d 94 de d6 b7 74 73 40 69 ab 8c | df d7 74 9b 1f e3 b1 73 fe 22 67 1e 91 51 4f 30 | ac a7 11 b6 93 3d 03 4c 9c d0 9d f9 3d 58 48 b2 | 11 72 bd 57 95 ba 6a 6c 09 3b 96 d2 af c9 b2 64 | bc 2d 50 08 02 5b c8 8d 76 47 8a 77 9a 5b aa 91 | e0 45 13 8e af 17 af 5c 1f 1d 59 d8 2b 8e 0f e1 | 82 01 7c 51 5d 24 75 a1 1d 0f 90 94 ba 15 b6 1d | 0e 6b 00 14 c6 ee 83 7c 70 b4 52 30 0d 63 53 29 | d4 a3 e6 a2 10 ed e7 67 d1 f5 15 4f c4 1b 80 ff | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | a6 65 40 81 4d be 62 0e 6b de 27 a6 83 6f 08 d2 | 75 28 25 3c | outI1 HASH(1): | a6 65 40 81 4d be 62 0e 6b de 27 a6 83 6f 08 d2 | 75 28 25 3c | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 52 df 9d e4 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | c1 60 0a 70 28 b4 26 06 89 e1 4a c5 0b 7a 24 ed | 09 41 d1 bd | encrypting: 01 00 00 18 a6 65 40 81 4d be 62 0e 6b de 27 a6 | encrypting: 83 6f 08 d2 75 28 25 3c 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 1c 30 3c 0f | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 00 | encrypting: 04 00 00 24 e7 57 c1 96 9f 25 9d 4b 1f 18 9c b9 | encrypting: da 18 46 c8 69 05 78 c2 6c f6 7e ff 63 7b 12 83 | encrypting: b6 ca dd 57 05 00 01 04 4f dc 67 41 3e 5d 54 3d | encrypting: a1 d3 d8 59 26 c1 1f 4b 8a 1d 1b 65 cd 8d 4e 60 | encrypting: 15 7a f7 8a cc 7c 3d 01 60 ac 70 8f a0 b2 0e eb | encrypting: 18 28 10 1b f3 47 d6 fc 7e 6f 6e 0e 51 b9 3e 4a | encrypting: 87 1d 8d cc b8 a5 1f ec 51 ae f6 f4 9f 52 f4 38 | encrypting: 8f 71 15 6c d5 9f de ea 9e d4 dc ca be 4e 22 a0 | encrypting: 5f 1a 18 7a d7 25 b2 08 bb 78 18 96 d6 15 af ff | encrypting: c4 0d 9e 46 02 88 20 6d fb 43 31 e8 1e 0d 94 de | encrypting: d6 b7 74 73 40 69 ab 8c df d7 74 9b 1f e3 b1 73 | encrypting: fe 22 67 1e 91 51 4f 30 ac a7 11 b6 93 3d 03 4c | encrypting: 9c d0 9d f9 3d 58 48 b2 11 72 bd 57 95 ba 6a 6c | encrypting: 09 3b 96 d2 af c9 b2 64 bc 2d 50 08 02 5b c8 8d | encrypting: 76 47 8a 77 9a 5b aa 91 e0 45 13 8e af 17 af 5c | encrypting: 1f 1d 59 d8 2b 8e 0f e1 82 01 7c 51 5d 24 75 a1 | encrypting: 1d 0f 90 94 ba 15 b6 1d 0e 6b 00 14 c6 ee 83 7c | encrypting: 70 b4 52 30 0d 63 53 29 d4 a3 e6 a2 10 ed e7 67 | encrypting: d1 f5 15 4f c4 1b 80 ff 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: c1 60 0a 70 28 b4 26 06 89 e1 4a c5 0b 7a 24 ed | IV: 09 41 d1 bd | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 75 c3 90 c3 da d4 77 b5 39 b2 ed 0c 6b 76 25 ef | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #10) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 20 01 52 df 9d e4 00 00 01 bc dd ff eb 46 | 33 40 f5 d1 8d 61 60 46 fa 42 70 e6 40 15 2d 7b | 14 6c 66 20 5b 57 bf 3a e8 a0 6c 8d 59 71 26 bb | 7a 43 5c fc 27 9b 8e df f3 89 6f 65 3e 2e 51 69 | e4 3f d8 88 08 9d ac b7 3d 88 e9 6f fe 36 58 77 | d6 5c a0 77 27 a6 c8 5f 4e 14 c2 99 8e d1 b5 fe | 7e 98 fa 71 46 c8 75 de bb f5 bb ce f2 15 22 f3 | 81 c2 8b 56 23 69 5b f9 11 c4 3d 86 e6 7d ce 23 | b7 28 35 d0 89 b4 e0 73 20 e3 47 1a 2e f9 fa 13 | f7 a9 f8 2b 3d ab a9 68 f6 82 f5 25 25 ac 57 6f | 88 26 a3 2b 46 3a 9e b6 29 97 8f 45 f6 82 80 36 | 4b e5 07 69 e4 20 56 3c 19 43 fb 05 98 50 b2 63 | 87 15 75 71 73 b0 4c 10 61 e9 21 0f 6c 84 e6 0d | b8 5b 8c 30 5e 4e 1b 4b ef af 97 35 23 66 87 15 | 10 e3 07 5b e6 4f e5 9d b7 3e 95 b0 3c a1 a2 52 | 18 ae 41 08 cb 21 f1 cd 99 77 4a de f5 4a d3 8e | 30 1c e9 28 12 22 ef ff 6b d1 35 05 e4 7e 4e 0f | 6c 91 b6 7f 38 8c b1 34 9f 59 e2 28 0e cc 13 b6 | cf ec c4 60 ec 5b be 8d c1 1e 34 08 d0 5b 7b 48 | 8c 17 7d ca 17 6e 1e b2 fd 2c bd be 43 8d bf 50 | 2f 11 dd 16 b8 41 cb 1d de 8f ee 3a f1 c3 1d a0 | 4d fa 52 2f 72 9b 93 65 a4 06 bd 18 bf 0a fc 49 | ae 22 e0 09 73 ca 68 12 92 55 29 f4 30 4c fe c7 | 9d 6f 0d d8 1f 5c 76 49 60 63 ec 85 c6 21 88 68 | bf 5e a9 0e 73 95 ca a0 e5 1b b7 c5 1e 67 e4 87 | ba bc 06 73 e9 04 6c 51 b0 d1 75 a8 75 c3 90 c3 | da d4 77 b5 39 b2 ed 0c 6b 76 25 ef | state #10 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa83168 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #10 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | #10 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29298.908962 | resume sending helper answer for #10 suppresed complete_v1_state_transition() | #10 spent 0.454 milliseconds in resume sending helper answer | stop processing: state #10 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2338007818 | spent 0.00218 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 bb e1 cf cd 00 00 00 4c c4 b9 d4 9e | 63 5c 80 98 db 84 05 c5 e1 77 22 06 86 b2 27 79 | 80 9d 10 25 49 da 28 af 28 f5 7b 02 5d b5 18 ee | 96 b2 c9 12 51 e6 41 e3 84 82 fb a2 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3152138189 (0xbbe1cfcd) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #10; msgid=00000000 st_msgid=52df9de4 st_msgid_phase15=00000000 | peer and cookies match on #9; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #9 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #9 in MAIN_I4 (find_v1_info_state) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39f28c (length 4) | bb e1 cf cd | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 50 39 3a d0 e6 04 46 47 eb 32 20 c5 c4 f5 f5 b6 | 1e 33 06 b4 | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 50 39 3a d0 e6 04 46 47 eb 32 20 c5 c4 f5 f5 b6 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 5d b5 18 ee 96 b2 c9 12 51 e6 41 e3 84 82 fb a2 | decrypted payload (starts at offset -48): | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 bb e1 cf cd 00 00 00 4c 0b 00 00 18 | 45 e5 11 8c ff 2e 24 27 3d 78 41 33 14 fc c8 0f | c7 3a 91 b9 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f23340030c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | bb e1 cf cd | HASH(1) PRF sha update payload-bytes@0x55a4efa7adbc (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 45 e5 11 8c ff 2e 24 27 3d 78 41 33 14 fc c8 0f | c7 3a 91 b9 | informational HASH(1): | 45 e5 11 8c ff 2e 24 27 3d 78 41 33 14 fc c8 0f | c7 3a 91 b9 | received 'informational' message HASH(1) data ok "aes128" #9: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #9: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #9 spent 0.00575 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.17 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f2330002b78 | handling event EVENT_RETRANSMIT for child state #10 | start processing: state #10 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #10 keying attempt 1 of 0; retransmit 1 "aes128" #10: IMPAIR: retransmit so deleting SA | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #10 ikev1.ipsec failed too-many-retransmits | pstats #10 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #10: deleting state (STATE_QUICK_I1) aged 0.503s and NOT sending notification | child state #10: QUICK_I1(established CHILD SA) => delete | child state #10: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #10 in CHILDSA_DEL | child state #10: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f2338003188: destroyed | stop processing: state #10 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | in statetime_stop() and could not find #10 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0485 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #9 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #9 ikev1.isakmp deleted completed | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #9: deleting state (STATE_MAIN_I4) aged 0.531s and sending notification | parent state #9: MAIN_I4(established IKE SA) => delete | #9 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3391577041 (0xca275bd1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 91 60 df 5e b9 66 1e df | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 52 8e 9e 9b d2 64 d6 41 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2338003138 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | ca 27 5b d1 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 91 60 df 5e | b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 69 6e 17 25 95 b7 29 0f 45 a5 e1 db da e5 69 b6 | 45 5b f8 53 | send delete HASH(1): | 69 6e 17 25 95 b7 29 0f 45 a5 e1 db da e5 69 b6 | 45 5b f8 53 | last Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | current Phase 1 IV: 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 5e 51 59 7a f9 21 2d 06 ed 11 51 39 02 cf 91 af | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | ca 27 5b d1 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 81 22 c8 c6 34 96 9f d9 df b9 6f 27 1c ac de b8 | 2a f4 45 fd | encrypting: 0c 00 00 18 69 6e 17 25 95 b7 29 0f 45 a5 e1 db | encrypting: da e5 69 b6 45 5b f8 53 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 91 60 df 5e b9 66 1e df 52 8e 9e 9b | encrypting: d2 64 d6 41 | IV: 81 22 c8 c6 34 96 9f d9 df b9 6f 27 1c ac de b8 | IV: 2a f4 45 fd | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8a 7c 6d 3c 8b ba 83 32 e3 82 db 45 c5 03 1c 0c | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 ca 27 5b d1 00 00 00 5c b4 4c aa 38 | 5b fe a9 00 49 3b 1c ee 0d 7b 1e 58 40 cf ad 1a | b1 1e b2 d0 1d 7c d4 70 ef ad c0 50 be 08 0a b8 | 98 8a e3 eb 2e 5f 73 d6 f9 39 87 e9 8a 7c 6d 3c | 8b ba 83 32 e3 82 db 45 c5 03 1c 0c | state #9 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2334003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #9 in MAIN_I4 | parent state #9: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f233c004618: destroyed | stop processing: state #9 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa65820 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.527 milliseconds in whack | spent 0.00229 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 91 60 df 5e b9 66 1e df 52 8e 9e 9b d2 64 d6 41 | 08 10 05 01 b7 b1 45 58 00 00 00 5c d2 51 6e 3d | 70 e0 b3 24 53 04 7e da 6b 82 8a d9 46 de 62 32 | d5 6b 7c c4 5f cc 0c d1 3b 57 a8 37 4e aa e7 44 | 33 eb fa 82 1d 54 18 d6 37 4b 17 12 d0 0d 2c b2 | ce 2e d8 54 ef 73 91 bf c0 2e 1d a8 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 91 60 df 5e b9 66 1e df | responder cookie: | 52 8e 9e 9b d2 64 d6 41 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3081848152 (0xb7b14558) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xb7b14558 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 91 60 df 5e b9 66 1e df | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 52 8e 9e 9b d2 64 d6 41 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0722 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.053 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0463 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0676 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.106 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #11 at 0x55a4efa78798 | State DB: adding IKEv1 state #11 in UNDEFINED | pstats #11 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #11 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #11: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #11 "aes128" "aes128" #11: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa769c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #11: IMPAIR: stripping key-length "aes128" #11: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | f8 0e 07 98 5a 78 ed f7 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f2338007818 size 128 | #11 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.868206 | #11 spent 0.31 milliseconds in main_outI1() | stop processing: state #11 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.36 milliseconds in whack | spent 0.00151 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #11 in MAIN_I1 (find_state_ikev1_init) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 11 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2338007818 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f2338007818 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #11 and saving MD | #11 is busy; has a suspended MD | crypto helper 2 resuming | crypto helper 2 starting work-order 11 for state #11 | #11 spent 0.142 milliseconds in process_packet_tail() | crypto helper 2 doing build KE and nonce (outI2 KE); request ID 11 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.258 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f232c001158: created | NSS: Local DH MODP2048 secret (pointer): 0x7f232c001158 | NSS: Public DH wire value: | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | Generated nonce: 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 15 a1 c1 be | Generated nonce: 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 f9 a1 b5 a1 | crypto helper 2 finished build KE and nonce (outI2 KE); request ID 11 time elapsed 0.001061 seconds | (#11) spent 1.03 milliseconds in crypto helper computing work-order 11: outI2 KE (pcr) | crypto helper 2 sending results from work-order 11 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f232c005fb8 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 11 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #11: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f232c001158: transferring ownership from helper KE to state #11 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | keyex value ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | keyex value 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | keyex value e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | keyex value 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | keyex value ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | keyex value b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | keyex value 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | keyex value 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | keyex value 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | keyex value b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | keyex value 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | keyex value 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | keyex value 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | keyex value f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | keyex value b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 15 a1 c1 be | Ni 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 f9 a1 b5 a1 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | natd_hash: hash= 52 e7 89 8f | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | NAT-D 52 e7 89 8f | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | natd_hash: hash= a7 21 35 8e | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | NAT-D a7 21 35 8e | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #11 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #11: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2338007818 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | 14 00 00 24 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 | 15 a1 c1 be 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 | f9 a1 b5 a1 14 00 00 18 7c b0 00 2d e6 44 96 7e | b0 03 d6 18 c7 40 46 95 52 e7 89 8f 00 00 00 18 | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a4efa831b8 size 128 | #11 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.870307 "aes128" #11: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.347 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f232c005fb8 | spent 0.00251 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | 14 00 00 24 e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 | 98 a5 0a 2e d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e | fb 64 0e dc 14 00 00 18 03 90 34 fd c1 86 60 1e | 1b 96 d4 dd a1 38 c8 8b a7 21 35 8e 00 00 00 18 | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I2 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f232c001158: transferring ownership from state #11 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 12 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa831b8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f232c005fb8 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 4 resuming | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #11 and saving MD | #11 is busy; has a suspended MD | crypto helper 4 starting work-order 12 for state #11 | #11 spent 0.103 milliseconds in process_packet_tail() | crypto helper 4 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | peer's g: 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | peer's g: ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | peer's g: bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | peer's g: ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | peer's g: ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | peer's g: 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | peer's g: 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | peer's g: a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | peer's g: 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | peer's g: 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | peer's g: c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | peer's g: 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | peer's g: 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | peer's g: f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | Started DH shared-secret computation in NSS: | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.287 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f232c001158: computed shared DH secret key@0x55a4efa5c790 | dh-shared : g^ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: psk-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: psk-key@0x55a4efa65c00 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa5af10 | SKEYID psk prf: created sha context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk prf: begin sha with context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk: release clone-key@0x55a4efa65c00 | SKEYID psk PRF sha crypt-prf@0x7f2330001548 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | 79 7f ef b3 8f 23 3a fb 1a 8c 87 01 15 a1 c1 be | 9f f2 1c ce 4d 61 15 ed 1c 36 3d d8 f9 a1 b5 a1 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | e6 00 b7 5d 55 9a f7 68 fd 5f 00 a1 98 a5 0a 2e | d4 00 d4 2d c5 2c a8 cb 3f 5e aa 0e fb 64 0e dc | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID psk PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID psk: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b718 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d: release clone-key@0x55a4efa5af10 | SKEYID_d PRF sha crypt-prf@0x7f2330001278 | SKEYID_d PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_d: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 0e 7e b5 bd 12 1a 5c 5e b2 84 30 17 e1 31 ec 4d 6e d7 79 86 aa c7 e4 5d 14 06 24 7b 77 ff 62 0e 83 7b 29 1f 11 68 a1 0c a8 bd 36 be 17 73 99 c1 fa 97 e6 c7 3e 30 2b 1e 95 da c7 b9 9a 3c 76 35 47 03 c3 15 bb 14 c6 9f ea da c3 ac df f0 d2 52 33 3d d8 ab b5 e6 0a 85 14 e9 b4 47 ed 45 09 7d ab a6 18 ec 49 17 55 6c 41 46 26 c3 21 e1 32 02 d5 03 8f 0f 3e d5 db a9 cf 52 fa bc 1c d5 b2 76 31 a6 fc 4d 13 41 af 24 a8 08 80 9a de 07 e7 a8 33 d5 94 97 bd 29 49 cf 0c 62 55 d0 1f 69 b5 1d d8 b6 01 cb 57 dd eb 68 02 a3 17 93 1c 7b c0 8a 3b 80 3a 54 32 d0 ae 34 ac 9d a9 04 92 e5 20 c3 b3 aa 1b ee eb d4 18 0f 0c 96 71 6b 6a ea e0 b6 0b 97 91 a0 82 e6 5e 71 94 46 10 62 58 24 78 6f a2 1f 85 db 12 65 8b 8b 27 5b 14 6c 4d 36 9e 87 43 8c 3d bf 07 f8 6c 7c ad 94 d7 9e 39 ac 41 6d | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2330004678 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID_d PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_d: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a: release clone-key@0x55a4efa62310 | SKEYID_a PRF sha crypt-prf@0x7f2330001548 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa5af10 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 67 c8 cb df fc 9d b9 90 6c 26 6c 70 66 60 89 0b 2b 6c 7c be e3 61 3d 78 8d 9f 7c 41 58 c6 31 d8 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2330002148 | unwrapped: 23 e5 b7 86 d5 ec 2c b6 87 02 d0 2e f9 50 22 aa | unwrapped: 75 d0 4b 42 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_a: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 0e 7e b5 bd 12 1a 5c 5e b2 84 30 17 e1 31 ec 4d 6e d7 79 86 aa c7 e4 5d 14 06 24 7b 77 ff 62 0e 83 7b 29 1f 11 68 a1 0c a8 bd 36 be 17 73 99 c1 fa 97 e6 c7 3e 30 2b 1e 95 da c7 b9 9a 3c 76 35 47 03 c3 15 bb 14 c6 9f ea da c3 ac df f0 d2 52 33 3d d8 ab b5 e6 0a 85 14 e9 b4 47 ed 45 09 7d ab a6 18 ec 49 17 55 6c 41 46 26 c3 21 e1 32 02 d5 03 8f 0f 3e d5 db a9 cf 52 fa bc 1c d5 b2 76 31 a6 fc 4d 13 41 af 24 a8 08 80 9a de 07 e7 a8 33 d5 94 97 bd 29 49 cf 0c 62 55 d0 1f 69 b5 1d d8 b6 01 cb 57 dd eb 68 02 a3 17 93 1c 7b c0 8a 3b 80 3a 54 32 d0 ae 34 ac 9d a9 04 92 e5 20 c3 b3 aa 1b ee eb d4 18 0f 0c 96 71 6b 6a ea e0 b6 0b 97 91 a0 82 e6 5e 71 94 46 10 62 58 24 78 6f a2 1f 85 db 12 65 8b 8b 27 5b 14 6c 4d 36 9e 87 43 8c 3d bf 07 f8 6c 7c ad 94 d7 9e 39 ac 41 6d | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f23300018c8 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: final-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa63dc0 | SKEYID_a PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_a: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: clone-key@0x55a4efa63dc0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e: release clone-key@0x55a4efa63dc0 | SKEYID_e PRF sha crypt-prf@0x7f2330001278 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa62310 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: d2 c4 f9 fa 83 46 c5 74 c2 c4 d0 b8 ca 7a b0 cc 4c 50 59 29 03 59 f4 00 cf eb bb e3 c9 26 71 f7 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2330001598 | unwrapped: 56 a0 52 0d 5b af c9 79 18 70 be 7e 96 08 ab 64 | unwrapped: b3 3b 29 8f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_e: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 0e 7e b5 bd 12 1a 5c 5e b2 84 30 17 e1 31 ec 4d 6e d7 79 86 aa c7 e4 5d 14 06 24 7b 77 ff 62 0e 83 7b 29 1f 11 68 a1 0c a8 bd 36 be 17 73 99 c1 fa 97 e6 c7 3e 30 2b 1e 95 da c7 b9 9a 3c 76 35 47 03 c3 15 bb 14 c6 9f ea da c3 ac df f0 d2 52 33 3d d8 ab b5 e6 0a 85 14 e9 b4 47 ed 45 09 7d ab a6 18 ec 49 17 55 6c 41 46 26 c3 21 e1 32 02 d5 03 8f 0f 3e d5 db a9 cf 52 fa bc 1c d5 b2 76 31 a6 fc 4d 13 41 af 24 a8 08 80 9a de 07 e7 a8 33 d5 94 97 bd 29 49 cf 0c 62 55 d0 1f 69 b5 1d d8 b6 01 cb 57 dd eb 68 02 a3 17 93 1c 7b c0 8a 3b 80 3a 54 32 d0 ae 34 ac 9d a9 04 92 e5 20 c3 b3 aa 1b ee eb d4 18 0f 0c 96 71 6b 6a ea e0 b6 0b 97 91 a0 82 e6 5e 71 94 46 10 62 58 24 78 6f a2 1f 85 db 12 65 8b 8b 27 5b 14 6c 4d 36 9e 87 43 8c 3d bf 07 f8 6c 7c ad 94 d7 9e 39 ac 41 6d | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2330004678 | unwrapped: e0 23 96 d7 87 15 d7 c5 0a 22 3e 99 8c b1 81 fe | unwrapped: 48 7e ac 26 33 1a ec a2 09 c7 cd de de 66 35 0d | unwrapped: 9f 0b 23 46 69 68 2a fb 95 f0 63 ca 4a b2 9a 40 | unwrapped: 9e 61 1a 03 f9 17 cd ba f5 50 f5 07 61 a3 89 be | unwrapped: 97 66 1a 78 bc 68 0e f7 45 73 09 a4 84 ac 0e ba | unwrapped: e6 63 44 11 f7 d3 8a d6 48 41 6c 88 93 56 37 2a | unwrapped: 1a 9b 43 64 b9 20 60 7a 42 cd 18 2d c2 02 59 8d | unwrapped: d8 f4 a7 5c e9 08 0b 84 80 fc 88 90 6e c1 96 8d | unwrapped: 80 60 eb a1 ea 6d ec 25 f9 c5 25 bb f7 20 1c a7 | unwrapped: a7 ae f0 f0 ee b2 c8 c8 fe f4 36 62 08 fe 1a 91 | unwrapped: ec 1d 8f e1 49 fc 63 6c 6f 00 51 f7 c4 9b 1e d1 | unwrapped: 2b ef ab 72 46 c5 24 b8 80 ba 0e 70 3f e7 f6 6c | unwrapped: 13 07 20 66 e6 16 24 f8 8c b5 aa 4b bf c0 57 f6 | unwrapped: c2 16 1f bb b7 3b eb fa ca 1b a9 94 7b f5 68 57 | unwrapped: 00 e6 46 75 23 d4 67 ed 82 fc 5c 7f cc 2f bb 5d | unwrapped: 7a 65 cb a5 f7 c6 65 8b 32 92 43 51 9a 85 24 fc | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | f8 0e 07 98 5a 78 ed f7 | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | c9 91 91 14 7f bd 3f d5 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b710 | result: final-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65820 | SKEYID_e PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID_e: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b768 | result: keymat-key@0x55a4efa65820 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa5af10, skeyid_a 0x55a4efa62310, skeyid_e 0x55a4efa63dc0, enc_key 0x55a4efa65820 | DH_i: 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | DH_i: ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | DH_i: 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | DH_i: e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | DH_i: 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | DH_i: ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | DH_i: b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | DH_i: 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | DH_i: 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | DH_i: 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | DH_i: b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | DH_i: 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | DH_i: 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | DH_i: 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | DH_i: f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | DH_i: b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | DH_r: cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | DH_r: c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | DH_r: 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | DH_r: ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | DH_r: bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | DH_r: ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | DH_r: ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | DH_r: 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | DH_r: 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | DH_r: a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | DH_r: 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | DH_r: 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | DH_r: c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | DH_r: 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | DH_r: 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | DH_r: f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | new IV hash sha final chunk@0x7f2330001598 (length 20) | 4c 8a 89 0f 7e 60 8d 5d a3 db 7f 94 ec 2f c2 42 | 76 ac 42 b4 | crypto helper 4 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 time elapsed 0.002099 seconds | (#11) spent 2.07 milliseconds in crypto helper computing work-order 12: aggr outR1 DH (pcr) | crypto helper 4 sending results from work-order 12 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f2330002098 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 12 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #11: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f232c001158: transferring ownership from helper IKEv1 DH+IV to state #11 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | a7 21 35 8e | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | natd_hash: hash= a7 21 35 8e | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | f8 0e 07 98 5a 78 ed f7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | c9 91 91 14 7f bd 3f d5 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= f8 0e 07 98 5a 78 ed f7 | natd_hash: rcookie= c9 91 91 14 7f bd 3f d5 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | natd_hash: hash= 52 e7 89 8f | expected NAT-D(me): 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | expected NAT-D(me): a7 21 35 8e | expected NAT-D(him): | 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | 52 e7 89 8f | received NAT-D: 03 90 34 fd c1 86 60 1e 1b 96 d4 dd a1 38 c8 8b | received NAT-D: a7 21 35 8e | received NAT-D: 7c b0 00 2d e6 44 96 7e b0 03 d6 18 c7 40 46 95 | received NAT-D: 52 e7 89 8f | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa78368 | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | f8 0e 07 98 5a 78 ed f7 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | c9 91 91 14 7f bd 3f d5 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | d1 3a 9d a8 ca a8 15 96 f0 d0 54 b3 65 a5 cb 48 | d3 96 68 a6 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I d1 3a 9d a8 ca a8 15 96 f0 d0 54 b3 65 a5 cb 48 | HASH_I d3 96 68 a6 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: d1 3a 9d a8 ca a8 15 96 f0 d0 54 b3 65 a5 cb 48 | encrypting: d3 96 68 a6 | IV: 4c 8a 89 0f 7e 60 8d 5d a3 db 7f 94 ec 2f c2 42 | IV: 76 ac 42 b4 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: c3 53 f8 e6 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #11: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f232c005fb8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c e2 28 51 8c | 86 98 ee ee f7 59 c4 1a c6 9b e2 dc 2e 65 5f 07 | 10 29 cb 91 17 f5 f0 cc 2c 4f d5 f4 c3 53 f8 e6 | 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x55a4efa78188 size 128 | #11 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.875059 "aes128" #11: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.473 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2330002098 | spent 0.0025 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c 8c a9 30 3a | 8f 7c c3 39 92 6b 67 85 91 4b e7 a2 e7 a9 4a 54 | 8c e3 cb fc 79 7c 0d e9 90 eb 00 02 6a 4a 17 c7 | 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I3 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: c3 53 f8 e6 7c 85 e4 dd 4d 28 27 52 2e c2 58 42 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | decrypted payload (starts at offset -48): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 ef 6b 91 00 | 2e 34 cd 84 30 41 dd ab 84 b5 a2 a3 90 78 57 d5 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #11: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f2330001598 | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | cd ae 18 08 b8 eb 2c ec 8a b4 4a be cd 41 04 a7 | c4 31 51 bd c6 30 a2 71 bb 40 c5 aa 3a 4b 70 9c | 4c df 9a f3 cb c1 6c b6 38 e9 ae 4f 6d 8f 9f f3 | ea e2 6e 2c ff 5b 7e 17 d0 1e 49 0a a6 5f 2b ca | bb 99 d8 69 03 a4 b6 01 48 42 b7 37 0c 27 96 7c | ac 17 4d b4 47 52 23 da 62 4d ac e2 1d 77 95 84 | ed a9 6d 88 dd bd 24 e1 fa 77 17 20 fc 2b 38 44 | 48 f0 d2 46 c8 09 54 f8 87 69 25 e8 fa 4c 9f 53 | 25 32 08 59 7c 1f e9 c9 9c 26 d1 32 af 70 1c a0 | a9 06 cb 68 47 89 2f ca 62 61 9c 07 e5 0b 79 78 | 56 fc f2 6c 47 19 7a 8b 56 48 82 35 36 f8 96 61 | 11 41 65 d3 56 76 7a 20 36 28 c3 f7 b1 30 f9 dc | c0 4b 0d 68 12 3f 19 4a 6d 53 1a 3e 0c 6f 1a a4 | 35 51 70 b0 fe ab 41 9e 45 c0 fa 50 c1 40 ce c8 | 15 9b 89 a1 1a 4c fb 2e 01 13 4b f9 e9 b9 34 2a | f0 1c f2 9a 21 c1 4d ef 3a fb 79 bd 12 5f bf 2a | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | 17 a3 31 8d bc 94 90 d0 bb 2a f5 bb a7 40 71 ef | ed dd 52 67 ee 4e dd e7 29 b0 15 32 8a 34 16 04 | 08 85 df d5 cd 65 5d 13 1f 70 fb 9d 8d 50 98 85 | e4 5b 89 7e 2d 5a 0d 11 73 f4 af db 95 06 37 86 | 03 53 2b 32 69 08 14 77 55 5a 29 68 50 69 f2 20 | ad 02 86 3d 18 31 8e 97 ee ca f5 2b 8b ed a9 a0 | b4 7e e2 09 67 e8 66 4d df b3 a3 30 be 3b a1 0b | 4f 0f 31 80 93 cd c9 17 4e 11 1e 7d a1 98 e2 66 | 92 79 fc 61 9b d6 84 77 3b 17 88 6b 08 7a 6f bd | 5f 57 ab 42 6c 08 5a 7b 30 fe ca 0c c4 e2 27 66 | b6 b7 83 89 79 02 99 55 23 4b 85 33 70 1f fe 06 | 50 c6 45 b8 ff 7a 13 d8 71 32 43 6f 67 5a 41 d7 | 17 45 84 dc 75 e2 a3 b5 da 8e 32 74 dd 9f cc 89 | 1b 33 74 15 99 c5 68 15 6f b0 2c 56 fe 7e 62 fa | f0 7b 5a 36 17 ff f7 93 51 99 c9 f4 7b 98 df 68 | b5 b8 bf 9c 33 a2 04 26 12 5f d9 99 5b 2d 81 5c | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | c9 91 91 14 7f bd 3f d5 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | f8 0e 07 98 5a 78 ed f7 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4efa6a418 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | ef 6b 91 00 2e 34 cd 84 30 41 dd ab 84 b5 a2 a3 | 90 78 57 d5 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #11: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78188 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2568 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f2330002098 size 128 | pstats #11 ikev1.isakmp established "aes128" #11: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #11 | creating state object #12 at 0x55a4efa7b648 | State DB: adding IKEv1 state #12 in UNDEFINED | pstats #12 ikev1.ipsec started | duplicating state object #11 "aes128" as #12 for IPSEC SA | #12 setting local endpoint to 192.1.2.45:500 from #11.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa65820 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #11 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #12 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #12: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #12: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#11 msgid:5c9567a0 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 13 for state #12 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x55a4efa7a898 size 128 | stop processing: state #12 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 5 resuming | crypto helper 5 starting work-order 13 for state #12 | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 13 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2324006b98: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2324006b98 | NSS: Public DH wire value: | fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | Generated nonce: 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | Generated nonce: 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 13 time elapsed 0.000834 seconds | (#12) spent 0.835 milliseconds in crypto helper computing work-order 13: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 13 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f2324003ad8 size 128 | crypto helper 5 waiting (nothing to do) | resume processing: state #11 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa768c8} | close_any(fd@24) (in release_whack() at state.c:654) | #11 spent 0.4 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.544 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 13 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #12: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x2e761ef9 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 2e 76 1e f9 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | Ni 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2324006b98: transferring ownership from helper KE to state #12 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | keyex value 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | keyex value 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | keyex value 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | keyex value fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | keyex value 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | keyex value ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | keyex value 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | keyex value 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | keyex value 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | keyex value 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | keyex value 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | keyex value fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | keyex value 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | keyex value 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | keyex value 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa83168 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 2e 76 1e f9 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 2d e2 ee 3a | b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 71 87 b0 52 | 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de 05 00 01 04 | fa 6c 73 64 2d dd 6d 77 66 64 85 10 bf fb be f3 | 8d 0c 0d 4c ac c7 97 4a a5 8c f6 58 b7 6e 2d d2 | 19 15 1d 02 53 dc 2e 83 6f ca 7a 12 e7 2c a7 60 | 72 e2 e1 4b 25 41 fd fe 93 e9 0b 93 25 09 b9 fb | fd 57 76 8b 88 27 cb 8e 20 af e5 8d 76 ed f1 5d | 80 b9 a8 96 ae 03 70 c6 25 40 82 99 c8 02 93 93 | ef 89 b1 a4 71 63 19 78 b6 20 56 49 b9 14 76 e7 | 3c a9 6c e5 e0 0a 54 37 c1 27 7b 06 80 d2 25 b7 | 7c 89 f2 fb 19 0d f8 e7 e3 15 8b 89 a8 f4 c1 2d | 8c e3 76 12 e4 06 4c 37 13 d0 c0 76 ce 35 8d 90 | 09 7e b4 d9 a3 de f1 df be 2d 8d e0 29 95 29 4f | 7c 7b 1c 26 b8 d7 18 dc c7 33 ae 65 25 e3 5a fd | fb 57 7a 88 c3 83 5b d2 21 93 f4 a0 ba 36 28 f2 | 6a 3a 23 66 b3 45 0b 1e 85 85 26 db 06 03 42 8d | 3d 21 d0 84 5b 69 27 8c 6d 85 2b 92 54 f8 9c 24 | 5e 96 99 03 b1 9a 94 6d 4b c9 99 ad bf f4 ef 5e | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 b3 17 78 5f | 60 3b 83 57 | outI1 HASH(1): | d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 b3 17 78 5f | 60 3b 83 57 | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 5c 95 67 a0 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 59 65 9f 74 d6 1a 15 eb 67 75 2f 57 cc 9c 02 2b | 3b b9 4b af | encrypting: 01 00 00 18 d4 e3 f6 be 89 53 bc 18 7e b7 3a 33 | encrypting: b3 17 78 5f 60 3b 83 57 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 2e 76 1e f9 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 | encrypting: f9 a3 51 f7 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 | encrypting: 0d 7f c3 de 05 00 01 04 fa 6c 73 64 2d dd 6d 77 | encrypting: 66 64 85 10 bf fb be f3 8d 0c 0d 4c ac c7 97 4a | encrypting: a5 8c f6 58 b7 6e 2d d2 19 15 1d 02 53 dc 2e 83 | encrypting: 6f ca 7a 12 e7 2c a7 60 72 e2 e1 4b 25 41 fd fe | encrypting: 93 e9 0b 93 25 09 b9 fb fd 57 76 8b 88 27 cb 8e | encrypting: 20 af e5 8d 76 ed f1 5d 80 b9 a8 96 ae 03 70 c6 | encrypting: 25 40 82 99 c8 02 93 93 ef 89 b1 a4 71 63 19 78 | encrypting: b6 20 56 49 b9 14 76 e7 3c a9 6c e5 e0 0a 54 37 | encrypting: c1 27 7b 06 80 d2 25 b7 7c 89 f2 fb 19 0d f8 e7 | encrypting: e3 15 8b 89 a8 f4 c1 2d 8c e3 76 12 e4 06 4c 37 | encrypting: 13 d0 c0 76 ce 35 8d 90 09 7e b4 d9 a3 de f1 df | encrypting: be 2d 8d e0 29 95 29 4f 7c 7b 1c 26 b8 d7 18 dc | encrypting: c7 33 ae 65 25 e3 5a fd fb 57 7a 88 c3 83 5b d2 | encrypting: 21 93 f4 a0 ba 36 28 f2 6a 3a 23 66 b3 45 0b 1e | encrypting: 85 85 26 db 06 03 42 8d 3d 21 d0 84 5b 69 27 8c | encrypting: 6d 85 2b 92 54 f8 9c 24 5e 96 99 03 b1 9a 94 6d | encrypting: 4b c9 99 ad bf f4 ef 5e 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 59 65 9f 74 d6 1a 15 eb 67 75 2f 57 cc 9c 02 2b | IV: 3b b9 4b af | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a2 bc c9 8f e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 25 b8 03 25 | 14 97 86 5b 1d 86 d0 d1 0e 6b 3a cd b6 4f 20 a8 | 7f ab f7 56 ed 72 a4 8a 4b 4f c9 b2 a8 b3 26 90 | 35 e6 91 9e a9 28 7f 7e fc 7a 3b c0 a0 51 ff 88 | 22 d2 fd b2 d3 c2 60 7f 55 6e c6 1a 98 47 02 8c | fa 43 e3 e5 47 7e d1 56 6d f4 72 3a c6 34 8b 33 | 5d 96 72 9d bc 95 55 ba df 0f 2c 5b c8 30 a6 3d | 42 15 45 54 24 87 16 95 0c d2 f4 30 af 18 2b 00 | cc 85 b7 ae 95 10 a8 7e 20 a7 2f 72 34 10 d9 7f | 62 b8 1e 1a 7c 1d 22 c0 7e 21 b7 17 89 db c9 9f | 04 f9 36 db 96 03 21 10 3b 1b 5b ae 21 39 1a 5f | 6f cf e3 b8 2e 11 d2 2a 2e 59 1f 8b c8 06 88 64 | ca 81 8a a2 68 d2 ba c2 0f b1 7a 35 d5 dd 45 b5 | 23 e1 2c f3 ab 35 d1 8d c9 6f a6 5d a4 d6 6b 2f | ad 84 ba 96 97 e0 3e a1 2e b9 a3 31 b7 b3 05 24 | 81 14 c8 9c 94 29 3b dc d2 c7 50 f6 37 74 56 57 | 09 d4 da a0 97 e5 a2 65 52 42 4b 37 17 74 82 e2 | 35 8c 1c 2a 7c 1e f8 67 d8 61 12 42 60 af 75 8d | d6 6d 05 0d c8 4b 9f ec 17 e9 06 dd 89 56 9a f1 | 38 dd b6 58 03 c5 22 15 f9 a7 bd 2b 7c 90 f6 d0 | a3 94 1b 8a 4c 81 aa 23 9f 1b d8 c4 0c 44 fa cd | e4 6e e2 22 65 eb 44 59 8e 94 55 dc b5 9a 59 63 | 69 a5 6f e4 f8 6c 85 72 d6 4e 1e e5 a0 9c 3d 18 | a9 48 f5 88 fa 13 ac 13 37 74 30 a9 01 3c 13 9c | b5 10 9c da a2 0d 3a bb 0f d0 10 4e c5 eb 28 b8 | 7c c1 c3 ea 2f cd 96 1c 9c ec 01 c6 a2 bc c9 8f | e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa7a898 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #12 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | #12 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29299.878211 | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 0.915 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2324003ad8 | spent 0.0034 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 2a 30 3c 3d | ca e1 3f e9 b7 ec 72 63 c4 24 db 7b c9 59 c4 4c | 33 11 5b b6 2f 74 87 90 23 ab 9d 6d ab 2f 18 b7 | 1a f2 51 19 1d 42 5d 14 02 8b 7c 3a b7 9c 44 b2 | 9c bd 60 7b da 20 47 1e f0 89 b0 d3 e8 29 81 59 | 10 7d 61 d3 16 01 d6 e7 3d 28 b4 44 12 06 ac 5f | 5a fb 6f 90 60 a6 d9 92 04 f9 1a 88 c4 a1 d3 03 | 87 72 94 d0 4c 0e fe d8 b3 00 ee 47 df d4 76 81 | 73 1b ee 7f fd 00 87 25 24 bd d7 bc d2 df b9 f7 | b0 0e a9 92 6c 25 a8 21 09 14 9f 0a 90 69 7a 9a | 14 86 22 6b 4f 41 15 4b 31 33 b9 2f 2f 76 4a be | ee fd 6a 06 ea 68 09 87 a4 1f a6 9a 4d 14 39 f4 | e4 0a 81 ec 2e e0 fb 35 57 5c dc c6 c8 3e 75 b1 | c3 2a 76 a9 ec 87 a5 6e 3a 24 7a 7f c8 24 67 2e | 6a f1 06 a6 ae af 59 9d 61 9d 97 91 92 bd 35 17 | 13 20 c3 75 5f 38 61 16 e0 7e f3 cb b5 23 b1 ba | ee 55 4b e0 1b 39 11 4f f1 a1 bc 55 93 22 23 12 | 14 4a 4b ab 89 ee 6c d7 ae 51 f0 86 49 08 29 ae | 57 28 b9 69 b0 a9 05 7f 1e 71 0a 2c fb f6 ba 8c | 8d 6f 88 1f 19 8c 07 88 77 eb c3 f5 6f c5 d9 19 | 44 5c f2 f1 3a 74 46 f2 28 46 76 70 3e 8d 17 c8 | 44 0d fb 68 84 29 72 07 63 99 c0 bb 3d fa 24 34 | 31 3b 08 dd 09 bb 52 2b 40 54 cf 3a 37 a8 68 c8 | 18 94 15 57 84 4c cd ac 91 1b 3f 8d 1e 77 39 ea | 70 34 7a 63 b4 22 d8 10 5a bc 47 f6 01 d1 50 dc | 4e 3e 16 74 0e f9 e6 af 38 23 4e d4 e7 f2 41 c5 | 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #12 in QUICK_I1 (find_state_ikev1) | start processing: state #12 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #12 is idle | #12 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: a2 bc c9 8f e9 dc b5 01 cf 30 76 6a 9f 92 ce c7 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: e7 f2 41 c5 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | decrypted payload (starts at offset -416): | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 01 bc 01 00 00 18 | 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 15 f9 3a cd | e8 9a 76 a7 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 ea 05 ea 29 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | 05 00 01 04 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b | 5d 04 a6 ed fe 62 75 27 3e 7d ed 47 26 99 51 b8 | 19 8e cb fd 25 99 a7 03 37 5c 29 fe 57 45 ce 4d | 69 36 24 d2 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 | 59 90 28 57 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 | e5 8b fd 25 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f | fe 4c e7 bd 7d 31 ea e4 db eb bc 5b 71 13 bc 69 | 75 a8 4b a7 c8 13 ed d4 55 b1 20 80 88 c5 40 30 | 54 9f 18 f7 02 6b 08 3f ec 44 09 1d 72 47 5d 55 | 67 26 94 68 6d 97 95 be f2 c7 a2 c9 57 17 66 95 | 81 21 da 35 a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 | 22 30 ae cb 1a 50 5e d5 07 57 06 86 db d7 59 04 | 31 f6 34 f3 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be | dd 36 19 c0 c2 93 72 39 c7 5b 71 56 7a b9 1f 74 | 62 fe d1 70 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd | c4 62 b2 31 86 25 0c da 45 83 78 06 e8 b6 69 15 | a9 73 6d b9 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa83168 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | HASH(1) PRF sha update payload-bytes@0x55a4efa7d78c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 ea 05 ea 29 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 3b af 52 b0 | 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f 48 b6 e7 6a | 81 54 0f 9b 67 09 52 d5 90 58 21 c7 05 00 01 04 | 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 15 f9 3a cd | e8 9a 76 a7 | quick_inR1_outI2 HASH(2): | 7a d2 4e 3a 21 06 60 55 ce 31 fa b7 15 f9 3a cd | e8 9a 76 a7 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI ea 05 ea 29 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f2324006b98: transferring ownership from state #12 to helper IKEv1 DH | adding quick outI2 DH work-order 14 for state #12 | state #12 requesting EVENT_RETRANSMIT to be deleted | #12 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f2324003ad8 size 128 | crypto helper 6 resuming | crypto helper 6 starting work-order 14 for state #12 | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 | peer's g: 3e 1d 03 0f 28 1c 91 d3 75 6e fe 8b 5d 04 a6 ed | peer's g: fe 62 75 27 3e 7d ed 47 26 99 51 b8 19 8e cb fd | peer's g: 25 99 a7 03 37 5c 29 fe 57 45 ce 4d 69 36 24 d2 | peer's g: 6b bf 03 f1 77 ff 5d e4 b5 2f a7 47 59 90 28 57 | peer's g: 7b 90 ea ff 3d f2 0b c1 32 2c 92 47 e5 8b fd 25 | peer's g: 74 98 65 cf 2d 31 1b ed 89 b7 aa 1f fe 4c e7 bd | peer's g: 7d 31 ea e4 db eb bc 5b 71 13 bc 69 75 a8 4b a7 | peer's g: c8 13 ed d4 55 b1 20 80 88 c5 40 30 54 9f 18 f7 | peer's g: 02 6b 08 3f ec 44 09 1d 72 47 5d 55 67 26 94 68 | peer's g: 6d 97 95 be f2 c7 a2 c9 57 17 66 95 81 21 da 35 | peer's g: a8 cb dc 3b ab 3b 83 90 e8 c8 44 15 22 30 ae cb | peer's g: 1a 50 5e d5 07 57 06 86 db d7 59 04 31 f6 34 f3 | peer's g: 4c 8d 53 15 0b 70 05 c8 b5 e5 b1 be dd 36 19 c0 | peer's g: c2 93 72 39 c7 5b 71 56 7a b9 1f 74 62 fe d1 70 | peer's g: 18 f9 7d bd e9 e7 8d 55 2e 1b 9e cd c4 62 b2 31 | peer's g: 86 25 0c da 45 83 78 06 e8 b6 69 15 a9 73 6d b9 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f2324006b98: computed shared DH secret key@0x55a4efa76810 | dh-shared : g^ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 time elapsed 0.000837 seconds | (#12) spent 0.84 milliseconds in crypto helper computing work-order 14: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 14 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f23280027d8 size 128 | crypto helper 6 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #12 and saving MD | #12 is busy; has a suspended MD | #12 spent 0.186 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #12 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.579 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 14 | calling continuation function 0x55a4ef163b50 | quick_inR1_outI2_continue for #12: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1553295264 (0x5c9567a0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f2324006b98: transferring ownership from helper IKEv1 DH to state #12 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ead8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x7f2330001598 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39ebbc (length 4) | 5c 95 67 a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | HASH(1) PRF sha update Nr_b-bytes@0x55a4efa78368 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e e8 ea 17 b7 | 21 2f 1a 35 | quick_inR1_outI2 HASH(3): | 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e e8 ea 17 b7 | 21 2f 1a 35 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x55a4efa83168 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa77de8 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6d 0b fc 0a c9 18 40 e6 23 4b 04 9c 4c ee f3 7b 79 be 86 fe ad 97 73 1e 2d c2 57 12 ad b1 bf 85 1c 86 ea 4a 06 f0 93 f2 c0 c6 a8 f0 16 93 1c a0 a8 73 0c 60 1c df 3e 89 53 2f 99 9d d1 3a 6a da 5c 79 46 35 6e 39 b3 b2 41 79 f4 14 a2 fc 65 e1 d1 7f 54 b9 0d e7 18 b4 44 5c 1f 6b f8 0b 55 43 a3 99 0d a9 1a 01 92 35 83 1a 81 f7 30 bb 24 84 95 23 c6 a2 ab 21 33 14 c6 3c 14 88 55 13 7b a9 0e c8 72 49 89 80 c1 f1 5d cb 6b 7d ee 30 d0 9e 83 0c 7c 71 e2 90 b4 b8 25 8c 02 cb 5b 09 21 32 f2 b5 25 2e 98 e8 0a 53 fc ba 98 d6 90 79 c8 85 1d 96 fe 8e 54 aa 08 f2 95 85 eb 42 a0 f1 15 ef 60 e6 63 ef f5 80 80 5a 24 78 71 ea 56 ea 2a fb 39 84 5b 83 e3 73 55 10 b9 e5 f3 4b 20 63 51 16 bc d4 f2 d1 52 fe f2 6c ec f3 7c b0 fd 79 c9 f4 69 2e d3 87 c2 5d a0 a6 4e cf 8a 5a 13 30 4c e6 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6d 0b fc 0a c9 18 40 e6 23 4b 04 9c 4c ee f3 7b 79 be 86 fe ad 97 73 1e 2d c2 57 12 ad b1 bf 85 1c 86 ea 4a 06 f0 93 f2 c0 c6 a8 f0 16 93 1c a0 a8 73 0c 60 1c df 3e 89 53 2f 99 9d d1 3a 6a da 5c 79 46 35 6e 39 b3 b2 41 79 f4 14 a2 fc 65 e1 d1 7f 54 b9 0d e7 18 b4 44 5c 1f 6b f8 0b 55 43 a3 99 0d a9 1a 01 92 35 83 1a 81 f7 30 bb 24 84 95 23 c6 a2 ab 21 33 14 c6 3c 14 88 55 13 7b a9 0e c8 72 49 89 80 c1 f1 5d cb 6b 7d ee 30 d0 9e 83 0c 7c 71 e2 90 b4 b8 25 8c 02 cb 5b 09 21 32 f2 b5 25 2e 98 e8 0a 53 fc ba 98 d6 90 79 c8 85 1d 96 fe 8e 54 aa 08 f2 95 85 eb 42 a0 f1 15 ef 60 e6 63 ef f5 80 80 5a 24 78 71 ea 56 ea 2a fb 39 84 5b 83 e3 73 55 10 b9 e5 f3 4b 20 63 51 16 bc d4 f2 d1 52 fe f2 6c ec f3 7c b0 fd 79 c9 f4 69 2e d3 87 c2 5d a0 a6 4e cf 8a 5a 13 30 4c e6 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 2e 76 1e f9 | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | ea 05 ea 29 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x55a4efa78368 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha update data-bytes@0x55a4efa78368 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha final-bytes@0x7f232c006af8 (length 20) | 6a e9 42 21 49 06 0a 2d d3 18 46 57 4e 7f ee 9d | da 6d 67 ed | hmac PRF sha final-bytes@0x55a4efa5ef28 (length 20) | cd ad a7 c8 1f 92 ba f3 bb 25 2f 28 c2 77 7a 5e | 42 3b 94 04 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa78188 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x7f2330001598 | hmac PRF sha update data-bytes@0x7f232c006af8 (length 20) | 6a e9 42 21 49 06 0a 2d d3 18 46 57 4e 7f ee 9d | da 6d 67 ed | hmac PRF sha update data-bytes@0x55a4efa5ef28 (length 20) | cd ad a7 c8 1f 92 ba f3 bb 25 2f 28 c2 77 7a 5e | 42 3b 94 04 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6d 0b fc 0a c9 18 40 e6 23 4b 04 9c 4c ee f3 7b 79 be 86 fe ad 97 73 1e 2d c2 57 12 ad b1 bf 85 1c 86 ea 4a 06 f0 93 f2 c0 c6 a8 f0 16 93 1c a0 a8 73 0c 60 1c df 3e 89 53 2f 99 9d d1 3a 6a da 5c 79 46 35 6e 39 b3 b2 41 79 f4 14 a2 fc 65 e1 d1 7f 54 b9 0d e7 18 b4 44 5c 1f 6b f8 0b 55 43 a3 99 0d a9 1a 01 92 35 83 1a 81 f7 30 bb 24 84 95 23 c6 a2 ab 21 33 14 c6 3c 14 88 55 13 7b a9 0e c8 72 49 89 80 c1 f1 5d cb 6b 7d ee 30 d0 9e 83 0c 7c 71 e2 90 b4 b8 25 8c 02 cb 5b 09 21 32 f2 b5 25 2e 98 e8 0a 53 fc ba 98 d6 90 79 c8 85 1d 96 fe 8e 54 aa 08 f2 95 85 eb 42 a0 f1 15 ef 60 e6 63 ef f5 80 80 5a 24 78 71 ea 56 ea 2a fb 39 84 5b 83 e3 73 55 10 b9 e5 f3 4b 20 63 51 16 bc d4 f2 d1 52 fe f2 6c ec f3 7c b0 fd 79 c9 f4 69 2e d3 87 c2 5d a0 a6 4e cf 8a 5a 13 30 4c e6 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6d 0b fc 0a c9 18 40 e6 23 4b 04 9c 4c ee f3 7b 79 be 86 fe ad 97 73 1e 2d c2 57 12 ad b1 bf 85 1c 86 ea 4a 06 f0 93 f2 c0 c6 a8 f0 16 93 1c a0 a8 73 0c 60 1c df 3e 89 53 2f 99 9d d1 3a 6a da 5c 79 46 35 6e 39 b3 b2 41 79 f4 14 a2 fc 65 e1 d1 7f 54 b9 0d e7 18 b4 44 5c 1f 6b f8 0b 55 43 a3 99 0d a9 1a 01 92 35 83 1a 81 f7 30 bb 24 84 95 23 c6 a2 ab 21 33 14 c6 3c 14 88 55 13 7b a9 0e c8 72 49 89 80 c1 f1 5d cb 6b 7d ee 30 d0 9e 83 0c 7c 71 e2 90 b4 b8 25 8c 02 cb 5b 09 21 32 f2 b5 25 2e 98 e8 0a 53 fc ba 98 d6 90 79 c8 85 1d 96 fe 8e 54 aa 08 f2 95 85 eb 42 a0 f1 15 ef 60 e6 63 ef f5 80 80 5a 24 78 71 ea 56 ea 2a fb 39 84 5b 83 e3 73 55 10 b9 e5 f3 4b 20 63 51 16 bc d4 f2 d1 52 fe f2 6c ec f3 7c b0 fd 79 c9 f4 69 2e d3 87 c2 5d a0 a6 4e cf 8a 5a 13 30 4c e6 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: b7 e5 13 75 65 f9 38 e4 c1 8c fb 6c a7 9b 57 0a | unwrapped: a9 b7 b3 b6 61 bb 6b 2f f5 1f e7 5b 93 79 4c 4b | unwrapped: c5 a9 47 28 e5 2d cc 85 65 3f 7f cf c9 8f 21 f4 | unwrapped: 1e ef 1b 41 88 dd c8 01 4d d3 e1 26 c8 b3 e2 e0 | unwrapped: fc d7 5f c8 60 0d f7 6a 4b 6d fc af b6 c3 c5 6f | unwrapped: 31 fa 13 b1 39 01 25 4c ac b6 67 4d 0a 43 90 ce | unwrapped: d4 d3 e9 a6 4b 53 f3 20 7a 8f e3 ee 5a 44 95 2a | unwrapped: 9f 73 d7 85 c6 f5 06 9e 09 a1 ff 6d 18 72 f5 5a | unwrapped: 24 d6 03 f4 31 fa 3a d0 3c ef 73 9f ca d2 12 b6 | unwrapped: 23 47 36 73 fe 49 2f 76 99 fd e3 0f b6 55 ab c5 | unwrapped: 61 54 54 60 d8 1d 01 1b 84 4e 46 10 de b4 ca c6 | unwrapped: 97 a7 26 b5 a0 09 49 ad fa 79 ca 19 26 58 b4 20 | unwrapped: 40 48 b6 d9 ca 6d 40 72 99 f6 61 3f 91 72 81 da | unwrapped: 9a 73 12 03 3f 14 34 b9 98 a1 4a 8e b5 25 7b d4 | unwrapped: bf 18 5e 88 bc 6b 0d 22 62 e0 4a 52 23 a3 51 92 | unwrapped: 4a a1 0c 94 38 ab ec b3 28 c7 5d 90 c1 5a 82 ee | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 2e 76 1e f9 | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | ea 05 ea 29 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 2d e2 ee 3a b3 23 fd e8 a7 25 a6 b4 f9 a3 51 f7 | 71 87 b0 52 3b 0e 8b ca c2 74 cd 48 0d 7f c3 de | hmac PRF sha update data-bytes@0x55a4efa78368 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha update data-bytes@0x55a4efa78368 (length 32) | 3b af 52 b0 04 9f 88 48 3c 74 18 1a 40 ff 7a 9f | 48 b6 e7 6a 81 54 0f 9b 67 09 52 d5 90 58 21 c7 | hmac PRF sha final-bytes@0x7f232c006b0c (length 20) | 27 64 70 c9 b6 c8 59 88 d1 0d 45 c9 bc b4 ed c2 | d3 50 c7 85 | hmac PRF sha final-bytes@0x55a4efa5ef3c (length 20) | 76 b7 5d f6 d8 43 f9 a7 d7 4f 0c ca 62 c9 d0 63 | 5b 91 3a 45 | install_ipsec_sa() for #12: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.ea05ea29@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2e761ef9@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #12: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #12 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xea05ea29 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0xea05ea29 SPI_OUT=0x2e761ef9 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xea05ea2 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0xea05ea29 SPI_OUT=0x2e761ef9 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xea05ea29 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xea05ea29 SPI_OUT=0x2e761ef9 ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x55a4efa77778,sr=0x55a4efa77778} to #12 (was #0) (newest_ipsec_sa=#0) | #11 spent 1.84 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 47 e5 3c 86 a0 72 e1 cb 5b 3c 6f 9e | encrypting: e8 ea 17 b7 21 2f 1a 35 | IV: e7 f2 41 c5 1f 6d c4 03 6e 6f ee c0 11 fb 70 c1 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: bf b0 f3 91 bc 3b fa c5 43 a3 7d 80 d4 f2 4c 28 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #12 (was #0) (spd.eroute=#12) cloned from #11 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #12 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #12: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2324003ad8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 20 01 5c 95 67 a0 00 00 00 3c 7d 79 20 52 | 99 b3 ea fb e0 17 92 f8 97 2c 1b 61 bf b0 f3 91 | bc 3b fa c5 43 a3 7d 80 d4 f2 4c 28 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f2328002b78 | inserting event EVENT_SA_REPLACE, timeout in 28154 seconds for #12 | libevent_malloc: new ptr-libevent@0x55a4efa7a898 size 128 | pstats #12 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #12: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xea05ea29 <0x2e761ef9 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 2.95 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f23280027d8 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00465 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00283 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00256 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.2e761ef9@192.1.2.45 | get_sa_info esp.ea05ea29@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0785 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #12 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #12 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #12 ikev1.ipsec deleted completed | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #12: deleting state (STATE_QUICK_I2) aged 0.094s and sending notification | child state #12: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.ea05ea29@192.1.2.23 | get_sa_info esp.2e761ef9@192.1.2.45 "aes128" #12: ESP traffic information: in=84B out=84B | #12 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2466505569 (0x9303e361) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 2e 76 1e f9 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x55a4efa83168 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 93 03 e3 61 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 2e 76 1e f9 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 81 ec c8 4f | 76 42 0c 1e | send delete HASH(1): | 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 81 ec c8 4f | 76 42 0c 1e | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 93 03 e3 61 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 78 47 85 71 29 f0 7d d9 0a 31 e9 5e 4e 59 74 88 | 49 08 e5 86 | encrypting: 0c 00 00 18 1e 00 ed b9 5d 86 ac 09 01 01 f7 47 | encrypting: 81 ec c8 4f 76 42 0c 1e 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 2e 76 1e f9 | IV: 78 47 85 71 29 f0 7d d9 0a 31 e9 5e 4e 59 74 88 | IV: 49 08 e5 86 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: cd 75 ed b3 40 4c a7 fa 17 56 15 12 e6 f5 b7 21 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 93 03 e3 61 00 00 00 4c 56 44 a6 12 | 90 b0 99 89 bc 81 3b c2 b3 a1 b7 38 bb 92 fc a0 | af f7 4c 41 c6 76 8b 8d fc 29 94 59 cd 75 ed b3 | 40 4c a7 fa 17 56 15 12 e6 f5 b7 21 | state #12 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x55a4efa7a898 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f2328002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844014' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xea05ea2 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844014' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0xea05ea29 SPI_OUT=0x2e761ef9 ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.ea05ea29@192.1.2.23 | netlink response for Del SA esp.ea05ea29@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.2e761ef9@192.1.2.45 | netlink response for Del SA esp.2e761ef9@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #12 in QUICK_I2 | child state #12: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f2324006b98: destroyed | stop processing: state #12 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa76810 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #11 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #11 ikev1.isakmp deleted completed | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #11: deleting state (STATE_MAIN_I4) aged 0.114s and sending notification | parent state #11: MAIN_I4(established IKE SA) => delete | #11 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3788719046 (0xe1d343c6) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI f8 0e 07 98 5a 78 ed f7 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI c9 91 91 14 7f bd 3f d5 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2324003f88 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | e1 d3 43 c6 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 f8 0e 07 98 | 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 72 af a8 3f ae 84 fa a0 83 a4 45 8a 9a dd e8 45 | 8a d8 bf d0 | send delete HASH(1): | 72 af a8 3f ae 84 fa a0 83 a4 45 8a 9a dd e8 45 | 8a d8 bf d0 | last Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | current Phase 1 IV: 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 6a 4a 17 c7 0a 78 29 2a 87 41 5e 05 63 ef c4 0c | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | e1 d3 43 c6 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | d0 55 a5 46 b4 e3 f6 be a1 2c ea ea e3 da 32 5b | 7d d7 49 25 | encrypting: 0c 00 00 18 72 af a8 3f ae 84 fa a0 83 a4 45 8a | encrypting: 9a dd e8 45 8a d8 bf d0 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 f8 0e 07 98 5a 78 ed f7 c9 91 91 14 | encrypting: 7f bd 3f d5 | IV: d0 55 a5 46 b4 e3 f6 be a1 2c ea ea e3 da 32 5b | IV: 7d d7 49 25 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 40 29 ad 3f 68 69 ec 4e 72 4c 9e f1 10 66 b3 6d | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 e1 d3 43 c6 00 00 00 5c 7c 88 a9 05 | b5 a2 09 8c a9 da ba 3c 71 88 aa b8 62 30 f2 1e | 4b 61 f5 9f 8b 2d 6c dd 56 81 f8 26 0e 41 3b ec | 31 47 cf f8 b7 6f 82 4f 9c 4b d3 1a 40 29 ad 3f | 68 69 ec 4e 72 4c 9e f1 10 66 b3 6d | state #11 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2330002098 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #11 in MAIN_I4 | parent state #11: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f232c001158: destroyed | stop processing: state #11 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa5c790 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.9 milliseconds in whack | spent 0.00191 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 c2 29 a2 65 00 00 00 4c f0 ba 8f 7e | f0 29 ff 46 15 8e c0 e3 e6 f8 14 1e 7e 6a 5d eb | af 7d 85 60 f1 22 04 aa 30 94 9e 71 33 87 e7 11 | a8 53 1b 1e 22 fc dd de 04 3c 65 52 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3257508453 (0xc229a265) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xc229a265 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f8 0e 07 98 5a 78 ed f7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | c9 91 91 14 7f bd 3f d5 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0744 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00375 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00256 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f8 0e 07 98 5a 78 ed f7 c9 91 91 14 7f bd 3f d5 | 08 10 05 01 50 1b 5f 78 00 00 00 5c 2f 27 96 d3 | 64 f4 cc 3c 52 2e e2 ae b9 c9 c1 e1 9c e4 df fa | d4 9a 6f b4 76 29 c8 44 47 01 5a f6 21 d5 62 ed | 70 2b 39 18 76 91 c1 f7 ce fd 30 ae 3f 48 0d f1 | a4 76 dd 30 9c f7 6c f8 4e 92 10 b6 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f8 0e 07 98 5a 78 ed f7 | responder cookie: | c9 91 91 14 7f bd 3f d5 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1343971192 (0x501b5f78) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x501b5f78 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f8 0e 07 98 5a 78 ed f7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | c9 91 91 14 7f bd 3f d5 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0563 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.08 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00467 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0585 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0492 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0507 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.158 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #13 at 0x55a4efa78798 | State DB: adding IKEv1 state #13 in UNDEFINED | pstats #13 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #13 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #13: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #13 "aes128" "aes128" #13: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa83398 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f23280027d8 size 128 | #13 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29300.394808 | #13 spent 0.44 milliseconds in main_outI1() | stop processing: state #13 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.497 milliseconds in whack | spent 0.00186 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #13 in MAIN_I1 (find_state_ikev1_init) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 15 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f23280027d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f23280027d8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | #13 spent 0.144 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.271 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 15 for state #13 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 15 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f233c002168: created | NSS: Local DH MODP2048 secret (pointer): 0x7f233c002168 | NSS: Public DH wire value: | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | Generated nonce: 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 b8 d5 27 f9 | Generated nonce: b7 f6 49 9e cb 35 db 71 44 ea 83 14 9a 16 b4 08 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 15 time elapsed 0.001081 seconds | (#13) spent 1.05 milliseconds in crypto helper computing work-order 15: outI2 KE (pcr) | crypto helper 0 sending results from work-order 15 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f233c0048c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 15 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #13: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f233c002168: transferring ownership from helper KE to state #13 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | keyex value 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | keyex value 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | keyex value de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | keyex value 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | keyex value 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | keyex value 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | keyex value 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | keyex value f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | keyex value 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | keyex value 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | keyex value f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | keyex value a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | keyex value 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | keyex value 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | keyex value 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 b8 d5 27 f9 | Ni b7 f6 49 9e cb 35 db 71 44 ea 83 14 9a 16 b4 08 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | natd_hash: hash= ae b7 b7 02 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | NAT-D ae b7 b7 02 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | natd_hash: hash= a8 28 40 d1 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | NAT-D a8 28 40 d1 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #13 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #13: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f23280027d8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | 14 00 00 24 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 | b8 d5 27 f9 b7 f6 49 9e cb 35 db 71 44 ea 83 14 | 9a 16 b4 08 14 00 00 18 3c 9a ed 4d a6 2c e1 ba | 76 9a c4 8a 47 50 6d f4 ae b7 b7 02 00 00 00 18 | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | #13 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29300.397186 "aes128" #13: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.342 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f233c0048c8 | spent 0.00227 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | 14 00 00 24 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 | 76 4d 58 a6 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 | 4d 08 d1 78 14 00 00 18 e6 bc e2 ab 1b 53 a9 49 | fc 05 49 77 fd 47 fd b2 a8 28 40 d1 00 00 00 18 | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I2 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f233c002168: transferring ownership from state #13 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 16 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f233c0048c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | #13 spent 0.0963 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.253 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 16 for state #13 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 | peer's g: 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | peer's g: ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | peer's g: 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | peer's g: 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | peer's g: 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | peer's g: 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | peer's g: af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | peer's g: bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | peer's g: eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | peer's g: ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | peer's g: 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | peer's g: 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | peer's g: 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | peer's g: 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | peer's g: a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | peer's g: d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f233c002168: computed shared DH secret key@0x55a4efa65820 | dh-shared : g^ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: psk-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: psk-key@0x55a4efa63dc0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa62310 | SKEYID psk prf: created sha context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk prf: begin sha with context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk: release clone-key@0x55a4efa63dc0 | SKEYID psk PRF sha crypt-prf@0x7f2334001108 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | 81 28 b4 2a 19 bb 6f d0 ed f9 1e 92 b8 d5 27 f9 | b7 f6 49 9e cb 35 db 71 44 ea 83 14 9a 16 b4 08 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 5c 2e 9a 77 7d 73 0e 6e 58 09 b0 44 76 4d 58 a6 | 7f d3 5a c0 5c a2 b9 24 c2 e1 37 99 4d 08 d1 78 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID psk PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID psk: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e718 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d: release clone-key@0x55a4efa62310 | SKEYID_d PRF sha crypt-prf@0x7f23340010b8 | SKEYID_d PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_d: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: e5 0f e8 16 f8 62 74 fc 39 5e 94 fc 04 eb a9 dc a3 cd 5e 1f 2c 29 e4 79 84 ed 44 0d 12 86 af f8 1d 69 81 34 35 c2 15 40 a2 8c 65 7f 45 cc 38 e8 28 fe da 68 dc 03 e6 ef dc f9 82 da 0a af f4 1b e4 09 0e 22 2d 29 71 64 04 85 a0 09 b3 4f eb 19 db 48 b7 09 34 3f ca cc 01 3e 1d 32 97 44 9b 35 cd 4c 20 bf 1e 08 64 12 ec ea 4b 99 1b a8 8f 5f a9 2e 19 ad 11 9d f8 cd 18 77 8d 54 4e 88 58 98 f9 d3 fe d4 0d e4 cf bd 08 f5 d1 f7 ea 2c 80 9b 58 7c 19 60 11 c5 88 46 94 f4 56 ac 31 4d ba 8d 79 ed bd e9 2a 98 12 ee dd 50 3c b6 be 73 7c db df f2 27 0d 00 13 10 60 c2 3b 2f 4f 07 a5 67 be 09 5d dd 45 fd aa d9 88 51 d5 c4 01 42 f5 3d 08 61 19 e1 ae 42 ec 00 34 be 7e 0b af 7d 96 d9 4a 92 ad 75 1a 5c cc fb fe ed 65 c7 2c 3e 83 f8 b6 97 77 f8 a1 7d 20 0b 4d 7b 39 78 77 69 d9 1d dd | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID_d PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_d: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a: release clone-key@0x55a4efa5af10 | SKEYID_a PRF sha crypt-prf@0x7f2334001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa62310 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: e3 cc 3f 9a 2a e3 68 a6 e8 f1 18 5c 0e 26 1f 74 ef de 37 39 2f 34 87 d2 b9 d3 75 4a ab 61 4e 7f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2334008c38 | unwrapped: e7 3d 90 ba c7 9a ba e2 e7 e3 ca 04 0c 4c 48 f6 | unwrapped: 51 06 06 e5 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_a: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: e5 0f e8 16 f8 62 74 fc 39 5e 94 fc 04 eb a9 dc a3 cd 5e 1f 2c 29 e4 79 84 ed 44 0d 12 86 af f8 1d 69 81 34 35 c2 15 40 a2 8c 65 7f 45 cc 38 e8 28 fe da 68 dc 03 e6 ef dc f9 82 da 0a af f4 1b e4 09 0e 22 2d 29 71 64 04 85 a0 09 b3 4f eb 19 db 48 b7 09 34 3f ca cc 01 3e 1d 32 97 44 9b 35 cd 4c 20 bf 1e 08 64 12 ec ea 4b 99 1b a8 8f 5f a9 2e 19 ad 11 9d f8 cd 18 77 8d 54 4e 88 58 98 f9 d3 fe d4 0d e4 cf bd 08 f5 d1 f7 ea 2c 80 9b 58 7c 19 60 11 c5 88 46 94 f4 56 ac 31 4d ba 8d 79 ed bd e9 2a 98 12 ee dd 50 3c b6 be 73 7c db df f2 27 0d 00 13 10 60 c2 3b 2f 4f 07 a5 67 be 09 5d dd 45 fd aa d9 88 51 d5 c4 01 42 f5 3d 08 61 19 e1 ae 42 ec 00 34 be 7e 0b af 7d 96 d9 4a 92 ad 75 1a 5c cc fb fe ed 65 c7 2c 3e 83 f8 b6 97 77 f8 a1 7d 20 0b 4d 7b 39 78 77 69 d9 1d dd | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: final-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65c00 | SKEYID_a PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_a: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: clone-key@0x55a4efa65c00 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e: release clone-key@0x55a4efa65c00 | SKEYID_e PRF sha crypt-prf@0x7f23340010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa5af10 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: 5d 39 6c d7 47 d9 4d 5d dd 14 14 b4 47 b5 2e a0 fa 2e 74 0d 19 e9 30 49 48 60 ca 96 0e cd e3 a7 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340085b8 | unwrapped: ef e9 c6 82 ff 3c 74 57 ec d9 d9 b6 8f e7 bf 92 | unwrapped: ee ee f6 73 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_e: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: e5 0f e8 16 f8 62 74 fc 39 5e 94 fc 04 eb a9 dc a3 cd 5e 1f 2c 29 e4 79 84 ed 44 0d 12 86 af f8 1d 69 81 34 35 c2 15 40 a2 8c 65 7f 45 cc 38 e8 28 fe da 68 dc 03 e6 ef dc f9 82 da 0a af f4 1b e4 09 0e 22 2d 29 71 64 04 85 a0 09 b3 4f eb 19 db 48 b7 09 34 3f ca cc 01 3e 1d 32 97 44 9b 35 cd 4c 20 bf 1e 08 64 12 ec ea 4b 99 1b a8 8f 5f a9 2e 19 ad 11 9d f8 cd 18 77 8d 54 4e 88 58 98 f9 d3 fe d4 0d e4 cf bd 08 f5 d1 f7 ea 2c 80 9b 58 7c 19 60 11 c5 88 46 94 f4 56 ac 31 4d ba 8d 79 ed bd e9 2a 98 12 ee dd 50 3c b6 be 73 7c db df f2 27 0d 00 13 10 60 c2 3b 2f 4f 07 a5 67 be 09 5d dd 45 fd aa d9 88 51 d5 c4 01 42 f5 3d 08 61 19 e1 ae 42 ec 00 34 be 7e 0b af 7d 96 d9 4a 92 ad 75 1a 5c cc fb fe ed 65 c7 2c 3e 83 f8 b6 97 77 f8 a1 7d 20 0b 4d 7b 39 78 77 69 d9 1d dd | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: a7 30 f1 82 11 2f 2c 65 4a 59 12 38 59 82 65 b2 | unwrapped: 2f 46 bb 2e 35 c0 6b 66 55 36 62 37 62 6c fc 1a | unwrapped: 53 5b 6a a1 de 52 37 09 dc 8d e2 01 fc 17 f9 03 | unwrapped: 7c 60 68 a8 84 54 33 5d 44 ba 6c 87 b9 99 9d c7 | unwrapped: 30 a7 91 31 16 11 85 5f 2e bc 3a 14 27 bd 01 79 | unwrapped: c5 f6 c0 7f c3 18 bb ca 2c 4d 66 cb c3 bc d6 06 | unwrapped: fd 13 5f e8 10 55 96 dc cf 83 1c 64 32 f1 fc 33 | unwrapped: e7 4b bd c2 9e a6 52 9b 3a e5 51 02 df da 30 b8 | unwrapped: 78 d7 1f 02 8a 33 ac a3 51 a7 ae e5 ac 43 5f 6d | unwrapped: 9e c8 a9 e1 fd 3f 62 9c e4 d5 48 d6 09 1d 60 df | unwrapped: 68 c5 9e 4a c1 e8 d8 ff ab e9 bd 1c 10 45 04 e6 | unwrapped: b1 df 25 67 f8 32 80 44 46 fc ee 45 84 6f 5d 73 | unwrapped: 49 38 1d ae 1b 16 cb 1b 43 31 22 3e ae 27 00 16 | unwrapped: 00 15 c4 74 cb ae 7d ec 9d d4 e3 eb ca e4 ad 70 | unwrapped: 20 85 47 74 57 a7 f1 20 19 2e ee a0 25 7c d4 9b | unwrapped: 0f 08 1a ce f7 d1 67 ae 3a e8 18 72 d4 66 3f e6 | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 4e 1a a3 b3 5c f7 10 ef | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | d8 c0 57 5b 86 37 ae d0 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e710 | result: final-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5c790 | SKEYID_e PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID_e: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e768 | result: keymat-key@0x55a4efa5c790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa62310, skeyid_a 0x55a4efa5af10, skeyid_e 0x55a4efa65c00, enc_key 0x55a4efa5c790 | DH_i: 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | DH_i: 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | DH_i: 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | DH_i: de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | DH_i: 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | DH_i: 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | DH_i: 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | DH_i: 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | DH_i: f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | DH_i: 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | DH_i: 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | DH_i: f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | DH_i: a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | DH_i: 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | DH_i: 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | DH_i: 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | DH_r: 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | DH_r: ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | DH_r: 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | DH_r: 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | DH_r: 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | DH_r: 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | DH_r: af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | DH_r: bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | DH_r: eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | DH_r: ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | DH_r: 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | DH_r: 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | DH_r: 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | DH_r: 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | DH_r: a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | DH_r: d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | new IV hash sha final chunk@0x7f23340085b8 (length 20) | ef 0d 19 56 4a 57 00 69 05 62 3e 5f 8f 98 95 29 | dc 93 b8 5c | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 time elapsed 0.002077 seconds | (#13) spent 2.08 milliseconds in crypto helper computing work-order 16: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 16 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 16 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #13: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f233c002168: transferring ownership from helper IKEv1 DH+IV to state #13 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | a8 28 40 d1 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | natd_hash: hash= a8 28 40 d1 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | d8 c0 57 5b 86 37 ae d0 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 4e 1a a3 b3 5c f7 10 ef | natd_hash: rcookie= d8 c0 57 5b 86 37 ae d0 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | natd_hash: hash= ae b7 b7 02 | expected NAT-D(me): e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | expected NAT-D(me): a8 28 40 d1 | expected NAT-D(him): | 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | ae b7 b7 02 | received NAT-D: e6 bc e2 ab 1b 53 a9 49 fc 05 49 77 fd 47 fd b2 | received NAT-D: a8 28 40 d1 | received NAT-D: 3c 9a ed 4d a6 2c e1 ba 76 9a c4 8a 47 50 6d f4 | received NAT-D: ae b7 b7 02 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa785e8 | hmac PRF sha update data-bytes@0x7f233c004458 (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | hmac PRF sha update data-bytes@0x7f2328000b48 (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | d8 c0 57 5b 86 37 ae d0 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 59 21 02 42 87 d3 1c 1f 17 c4 79 f5 a9 ca d3 1a | 7f a1 7b bd | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 59 21 02 42 87 d3 1c 1f 17 c4 79 f5 a9 ca d3 1a | HASH_I 7f a1 7b bd | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 59 21 02 42 87 d3 1c 1f 17 c4 79 f5 a9 ca d3 1a | encrypting: 7f a1 7b bd | IV: ef 0d 19 56 4a 57 00 69 05 62 3e 5f 8f 98 95 29 | IV: dc 93 b8 5c | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 19 26 96 0c 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #13: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f233c0048c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 8d 27 bb 07 | 3d 8a 0e b5 fb ae 91 0b 39 1e 9c f4 17 49 f2 13 | a9 5b 79 33 3d 6d d4 3d 7c 21 b1 c7 19 26 96 0c | 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | #13 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29300.404179 "aes128" #13: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.475 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2334003ad8 | spent 0.00229 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 9a 43 bf 97 | 8d bc 2a 1a 66 1f 98 b8 2f 60 98 df 40 ec 44 62 | 56 11 ff 5f 3c 64 9d d7 e3 77 3a f3 8f 45 2f 46 | 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I3 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 19 26 96 0c 9f 28 6a 77 45 c6 df 76 05 c0 a9 8b | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | decrypted payload (starts at offset -48): | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 eb 16 ca 5a | ef 1a e4 3b dc 8b 26 98 f1 a8 75 dd 8f 0e 64 8c | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #13: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f23340085b8 | hmac PRF sha update data-bytes@0x7f2328000b48 (length 256) | 80 4b 85 fd af b2 b7 a8 f9 85 1a cb f5 f0 98 74 | ee fc aa 22 ea ca 04 c7 62 fc 7c 3f cc 82 6c 01 | 04 6c 5b c2 4d 4f b6 19 ef d2 6d 8f 25 1d 43 60 | 68 c9 62 43 d0 fd 02 95 97 dc 9b 9a 66 de 1a ee | 13 cf bb 94 cc ea 29 f7 0a 6d 3a cd 28 82 ab 7a | 19 d2 a4 82 ed 97 b4 76 0b f3 19 19 61 43 6d f2 | af 51 b6 8a a5 e2 56 df 1c 3b c0 b3 68 78 a2 fa | bd e9 96 6d 8e 1b c1 75 52 a3 b9 b0 ec 93 15 21 | eb a0 5c fa 15 ad 61 b3 ce 10 ae de 5a a6 01 57 | ee 72 5f 62 4d 65 5d ea 43 3c e9 11 66 0e 8c 50 | 33 45 65 f0 46 74 38 7d 50 5f ae 43 f5 67 d0 de | 31 28 57 78 9c 08 6f eb c2 70 d7 0a 93 dd 81 02 | 9a 7c 18 82 f5 d2 2a ab 10 65 10 2a 65 32 1d 87 | 85 05 60 5d ab 0d 99 ae eb 38 dd a4 4a 7d 18 34 | a9 6a 6f d0 b5 60 be 54 a0 93 cb 0f d3 33 0d 97 | d7 6d 8d e1 a0 96 e3 1a d0 83 c5 af f2 92 1a b1 | hmac PRF sha update data-bytes@0x7f233c004458 (length 256) | 6b 06 91 93 83 3d 9f 49 b9 e3 e6 4c 77 52 25 c4 | 32 f0 32 19 8a c9 4b ab cb ca 5e a1 43 f3 08 ed | 38 50 0b 7a f8 9c 57 cc 3e 7c f5 2e 06 f7 5c e5 | de 88 d7 4f 82 f5 75 21 7f 1c 6f d0 70 f6 30 e0 | 67 99 c6 2f 6c 5c bc df 11 4b 2b c1 f8 76 a6 9c | 85 47 2d 38 75 12 bf 93 fa 49 c0 79 7c e8 26 ad | 14 da c1 df 66 99 7b 03 d2 2d 20 2b cc da 4e 1c | 92 df c9 8b 46 63 d9 ea 0e c3 90 53 a4 ca 16 ee | f4 71 3c ab db a8 58 de 17 f5 e7 e6 05 38 e9 84 | 60 1c 9e 5c 26 1b 50 9c 04 11 7d 6d 07 16 33 83 | 56 2a 5f 51 34 e6 fa 46 ff 4b d0 ef 64 c8 55 68 | f6 c7 4b b1 21 11 0f af 2f d1 4e 4b 4b b7 77 f4 | a9 88 34 17 a9 ab 10 11 da 51 c1 4d b5 ff 31 b3 | 85 c3 14 63 e0 65 a5 b1 3b 08 3e 3c f2 8c 48 06 | 03 2f 74 fe 5d 07 08 30 80 6c 80 d4 19 99 2a cc | 73 c1 1b 7a 27 8c 46 bc 2a 2b 0f 4c c3 a7 71 92 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | d8 c0 57 5b 86 37 ae d0 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 4e 1a a3 b3 5c f7 10 ef | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4efa768e8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | eb 16 ca 5a ef 1a e4 3b dc 8b 26 98 f1 a8 75 dd | 8f 0e 64 8c | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #13: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2879 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | pstats #13 ikev1.isakmp established "aes128" #13: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #13 | creating state object #14 at 0x55a4efa7b648 | State DB: adding IKEv1 state #14 in UNDEFINED | pstats #14 ikev1.ipsec started | duplicating state object #13 "aes128" as #14 for IPSEC SA | #14 setting local endpoint to 192.1.2.45:500 from #13.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa5c790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #13 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #14 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #14: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #14: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#13 msgid:62f488c5 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 17 for state #14 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #14 | libevent_malloc: new ptr-libevent@0x55a4efa831b8 size 128 | stop processing: state #14 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #13 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa6a378} | crypto helper 3 resuming | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 3 starting work-order 17 for state #14 | #13 spent 0.309 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 17 | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.406 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2338003758: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2338003758 | NSS: Public DH wire value: | 03 74 9b 43 ac 7c 26 51 5f 83 88 73 ba 45 b9 2d | 3f 80 0b 6c d5 96 02 73 f3 fe 51 78 3e 9f f3 4a | fb 63 65 9f b3 8a 93 88 2b 58 88 60 42 ec 45 42 | d2 ef 18 c8 87 90 a1 0e 3f 1b 03 a8 4e 25 9e 81 | 2f 8f d5 52 61 da 68 15 bd ae 9b 37 1b ff ca d5 | 78 2c 6f 71 2f 43 86 53 1f 08 ea 23 e8 1e 49 79 | bd df a2 bc 52 c5 fa e4 cd b0 24 0e e2 df 65 7f | a1 b8 a6 57 0f 8c 99 30 38 70 aa 28 11 43 43 88 | da 23 aa 41 8b f0 17 14 a4 51 c3 b9 d0 56 97 ac | cb 40 1b 8f 9d c6 5b 62 ea 60 7b 36 a8 3c cd fd | f8 7d a4 39 b8 c9 02 af 34 a9 32 fd ab 0e b0 48 | 80 37 8c 50 52 dd fc 78 1d 80 44 08 1f c1 61 24 | d3 5e 91 30 c5 4c 3e 0b dd 3c 86 b3 6f 80 6f 32 | 04 09 2c e4 62 6b 1f 72 ba c4 3a e9 8b 4f 2a 8d | 9b 6d 73 c2 23 0e 5e 1e 56 8c b6 84 e3 9a 91 11 | af c9 bc 2a bd 7b c7 15 42 d0 d9 6f 00 9e 15 3c | Generated nonce: 7c 3c 76 59 d0 12 93 ef 5c 3b d9 fd b5 1b 54 e2 | Generated nonce: dc f9 f7 9c 28 e1 84 c1 ff c5 e6 7c 6d 40 85 3b | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 17 time elapsed 0.001048 seconds | (#14) spent 1.03 milliseconds in crypto helper computing work-order 17: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 17 for state #14 to event queue | scheduling resume sending helper answer for #14 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #14 | start processing: state #14 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 17 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #14: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1660192965 (0x62f488c5) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x44deab4 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 04 4d ea b4 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #14: IMPAIR: stripping key-length "aes128" #14: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 7c 3c 76 59 d0 12 93 ef 5c 3b d9 fd b5 1b 54 e2 | Ni dc f9 f7 9c 28 e1 84 c1 ff c5 e6 7c 6d 40 85 3b | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2338003758: transferring ownership from helper KE to state #14 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 03 74 9b 43 ac 7c 26 51 5f 83 88 73 ba 45 b9 2d | keyex value 3f 80 0b 6c d5 96 02 73 f3 fe 51 78 3e 9f f3 4a | keyex value fb 63 65 9f b3 8a 93 88 2b 58 88 60 42 ec 45 42 | keyex value d2 ef 18 c8 87 90 a1 0e 3f 1b 03 a8 4e 25 9e 81 | keyex value 2f 8f d5 52 61 da 68 15 bd ae 9b 37 1b ff ca d5 | keyex value 78 2c 6f 71 2f 43 86 53 1f 08 ea 23 e8 1e 49 79 | keyex value bd df a2 bc 52 c5 fa e4 cd b0 24 0e e2 df 65 7f | keyex value a1 b8 a6 57 0f 8c 99 30 38 70 aa 28 11 43 43 88 | keyex value da 23 aa 41 8b f0 17 14 a4 51 c3 b9 d0 56 97 ac | keyex value cb 40 1b 8f 9d c6 5b 62 ea 60 7b 36 a8 3c cd fd | keyex value f8 7d a4 39 b8 c9 02 af 34 a9 32 fd ab 0e b0 48 | keyex value 80 37 8c 50 52 dd fc 78 1d 80 44 08 1f c1 61 24 | keyex value d3 5e 91 30 c5 4c 3e 0b dd 3c 86 b3 6f 80 6f 32 | keyex value 04 09 2c e4 62 6b 1f 72 ba c4 3a e9 8b 4f 2a 8d | keyex value 9b 6d 73 c2 23 0e 5e 1e 56 8c b6 84 e3 9a 91 11 | keyex value af c9 bc 2a bd 7b c7 15 42 d0 d9 6f 00 9e 15 3c | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa7ae98 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 62 f4 88 c5 | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 04 4d ea b4 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 7c 3c 76 59 d0 12 93 ef | 5c 3b d9 fd b5 1b 54 e2 dc f9 f7 9c 28 e1 84 c1 | ff c5 e6 7c 6d 40 85 3b 05 00 01 04 03 74 9b 43 | ac 7c 26 51 5f 83 88 73 ba 45 b9 2d 3f 80 0b 6c | d5 96 02 73 f3 fe 51 78 3e 9f f3 4a fb 63 65 9f | b3 8a 93 88 2b 58 88 60 42 ec 45 42 d2 ef 18 c8 | 87 90 a1 0e 3f 1b 03 a8 4e 25 9e 81 2f 8f d5 52 | 61 da 68 15 bd ae 9b 37 1b ff ca d5 78 2c 6f 71 | 2f 43 86 53 1f 08 ea 23 e8 1e 49 79 bd df a2 bc | 52 c5 fa e4 cd b0 24 0e e2 df 65 7f a1 b8 a6 57 | 0f 8c 99 30 38 70 aa 28 11 43 43 88 da 23 aa 41 | 8b f0 17 14 a4 51 c3 b9 d0 56 97 ac cb 40 1b 8f | 9d c6 5b 62 ea 60 7b 36 a8 3c cd fd f8 7d a4 39 | b8 c9 02 af 34 a9 32 fd ab 0e b0 48 80 37 8c 50 | 52 dd fc 78 1d 80 44 08 1f c1 61 24 d3 5e 91 30 | c5 4c 3e 0b dd 3c 86 b3 6f 80 6f 32 04 09 2c e4 | 62 6b 1f 72 ba c4 3a e9 8b 4f 2a 8d 9b 6d 73 c2 | 23 0e 5e 1e 56 8c b6 84 e3 9a 91 11 af c9 bc 2a | bd 7b c7 15 42 d0 d9 6f 00 9e 15 3c 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 65 b9 46 53 72 05 b2 ed be d9 3b 74 0c f8 2b 5d | 9b 5f 0d 37 | outI1 HASH(1): | 65 b9 46 53 72 05 b2 ed be d9 3b 74 0c f8 2b 5d | 9b 5f 0d 37 | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 62 f4 88 c5 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 56 8f 8d be a5 d9 73 02 5b 9e 43 64 d1 a1 87 7d | 72 38 58 f9 | encrypting: 01 00 00 18 65 b9 46 53 72 05 b2 ed be d9 3b 74 | encrypting: 0c f8 2b 5d 9b 5f 0d 37 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 04 4d ea b4 | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 7c 3c 76 59 d0 12 93 ef 5c 3b d9 fd b5 1b 54 e2 | encrypting: dc f9 f7 9c 28 e1 84 c1 ff c5 e6 7c 6d 40 85 3b | encrypting: 05 00 01 04 03 74 9b 43 ac 7c 26 51 5f 83 88 73 | encrypting: ba 45 b9 2d 3f 80 0b 6c d5 96 02 73 f3 fe 51 78 | encrypting: 3e 9f f3 4a fb 63 65 9f b3 8a 93 88 2b 58 88 60 | encrypting: 42 ec 45 42 d2 ef 18 c8 87 90 a1 0e 3f 1b 03 a8 | encrypting: 4e 25 9e 81 2f 8f d5 52 61 da 68 15 bd ae 9b 37 | encrypting: 1b ff ca d5 78 2c 6f 71 2f 43 86 53 1f 08 ea 23 | encrypting: e8 1e 49 79 bd df a2 bc 52 c5 fa e4 cd b0 24 0e | encrypting: e2 df 65 7f a1 b8 a6 57 0f 8c 99 30 38 70 aa 28 | encrypting: 11 43 43 88 da 23 aa 41 8b f0 17 14 a4 51 c3 b9 | encrypting: d0 56 97 ac cb 40 1b 8f 9d c6 5b 62 ea 60 7b 36 | encrypting: a8 3c cd fd f8 7d a4 39 b8 c9 02 af 34 a9 32 fd | encrypting: ab 0e b0 48 80 37 8c 50 52 dd fc 78 1d 80 44 08 | encrypting: 1f c1 61 24 d3 5e 91 30 c5 4c 3e 0b dd 3c 86 b3 | encrypting: 6f 80 6f 32 04 09 2c e4 62 6b 1f 72 ba c4 3a e9 | encrypting: 8b 4f 2a 8d 9b 6d 73 c2 23 0e 5e 1e 56 8c b6 84 | encrypting: e3 9a 91 11 af c9 bc 2a bd 7b c7 15 42 d0 d9 6f | encrypting: 00 9e 15 3c 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 56 8f 8d be a5 d9 73 02 5b 9e 43 64 d1 a1 87 7d | IV: 72 38 58 f9 | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 32 53 fb 79 30 d4 5a 63 62 8a 7b b5 ee 65 49 59 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #14) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 20 01 62 f4 88 c5 00 00 01 bc e3 ff 23 9e | d8 4f d5 36 c6 f1 e8 49 8e 2a 89 dc 72 f3 ec 11 | 85 79 96 bd d3 93 55 ee 36 d9 33 f6 7f 55 fb e7 | ba fa f3 6d 89 d3 9e 38 44 da b2 1f 88 f4 ce 8a | cf 29 ea 0b 26 9e fc 6d 96 54 ed fd c1 96 44 73 | bf ca fd 82 dd a1 98 35 a3 b5 de 6a 55 c7 6c 55 | 51 af 40 75 ba 12 59 3a 11 95 dd 51 6e e5 a4 05 | 98 ea a6 cf 8c 18 00 25 7f ac a0 88 ad dc e2 e3 | 3d 99 ef e0 ee 3d 53 64 73 93 6b f2 b5 1c 61 18 | ec ea 42 11 5e ef 0e 72 4c 74 fa 59 8e 90 94 33 | 22 3c a5 40 7a b0 49 b9 76 98 84 87 16 6d 11 75 | f2 75 82 6c a7 97 ad 96 70 fe b0 2c fc 48 4c 23 | 6f 15 75 57 21 9d fc 75 6e a0 48 a9 99 52 6d f9 | 76 b4 88 01 3c 4c dc 76 14 77 d4 be e3 6e 08 c5 | 4e fc c4 50 f8 62 47 d2 45 b1 3a f1 76 c1 31 f1 | 1d 59 66 5a 80 1f 68 8c 9d 78 58 c7 4d 3d 50 0c | a0 ec 66 f9 42 23 64 2a b8 84 fa 8b 51 d5 89 d2 | 43 7e f1 31 51 fb fe a0 88 2e d1 ef 25 3e 0b 3c | a2 a7 8a a1 bd 23 1a 9b 17 1e 3b ab a8 50 cc a3 | 64 df 4e 0b 69 15 c2 2a 41 89 2a 74 23 20 82 f8 | 80 22 1a 8e 3a b4 81 61 37 c4 1d 3e 09 97 bd 2e | b0 a6 79 c2 d5 36 50 15 c4 30 62 42 18 86 cc 41 | 4a b7 0e ec 93 9f 60 e9 70 46 e5 1b 4c c1 97 7a | db f5 d7 14 0a c2 ac 9b ce 20 40 8a 49 8e e4 41 | d3 23 9d 8f 29 8d 06 65 4f 9f 33 1b 2a d2 78 41 | de a9 19 98 5f cd 07 0b 54 f7 dc e5 32 53 fb 79 | 30 d4 5a 63 62 8a 7b b5 ee 65 49 59 | state #14 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa831b8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #14 | libevent_malloc: new ptr-libevent@0x55a4efa77c18 size 128 | #14 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29300.407082 | resume sending helper answer for #14 suppresed complete_v1_state_transition() | #14 spent 0.608 milliseconds in resume sending helper answer | stop processing: state #14 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2338003088 | spent 0.0027 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 6b 1c b1 86 00 00 00 4c c7 43 02 e1 | 59 ef 39 62 3e 7f f7 62 5e 7e fd 18 39 f7 c9 f2 | d2 4b 12 85 3e 05 56 12 d3 e9 2a 0a 97 28 be 8e | d8 f4 87 28 bf 69 da ca e6 94 86 0c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1797042566 (0x6b1cb186) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #14; msgid=00000000 st_msgid=62f488c5 st_msgid_phase15=00000000 | peer and cookies match on #13; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #13 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #13 in MAIN_I4 (find_v1_info_state) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39f28c (length 4) | 6b 1c b1 86 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 83 b2 18 7d 19 9f 43 b4 80 53 87 62 d4 e4 e9 7c | 75 0e 5d cc | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 83 b2 18 7d 19 9f 43 b4 80 53 87 62 d4 e4 e9 7c | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 97 28 be 8e d8 f4 87 28 bf 69 da ca e6 94 86 0c | decrypted payload (starts at offset -48): | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 6b 1c b1 86 00 00 00 4c 0b 00 00 18 | b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 8c 5f f6 08 | 13 99 fb 26 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f23340085b8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 6b 1c b1 86 | HASH(1) PRF sha update payload-bytes@0x55a4efa768fc (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 8c 5f f6 08 | 13 99 fb 26 | informational HASH(1): | b8 19 e5 95 40 c7 bc 96 08 6e 47 a9 8c 5f f6 08 | 13 99 fb 26 | received 'informational' message HASH(1) data ok "aes128" #13: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #13: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #13 spent 0.00797 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.256 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f2330002b78 | handling event EVENT_RETRANSMIT for child state #14 | start processing: state #14 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #14 keying attempt 1 of 0; retransmit 1 "aes128" #14: IMPAIR: retransmit so deleting SA | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #14 ikev1.ipsec failed too-many-retransmits | pstats #14 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #14: deleting state (STATE_QUICK_I1) aged 0.501s and NOT sending notification | child state #14: QUICK_I1(established CHILD SA) => delete | child state #14: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #14 in CHILDSA_DEL | child state #14: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f2338003758: destroyed | stop processing: state #14 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x55a4efa77c18 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | in statetime_stop() and could not find #14 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0445 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #13 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #13 ikev1.isakmp deleted completed | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #13: deleting state (STATE_MAIN_I4) aged 0.534s and sending notification | parent state #13: MAIN_I4(established IKE SA) => delete | #13 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4292824212 (0xffdf4c94) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 4e 1a a3 b3 5c f7 10 ef | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI d8 c0 57 5b 86 37 ae d0 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f23380031d8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | ff df 4c 94 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 4e 1a a3 b3 | 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | e1 26 f4 44 8e 42 18 11 03 b6 c9 bc e4 6a fa 03 | 2e 0e c6 25 | send delete HASH(1): | e1 26 f4 44 8e 42 18 11 03 b6 c9 bc e4 6a fa 03 | 2e 0e c6 25 | last Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | current Phase 1 IV: 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 8f 45 2f 46 02 7a b1 7f b9 d8 e1 3d 8c 79 e8 24 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | ff df 4c 94 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 8d 45 00 af a5 67 f8 9f 89 2e e8 4f ee c3 73 e0 | 6a ba 32 ba | encrypting: 0c 00 00 18 e1 26 f4 44 8e 42 18 11 03 b6 c9 bc | encrypting: e4 6a fa 03 2e 0e c6 25 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b | encrypting: 86 37 ae d0 | IV: 8d 45 00 af a5 67 f8 9f 89 2e e8 4f ee c3 73 e0 | IV: 6a ba 32 ba | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d3 f5 03 a2 75 8e 80 ec 7d 10 25 20 7d 72 02 06 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 ff df 4c 94 00 00 00 5c ec 38 3a 78 | d5 d9 0d 0e 65 b8 88 d3 0a 30 38 ea 6c db b4 a1 | ed 7b 04 1f 0c 24 df 23 f9 8f b8 fe 9e 69 cb 23 | c1 fa 39 37 ba ac 05 da 92 a9 14 5c d3 f5 03 a2 | 75 8e 80 ec 7d 10 25 20 7d 72 02 06 | state #13 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2334003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #13 in MAIN_I4 | parent state #13: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f233c002168: destroyed | stop processing: state #13 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa65820 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.528 milliseconds in whack | spent 0.00212 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 4e 1a a3 b3 5c f7 10 ef d8 c0 57 5b 86 37 ae d0 | 08 10 05 01 ed e7 23 42 00 00 00 5c e8 a1 94 42 | 66 a4 c6 cf 4c 0a 33 7a e0 23 ee 7d c3 68 c8 94 | cb 85 37 69 11 52 dc 6b c0 a2 3b d0 38 e5 ef bf | 77 80 39 7c 0c 64 10 1d eb 9c 6e 5d 36 2c 59 34 | fe 54 21 65 94 03 e8 ec 19 b5 3a 35 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 4e 1a a3 b3 5c f7 10 ef | responder cookie: | d8 c0 57 5b 86 37 ae d0 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3991348034 (0xede72342) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xede72342 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 4e 1a a3 b3 5c f7 10 ef | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | d8 c0 57 5b 86 37 ae d0 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0761 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0577 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0507 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0501 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0565 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.559 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #15 at 0x55a4efa78798 | State DB: adding IKEv1 state #15 in UNDEFINED | pstats #15 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #15 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #15: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #15 "aes128" "aes128" #15: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa78188 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #15: IMPAIR: stripping key-length "aes128" #15: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | ba c0 c7 46 43 f3 19 a7 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | #15 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.428631 | #15 spent 0.829 milliseconds in main_outI1() | stop processing: state #15 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.892 milliseconds in whack | spent 0.0025 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #15 in MAIN_I1 (find_state_ikev1_init) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 18 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2338003088 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | crypto helper 2 resuming | crypto helper 2 starting work-order 18 for state #15 | crypto helper 2 doing build KE and nonce (outI2 KE); request ID 18 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f232c0058a8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f232c0058a8 | NSS: Public DH wire value: | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | Generated nonce: 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 1c d7 8b a1 | Generated nonce: 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 53 a2 77 66 | crypto helper 2 finished build KE and nonce (outI2 KE); request ID 18 time elapsed 0.001099 seconds | (#15) spent 1.09 milliseconds in crypto helper computing work-order 18: outI2 KE (pcr) | crypto helper 2 sending results from work-order 18 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f232c0059a8 size 128 | crypto helper 2 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #15 and saving MD | #15 is busy; has a suspended MD | #15 spent 0.16 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.299 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 18 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #15: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f232c0058a8: transferring ownership from helper KE to state #15 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | keyex value 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | keyex value 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | keyex value 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | keyex value c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | keyex value 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | keyex value 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | keyex value 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | keyex value 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | keyex value 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | keyex value 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | keyex value b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | keyex value af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | keyex value 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | keyex value 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | keyex value 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 1c d7 8b a1 | Ni 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 53 a2 77 66 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | natd_hash: hash= 54 5e 97 39 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | NAT-D 54 5e 97 39 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | natd_hash: hash= 3e a4 18 c0 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | NAT-D 3e a4 18 c0 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #15 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #15: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2338003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | 14 00 00 24 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 | 1c d7 8b a1 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 | 53 a2 77 66 14 00 00 18 15 56 6e d8 dd 59 ce ab | 4f bb b9 da af 51 2a 08 54 5e 97 39 00 00 00 18 | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | #15 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.431057 "aes128" #15: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.376 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f232c0059a8 | spent 0.00196 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | 14 00 00 24 02 d5 7e fb 43 ab 30 62 8a 91 54 9b | 6a d7 00 b0 f1 ae 4b 4c d9 06 b8 52 be e7 93 0f | 79 86 ca 40 14 00 00 18 66 5c 2c 6a 10 19 97 84 | 66 6f 5a 47 98 96 73 18 3e a4 18 c0 00 00 00 18 | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I2 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f232c0058a8: transferring ownership from state #15 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 19 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f232c0059a8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #15 and saving MD | #15 is busy; has a suspended MD | crypto helper 4 resuming | crypto helper 4 starting work-order 19 for state #15 | crypto helper 4 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 | peer's g: 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | peer's g: e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | peer's g: 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | peer's g: b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | peer's g: 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | peer's g: bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | peer's g: 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | peer's g: e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | peer's g: bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | peer's g: a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | peer's g: 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | peer's g: 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | peer's g: 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | peer's g: 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | peer's g: 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | peer's g: be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f232c0058a8: computed shared DH secret key@0x55a4efa5c790 | dh-shared : g^ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: psk-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: psk-key@0x55a4efa65c00 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa5af10 | SKEYID psk prf: created sha context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk prf: begin sha with context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk: release clone-key@0x55a4efa65c00 | SKEYID psk PRF sha crypt-prf@0x7f2330001278 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | 58 e0 d3 ea 20 4c 87 dd 96 d7 5f 64 1c d7 8b a1 | 8d f9 9b 2b bd 04 33 77 a3 16 40 e4 53 a2 77 66 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 02 d5 7e fb 43 ab 30 62 8a 91 54 9b 6a d7 00 b0 | f1 ae 4b 4c d9 06 b8 52 be e7 93 0f 79 86 ca 40 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID psk PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID psk: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b718 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d: release clone-key@0x55a4efa5af10 | SKEYID_d PRF sha crypt-prf@0x7f2330001548 | SKEYID_d PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_d: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 a0 42 30 0a 13 8f 8c e3 23 f9 21 e6 74 39 96 5e 02 67 6f ba 7b 97 16 59 e5 3c 21 9f 72 f1 58 2e ad d0 99 27 39 4f 7e 51 5d 24 4b 88 56 90 60 33 bd e5 eb 3a 78 2b 5f c2 10 4e 27 04 d3 98 74 c0 30 0c 05 49 a2 1a 51 d2 95 9d 29 53 5a e8 02 b2 aa 61 44 ff 45 69 97 56 2c 08 0c c8 74 0a 2a ca d8 79 48 97 71 a5 47 3e b4 85 85 37 b3 53 8c 4c 42 43 e3 c0 58 d9 69 73 9a 62 5c d8 21 5a c5 b3 ef f0 4b 2a 60 9a 0f 11 e0 95 20 cc 3f a5 ac 6c ed 4c d2 04 19 48 66 bc f9 02 7c 78 5f c8 54 59 b5 e2 da e7 a0 26 61 1b a5 47 33 e6 b0 04 f6 91 22 16 9b 76 b7 cf 40 34 49 2b 6b b0 cb d4 0e 9d d6 96 01 e3 8c 67 34 b3 15 03 a6 71 6b c1 4e 83 4d ad bb 69 37 36 59 89 db 71 41 de b9 34 70 8f 8c 4a 3a 43 e8 56 c5 63 68 71 9c 92 d4 52 cf fc a7 7c 90 14 19 41 25 f2 ea 69 79 77 99 80 f5 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f23300018c8 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID_d PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_d: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a: release clone-key@0x55a4efa62310 | SKEYID_a PRF sha crypt-prf@0x7f2330001278 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa5af10 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 36 2d a3 ed 47 85 1d b5 37 51 be 1f 2a a5 fc ce 86 38 9d 06 fe 93 97 a5 0e 1c b1 ac cb a4 64 69 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23300039e8 | unwrapped: 4d ed 05 fc f9 e3 61 b2 90 c8 aa 0c 98 2b 29 30 | unwrapped: 07 40 02 42 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_a: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 a0 42 30 0a 13 8f 8c e3 23 f9 21 e6 74 39 96 5e 02 67 6f ba 7b 97 16 59 e5 3c 21 9f 72 f1 58 2e ad d0 99 27 39 4f 7e 51 5d 24 4b 88 56 90 60 33 bd e5 eb 3a 78 2b 5f c2 10 4e 27 04 d3 98 74 c0 30 0c 05 49 a2 1a 51 d2 95 9d 29 53 5a e8 02 b2 aa 61 44 ff 45 69 97 56 2c 08 0c c8 74 0a 2a ca d8 79 48 97 71 a5 47 3e b4 85 85 37 b3 53 8c 4c 42 43 e3 c0 58 d9 69 73 9a 62 5c d8 21 5a c5 b3 ef f0 4b 2a 60 9a 0f 11 e0 95 20 cc 3f a5 ac 6c ed 4c d2 04 19 48 66 bc f9 02 7c 78 5f c8 54 59 b5 e2 da e7 a0 26 61 1b a5 47 33 e6 b0 04 f6 91 22 16 9b 76 b7 cf 40 34 49 2b 6b b0 cb d4 0e 9d d6 96 01 e3 8c 67 34 b3 15 03 a6 71 6b c1 4e 83 4d ad bb 69 37 36 59 89 db 71 41 de b9 34 70 8f 8c 4a 3a 43 e8 56 c5 63 68 71 9c 92 d4 52 cf fc a7 7c 90 14 19 41 25 f2 ea 69 79 77 99 80 f5 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2330004678 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: final-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa63dc0 | SKEYID_a PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_a: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: clone-key@0x55a4efa63dc0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e: release clone-key@0x55a4efa63dc0 | SKEYID_e PRF sha crypt-prf@0x7f2330001548 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa62310 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: 10 64 bf ed 02 36 d8 6f 3a 0f 41 7a f7 5d e2 ca 10 e6 b4 43 b5 2e 19 86 13 3c c4 ad b8 60 ab d9 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2330002148 | unwrapped: 96 ff 20 ec 1f 2a e5 ba 81 69 a6 25 c4 f5 cd c9 | unwrapped: ae f5 26 ea 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_e: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 a0 42 30 0a 13 8f 8c e3 23 f9 21 e6 74 39 96 5e 02 67 6f ba 7b 97 16 59 e5 3c 21 9f 72 f1 58 2e ad d0 99 27 39 4f 7e 51 5d 24 4b 88 56 90 60 33 bd e5 eb 3a 78 2b 5f c2 10 4e 27 04 d3 98 74 c0 30 0c 05 49 a2 1a 51 d2 95 9d 29 53 5a e8 02 b2 aa 61 44 ff 45 69 97 56 2c 08 0c c8 74 0a 2a ca d8 79 48 97 71 a5 47 3e b4 85 85 37 b3 53 8c 4c 42 43 e3 c0 58 d9 69 73 9a 62 5c d8 21 5a c5 b3 ef f0 4b 2a 60 9a 0f 11 e0 95 20 cc 3f a5 ac 6c ed 4c d2 04 19 48 66 bc f9 02 7c 78 5f c8 54 59 b5 e2 da e7 a0 26 61 1b a5 47 33 e6 b0 04 f6 91 22 16 9b 76 b7 cf 40 34 49 2b 6b b0 cb d4 0e 9d d6 96 01 e3 8c 67 34 b3 15 03 a6 71 6b c1 4e 83 4d ad bb 69 37 36 59 89 db 71 41 de b9 34 70 8f 8c 4a 3a 43 e8 56 c5 63 68 71 9c 92 d4 52 cf fc a7 7c 90 14 19 41 25 f2 ea 69 79 77 99 80 f5 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f23300018c8 | unwrapped: f1 02 33 eb 6c d4 98 24 3f 8b 5e 3a 14 ae bf bb | unwrapped: 79 ff 4e 80 80 af ee aa f2 e3 7d a4 74 88 de 02 | unwrapped: e2 0b cb d0 77 56 77 3e 7d fe 5f e9 87 a3 76 46 | unwrapped: 76 c7 79 c3 ed e1 31 fd 39 55 0e 36 2a 39 a9 11 | unwrapped: 27 1d 01 79 8f 39 78 8b fd 95 da 74 25 9e 76 d2 | unwrapped: 5c 40 7d ce 05 bb be 57 be 63 e7 d5 90 5d 07 0c | unwrapped: 88 dc 66 ed 0c 18 85 af 46 9a ac 33 a0 44 71 4e | unwrapped: 68 c6 fb 99 00 2a a7 ea e9 1a 2e 9b 0c 83 27 0f | unwrapped: b1 c6 9c 72 70 b0 be 6f d7 3e 01 47 68 ec 17 4f | unwrapped: b9 a5 e3 8a a7 9d 1b cd 11 ef e9 96 4b b8 ef a5 | unwrapped: b9 55 ca 43 96 53 48 d3 dc 88 02 aa 52 b5 dc 1b | unwrapped: 05 d5 77 f7 28 ff 2a a3 c0 c9 72 8d 29 0f d7 e2 | unwrapped: 9a 38 b0 64 06 2e 54 ad 01 a6 d5 67 07 1f fb 0e | unwrapped: 71 45 11 3f 1d 10 de fc 41 67 1f 19 51 4a 75 83 | unwrapped: fa d4 35 83 a3 be d0 be 3d a0 47 d5 7f 5e 21 af | unwrapped: 1a 9a 73 3c 86 f5 3d 76 ab 36 b4 06 da 32 3a 5a | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | ba c0 c7 46 43 f3 19 a7 | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 98 02 c7 dd 12 51 32 67 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b710 | result: final-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65820 | SKEYID_e PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID_e: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b768 | result: keymat-key@0x55a4efa65820 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa5af10, skeyid_a 0x55a4efa62310, skeyid_e 0x55a4efa63dc0, enc_key 0x55a4efa65820 | DH_i: 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | DH_i: 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | DH_i: 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | DH_i: 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | DH_i: c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | DH_i: 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | DH_i: 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | DH_i: 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | DH_i: 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | DH_i: 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | DH_i: 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | DH_i: b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | DH_i: af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | DH_i: 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | DH_i: 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | DH_i: 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | DH_r: 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | DH_r: e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | DH_r: 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | DH_r: b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | DH_r: 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | DH_r: bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | #15 spent 0.0884 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | DH_r: 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | DH_r: e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | DH_r: bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | DH_r: a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | DH_r: 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | DH_r: 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | DH_r: 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | DH_r: 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | DH_r: 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | DH_r: be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | new IV hash sha final chunk@0x7f2330002148 (length 20) | a3 03 96 91 81 c8 cb 60 cf d5 08 52 6f f5 7a 13 | 8f 1c aa 6c | crypto helper 4 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 time elapsed 0.002086 seconds | (#15) spent 2.03 milliseconds in crypto helper computing work-order 19: aggr outR1 DH (pcr) | crypto helper 4 sending results from work-order 19 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f2330001378 size 128 | crypto helper 4 waiting (nothing to do) | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.25 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 19 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #15: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f232c0058a8: transferring ownership from helper IKEv1 DH+IV to state #15 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | 3e a4 18 c0 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | natd_hash: hash= 3e a4 18 c0 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | ba c0 c7 46 43 f3 19 a7 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 98 02 c7 dd 12 51 32 67 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= ba c0 c7 46 43 f3 19 a7 | natd_hash: rcookie= 98 02 c7 dd 12 51 32 67 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | natd_hash: hash= 54 5e 97 39 | expected NAT-D(me): 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | expected NAT-D(me): 3e a4 18 c0 | expected NAT-D(him): | 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | 54 5e 97 39 | received NAT-D: 66 5c 2c 6a 10 19 97 84 66 6f 5a 47 98 96 73 18 | received NAT-D: 3e a4 18 c0 | received NAT-D: 15 56 6e d8 dd 59 ce ab 4f bb b9 da af 51 2a 08 | received NAT-D: 54 5e 97 39 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa785e8 | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | ba c0 c7 46 43 f3 19 a7 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 98 02 c7 dd 12 51 32 67 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | cc 54 8f 58 24 9c ec ad 3b c4 43 f7 45 24 01 04 | c3 ad b7 2f | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I cc 54 8f 58 24 9c ec ad 3b c4 43 f7 45 24 01 04 | HASH_I c3 ad b7 2f | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: cc 54 8f 58 24 9c ec ad 3b c4 43 f7 45 24 01 04 | encrypting: c3 ad b7 2f | IV: a3 03 96 91 81 c8 cb 60 cf d5 08 52 6f f5 7a 13 | IV: 8f 1c aa 6c | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 4a 81 5f b6 c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #15: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f232c0059a8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 99 2e a8 05 | ba 2d ff 1f dc 05 21 b1 90 7b b8 3b bc 83 f8 9c | 6e 6c aa 36 35 8c 85 02 35 d3 4b 88 4a 81 5f b6 | c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x55a4efa78368 size 128 | #15 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.437939 "aes128" #15: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.484 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2330001378 | spent 0.00227 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 14 a9 08 43 | 25 3b 05 db b0 78 4d 74 18 8b e3 7b 4f 75 db 2c | 9a bf 46 8b c6 a6 36 8e b5 25 65 26 ce c7 f1 92 | 43 42 36 0a dc c5 14 46 f3 40 95 03 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I3 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 4a 81 5f b6 c6 c0 ee 32 ed fb 94 7a c3 e8 3c f7 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | decrypted payload (starts at offset -48): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 1e 98 ba 4b | c1 65 d3 9d b7 79 d0 42 ad 0f c1 2a 56 27 52 26 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #15: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f2330002148 | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | 4f 6c 9e e5 39 6b 5e ab 8a e2 b9 05 e5 16 b7 23 | e4 0d 76 52 69 22 f8 05 c9 d3 9d a7 60 0f c0 9c | 5a c6 82 c8 1c c6 14 35 5f 2b c4 47 6d 66 ea f7 | b7 99 4b 1c ae f1 df 0a 03 6f 46 00 5c 84 9d 80 | 3a 99 81 ae 3c 9d b6 7b e3 91 51 3a 81 e8 0b 41 | bd 4f 21 49 44 5e c4 e5 11 38 1b bf 4e 8e a3 fd | 8a 7f b2 ad 5d db 70 65 1c ee a1 ac 98 fa a1 37 | e3 9c 17 46 8a 50 df 71 a3 be 0c bc b2 f6 cb 83 | bc e0 e4 60 9d ff c0 25 c4 1d b7 dc e2 57 04 72 | a8 f4 e8 51 7f 27 ff f6 ca 53 7b ad 87 47 f5 bb | 6f 02 6d 4f 35 af 91 c0 e8 0b 04 6c b4 52 ed 79 | 1a e1 88 57 5c 4a 66 82 6f 66 2c ef 60 64 af 82 | 5e e9 4f 0d d5 0f 82 b8 3a 99 a7 52 47 f6 2f a8 | 52 e8 8c 3d 4b ce a9 ef b4 c1 fd bb fc b9 71 31 | 4d bb 22 99 8f a9 67 59 7a b2 94 56 ba 1d 02 41 | be d6 cc 75 88 9f 20 88 42 3e d4 d3 0e fd 48 94 | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | 3b 72 b8 96 44 ba 31 df 4f f1 74 98 8b f3 84 b9 | 74 a8 6a c5 90 6f c3 9d 8c 9c 2c a0 1c bc 0e 68 | 85 28 98 a0 d2 2f 65 92 22 21 9c 20 9c 02 b7 dd | 06 4f ee 59 0a 11 db 18 0b 2c ed c9 5d 42 a5 7c | c8 d6 1c 02 f8 cf 37 34 0f ce 60 a2 5e 72 01 a5 | 53 b1 65 6e 46 2a 4d 85 23 35 54 97 97 0c df 96 | 9f 34 d5 bf da e5 10 b1 6f 45 b1 39 2b c8 af 69 | 2d b8 66 bf f1 33 02 76 e3 81 49 36 bd 21 04 ab | 31 1d fa 05 61 74 ba 16 46 87 63 a8 90 98 f0 72 | 51 ed cb 58 b4 64 e7 ba 9d 5a a2 02 ca 84 33 ab | 54 3e 69 91 9a da 0e f9 68 23 85 79 91 71 27 a4 | b5 76 66 7e 18 cc 89 a1 78 a7 93 1d 8c de cb c8 | af a3 47 1a 15 6f 96 7c 68 f4 67 8b 57 d7 7d d9 | 07 b2 6c 3b 08 77 96 ed 09 f3 c3 72 8f a8 66 f8 | 5a 15 f1 5c c3 c7 78 90 27 c7 08 98 c1 ff a5 c8 | 39 b4 fe d6 46 b2 eb 26 b6 7f 75 b6 02 cb e0 51 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 98 02 c7 dd 12 51 32 67 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | ba c0 c7 46 43 f3 19 a7 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4efa6a398 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 1e 98 ba 4b c1 65 d3 9d b7 79 d0 42 ad 0f c1 2a | 56 27 52 26 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #15: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2646 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f2330001378 size 128 | pstats #15 ikev1.isakmp established "aes128" #15: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #15 | creating state object #16 at 0x55a4efa7b648 | State DB: adding IKEv1 state #16 in UNDEFINED | pstats #16 ikev1.ipsec started | duplicating state object #15 "aes128" as #16 for IPSEC SA | #16 setting local endpoint to 192.1.2.45:500 from #15.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa65820 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #15 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #16 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #16: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #16: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#15 msgid:1dbd12fc proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 20 for state #16 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | crypto helper 5 resuming | crypto helper 5 starting work-order 20 for state #16 | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 20 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2324006b98: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2324006b98 | NSS: Public DH wire value: | 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | Generated nonce: 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | Generated nonce: fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 20 time elapsed 0.001051 seconds | (#16) spent 1.05 milliseconds in crypto helper computing work-order 20: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 20 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f23240011a8 size 128 | crypto helper 5 waiting (nothing to do) | stop processing: state #16 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #15 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa7ad88} | close_any(fd@24) (in release_whack() at state.c:654) | #15 spent 0.389 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.531 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 20 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #16: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x84d8c12f for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 84 d8 c1 2f | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | Ni fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2324006b98: transferring ownership from helper KE to state #16 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | keyex value 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | keyex value 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | keyex value 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | keyex value 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | keyex value de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | keyex value 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | keyex value 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | keyex value 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | keyex value 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | keyex value 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | keyex value 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | keyex value 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | keyex value 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | keyex value 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | keyex value b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa769c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 1d bd 12 fc | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 84 d8 c1 2f 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 0c 9f 69 54 | bc 52 cc 52 2b fe 3a 62 86 b9 42 ee fb bd 4a 50 | 41 68 68 3a 10 77 23 67 9b f0 e5 82 05 00 01 04 | 9a fc d3 87 bf 63 e4 7a ad 5c 6c 75 d4 65 ee f5 | 28 1c 40 9a d7 c5 87 50 5a eb 45 c9 21 e8 52 d3 | 12 c8 ab c0 17 fc 8b 28 90 d0 22 cd e4 36 45 df | 1a a4 c2 e7 9a a0 8c ad d7 55 95 e6 fb 3c 2d 53 | 9f 7f cc f2 34 44 cb b1 d1 00 4f 70 c1 84 2a bc | de 5a d9 51 42 34 9e 96 3e 33 f5 8a b0 f0 41 45 | 2a 49 57 8c 69 e9 90 9f 1f 43 c5 31 3d fa e8 c4 | 12 54 f0 24 d0 1a 0b b4 71 6e 2d c1 38 22 2e 38 | 62 b2 c7 39 b0 ab 3c 25 0e 93 06 71 ea 58 d9 fd | 48 0d 2e e8 37 88 68 4a a9 89 3b 10 5e e6 74 21 | 86 42 a4 33 64 e7 fe 66 14 a3 29 ae f0 3d 90 74 | 1f 3f 62 06 72 44 17 c0 a0 aa 2e 71 88 f9 ef 9f | 78 7c 92 80 e1 ad 40 a0 24 79 f8 5e 8f 8d cc c0 | 5b 0d f6 47 7f 6e 25 53 94 3f 7b 02 5b 5b e2 ba | 12 37 37 d3 5b 30 a7 37 e3 8c 66 aa 4a d7 9d e8 | b2 26 92 ac 06 b1 de fe b4 a2 93 c3 9c bb 94 82 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 91 2c 55 b0 | da 50 f0 f4 | outI1 HASH(1): | 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 91 2c 55 b0 | da 50 f0 f4 | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 1d bd 12 fc | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 71 92 59 78 6d ec 24 d2 0f 3f 99 13 1e 6b 63 cd | 75 1d 66 9b | encrypting: 01 00 00 18 2f 99 9b 9f fd 7a f0 7a 10 98 7c 12 | encrypting: 91 2c 55 b0 da 50 f0 f4 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 84 d8 c1 2f | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 | encrypting: 86 b9 42 ee fb bd 4a 50 41 68 68 3a 10 77 23 67 | encrypting: 9b f0 e5 82 05 00 01 04 9a fc d3 87 bf 63 e4 7a | encrypting: ad 5c 6c 75 d4 65 ee f5 28 1c 40 9a d7 c5 87 50 | encrypting: 5a eb 45 c9 21 e8 52 d3 12 c8 ab c0 17 fc 8b 28 | encrypting: 90 d0 22 cd e4 36 45 df 1a a4 c2 e7 9a a0 8c ad | encrypting: d7 55 95 e6 fb 3c 2d 53 9f 7f cc f2 34 44 cb b1 | encrypting: d1 00 4f 70 c1 84 2a bc de 5a d9 51 42 34 9e 96 | encrypting: 3e 33 f5 8a b0 f0 41 45 2a 49 57 8c 69 e9 90 9f | encrypting: 1f 43 c5 31 3d fa e8 c4 12 54 f0 24 d0 1a 0b b4 | encrypting: 71 6e 2d c1 38 22 2e 38 62 b2 c7 39 b0 ab 3c 25 | encrypting: 0e 93 06 71 ea 58 d9 fd 48 0d 2e e8 37 88 68 4a | encrypting: a9 89 3b 10 5e e6 74 21 86 42 a4 33 64 e7 fe 66 | encrypting: 14 a3 29 ae f0 3d 90 74 1f 3f 62 06 72 44 17 c0 | encrypting: a0 aa 2e 71 88 f9 ef 9f 78 7c 92 80 e1 ad 40 a0 | encrypting: 24 79 f8 5e 8f 8d cc c0 5b 0d f6 47 7f 6e 25 53 | encrypting: 94 3f 7b 02 5b 5b e2 ba 12 37 37 d3 5b 30 a7 37 | encrypting: e3 8c 66 aa 4a d7 9d e8 b2 26 92 ac 06 b1 de fe | encrypting: b4 a2 93 c3 9c bb 94 82 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 71 92 59 78 6d ec 24 d2 0f 3f 99 13 1e 6b 63 cd | IV: 75 1d 66 9b | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: b1 06 f0 98 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc e8 d7 94 61 | de 4f 33 0b 39 ab 3c 1b 70 fc 30 9e 26 c7 8a 44 | a3 89 81 78 bc fc 0e 83 67 b1 27 b9 75 3b bb 07 | e9 7d 05 05 f0 5b 57 3a 87 d2 ce ce 9e a3 75 82 | be 05 c1 6a 72 2b 00 13 03 8c 8d f8 4d 26 f7 06 | 38 be 6c 8e b5 3e 9e 90 a2 9d 16 46 d9 3a 7a 88 | fb 1b c1 c8 e6 8b 2b c0 6f ca 52 4c 5b 43 61 fe | 77 66 6e a7 82 11 4e 4f 21 ba 2b 45 01 e1 e2 3a | fa 18 17 7c 5e cc 78 b9 8d 91 f1 d6 fd 02 bc b3 | c3 76 68 d9 2b 18 76 e3 c3 a4 47 d8 dd de 94 20 | 2c 79 ce bc af df 1b e3 de 5b bd 96 99 d6 d2 3d | d3 aa 47 4c 2f a0 68 c3 e8 73 a2 25 58 7e 2b dc | b7 44 4e a8 8b c5 ea 43 a6 6e 05 9f bb 8d f9 88 | 40 80 d3 ef 80 d6 99 7d a4 b1 c8 71 50 8e ad b9 | 9f 97 c3 5a 7e 78 be f0 96 ff 72 04 f0 c0 87 ff | c6 83 11 09 7f c5 6f b2 0a d9 b8 4f f2 a9 b0 bf | 57 64 63 db 6c 9a b9 63 64 b8 a4 ab 2d 69 ff d3 | e1 c2 f6 df 04 ad d5 1e b1 ec cb 1b 0c ee 69 49 | 10 00 d3 49 85 94 18 78 8e 38 99 53 bc e6 4d e3 | 8f b7 53 a8 ce 9b e8 b9 8f 44 1b bd d2 f2 9b 13 | af 5a c5 dd c2 71 6b 37 3c 47 5e 29 6e b1 dc d2 | 7c 80 ce 2c e9 02 1d 16 47 3e 2a ac 5c 46 98 e7 | 38 5d 54 aa c4 8f 5d b2 12 59 cf 0a c4 92 2f fe | c9 9f 70 4e d3 9c c4 d2 6e 7d f2 33 8d 0d 76 43 | 89 ae 0d 20 6a fc ca e2 7b 6b e3 44 b7 69 55 68 | 27 fa d0 29 62 2b 6d 78 79 89 0f 33 b1 06 f0 98 | 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #16 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | #16 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29301.443302 | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 0.646 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f23240011a8 | spent 0.00262 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc a3 b7 b6 f5 | ec fb 3e 5b d3 9e 10 ac 51 7c 1a 05 44 24 b4 5c | 7c 00 21 44 b0 ce dc af 2e 8d e9 88 cc e8 44 73 | 79 54 1c 39 c6 50 ea b5 8b 2a 13 f1 03 c5 06 de | 4d e3 9c 6f 3e 3d 57 e8 8a 4d 58 4e 40 e5 82 db | 21 25 a4 27 19 6a 7c e6 51 b2 bb 4c fb 54 fe c8 | e7 6a 15 33 d0 c8 6f 9c ac d7 61 f0 74 fc 5d 38 | 36 5c fa c3 3c d9 8e c8 6f 07 78 4a a6 2c f5 07 | d0 f8 36 4f b9 60 9d 93 23 5e 47 0a 71 28 03 03 | ca c1 ca 33 31 62 fe 8e 55 df c3 4c 7a 75 7f dd | 4a 35 17 82 b5 e9 4f 25 86 00 a0 ac c4 b6 8b 96 | 79 ed d1 93 04 f7 64 78 4f 28 12 a2 7c 4d cb 0b | a7 83 04 db 35 bb 2e 05 1c 46 ea 77 af 0a 85 af | c9 84 fb 98 4f b9 92 d3 1d f6 69 aa 43 e9 a1 b3 | df 87 da 28 67 6b 63 8c 67 9a db b2 30 79 bc 21 | f8 10 52 93 46 fb cb 51 07 9b 8f a3 9c be f7 0c | bc 05 46 17 f3 d4 5b 4c 04 39 00 44 16 29 34 03 | cd 75 0c 9d f3 9d bd bc a1 db 08 5e 7c e6 25 ee | 49 ee d8 92 75 2d 0b 17 50 fc 4e 21 7d fe 16 8b | 7b 6b e4 f3 21 30 24 ac cd cb a3 56 47 a5 80 8c | 5a 73 ad 98 5f db d6 e0 7a 15 44 a5 e7 7b 41 30 | c4 54 38 52 9b 77 08 1c c3 1a 4f 79 8e a3 28 fa | 55 53 d4 39 8b 6b 6b 60 6c 9f 0f 70 4b a6 1c 66 | d6 be ed 8c 5a 69 8a 2e 0f 02 ec fc 45 b2 08 4d | eb 6f 11 93 28 fb 24 f5 fc fe 7d 59 60 85 a0 8f | 82 a3 e0 ec ce da 19 0f af 31 18 ac bb 50 05 05 | 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #16 in QUICK_I1 (find_state_ikev1) | start processing: state #16 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #16 is idle | #16 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: b1 06 f0 98 76 a1 01 a8 9d 05 33 63 f9 20 50 03 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: bb 50 05 05 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | decrypted payload (starts at offset -416): | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 01 bc 01 00 00 18 | 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b 55 2c f7 69 | 6b 3c 6a 4f 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 c2 ce ba 69 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | 05 00 01 04 b3 ba 44 48 90 88 34 ff 6d bb b0 30 | 7d 4d 3d 58 c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 | 22 52 c3 24 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 | 90 50 ac 77 a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 | 57 99 6b b2 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c | ef 9f f4 bd bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 | ab 6b ab e5 b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 | c3 f4 39 01 dd 5c af 0d 77 9f dd f2 56 86 f2 a5 | 37 d0 2a b7 c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 | 93 0b 52 b9 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 | 7e 94 02 dc 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 | f8 6d b4 3a 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 | e0 a0 cd 82 d2 da f3 67 31 ef f8 b9 d8 05 fd 9f | 1e 08 43 65 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a | 0f 99 05 f2 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 | 5c 8e cb dd a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee | b0 7b d3 05 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa769c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 1d bd 12 fc | HASH(1) PRF sha update Ni_b-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | HASH(1) PRF sha update payload-bytes@0x55a4efa7d78c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 c2 ce ba 69 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 cf e7 52 14 | ce 11 a5 5c 3d 0a db a8 52 60 16 ac f7 f8 a6 82 | b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 05 00 01 04 | b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b 55 2c f7 69 | 6b 3c 6a 4f | quick_inR1_outI2 HASH(2): | 34 ec ae e3 f2 90 1a 5c 71 9f 6e 4b 55 2c f7 69 | 6b 3c 6a 4f | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI c2 ce ba 69 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f2324006b98: transferring ownership from state #16 to helper IKEv1 DH | adding quick outI2 DH work-order 21 for state #16 | state #16 requesting EVENT_RETRANSMIT to be deleted | #16 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f23240011a8 size 128 | crypto helper 6 resuming | crypto helper 6 starting work-order 21 for state #16 | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 | peer's g: b3 ba 44 48 90 88 34 ff 6d bb b0 30 7d 4d 3d 58 | peer's g: c7 1a 3c 06 d6 e9 37 e8 7b 73 f9 e4 22 52 c3 24 | peer's g: 37 31 d1 ae 10 3c 84 fe 38 25 29 a9 90 50 ac 77 | peer's g: a2 6f a7 49 9b f6 a7 d7 c7 4f 3c 18 57 99 6b b2 | peer's g: 13 89 00 dd 61 09 d6 d9 69 f0 1a 6c ef 9f f4 bd | peer's g: bb 78 4e 24 7a 89 11 b9 f2 fa a3 b3 ab 6b ab e5 | peer's g: b6 8e d4 a4 2b 28 be 5f d3 c6 1d 75 c3 f4 39 01 | peer's g: dd 5c af 0d 77 9f dd f2 56 86 f2 a5 37 d0 2a b7 | peer's g: c8 c5 23 ad 7e a9 c5 4c 8d 50 a3 f7 93 0b 52 b9 | peer's g: 68 c3 12 a3 54 63 10 bd 74 f2 3f 63 7e 94 02 dc | peer's g: 36 4d 56 73 d8 17 ed 0a 39 6f d5 68 f8 6d b4 3a | peer's g: 9e f9 cd 8e 0c f3 b9 05 44 80 96 37 e0 a0 cd 82 | peer's g: d2 da f3 67 31 ef f8 b9 d8 05 fd 9f 1e 08 43 65 | peer's g: 95 9b df 5a 57 7b 5e 24 9a b0 7e 0a 0f 99 05 f2 | peer's g: 0a 88 29 33 07 dc 67 15 5e 5f 3c 90 5c 8e cb dd | peer's g: a2 14 c2 e5 0d 40 22 d5 61 bd 64 ee b0 7b d3 05 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f2324006b98: computed shared DH secret key@0x55a4efa76810 | dh-shared : g^ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 time elapsed 0.000972 seconds | (#16) spent 0.972 milliseconds in crypto helper computing work-order 21: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 21 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f2328003a78 size 128 | crypto helper 6 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #16 and saving MD | #16 is busy; has a suspended MD | #16 spent 0.18 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #16 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.554 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 21 | calling continuation function 0x55a4ef163b50 | quick_inR1_outI2_continue for #16: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 498930428 (0x1dbd12fc) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f2324006b98: transferring ownership from helper IKEv1 DH to state #16 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ead8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x7f2330002148 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39ebbc (length 4) | 1d bd 12 fc | HASH(1) PRF sha update Ni_b-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | HASH(1) PRF sha update Nr_b-bytes@0x55a4efa785e8 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc ce f3 b5 d7 | f5 7f 18 57 | quick_inR1_outI2 HASH(3): | 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc ce f3 b5 d7 | f5 7f 18 57 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x55a4efa769c8 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa78368 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f fc 3d f0 4f c1 2f 8b 85 5b e2 1a 11 ca 31 dd 53 29 6a 85 ca 41 96 16 c1 d9 1e 4e 14 81 43 fc e3 e5 f5 8b 72 11 c4 33 6b ec f4 2a b9 22 06 60 61 7a c6 6c 0c ca e6 ac 19 d9 d6 43 be 51 6a b1 94 42 4e 86 ec ff 07 fc 51 37 40 40 e4 99 04 ec 12 54 21 2c d6 74 a3 a3 9f 09 fc 40 8a 77 06 a2 aa d5 81 3f 1a 9e 97 36 a3 09 57 13 9a 88 83 ee 0c 81 04 cc 49 85 5f d2 99 0a 1a 16 3f 78 23 ae be cf c4 da 07 4a dc 52 ec 25 26 1a ef 09 02 e2 7b b3 07 e8 87 6b 50 bf 3e d8 66 84 b9 f8 4a a5 d7 2b 93 1e 03 23 95 62 4e 5a 97 c8 92 e8 0c c7 d8 16 58 4f 18 10 97 16 2d 49 c4 6c 88 e7 96 f6 20 77 89 0d ce 77 18 6d f6 f1 7d ca c9 5a d4 1f e6 f2 fb 68 c3 51 32 a4 02 d2 21 b3 7b 5f ec 4f 96 7c 0d bd 0f 8c c3 17 b3 6e 78 fa 55 07 92 f5 c8 5f 68 64 e6 60 8b e9 19 1d 94 8c 5f 6c 86 43 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f fc 3d f0 4f c1 2f 8b 85 5b e2 1a 11 ca 31 dd 53 29 6a 85 ca 41 96 16 c1 d9 1e 4e 14 81 43 fc e3 e5 f5 8b 72 11 c4 33 6b ec f4 2a b9 22 06 60 61 7a c6 6c 0c ca e6 ac 19 d9 d6 43 be 51 6a b1 94 42 4e 86 ec ff 07 fc 51 37 40 40 e4 99 04 ec 12 54 21 2c d6 74 a3 a3 9f 09 fc 40 8a 77 06 a2 aa d5 81 3f 1a 9e 97 36 a3 09 57 13 9a 88 83 ee 0c 81 04 cc 49 85 5f d2 99 0a 1a 16 3f 78 23 ae be cf c4 da 07 4a dc 52 ec 25 26 1a ef 09 02 e2 7b b3 07 e8 87 6b 50 bf 3e d8 66 84 b9 f8 4a a5 d7 2b 93 1e 03 23 95 62 4e 5a 97 c8 92 e8 0c c7 d8 16 58 4f 18 10 97 16 2d 49 c4 6c 88 e7 96 f6 20 77 89 0d ce 77 18 6d f6 f1 7d ca c9 5a d4 1f e6 f2 fb 68 c3 51 32 a4 02 d2 21 b3 7b 5f ec 4f 96 7c 0d bd 0f 8c c3 17 b3 6e 78 fa 55 07 92 f5 c8 5f 68 64 e6 60 8b e9 19 1d 94 8c 5f 6c 86 43 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 84 d8 c1 2f | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | c2 ce ba 69 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x55a4efa785e8 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha update data-bytes@0x55a4efa785e8 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha final-bytes@0x7f2330001a98 (length 20) | 17 79 7b 81 13 21 23 00 6a 7d 87 ab ed 6a ec 78 | 87 40 db d7 | hmac PRF sha final-bytes@0x7f232c005aa8 (length 20) | 02 4e 39 3b 12 58 84 d9 d9 9a a4 b1 d2 80 ff b4 | 9c 5f 99 bb | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa83398 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x7f2330002148 | hmac PRF sha update data-bytes@0x7f2330001a98 (length 20) | 17 79 7b 81 13 21 23 00 6a 7d 87 ab ed 6a ec 78 | 87 40 db d7 | hmac PRF sha update data-bytes@0x7f232c005aa8 (length 20) | 02 4e 39 3b 12 58 84 d9 d9 9a a4 b1 d2 80 ff b4 | 9c 5f 99 bb | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f fc 3d f0 4f c1 2f 8b 85 5b e2 1a 11 ca 31 dd 53 29 6a 85 ca 41 96 16 c1 d9 1e 4e 14 81 43 fc e3 e5 f5 8b 72 11 c4 33 6b ec f4 2a b9 22 06 60 61 7a c6 6c 0c ca e6 ac 19 d9 d6 43 be 51 6a b1 94 42 4e 86 ec ff 07 fc 51 37 40 40 e4 99 04 ec 12 54 21 2c d6 74 a3 a3 9f 09 fc 40 8a 77 06 a2 aa d5 81 3f 1a 9e 97 36 a3 09 57 13 9a 88 83 ee 0c 81 04 cc 49 85 5f d2 99 0a 1a 16 3f 78 23 ae be cf c4 da 07 4a dc 52 ec 25 26 1a ef 09 02 e2 7b b3 07 e8 87 6b 50 bf 3e d8 66 84 b9 f8 4a a5 d7 2b 93 1e 03 23 95 62 4e 5a 97 c8 92 e8 0c c7 d8 16 58 4f 18 10 97 16 2d 49 c4 6c 88 e7 96 f6 20 77 89 0d ce 77 18 6d f6 f1 7d ca c9 5a d4 1f e6 f2 fb 68 c3 51 32 a4 02 d2 21 b3 7b 5f ec 4f 96 7c 0d bd 0f 8c c3 17 b3 6e 78 fa 55 07 92 f5 c8 5f 68 64 e6 60 8b e9 19 1d 94 8c 5f 6c 86 43 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update g^xy-key@0x55a4efa76810 (size 256) | hmac: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f fc 3d f0 4f c1 2f 8b 85 5b e2 1a 11 ca 31 dd 53 29 6a 85 ca 41 96 16 c1 d9 1e 4e 14 81 43 fc e3 e5 f5 8b 72 11 c4 33 6b ec f4 2a b9 22 06 60 61 7a c6 6c 0c ca e6 ac 19 d9 d6 43 be 51 6a b1 94 42 4e 86 ec ff 07 fc 51 37 40 40 e4 99 04 ec 12 54 21 2c d6 74 a3 a3 9f 09 fc 40 8a 77 06 a2 aa d5 81 3f 1a 9e 97 36 a3 09 57 13 9a 88 83 ee 0c 81 04 cc 49 85 5f d2 99 0a 1a 16 3f 78 23 ae be cf c4 da 07 4a dc 52 ec 25 26 1a ef 09 02 e2 7b b3 07 e8 87 6b 50 bf 3e d8 66 84 b9 f8 4a a5 d7 2b 93 1e 03 23 95 62 4e 5a 97 c8 92 e8 0c c7 d8 16 58 4f 18 10 97 16 2d 49 c4 6c 88 e7 96 f6 20 77 89 0d ce 77 18 6d f6 f1 7d ca c9 5a d4 1f e6 f2 fb 68 c3 51 32 a4 02 d2 21 b3 7b 5f ec 4f 96 7c 0d bd 0f 8c c3 17 b3 6e 78 fa 55 07 92 f5 c8 5f 68 64 e6 60 8b e9 19 1d 94 8c 5f 6c 86 43 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 11 95 72 bb dc d8 42 4c 32 58 a3 85 99 8b f3 9d | unwrapped: 66 ef 95 17 1e 63 2a 38 3a 66 0c 11 fc 05 67 66 | unwrapped: 74 0f ed 9f 10 fc cf 3b 6f c0 53 57 01 d4 e9 07 | unwrapped: 47 c1 06 eb 4f 09 af 23 c2 7a 3e b7 50 0c eb 60 | unwrapped: 4d fd b6 e9 bb a4 1b 1c 80 17 26 76 81 d8 85 b1 | unwrapped: 1d 04 07 3e 4c 25 be 13 c8 1e 34 a6 8f da d2 cd | unwrapped: e4 35 3a fe 3b 3a 8e 7e 3b f1 7f 4d ab 5d 52 96 | unwrapped: 06 15 4a 04 64 be 1a d8 e4 35 cf 45 3a ad 9a 91 | unwrapped: 96 d9 ec 8f 6f 37 f3 26 b4 73 63 8d 6c c9 78 99 | unwrapped: a8 30 42 99 0b 75 16 8e 88 f9 43 5c 19 58 0b ec | unwrapped: 77 6b a5 d7 18 26 2f cd b4 12 7a 7c b3 13 22 97 | unwrapped: 5f 4d a4 25 cc 01 6c 08 21 1e 22 5d d4 8d 8e 6a | unwrapped: fc 57 4d 8a 06 66 ac 53 65 8d f2 4a c1 00 26 6a | unwrapped: 92 65 c2 02 f7 ee 39 e9 2a 2c 51 21 2f 0c 57 fd | unwrapped: 4e 26 5e dd 0b 34 5d 8e bc 6e 94 a0 af 08 ff 76 | unwrapped: 00 e8 67 19 c9 ab 5d de 21 64 ff 11 42 87 f9 09 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 84 d8 c1 2f | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | c2 ce ba 69 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x7f2324001158 (length 32) | 0c 9f 69 54 bc 52 cc 52 2b fe 3a 62 86 b9 42 ee | fb bd 4a 50 41 68 68 3a 10 77 23 67 9b f0 e5 82 | hmac PRF sha update data-bytes@0x55a4efa785e8 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha update data-bytes@0x55a4efa785e8 (length 32) | cf e7 52 14 ce 11 a5 5c 3d 0a db a8 52 60 16 ac | f7 f8 a6 82 b0 91 ab 6f 20 9c 61 d3 95 b9 0a d9 | hmac PRF sha final-bytes@0x7f2330001aac (length 20) | 60 bc 36 59 73 b7 db 2e dd a5 ca 33 1a 27 0b bb | d5 da ee 10 | hmac PRF sha final-bytes@0x7f232c005abc (length 20) | 38 a8 b6 cc e4 6c 8c d5 26 c8 e3 4e b2 88 0d 63 | f6 91 5d af | install_ipsec_sa() for #16: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.c2ceba69@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.84d8c12f@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #16: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #16 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc2ceba69 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0xc2ceba69 SPI_OUT=0x84d8c12f ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc2ceba6 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0xc2ceba69 SPI_OUT=0x84d8c12f ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc2ceba69 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xc2ceba69 SPI_OUT=0x84d8c12f ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x55a4efa77778,sr=0x55a4efa77778} to #16 (was #0) (newest_ipsec_sa=#0) | #15 spent 1.91 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 94 a0 b6 e2 ec 48 75 12 4c b0 cc fc | encrypting: ce f3 b5 d7 f5 7f 18 57 | IV: bb 50 05 05 62 f2 84 61 f4 e4 7e 41 d7 8c 79 26 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 41 08 0e ab 68 82 ab d6 81 a8 96 50 de 46 f2 65 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #16 (was #0) (spd.eroute=#16) cloned from #15 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #16 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #16: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f23240011a8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 20 01 1d bd 12 fc 00 00 00 3c bf 1a fa 82 | ae 49 b1 b1 15 df b4 c3 45 1c 3d b2 41 08 0e ab | 68 82 ab d6 81 a8 96 50 de 46 f2 65 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f2328002b78 | inserting event EVENT_SA_REPLACE, timeout in 28111 seconds for #16 | libevent_malloc: new ptr-libevent@0x55a4efa7a848 size 128 | pstats #16 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #16: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xc2ceba69 <0x84d8c12f xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 3.07 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2328003a78 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00439 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00271 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00276 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.84d8c12f@192.1.2.45 | get_sa_info esp.c2ceba69@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0754 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #16 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #16 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #16 ikev1.ipsec deleted completed | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #16: deleting state (STATE_QUICK_I2) aged 0.098s and sending notification | child state #16: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.c2ceba69@192.1.2.23 | get_sa_info esp.84d8c12f@192.1.2.45 "aes128" #16: ESP traffic information: in=84B out=84B | #16 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1439107939 (0x55c70b63) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 84 d8 c1 2f | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f233c002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x55a4efa769c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 55 c7 0b 63 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 84 d8 c1 2f | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 99 60 d8 ed d1 48 e8 d5 05 7f da 04 93 7c 7b d2 | cb 1a 09 aa | send delete HASH(1): | 99 60 d8 ed d1 48 e8 d5 05 7f da 04 93 7c 7b d2 | cb 1a 09 aa | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 55 c7 0b 63 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 73 a5 6a d1 6d 9f 80 a4 74 ca c0 37 3b c0 79 40 | 38 b5 dd 32 | encrypting: 0c 00 00 18 99 60 d8 ed d1 48 e8 d5 05 7f da 04 | encrypting: 93 7c 7b d2 cb 1a 09 aa 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 84 d8 c1 2f | IV: 73 a5 6a d1 6d 9f 80 a4 74 ca c0 37 3b c0 79 40 | IV: 38 b5 dd 32 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ed d9 ca 54 e4 cc ed 67 2c 29 14 9a d5 bc 16 15 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 55 c7 0b 63 00 00 00 4c 13 86 cc d9 | dc 6f f1 61 b3 b8 9d fc 4b 41 83 bb 9e 98 61 56 | de 5c b5 60 7d 96 c7 28 7d ee 7c d9 ed d9 ca 54 | e4 cc ed 67 2c 29 14 9a d5 bc 16 15 | state #16 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x55a4efa7a848 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f2328002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844015' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc2ceba6 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844015' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0xc2ceba69 SPI_OUT=0x84d8c12f ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.c2ceba69@192.1.2.23 | netlink response for Del SA esp.c2ceba69@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.84d8c12f@192.1.2.45 | netlink response for Del SA esp.84d8c12f@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #16 in QUICK_I2 | child state #16: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f2324006b98: destroyed | stop processing: state #16 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa76810 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #15 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #15 ikev1.isakmp deleted completed | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #15: deleting state (STATE_MAIN_I4) aged 0.124s and sending notification | parent state #15: MAIN_I4(established IKE SA) => delete | #15 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1193302726 (0x47205ac6) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI ba c0 c7 46 43 f3 19 a7 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 98 02 c7 dd 12 51 32 67 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2324006a98 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 47 20 5a c6 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 ba c0 c7 46 | 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 48 16 9f 8c 17 cc 20 91 22 16 6e 6d 25 3f cb f0 | f0 91 fe 92 | send delete HASH(1): | 48 16 9f 8c 17 cc 20 91 22 16 6e 6d 25 3f cb f0 | f0 91 fe 92 | last Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | current Phase 1 IV: ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | ce c7 f1 92 43 42 36 0a dc c5 14 46 f3 40 95 03 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 47 20 5a c6 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | a9 27 4f 10 e8 02 1b 68 f9 a5 6b f8 33 86 a4 a0 | 1b 53 40 42 | encrypting: 0c 00 00 18 48 16 9f 8c 17 cc 20 91 22 16 6e 6d | encrypting: 25 3f cb f0 f0 91 fe 92 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 ba c0 c7 46 43 f3 19 a7 98 02 c7 dd | encrypting: 12 51 32 67 | IV: a9 27 4f 10 e8 02 1b 68 f9 a5 6b f8 33 86 a4 a0 | IV: 1b 53 40 42 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 66 7e 71 ed cb dd d1 b3 3f 36 de b2 10 85 6e 83 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 47 20 5a c6 00 00 00 5c 56 59 fb cf | a5 58 66 f1 c8 67 a3 2d 8a 7f 82 f3 36 d8 cf 5c | e4 ff 38 91 fb 48 ff 18 32 95 7c 14 94 67 4a c3 | f2 6d 57 a1 42 5f 7b e0 5b 47 c3 eb 66 7e 71 ed | cb dd d1 b3 3f 36 de b2 10 85 6e 83 | state #15 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2330001378 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #15 in MAIN_I4 | parent state #15: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f232c0058a8: destroyed | stop processing: state #15 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa5c790 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa65820 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.77 milliseconds in whack | spent 0.00177 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 b8 a8 0a 04 00 00 00 4c cd 16 54 05 | a4 7c 9b 4e d8 af c1 d1 92 34 3c 28 d0 b1 23 be | 74 f4 00 54 54 52 ca 67 65 92 50 98 18 02 4a 54 | 00 d8 ac 70 bd a3 fb 63 14 65 3c dc | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3098020356 (0xb8a80a04) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xb8a80a04 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | ba c0 c7 46 43 f3 19 a7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 98 02 c7 dd 12 51 32 67 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0721 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00464 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00275 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ba c0 c7 46 43 f3 19 a7 98 02 c7 dd 12 51 32 67 | 08 10 05 01 62 b1 d2 75 00 00 00 5c bb fa 02 29 | 3f 60 92 02 b0 dc f1 45 b0 ad 93 ce a4 a6 62 f0 | 47 4b 8a 8e 16 6a 32 5d 4d 3e 05 8a f5 14 5e 19 | d1 b9 34 e5 17 88 56 b5 ba bf 15 ed c7 e5 28 b1 | a8 69 17 73 51 24 0b 9a 1c f5 35 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ba c0 c7 46 43 f3 19 a7 | responder cookie: | 98 02 c7 dd 12 51 32 67 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1655820917 (0x62b1d275) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x62b1d275 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | ba c0 c7 46 43 f3 19 a7 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 98 02 c7 dd 12 51 32 67 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.109 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.03 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00432 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.065 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0549 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.057 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0516 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.159 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #17 at 0x55a4efa78798 | State DB: adding IKEv1 state #17 in UNDEFINED | pstats #17 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #17 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #17: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #17 "aes128" "aes128" #17: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x55a4efa83428 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f2328003a78 size 128 | #17 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29302.018887 | #17 spent 0.427 milliseconds in main_outI1() | stop processing: state #17 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.48 milliseconds in whack | spent 0.00213 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #17 in MAIN_I1 (find_state_ikev1_init) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 22 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2328003a78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f2328003a78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.155 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.281 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 22 for state #17 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 22 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f233c004558: created | NSS: Local DH MODP2048 secret (pointer): 0x7f233c004558 | NSS: Public DH wire value: | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | Generated nonce: d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 86 86 4a e6 | Generated nonce: 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a 8a d8 8a 18 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 22 time elapsed 0.001029 seconds | (#17) spent 1.03 milliseconds in crypto helper computing work-order 22: outI2 KE (pcr) | crypto helper 0 sending results from work-order 22 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f233c0047c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 22 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #17: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f233c004558: transferring ownership from helper KE to state #17 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | keyex value dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | keyex value 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | keyex value 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | keyex value 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | keyex value 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | keyex value 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | keyex value 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | keyex value 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | keyex value 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | keyex value a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | keyex value f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | keyex value 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | keyex value 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | keyex value f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | keyex value 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 86 86 4a e6 | Ni 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a 8a d8 8a 18 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | natd_hash: hash= e7 82 77 59 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | NAT-D e7 82 77 59 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | natd_hash: hash= 45 76 de 71 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | NAT-D 45 76 de 71 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #17 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #17: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2328003a78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | 14 00 00 24 d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 | 86 86 4a e6 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a | 8a d8 8a 18 14 00 00 18 10 03 62 ea e9 44 04 65 | 4e 8a 6f f4 6b ca 0b 89 e7 82 77 59 00 00 00 18 | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a4efa78188 size 128 | #17 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29302.021211 "aes128" #17: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.329 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f233c0047c8 | spent 0.0024 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | 14 00 00 24 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc | a2 73 f8 8a 65 15 5d 64 51 0b 82 aa bd 85 bd a4 | 01 79 3a ea 14 00 00 18 ef 6d 3f 16 f6 df c0 ef | 0a f0 bc 30 9f a8 ff ca 45 76 de 71 00 00 00 18 | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I2 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f233c004558: transferring ownership from state #17 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 23 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa78188 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f233c0047c8 size 128 | crypto helper 1 resuming | crypto helper 1 starting work-order 23 for state #17 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 | peer's g: 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | peer's g: 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | peer's g: 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | peer's g: 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | peer's g: 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | peer's g: 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | peer's g: c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | peer's g: da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | peer's g: 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | peer's g: 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | peer's g: 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | peer's g: 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | peer's g: fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | peer's g: ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | peer's g: fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | peer's g: cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f233c004558: computed shared DH secret key@0x55a4efa65820 | dh-shared : g^ir-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: psk-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: psk-key@0x55a4efa63dc0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa62310 | SKEYID psk prf: created sha context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk prf: begin sha with context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk: release clone-key@0x55a4efa63dc0 | SKEYID psk PRF sha crypt-prf@0x7f23340010b8 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | d7 85 af 69 4c b6 a5 6e 2d 6e c2 96 86 86 4a e6 | 2c 53 ec c6 c7 ab 0c 80 99 8f 58 6a 8a d8 8a 18 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 67 08 e7 5a 11 aa 3b 4f 99 cd 64 fc a2 73 f8 8a | 65 15 5d 64 51 0b 82 aa bd 85 bd a4 01 79 3a ea | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID psk PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID psk: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e718 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d: release clone-key@0x55a4efa62310 | SKEYID_d PRF sha crypt-prf@0x7f2334001108 | SKEYID_d PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_d: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 00 20 0b d5 70 32 db 45 68 d4 30 f8 dc 50 6a 6c 87 66 c7 c8 f2 8a ce 9f ec 0c 82 80 da 20 88 d6 e1 bc 33 1d 8b a9 15 c7 18 81 ea 90 b6 e1 54 7e 70 2d 80 2a 9c fc 43 da 10 88 31 99 59 e2 a2 2f 04 5b fd a7 f6 b4 56 dc 93 b7 d8 c9 4e 54 50 37 0c 10 04 ac d6 ab d8 c2 1c d9 6a 0d 7a ff 3b 82 14 81 8f 8c 08 cf 4d c0 35 ae 02 98 13 f8 90 8d 78 58 8f 90 69 e2 7d cb 9b c6 dd a1 e0 35 2e 85 81 54 e2 53 91 dd 24 0b 37 b1 ad ec e8 b7 9d 18 c4 44 f9 61 51 ad 3b 60 d4 b0 75 54 92 5b ab 40 ac 56 a6 21 28 d8 55 9d 65 0d ea ac 53 80 34 67 92 1b fa 6b 34 0f c4 dc 0e 8a e5 ae e7 f2 67 c3 6b 6f 09 64 1f 22 02 e8 ed 62 39 a5 66 38 e3 78 f2 f9 09 9e 73 80 34 89 ec d2 98 27 03 10 5d 24 9b 15 e5 9e 4f 9f 58 dd 12 35 d8 e0 86 1d 79 ec 46 cb 60 8c 0e ee b0 01 c2 1f 53 ef 97 7e 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID_d PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_d: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a: release clone-key@0x55a4efa5af10 | SKEYID_a PRF sha crypt-prf@0x7f23340010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa62310 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: 2c a2 1e ae 87 23 80 03 fa fb a5 92 0a 25 89 c2 02 d4 1e 20 e2 b8 c3 36 02 f5 09 5f 23 32 e2 80 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340085b8 | unwrapped: 7e 5f 85 5d 74 5b ee f5 b0 0f dd 8b 33 1b 10 b8 | unwrapped: d5 b7 a5 8a 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_a: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 00 20 0b d5 70 32 db 45 68 d4 30 f8 dc 50 6a 6c 87 66 c7 c8 f2 8a ce 9f ec 0c 82 80 da 20 88 d6 e1 bc 33 1d 8b a9 15 c7 18 81 ea 90 b6 e1 54 7e 70 2d 80 2a 9c fc 43 da 10 88 31 99 59 e2 a2 2f 04 5b fd a7 f6 b4 56 dc 93 b7 d8 c9 4e 54 50 37 0c 10 04 ac d6 ab d8 c2 1c d9 6a 0d 7a ff 3b 82 14 81 8f 8c 08 cf 4d c0 35 ae 02 98 13 f8 90 8d 78 58 8f 90 69 e2 7d cb 9b c6 dd a1 e0 35 2e 85 81 54 e2 53 91 dd 24 0b 37 b1 ad ec e8 b7 9d 18 c4 44 f9 61 51 ad 3b 60 d4 b0 75 54 92 5b ab 40 ac 56 a6 21 28 d8 55 9d 65 0d ea ac 53 80 34 67 92 1b fa 6b 34 0f c4 dc 0e 8a e5 ae e7 f2 67 c3 6b 6f 09 64 1f 22 02 e8 ed 62 39 a5 66 38 e3 78 f2 f9 09 9e 73 80 34 89 ec d2 98 27 03 10 5d 24 9b 15 e5 9e 4f 9f 58 dd 12 35 d8 e0 86 1d 79 ec 46 cb 60 8c 0e ee b0 01 c2 1f 53 ef 97 7e 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: final-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65c00 | SKEYID_a PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_a: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: clone-key@0x55a4efa65c00 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e: release clone-key@0x55a4efa65c00 | SKEYID_e PRF sha crypt-prf@0x7f2334001108 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa5af10 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: ca 8d 9d 1e bf 0e ce e2 cc 9f 59 3d 74 e7 89 20 d2 b2 27 f0 52 04 33 78 19 4f 17 73 49 ee ea 4f | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2334008c38 | unwrapped: 5f 0c 70 73 d0 a2 e0 66 da c5 42 ed 9a d8 b4 6f | unwrapped: 79 f0 be 6b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa65820 (size 256) | SKEYID_e: g^xy-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: b3 00 20 0b d5 70 32 db 45 68 d4 30 f8 dc 50 6a 6c 87 66 c7 c8 f2 8a ce 9f ec 0c 82 80 da 20 88 d6 e1 bc 33 1d 8b a9 15 c7 18 81 ea 90 b6 e1 54 7e 70 2d 80 2a 9c fc 43 da 10 88 31 99 59 e2 a2 2f 04 5b fd a7 f6 b4 56 dc 93 b7 d8 c9 4e 54 50 37 0c 10 04 ac d6 ab d8 c2 1c d9 6a 0d 7a ff 3b 82 14 81 8f 8c 08 cf 4d c0 35 ae 02 98 13 f8 90 8d 78 58 8f 90 69 e2 7d cb 9b c6 dd a1 e0 35 2e 85 81 54 e2 53 91 dd 24 0b 37 b1 ad ec e8 b7 9d 18 c4 44 f9 61 51 ad 3b 60 d4 b0 75 54 92 5b ab 40 ac 56 a6 21 28 d8 55 9d 65 0d ea ac 53 80 34 67 92 1b fa 6b 34 0f c4 dc 0e 8a e5 ae e7 f2 67 c3 6b 6f 09 64 1f 22 02 e8 ed 62 39 a5 66 38 e3 78 f2 f9 09 9e 73 80 34 89 ec d2 98 27 03 10 5d 24 9b 15 e5 9e 4f 9f 58 dd 12 35 d8 e0 86 1d 79 ec 46 cb 60 8c 0e ee b0 01 c2 1f 53 ef 97 7e 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: ff 08 3e 5c da 84 23 95 be 13 91 48 fd 3a 0a 2b | unwrapped: d6 e9 a3 cc 02 04 3b 3c e1 27 f6 8b 32 58 77 6f | unwrapped: 42 b8 75 a3 94 eb e5 22 46 30 5b ee 70 18 1e b7 | unwrapped: 9c a6 b8 4e ec 33 ec aa d4 0a 6c 86 96 fb 03 88 | unwrapped: 42 4e 18 99 b1 b5 2e ea 8b cf 0b f2 59 a8 d1 92 | unwrapped: 6e f9 8d 07 d6 6d 6e 24 44 eb b6 cd a1 f6 3a d7 | unwrapped: db bd 94 70 2f 46 0b f3 f1 47 e4 01 44 f8 0b 43 | unwrapped: 62 3f 90 fa cd 10 bf 9a a7 12 b8 0f b8 fe cb 5c | unwrapped: 6d df 05 eb 84 eb fe aa 06 d8 4b d1 f3 35 9e 6c | unwrapped: 49 d1 86 52 4d 18 8e 8a 51 7b 41 61 7d 78 d4 bc | unwrapped: f5 23 36 0c b8 78 b3 ec 90 c2 ad fd 4d 78 3b 24 | unwrapped: fc ae bb 39 c1 2c 69 bf 65 58 5f 92 ab ca 72 81 | unwrapped: 8b 95 9c ae 6f 1a 94 d9 73 c2 11 de 46 e7 53 5e | unwrapped: 60 b2 d4 c0 9a 56 ff 39 25 29 fa 66 f9 8d 50 9f | unwrapped: dc 72 84 9e 26 12 fc f6 c1 e4 a2 fe 85 cb cb f2 | unwrapped: 4e 0a 17 fa eb 08 e1 d2 e8 50 e3 bf be 02 2e 9e | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 0e bf 9d 0d f9 86 72 c3 | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | a7 45 86 f0 34 c6 4f 5b | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e710 | result: final-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5c790 | SKEYID_e PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID_e: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e768 | result: keymat-key@0x55a4efa5c790 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x55a4efa62310, skeyid_a 0x55a4efa5af10, skeyid_e 0x55a4efa65c00, enc_key 0x55a4efa5c790 | DH_i: 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | DH_i: dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | DH_i: 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | DH_i: 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | DH_i: 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | DH_i: 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | DH_i: 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | DH_i: 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | DH_i: 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | DH_i: 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | DH_i: a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | DH_i: f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | DH_i: 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | DH_i: 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | DH_i: f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | DH_i: 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | DH_r: 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | DH_r: 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | DH_r: 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | DH_r: 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | DH_r: 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | DH_r: 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | DH_r: c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | DH_r: da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | DH_r: 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | DH_r: 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | DH_r: 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | DH_r: 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | DH_r: fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | DH_r: ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | DH_r: fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | DH_r: cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | new IV hash sha final chunk@0x7f2334008c38 (length 20) | cd 38 e3 6d 78 bf 56 0e 64 6b 69 6c 3c 62 b9 4f | 87 ca a3 c2 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 time elapsed 0.00192 seconds | (#17) spent 1.92 milliseconds in crypto helper computing work-order 23: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 23 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | crypto helper 1 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.0967 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.226 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 23 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #17: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f233c004558: transferring ownership from helper IKEv1 DH+IV to state #17 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | 45 76 de 71 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | natd_hash: hash= 45 76 de 71 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | a7 45 86 f0 34 c6 4f 5b | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 0e bf 9d 0d f9 86 72 c3 | natd_hash: rcookie= a7 45 86 f0 34 c6 4f 5b | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | natd_hash: hash= e7 82 77 59 | expected NAT-D(me): ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | expected NAT-D(me): 45 76 de 71 | expected NAT-D(him): | 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | e7 82 77 59 | received NAT-D: ef 6d 3f 16 f6 df c0 ef 0a f0 bc 30 9f a8 ff ca | received NAT-D: 45 76 de 71 | received NAT-D: 10 03 62 ea e9 44 04 65 4e 8a 6f f4 6b ca 0b 89 | received NAT-D: e7 82 77 59 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x55a4efa7a848 | hmac PRF sha update data-bytes@0x7f233c004b38 (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | hmac PRF sha update data-bytes@0x7f2324004f28 (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | a7 45 86 f0 34 c6 4f 5b | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 8a a4 53 1d 8f 07 5c c1 c1 84 c6 07 a8 eb 41 40 | a2 1a 2f e2 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 8a a4 53 1d 8f 07 5c c1 c1 84 c6 07 a8 eb 41 40 | HASH_I a2 1a 2f e2 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 8a a4 53 1d 8f 07 5c c1 c1 84 c6 07 a8 eb 41 40 | encrypting: a2 1a 2f e2 | IV: cd 38 e3 6d 78 bf 56 0e 64 6b 69 6c 3c 62 b9 4f | IV: 87 ca a3 c2 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 33 c7 3e 5c a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #17: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f233c0047c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c fb fb 6a 07 | c3 42 12 03 2b ad 20 32 5e 2e 53 c7 a2 d8 e1 b8 | 2b 4a 6b ee 9d 52 d0 31 92 37 04 85 33 c7 3e 5c | a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x55a4efa7ae58 size 128 | #17 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29302.02611 "aes128" #17: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.421 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2334003ad8 | spent 0.003 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c 7c d4 dd 65 | 2f da f7 aa da 97 be 24 60 90 a7 ed c8 58 e8 b6 | c5 d0 bd 57 dc ba 8d ed b0 36 48 c9 72 ba f2 d7 | a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I3 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 33 c7 3e 5c a9 f6 ef c1 86 59 91 13 b1 b9 d7 b8 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | decrypted payload (starts at offset -48): | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 2e 04 d1 fb | af 8d 6b 84 9d 71 3a 70 fe f5 6d d4 1e 2c 2d c0 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #17: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa76810 | hmac: release clone-key@0x55a4efa76810 | hmac PRF sha crypt-prf@0x7f2334008c38 | hmac PRF sha update data-bytes@0x7f2324004f28 (length 256) | 21 de 40 40 86 0e 4e a8 a1 c6 a7 1c 9b d2 08 9a | 06 3c 66 c4 b4 bd 57 1f 40 f4 4e b8 c0 12 1d a9 | 22 15 42 66 cc 0a ca e2 bb 2f 2f b8 82 e2 8f 72 | 03 99 a3 ec e4 0d ec fd 2e 85 60 df 21 be 35 c4 | 1e e7 71 1b 45 8b bd b4 3c 47 78 b6 3f c4 b8 ac | 20 cd 5b 68 ea 0b 8f ad d5 37 06 00 f4 07 c6 02 | c6 68 38 05 73 15 06 b5 43 45 b4 59 d1 53 70 08 | da 28 ce 6e a8 9d e6 00 64 d8 e7 78 bf 96 b4 20 | 50 6d 1b 82 4e 6e c5 64 69 b4 2d fa dc 33 8d 37 | 9a 74 9b 6b 8b ec cc b7 d6 25 18 a2 3b 4e 88 c3 | 42 8e 75 4b fa 77 8d 29 3d c5 34 8d 1e 0f 9b d1 | 34 0b 65 5e 02 bb 85 d9 35 2d b4 2d 3b 3e db fb | fd e9 f2 47 d8 0b 95 c9 a5 3c 36 df ba 58 03 d2 | ff 1c 3c 48 d4 3e 92 6b 24 1e eb 34 ac a1 fe 1c | fd 3f bf c8 fd aa c4 ae 36 19 a0 f6 10 37 02 33 | cc 6a a2 dc eb 19 1d 72 23 6f 24 df c2 e4 13 47 | hmac PRF sha update data-bytes@0x7f233c004b38 (length 256) | 81 ee 2d c6 6d c3 c8 fc 9b c7 8f 5e 0f 29 3b 85 | dd 9d e4 ff eb 1c ee 82 95 84 d6 2c a0 34 dc ab | 09 50 b0 10 07 d5 22 11 aa 6f 20 f6 cc df 73 79 | 01 85 30 ff bb 67 90 ad d2 2e 78 59 a0 b0 01 a8 | 4e 49 c9 4b ea 8b 0f 4c 8a cc 8c 53 1c 9f 29 36 | 3f f1 1a e5 12 58 8a 08 0a 3d 7d 57 92 63 07 72 | 6b c4 f1 fd 7c ac c9 3e 6e 9e fb 22 16 24 77 3e | 9c 04 ee 71 11 34 8f f1 6a 29 dc 1c c1 c0 b1 ee | 9f 71 3d 98 c0 79 ac a2 f8 00 83 08 fe 8a d2 f4 | 67 17 02 5e ec 9d 9c 56 6e b3 2e 3f b3 26 d3 75 | a1 28 09 20 e5 2e 45 92 0d 11 5f 93 f1 17 c6 28 | f0 70 2b 82 91 a6 0d 4f e1 27 26 83 0c 17 1a 67 | 89 4e 2e 0e 4c d5 b0 7e 81 ce 58 d9 89 90 07 49 | 57 39 f3 ff 3c a7 58 c5 7f af 84 05 f7 77 ae 48 | f0 5b a9 78 f3 66 3f a7 54 20 48 b2 eb dd 4e 7d | 9c e7 61 f9 5e 98 c3 c6 eb f7 41 17 20 82 0b 4e | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | a7 45 86 f0 34 c6 4f 5b | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 0e bf 9d 0d f9 86 72 c3 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x55a4efa7ada8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 2e 04 d1 fb af 8d 6b 84 9d 71 3a 70 fe f5 6d d4 | 1e 2c 2d c0 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #17: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7ae58 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2761 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | pstats #17 ikev1.isakmp established "aes128" #17: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #17 | creating state object #18 at 0x55a4efa7b648 | State DB: adding IKEv1 state #18 in UNDEFINED | pstats #18 ikev1.ipsec started | duplicating state object #17 "aes128" as #18 for IPSEC SA | #18 setting local endpoint to 192.1.2.45:500 from #17.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa5c790 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #17 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #18 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #18: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #18: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#17 msgid:8d6e0a0d proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 24 for state #18 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #18 | libevent_malloc: new ptr-libevent@0x55a4efa83168 size 128 | crypto helper 3 resuming | crypto helper 3 starting work-order 24 for state #18 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 24 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2338003038: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2338003038 | NSS: Public DH wire value: | 40 2a 10 32 fa 47 9a 29 a1 ee 6c 8a 27 7e 7f ed | a4 3f 4e a5 e8 2f 90 e3 3c e0 be b4 98 e0 72 7b | 8f de f9 cb 4a a7 3b 32 ad 32 f4 d0 53 9d 59 5f | a3 1d d0 d4 f5 a1 af 22 88 c0 b6 80 f1 2d 23 0c | f3 2b e4 e3 e7 5c 9b f4 01 10 0f dd 09 83 9b ff | d6 da a0 ef 35 d9 5a 68 75 66 af 08 7a c7 20 cc | f6 ca 02 82 72 d7 06 88 49 3a 41 a8 8b 89 46 48 | 1c 17 63 24 ff 52 f0 fb a1 b4 10 de d2 54 56 df | 8f bd 34 a5 69 46 6f e2 3c 44 9d 8c 0f 1c 85 22 | 1a 3d 67 e9 fe d3 9d a9 b8 e4 9e f6 ec 22 c2 50 | 86 5d bc 03 64 16 6e f7 33 16 ce d4 53 6c 97 51 | 41 74 36 c8 bc f6 d7 3d 7f ed 51 fa 23 12 89 59 | 2f 45 37 36 c0 34 24 28 9d ab db d8 ae 2f df 3b | 18 07 46 04 31 0a f6 58 63 f9 75 51 4f de 14 fc | ee 9d 80 53 4e f2 d3 d9 b2 22 03 28 9c 49 4c 4d | f5 08 bf 8f 4c 46 a2 3f 08 b8 eb 79 bf e1 f3 1c | Generated nonce: 1e 3d 4b 14 4f 74 ec 0b 2b 46 3d 71 16 c2 10 b3 | Generated nonce: bd 42 1c ab 83 f1 62 66 92 f0 29 fd 30 72 01 3c | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 24 time elapsed 0.001037 seconds | (#18) spent 1.04 milliseconds in crypto helper computing work-order 24: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 24 for state #18 to event queue | scheduling resume sending helper answer for #18 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | crypto helper 3 waiting (nothing to do) | stop processing: state #18 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #17 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x55a4efa6a3f8} | close_any(fd@24) (in release_whack() at state.c:654) | #17 spent 0.385 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.533 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #18 | start processing: state #18 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 24 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #18: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2372798989 (0x8d6e0a0d) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xd367a221 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI d3 67 a2 21 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #18: IMPAIR: stripping key-length "aes128" #18: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 1e 3d 4b 14 4f 74 ec 0b 2b 46 3d 71 16 c2 10 b3 | Ni bd 42 1c ab 83 f1 62 66 92 f0 29 fd 30 72 01 3c | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2338003038: transferring ownership from helper KE to state #18 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 40 2a 10 32 fa 47 9a 29 a1 ee 6c 8a 27 7e 7f ed | keyex value a4 3f 4e a5 e8 2f 90 e3 3c e0 be b4 98 e0 72 7b | keyex value 8f de f9 cb 4a a7 3b 32 ad 32 f4 d0 53 9d 59 5f | keyex value a3 1d d0 d4 f5 a1 af 22 88 c0 b6 80 f1 2d 23 0c | keyex value f3 2b e4 e3 e7 5c 9b f4 01 10 0f dd 09 83 9b ff | keyex value d6 da a0 ef 35 d9 5a 68 75 66 af 08 7a c7 20 cc | keyex value f6 ca 02 82 72 d7 06 88 49 3a 41 a8 8b 89 46 48 | keyex value 1c 17 63 24 ff 52 f0 fb a1 b4 10 de d2 54 56 df | keyex value 8f bd 34 a5 69 46 6f e2 3c 44 9d 8c 0f 1c 85 22 | keyex value 1a 3d 67 e9 fe d3 9d a9 b8 e4 9e f6 ec 22 c2 50 | keyex value 86 5d bc 03 64 16 6e f7 33 16 ce d4 53 6c 97 51 | keyex value 41 74 36 c8 bc f6 d7 3d 7f ed 51 fa 23 12 89 59 | keyex value 2f 45 37 36 c0 34 24 28 9d ab db d8 ae 2f df 3b | keyex value 18 07 46 04 31 0a f6 58 63 f9 75 51 4f de 14 fc | keyex value ee 9d 80 53 4e f2 d3 d9 b2 22 03 28 9c 49 4c 4d | keyex value f5 08 bf 8f 4c 46 a2 3f 08 b8 eb 79 bf e1 f3 1c | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x55a4efa78188 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 8d 6e 0a 0d | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 d3 67 a2 21 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 1e 3d 4b 14 4f 74 ec 0b | 2b 46 3d 71 16 c2 10 b3 bd 42 1c ab 83 f1 62 66 | 92 f0 29 fd 30 72 01 3c 05 00 01 04 40 2a 10 32 | fa 47 9a 29 a1 ee 6c 8a 27 7e 7f ed a4 3f 4e a5 | e8 2f 90 e3 3c e0 be b4 98 e0 72 7b 8f de f9 cb | 4a a7 3b 32 ad 32 f4 d0 53 9d 59 5f a3 1d d0 d4 | f5 a1 af 22 88 c0 b6 80 f1 2d 23 0c f3 2b e4 e3 | e7 5c 9b f4 01 10 0f dd 09 83 9b ff d6 da a0 ef | 35 d9 5a 68 75 66 af 08 7a c7 20 cc f6 ca 02 82 | 72 d7 06 88 49 3a 41 a8 8b 89 46 48 1c 17 63 24 | ff 52 f0 fb a1 b4 10 de d2 54 56 df 8f bd 34 a5 | 69 46 6f e2 3c 44 9d 8c 0f 1c 85 22 1a 3d 67 e9 | fe d3 9d a9 b8 e4 9e f6 ec 22 c2 50 86 5d bc 03 | 64 16 6e f7 33 16 ce d4 53 6c 97 51 41 74 36 c8 | bc f6 d7 3d 7f ed 51 fa 23 12 89 59 2f 45 37 36 | c0 34 24 28 9d ab db d8 ae 2f df 3b 18 07 46 04 | 31 0a f6 58 63 f9 75 51 4f de 14 fc ee 9d 80 53 | 4e f2 d3 d9 b2 22 03 28 9c 49 4c 4d f5 08 bf 8f | 4c 46 a2 3f 08 b8 eb 79 bf e1 f3 1c 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | fb 0b b1 96 7b 68 e0 9d ab c0 80 66 2f 86 53 fd | 95 a9 10 8c | outI1 HASH(1): | fb 0b b1 96 7b 68 e0 9d ab c0 80 66 2f 86 53 fd | 95 a9 10 8c | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 8d 6e 0a 0d | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 91 c2 c5 2c 16 09 38 72 01 a7 1d 79 ea 7b 60 eb | 29 e5 d9 74 | encrypting: 01 00 00 18 fb 0b b1 96 7b 68 e0 9d ab c0 80 66 | encrypting: 2f 86 53 fd 95 a9 10 8c 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 d3 67 a2 21 | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 1e 3d 4b 14 4f 74 ec 0b 2b 46 3d 71 16 c2 10 b3 | encrypting: bd 42 1c ab 83 f1 62 66 92 f0 29 fd 30 72 01 3c | encrypting: 05 00 01 04 40 2a 10 32 fa 47 9a 29 a1 ee 6c 8a | encrypting: 27 7e 7f ed a4 3f 4e a5 e8 2f 90 e3 3c e0 be b4 | encrypting: 98 e0 72 7b 8f de f9 cb 4a a7 3b 32 ad 32 f4 d0 | encrypting: 53 9d 59 5f a3 1d d0 d4 f5 a1 af 22 88 c0 b6 80 | encrypting: f1 2d 23 0c f3 2b e4 e3 e7 5c 9b f4 01 10 0f dd | encrypting: 09 83 9b ff d6 da a0 ef 35 d9 5a 68 75 66 af 08 | encrypting: 7a c7 20 cc f6 ca 02 82 72 d7 06 88 49 3a 41 a8 | encrypting: 8b 89 46 48 1c 17 63 24 ff 52 f0 fb a1 b4 10 de | encrypting: d2 54 56 df 8f bd 34 a5 69 46 6f e2 3c 44 9d 8c | encrypting: 0f 1c 85 22 1a 3d 67 e9 fe d3 9d a9 b8 e4 9e f6 | encrypting: ec 22 c2 50 86 5d bc 03 64 16 6e f7 33 16 ce d4 | encrypting: 53 6c 97 51 41 74 36 c8 bc f6 d7 3d 7f ed 51 fa | encrypting: 23 12 89 59 2f 45 37 36 c0 34 24 28 9d ab db d8 | encrypting: ae 2f df 3b 18 07 46 04 31 0a f6 58 63 f9 75 51 | encrypting: 4f de 14 fc ee 9d 80 53 4e f2 d3 d9 b2 22 03 28 | encrypting: 9c 49 4c 4d f5 08 bf 8f 4c 46 a2 3f 08 b8 eb 79 | encrypting: bf e1 f3 1c 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 91 c2 c5 2c 16 09 38 72 01 a7 1d 79 ea 7b 60 eb | IV: 29 e5 d9 74 | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: fe 77 d5 90 8c dd 3a 68 f0 56 07 8a 0f d0 23 01 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #18) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 20 01 8d 6e 0a 0d 00 00 01 bc 93 a4 d1 4e | 5c 7d 8a 55 f6 32 f3 77 ad df 52 60 a6 99 7c eb | 5b 4a e5 f8 c6 02 d4 9a 05 ef 0a 64 ce 06 b9 53 | f0 89 b9 6d 1f b8 9a 1c 38 09 34 75 28 c8 d1 61 | f5 ea 45 5b da b0 92 b1 6b 6d cc 60 f3 f9 02 b9 | 91 0e 32 55 f4 75 b1 89 36 3f 2f a4 5e 5a c6 79 | 18 8b 98 d0 93 0b f5 6b 78 8f a4 1f 71 4c f9 38 | 59 29 b6 d9 90 ab 27 48 78 6b d5 36 99 f1 bf ed | 17 e5 36 d1 5d 24 98 59 35 89 bc f4 9f 31 58 17 | 84 ff a6 c5 08 0c d2 17 ca d6 b8 ec 6f bd 80 4c | 14 c3 b2 21 74 2c f3 f3 ce 87 55 fe 08 0a 9f 46 | d8 0f 77 bd dd 96 bd 32 96 60 f5 ac 3d 37 ba 7e | e1 99 45 fb 3f 76 86 b4 98 25 c3 30 c9 b8 61 3c | 83 a9 ac f1 fd cc ab d4 d6 da 1b 2c 83 94 34 8a | e1 94 b1 7c 78 99 69 18 21 dd 8e e3 41 ba dd e7 | 8e 19 0a 05 a8 2b 7b ea e5 1b 85 12 18 dd f1 40 | f4 08 5a af ff 38 ab d4 9d 37 8b a7 c9 65 61 1f | be 06 57 69 03 41 80 20 dd 8d a0 45 b2 39 9b 27 | 20 26 f8 32 fb de 70 4b d1 de 68 4d 7e 93 39 1d | 0f 92 b9 2d 70 6c fc ab b4 81 24 44 89 68 ea e2 | a3 f8 7a 56 e8 9c 66 a1 7a ad e9 42 2d 86 db 34 | f1 34 52 1f 26 19 67 a9 b1 5b 3a 07 4c cf 1a 28 | ea 4b 71 f4 df 0e 8a 34 5a f3 99 b1 86 e5 98 f6 | 31 a0 5c 09 34 23 20 4c 62 87 b1 c4 b7 8d 0c 95 | 55 8e 70 28 96 8c 34 a4 01 ce 9e 3d c9 2c 6b 88 | ed 27 fb 4e 55 44 73 d0 4a e7 7c 41 fe 77 d5 90 | 8c dd 3a 68 f0 56 07 8a 0f d0 23 01 | state #18 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa83168 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #18 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | #18 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29302.033024 | resume sending helper answer for #18 suppresed complete_v1_state_transition() | #18 spent 0.592 milliseconds in resume sending helper answer | stop processing: state #18 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2338003088 | spent 0.00227 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 ca f4 c2 58 00 00 00 4c c5 a2 6b fa | 37 1b b6 5b 02 ec 5b be 29 8a cf b2 47 8f 5f 8d | 6d 18 f8 77 47 d2 45 52 86 e1 ce 87 74 7a cb 5a | 5a 93 c6 c6 7a 32 29 b9 ad c6 d8 0d | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3405038168 (0xcaf4c258) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #18; msgid=00000000 st_msgid=8d6e0a0d st_msgid_phase15=00000000 | peer and cookies match on #17; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #17 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #17 in MAIN_I4 (find_v1_info_state) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39f28c (length 4) | ca f4 c2 58 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 42 64 10 00 03 a4 77 2d 7d 7c fd f2 0b 42 f7 f7 | 47 20 17 ea | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 42 64 10 00 03 a4 77 2d 7d 7c fd f2 0b 42 f7 f7 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 74 7a cb 5a 5a 93 c6 c6 7a 32 29 b9 ad c6 d8 0d | decrypted payload (starts at offset -48): | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 ca f4 c2 58 00 00 00 4c 0b 00 00 18 | 95 62 24 50 f2 b9 36 0f 5b d5 03 0b ff 64 71 c7 | 20 29 b0 ff 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2334008c38 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | ca f4 c2 58 | HASH(1) PRF sha update payload-bytes@0x55a4efa7adbc (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 95 62 24 50 f2 b9 36 0f 5b d5 03 0b ff 64 71 c7 | 20 29 b0 ff | informational HASH(1): | 95 62 24 50 f2 b9 36 0f 5b d5 03 0b ff 64 71 c7 | 20 29 b0 ff | received 'informational' message HASH(1) data ok "aes128" #17: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #17: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #17 spent 0.0074 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.24 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f2330002b78 | handling event EVENT_RETRANSMIT for child state #18 | start processing: state #18 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #18 keying attempt 1 of 0; retransmit 1 "aes128" #18: IMPAIR: retransmit so deleting SA | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #18 ikev1.ipsec failed too-many-retransmits | pstats #18 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #18: deleting state (STATE_QUICK_I1) aged 0.501s and NOT sending notification | child state #18: QUICK_I1(established CHILD SA) => delete | child state #18: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #18 in CHILDSA_DEL | child state #18: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f2338003038: destroyed | stop processing: state #18 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | in statetime_stop() and could not find #18 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0415 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #17 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #17 ikev1.isakmp deleted completed | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #17: deleting state (STATE_MAIN_I4) aged 0.542s and sending notification | parent state #17: MAIN_I4(established IKE SA) => delete | #17 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1595916102 (0x5f1fbf46) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 0e bf 9d 0d f9 86 72 c3 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI a7 45 86 f0 34 c6 4f 5b | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1) prf: begin sha with context 0x7f2330002b50 from SKEYID_a-key@0x55a4efa76810 | HASH(1): release clone-key@0x55a4efa76810 | HASH(1) PRF sha crypt-prf@0x7f2338003188 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 5f 1f bf 46 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 0e bf 9d 0d | f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca 40 b9 be 55 | c1 e2 6f 42 | send delete HASH(1): | 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca 40 b9 be 55 | c1 e2 6f 42 | last Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | current Phase 1 IV: 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 16) | 72 ba f2 d7 a5 c3 e1 07 25 ea 38 cb 3b 6e 98 ee | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 5f 1f bf 46 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 80 08 c7 7b 5e f0 7b f6 60 d6 51 01 fb 10 ea f6 | c3 16 47 b5 | encrypting: 0c 00 00 18 60 18 91 d3 f6 a4 5f d9 52 76 e8 ca | encrypting: 40 b9 be 55 c1 e2 6f 42 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 | encrypting: 34 c6 4f 5b | IV: 80 08 c7 7b 5e f0 7b f6 60 d6 51 01 fb 10 ea f6 | IV: c3 16 47 b5 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 02 e9 a7 d2 0e a8 2f c2 e2 78 73 14 8b 74 09 d1 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 5f 1f bf 46 00 00 00 5c 28 5b 6a bc | cf d2 d7 27 3c 56 93 a8 ca e4 9c e1 cf b3 3d 85 | 3c 62 84 14 17 27 a3 a8 22 a8 87 95 9c 16 b2 3d | 60 e0 ec d5 27 d5 c3 d0 f2 52 2c a8 02 e9 a7 d2 | 0e a8 2f c2 e2 78 73 14 8b 74 09 d1 | state #17 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2334003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #17 in MAIN_I4 | parent state #17: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f233c004558: destroyed | stop processing: state #17 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa65820 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa5c790 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.988 milliseconds in whack | spent 0.0022 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0e bf 9d 0d f9 86 72 c3 a7 45 86 f0 34 c6 4f 5b | 08 10 05 01 47 42 e7 90 00 00 00 5c 38 f6 4b af | be fb c4 e6 29 8f f8 66 37 06 99 74 ef e1 6b 9a | 80 c5 5f 55 9d 07 e3 50 39 4b fa 2d 27 9f 1c 7a | 77 e9 24 32 7d fd c6 4a 81 e2 57 83 8f 63 0a 60 | 71 ca 1d 3d 4b 0b 69 d7 d2 86 f8 62 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0e bf 9d 0d f9 86 72 c3 | responder cookie: | a7 45 86 f0 34 c6 4f 5b | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1195566992 (0x4742e790) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x4742e790 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 0e bf 9d 0d f9 86 72 c3 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | a7 45 86 f0 34 c6 4f 5b | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0758 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0711 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.441 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.127 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #19 at 0x55a4efa78798 | State DB: adding IKEv1 state #19 in UNDEFINED | pstats #19 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #19 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #19: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #19 "3des" "3des" #19: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x55a4efa785e8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 5d 97 d9 f8 3f c6 7d de 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | #19 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.12043 | #19 spent 0.421 milliseconds in main_outI1() | stop processing: state #19 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.491 milliseconds in whack | spent 0.00212 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #19 in MAIN_I1 (find_state_ikev1_init) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 25 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f2338003088 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #19 and saving MD | crypto helper 2 resuming | crypto helper 2 starting work-order 25 for state #19 | crypto helper 2 doing build KE and nonce (outI2 KE); request ID 25 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | #19 is busy; has a suspended MD | #19 spent 0.153 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.283 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7f232c002f98: created | NSS: Local DH MODP2048 secret (pointer): 0x7f232c002f98 | NSS: Public DH wire value: | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | Generated nonce: 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 c9 cb 58 9d | Generated nonce: 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c 55 8e 1b c3 | crypto helper 2 finished build KE and nonce (outI2 KE); request ID 25 time elapsed 0.001035 seconds | (#19) spent 1.03 milliseconds in crypto helper computing work-order 25: outI2 KE (pcr) | crypto helper 2 sending results from work-order 25 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f232c0059a8 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 25 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #19: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f232c002f98: transferring ownership from helper KE to state #19 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | keyex value 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | keyex value ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | keyex value 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | keyex value 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | keyex value 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | keyex value 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | keyex value 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | keyex value b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | keyex value 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | keyex value 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | keyex value 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | keyex value 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | keyex value 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | keyex value d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | keyex value 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 c9 cb 58 9d | Ni 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c 55 8e 1b c3 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | natd_hash: hash= d8 a9 bf 8c | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | NAT-D d8 a9 bf 8c | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | natd_hash: hash= a0 7a da 3c | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | NAT-D a0 7a da 3c | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #19 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #19: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2338003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | 14 00 00 24 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 | c9 cb 58 9d 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c | 55 8e 1b c3 14 00 00 18 0e 50 92 c2 d5 1b 29 74 | 50 0b 76 59 c4 cc 17 ed d8 a9 bf 8c 00 00 00 18 | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a4efa83168 size 128 | #19 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.123112 "3des" #19: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.377 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f232c0059a8 | spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | 14 00 00 24 50 14 d7 98 ea d8 50 6d bb 9b c1 87 | 31 02 8f 5c aa 0c 08 ae 4c 50 12 00 71 55 61 37 | c2 78 59 17 14 00 00 18 3d ae 97 98 de 90 37 6a | c8 f7 e2 82 a9 20 4f ea a0 7a da 3c 00 00 00 18 | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I2 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f232c002f98: transferring ownership from state #19 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 26 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa83168 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f232c0059a8 size 128 | crypto helper 4 resuming | crypto helper 4 starting work-order 26 for state #19 | crypto helper 4 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 | peer's g: 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | peer's g: 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | peer's g: 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | peer's g: 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | peer's g: 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | peer's g: fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | peer's g: d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | peer's g: e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | peer's g: f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | peer's g: 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | peer's g: 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | peer's g: 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | peer's g: ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | peer's g: 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | peer's g: d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | peer's g: 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f232c002f98: computed shared DH secret key@0x55a4efa5c790 | dh-shared : g^ir-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: psk-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa5af10 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: psk-key@0x55a4efa65c00 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa5af10 | SKEYID psk prf: created sha context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk prf: begin sha with context 0x7f2330003b00 from psk-key@0x55a4efa65c00 | SKEYID psk: release clone-key@0x55a4efa65c00 | SKEYID psk PRF sha crypt-prf@0x7f2330001548 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | 1f f6 c6 3a e5 a9 92 21 65 0c 8d 40 c9 cb 58 9d | 9a e4 b4 b7 80 cf 84 04 b0 02 33 7c 55 8e 1b c3 | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 50 14 d7 98 ea d8 50 6d bb 9b c1 87 31 02 8f 5c | aa 0c 08 ae 4c 50 12 00 71 55 61 37 c2 78 59 17 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID psk PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID psk: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b718 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa5af10 | SKEYID_d: release clone-key@0x55a4efa5af10 | SKEYID_d PRF sha crypt-prf@0x7f2330001278 | SKEYID_d PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_d: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f f2 b4 99 da 15 97 0d 5a 1f 4c 7b 86 bc 31 46 33 11 17 da f3 86 78 32 55 92 ce fa 75 df d2 b1 71 07 f2 7c 8c 90 c7 31 3a 57 83 4e 8a 0b 61 f3 4b 4c 6e 34 32 56 67 ee 9e 81 92 ed b2 dc 14 cd 26 64 4c 5b 36 46 60 e1 b9 2e da b5 00 db e2 af cc 46 52 6d 46 a0 66 df 7e 87 21 53 1b 91 25 75 d9 2d e4 ac eb 22 67 cc 7d e9 19 78 ff 2c 47 ea ba 28 1b 76 a5 26 7a a1 be 05 e3 dc ee c2 ce 24 01 09 b2 98 46 2b eb da 5f 24 b1 c8 5d d8 01 eb 36 c3 2c 0b 3e f5 f3 25 7b b1 0e aa 81 a8 f8 91 89 c6 d4 9e 3f 92 a9 3c 0d 0c cd 98 ff eb e3 1f e0 6d 84 31 1b fb e2 aa bf 0d 4b 65 01 2d ec b3 a5 07 ab 36 ca 6b 36 08 ea ee f7 9d 23 86 b9 36 72 a8 71 67 17 f7 15 6e 61 2e 52 d4 24 41 15 7e 87 e0 95 91 ca b1 49 2f 04 0c 31 a3 8e 2c 68 56 29 7b cf 88 d5 af 5d ad 34 ce 97 3a f0 ee 5b f7 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2330004678 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID_d PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_d: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa62310 | SKEYID_a: release clone-key@0x55a4efa62310 | SKEYID_a PRF sha crypt-prf@0x7f2330001548 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa5af10 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: fb ff 0f f8 95 a1 15 8f f2 db 75 36 45 ed 39 09 62 0b 07 a7 88 dc 61 57 9f 03 bc 3d db d6 5f 6c | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2330001598 | unwrapped: 0e 15 f5 8f 84 38 86 8b a1 3c 6e 42 31 da 09 a9 | unwrapped: 9c 85 81 52 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_a: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f f2 b4 99 da 15 97 0d 5a 1f 4c 7b 86 bc 31 46 33 11 17 da f3 86 78 32 55 92 ce fa 75 df d2 b1 71 07 f2 7c 8c 90 c7 31 3a 57 83 4e 8a 0b 61 f3 4b 4c 6e 34 32 56 67 ee 9e 81 92 ed b2 dc 14 cd 26 64 4c 5b 36 46 60 e1 b9 2e da b5 00 db e2 af cc 46 52 6d 46 a0 66 df 7e 87 21 53 1b 91 25 75 d9 2d e4 ac eb 22 67 cc 7d e9 19 78 ff 2c 47 ea ba 28 1b 76 a5 26 7a a1 be 05 e3 dc ee c2 ce 24 01 09 b2 98 46 2b eb da 5f 24 b1 c8 5d d8 01 eb 36 c3 2c 0b 3e f5 f3 25 7b b1 0e aa 81 a8 f8 91 89 c6 d4 9e 3f 92 a9 3c 0d 0c cd 98 ff eb e3 1f e0 6d 84 31 1b fb e2 aa bf 0d 4b 65 01 2d ec b3 a5 07 ab 36 ca 6b 36 08 ea ee f7 9d 23 86 b9 36 72 a8 71 67 17 f7 15 6e 61 2e 52 d4 24 41 15 7e 87 e0 95 91 ca b1 49 2f 04 0c 31 a3 8e 2c 68 56 29 7b cf 88 d5 af 5d ad 34 ce 97 3a f0 ee 5b f7 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f23300018c8 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b700 | result: final-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa63dc0 | SKEYID_a PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_a: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa65c00 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b708 | result: clone-key@0x55a4efa63dc0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e prf: begin sha with context 0x7f2330003b00 from SKEYID-key@0x55a4efa63dc0 | SKEYID_e: release clone-key@0x55a4efa63dc0 | SKEYID_e PRF sha crypt-prf@0x7f2330001278 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa62310 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: cb f1 76 8e e0 01 0e f6 4a ac 39 c1 ac e4 75 ce 8f 6d 3b 51 4c fc 74 c0 b0 ec 9e 1c d7 89 68 35 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23300039e8 | unwrapped: 92 78 d5 4d bb af 79 83 6e 65 ae 1c 2e c2 18 98 | unwrapped: f4 d0 c9 dd 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa5c790 (size 256) | SKEYID_e: g^xy-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 6f f2 b4 99 da 15 97 0d 5a 1f 4c 7b 86 bc 31 46 33 11 17 da f3 86 78 32 55 92 ce fa 75 df d2 b1 71 07 f2 7c 8c 90 c7 31 3a 57 83 4e 8a 0b 61 f3 4b 4c 6e 34 32 56 67 ee 9e 81 92 ed b2 dc 14 cd 26 64 4c 5b 36 46 60 e1 b9 2e da b5 00 db e2 af cc 46 52 6d 46 a0 66 df 7e 87 21 53 1b 91 25 75 d9 2d e4 ac eb 22 67 cc 7d e9 19 78 ff 2c 47 ea ba 28 1b 76 a5 26 7a a1 be 05 e3 dc ee c2 ce 24 01 09 b2 98 46 2b eb da 5f 24 b1 c8 5d d8 01 eb 36 c3 2c 0b 3e f5 f3 25 7b b1 0e aa 81 a8 f8 91 89 c6 d4 9e 3f 92 a9 3c 0d 0c cd 98 ff eb e3 1f e0 6d 84 31 1b fb e2 aa bf 0d 4b 65 01 2d ec b3 a5 07 ab 36 ca 6b 36 08 ea ee f7 9d 23 86 b9 36 72 a8 71 67 17 f7 15 6e 61 2e 52 d4 24 41 15 7e 87 e0 95 91 ca b1 49 2f 04 0c 31 a3 8e 2c 68 56 29 7b cf 88 d5 af 5d ad 34 ce 97 3a f0 ee 5b f7 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2330004678 | unwrapped: 21 0c a5 09 6b 45 40 30 92 88 99 93 62 47 46 64 | unwrapped: 63 2b 18 27 75 8a 25 6a 01 e7 a6 60 98 bc fd b2 | unwrapped: 01 0d c0 66 81 15 f1 ed 77 f9 de 17 e4 1d f0 ed | unwrapped: 7c 18 55 5e 69 c6 d9 19 d0 d0 e1 a1 c1 0d 7c 52 | unwrapped: 7a 5e 4c 02 b2 d9 db 99 e6 4f 19 2d 9b a7 65 dd | unwrapped: 96 21 67 a3 ac 5c cb 8a 55 86 eb fa 66 52 d5 2d | unwrapped: 3b 64 04 f7 d5 fe bb f3 08 e8 5c d9 76 44 8f bb | unwrapped: 0a 39 9b ea e4 93 56 24 9a 1b c9 45 83 60 9a 5d | unwrapped: 39 9a 8c 3a 0e fd 72 59 5d 78 01 04 fc a0 a3 3d | unwrapped: 61 4a 57 cb 14 5e 37 c4 d9 49 1a ea cb a0 da 1a | unwrapped: 3d 39 70 dd d1 62 1f 0e 06 46 07 0b 43 54 0b ee | unwrapped: ba 26 47 a3 ac 15 ea 8e 18 df 9c 1b 71 44 2d e6 | unwrapped: 87 5c 1b 1c 0a 30 ca f8 c4 b1 f3 e8 24 a4 f1 5c | unwrapped: e2 90 f4 aa 2b 76 e5 b7 0e 73 4c 08 ce 41 49 8c | unwrapped: 5f 29 60 6a 4d 69 20 db 23 41 d9 ca 1c 57 43 fc | unwrapped: 23 16 a3 2c 2c 7e 1f 2f 03 91 8a d4 53 5a 24 2f | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | 5d 97 d9 f8 3f c6 7d de | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | b6 8a 2c 11 a9 4a 88 72 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b710 | result: final-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65820 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6f8 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65820 | SKEYID_e PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID_e: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x55a4efa63dc0 (size 20) | appendix_b: SKEYID_e-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f2330003b00 from SKEYID_e-key@0x55a4efa65820 | appendix_b prf: begin sha with context 0x7f2330003b00 from SKEYID_e-key@0x55a4efa65820 | appendix_b: release clone-key@0x55a4efa65820 | appendix_b PRF sha crypt-prf@0x7f2330001548 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b6f0 | result: final-key@0x55a4efa76810 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa76810 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6d8 | result: final-key@0x55a4efa65820 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa76810 | appendix_b PRF sha final-key@0x55a4efa65820 (size 20) | appendix_b: key-key@0x55a4efa65820 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x55a4efa65820 | Kn PRF sha init SKEYID_e-key@0x55a4efa63dc0 (size 20) | Kn: SKEYID_e-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6e8 | result: clone-key@0x55a4efa76810 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f2330003b00 from SKEYID_e-key@0x55a4efa76810 | Kn prf: begin sha with context 0x7f2330003b00 from SKEYID_e-key@0x55a4efa76810 | Kn: release clone-key@0x55a4efa76810 | Kn PRF sha crypt-prf@0x7f2330001278 | Kn PRF sha update old_k-key@0x55a4efa65820 (size 20) | Kn: old_k-key@0x55a4efa65820 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa65820 | nss hmac digest hack: symkey-key@0x55a4efa65820 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156169: 81 88 e1 e7 a5 3b ec 3f 1b 77 36 99 16 22 92 fc 6d 69 17 c7 1e ff b8 7b db c3 9c 9e 28 93 d5 5a | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2330001598 | unwrapped: 4d 1d 6d 23 e2 0f 4f 89 4f c6 a6 14 f6 46 e1 f8 | unwrapped: 06 7a 5f be 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234185b6f0 | result: final-key@0x55a4efa7a950 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa7a950 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b6d8 | result: final-key@0x55a4efa76810 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa7a950 | Kn PRF sha final-key@0x55a4efa76810 (size 20) | Kn: key-key@0x55a4efa76810 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa65820 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f234185b768 | result: result-key@0x55a4efa7a950 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x55a4efa65820 | appendix_b_keymat_e: release old_k#N-key@0x55a4efa65820 | appendix_b_keymat_e: release old_k#final-key@0x55a4efa76810 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a4efa7a950 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234185b768 | result: cryptkey-key@0x55a4efa76810 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x55a4efa7a950 | NSS: pointers skeyid_d 0x55a4efa5af10, skeyid_a 0x55a4efa62310, skeyid_e 0x55a4efa63dc0, enc_key 0x55a4efa76810 | DH_i: f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | DH_i: 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | DH_i: ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | DH_i: 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | DH_i: 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | DH_i: 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | DH_i: 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | DH_i: 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | DH_i: b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | DH_i: 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | DH_i: 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | DH_i: 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | DH_i: 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | DH_i: 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | DH_i: d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | DH_i: 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | DH_r: 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | DH_r: 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | DH_r: 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | DH_r: 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | DH_r: 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | DH_r: fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | DH_r: d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | DH_r: e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | DH_r: f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | DH_r: 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | DH_r: 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | DH_r: 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | DH_r: ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | DH_r: 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | DH_r: d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | DH_r: 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | new IV hash sha final chunk@0x7f2330001598 (length 20) | 3e 3f 76 14 e6 92 e7 12 fd 25 7f 62 43 c0 42 1f | b5 35 74 cd | crypto helper 4 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 time elapsed 0.002221 seconds | (#19) spent 2.2 milliseconds in crypto helper computing work-order 26: aggr outR1 DH (pcr) | crypto helper 4 sending results from work-order 26 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f2330001378 size 128 | crypto helper 4 waiting (nothing to do) | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.104 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.243 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 26 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #19: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f232c002f98: transferring ownership from helper IKEv1 DH+IV to state #19 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | a0 7a da 3c | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | natd_hash: hash= a0 7a da 3c | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | 5d 97 d9 f8 3f c6 7d de | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= 5d 97 d9 f8 3f c6 7d de | natd_hash: rcookie= b6 8a 2c 11 a9 4a 88 72 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | natd_hash: hash= d8 a9 bf 8c | expected NAT-D(me): 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | expected NAT-D(me): a0 7a da 3c | expected NAT-D(him): | 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | d8 a9 bf 8c | received NAT-D: 3d ae 97 98 de 90 37 6a c8 f7 e2 82 a9 20 4f ea | received NAT-D: a0 7a da 3c | received NAT-D: 0e 50 92 c2 d5 1b 29 74 50 0b 76 59 c4 cc 17 ed | received NAT-D: d8 a9 bf 8c | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x55a4efa7a848 | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 5d 97 d9 f8 3f c6 7d de | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 28 96 76 63 79 bb f4 b2 e5 2d 05 92 4b 7c 1e c7 | 3b 2f f5 e4 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 28 96 76 63 79 bb f4 b2 e5 2d 05 92 4b 7c 1e c7 | HASH_I 3b 2f f5 e4 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 28 96 76 63 79 bb f4 b2 e5 2d 05 92 4b 7c 1e c7 | encrypting: 3b 2f f5 e4 | IV: 3e 3f 76 14 e6 92 e7 12 fd 25 7f 62 43 c0 42 1f | IV: b5 35 74 cd | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 7e 9a 32 51 6a 16 17 07 | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #19: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f232c0059a8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa782f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 70 eb a1 90 | a6 94 7f cd 08 b7 7d e4 d2 5b 94 19 ef 66 5a a5 | 48 57 77 5b 0f c9 20 4f d2 b5 c5 19 7e 9a 32 51 | 6a 16 17 07 | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x55a4efa83168 size 128 | #19 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.130801 "3des" #19: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.457 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2330001378 | spent 0.00197 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 01 26 93 59 | 1e 07 ad 45 51 99 ea 33 88 09 25 2e d8 94 cb e6 | 13 ac 1a b4 65 ce 79 28 d5 07 e2 a4 06 12 b0 19 | 66 34 98 8a | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I3 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 7e 9a 32 51 6a 16 17 07 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 06 12 b0 19 66 34 98 8a | decrypted payload (starts at offset -40): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 21 71 90 7c | c8 fa 29 8b b6 ae 6c 9c 06 a3 0e 71 67 78 3a 1b | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #19: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa65c00 (size 20) | hmac: symkey-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa7a950 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa7a950 | hmac: release clone-key@0x55a4efa7a950 | hmac PRF sha crypt-prf@0x7f2330001598 | hmac PRF sha update data-bytes@0x7f2338002a18 (length 256) | 80 e5 2d f7 d8 6b 6f 2b ee 56 c0 a1 06 de e2 2d | 29 9a c9 65 4e 49 39 b1 11 10 be 7c 51 38 06 e1 | 72 d7 26 ce 4a fc 6d 12 8c 4d 0f 8b e4 3a 42 d8 | 89 47 4c 21 12 4d 04 11 51 e7 98 c3 9a 3a 5f 73 | 0d a0 34 26 ba 44 9d 05 77 cf 07 2b 42 8c cf 6e | fc 75 a0 ee 5e 8c 9d d6 5e b5 6b 24 fa ff 80 76 | d6 e8 78 29 c6 01 07 8e 4a d8 3e 1c e3 d4 7d 38 | e4 bf 50 78 8b 5e ed 73 39 58 f8 79 3a 09 9b 5d | f4 1c 67 77 6c 77 fe 9c e6 ab cf cd 06 9c b9 59 | 65 74 c9 3a 38 0d 33 71 1a 77 cb de eb bb 3a 88 | 63 77 1d 10 f1 68 a7 b5 b0 64 2e 43 a0 28 4e d3 | 54 06 9e c0 02 e8 07 ff a7 68 c5 ac b6 74 68 e0 | ae d7 cd 47 05 4a 88 78 6b e9 a9 66 df ce 9a 19 | 33 b1 29 d4 27 57 19 ac 89 30 27 cc af e0 1d b9 | d8 7a 96 9f 03 82 5b aa 4b 3b 55 ff fe 67 bc 8d | 6d 8e 0e 0a 5d 6c 98 99 59 71 0c 1b 2d 3c 74 bd | hmac PRF sha update data-bytes@0x7f232c001f78 (length 256) | f6 e3 41 c2 22 69 6a ca 37 31 20 1c 38 d5 bc 7e | 9d 33 fb 21 a3 a7 08 b4 52 59 f6 1c 31 74 ec 8c | ad e4 f1 a7 9a 04 3c f8 54 8b de e7 e5 ed e7 58 | 48 16 9d 80 c8 d4 9b 17 2f 6e c3 b3 84 3d 7c 8e | 3d 2e 76 cb d8 ba 42 de 86 95 e2 6f 3a ea 31 05 | 78 40 41 4d 55 3c b0 1d 35 fe 4d 94 97 63 17 56 | 07 32 dd 90 65 d9 9a de 22 8c 88 f2 1c 86 80 45 | 77 f4 ed 9b d2 0d ce 95 86 86 7b 38 56 e1 10 3b | b7 54 95 dc 8c b7 33 22 08 07 fe d0 1e fd a6 ed | 5a c7 ac 50 e2 b3 ab 0b 80 36 f4 3a bf c4 f7 99 | 7a d1 bb 97 16 d6 60 18 d5 6f 08 ba 11 d4 7c 9a | 87 f1 12 d0 9a 8f ee 93 fe a5 50 2e 79 42 e6 26 | 54 9a 0f b5 cd dd bb ff b1 70 be 7f 52 6e 17 e2 | 2e be be 4f f4 d8 7e e3 45 5a d3 a3 4c 41 27 4e | d3 13 f8 bf f3 c8 41 da 45 9c e1 21 e0 66 52 31 | 50 79 a7 68 a3 1f b1 d9 48 ec aa cb ef 11 7b 61 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | b6 8a 2c 11 a9 4a 88 72 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | 5d 97 d9 f8 3f c6 7d de | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa7811c (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x55a4efa6a418 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 21 71 90 7c c8 fa 29 8b b6 ae 6c 9c 06 a3 0e 71 | 67 78 3a 1b | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #19: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa83168 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa782f8 | inserting event EVENT_SA_REPLACE, timeout in 2803 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f2330001378 size 128 | pstats #19 ikev1.isakmp established "3des" #19: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #19 | creating state object #20 at 0x55a4efa7b648 | State DB: adding IKEv1 state #20 in UNDEFINED | pstats #20 ikev1.ipsec started | duplicating state object #19 "3des" as #20 for IPSEC SA | #20 setting local endpoint to 192.1.2.45:500 from #19.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa76810 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #19 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #20 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #20: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #20: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#19 msgid:0036540e proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 27 for state #20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x55a4ef9d9618 size 128 | stop processing: state #20 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #19 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "3des" | crypto helper 5 resuming | crypto helper 5 starting work-order 27 for state #20 | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 27 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2324006448: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2324006448 | NSS: Public DH wire value: | 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 79 97 55 6b | 43 41 7e 13 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 | 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 42 48 38 5e | 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 | 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f | bf 5d 81 83 fc 37 26 eb 54 39 65 c0 a4 c1 af cd | e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 | 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 | 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 28 a0 1a 6b | 91 3a cd e9 92 36 21 ad ba 22 71 e2 bd 02 25 05 | 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 | a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 | cb ae 72 a7 d0 92 7e 75 22 c0 74 8b 63 72 a2 01 | 93 84 cd b3 96 18 56 67 10 44 81 89 fb a0 40 b5 | b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 de d8 e0 34 | 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 | Generated nonce: a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | Generated nonce: 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 27 time elapsed 0.000995 seconds | (#20) spent 0.973 milliseconds in crypto helper computing work-order 27: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 27 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f2324003978 size 128 | crypto helper 5 waiting (nothing to do) | removing pending policy for no connection {0x55a4efa768c8} | close_any(fd@24) (in release_whack() at state.c:654) | #19 spent 0.346 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.485 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 27 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #20: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xdfccb3b1 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI df cc b3 b1 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | Ni 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2324006448: transferring ownership from helper KE to state #20 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 79 97 55 6b | keyex value 43 41 7e 13 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 | keyex value 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 42 48 38 5e | keyex value 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 | keyex value 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f | keyex value bf 5d 81 83 fc 37 26 eb 54 39 65 c0 a4 c1 af cd | keyex value e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 | keyex value 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 | keyex value 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 28 a0 1a 6b | keyex value 91 3a cd e9 92 36 21 ad ba 22 71 e2 bd 02 25 05 | keyex value 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 | keyex value a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 | keyex value cb ae 72 a7 d0 92 7e 75 22 c0 74 8b 63 72 a2 01 | keyex value 93 84 cd b3 96 18 56 67 10 44 81 89 fb a0 40 b5 | keyex value b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 de d8 e0 34 | keyex value 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x55a4efa83398 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 00 36 54 0e | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 df cc b3 b1 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 a7 d5 f6 08 9d bb 23 66 | 4e 66 b4 6f 7a 5d 31 5b 70 cd 07 d7 81 fb d9 6b | 76 6d cc 03 72 31 c4 88 05 00 01 04 8f 63 04 6a | bb ee 7a f3 f7 00 5e 46 79 97 55 6b 43 41 7e 13 | 7b bd c8 50 9d a2 ac 56 ab f5 cb 44 53 a4 d1 86 | ff 52 c6 b1 41 c5 43 c0 42 48 38 5e 0c f0 1c 05 | 78 a6 5f a6 07 3e e1 0d 27 89 ac 70 40 99 3f ed | 26 ec 1d eb 40 d2 e5 d4 ca 67 dc 7f bf 5d 81 83 | fc 37 26 eb 54 39 65 c0 a4 c1 af cd e8 9d 47 a6 | 22 79 62 c6 6f 0f 40 52 ef e5 ac e6 1c 0e 3f dd | e0 61 7e 0b ba a5 f3 4e 71 1b c8 f4 5f 8a 90 16 | ea ee 4a 91 13 1f 08 07 28 a0 1a 6b 91 3a cd e9 | 92 36 21 ad ba 22 71 e2 bd 02 25 05 3e bf 04 6d | c8 b6 57 21 72 1c 8a 1c bd 06 5c 21 a2 98 7d b5 | eb d2 fa 63 5f 6d 02 80 6c ea 72 d7 cb ae 72 a7 | d0 92 7e 75 22 c0 74 8b 63 72 a2 01 93 84 cd b3 | 96 18 56 67 10 44 81 89 fb a0 40 b5 b4 54 e9 f4 | fe d0 0b fd bc 35 1a a6 de d8 e0 34 57 e3 d1 71 | 88 40 a7 a4 89 fb 1b ef 1e 7e 84 29 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a 01 06 41 63 | a7 92 3a 22 | outI1 HASH(1): | 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a 01 06 41 63 | a7 92 3a 22 | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 00 36 54 0e | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 5e 8c e2 e7 b8 26 d9 9e 8d ed 18 a7 dd d6 18 ff | bd d6 09 7b | encrypting: 01 00 00 18 57 cd f3 7c 2a 35 5e 0c 28 fe e9 3a | encrypting: 01 06 41 63 a7 92 3a 22 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 df cc b3 b1 | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | encrypting: 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | encrypting: 05 00 01 04 8f 63 04 6a bb ee 7a f3 f7 00 5e 46 | encrypting: 79 97 55 6b 43 41 7e 13 7b bd c8 50 9d a2 ac 56 | encrypting: ab f5 cb 44 53 a4 d1 86 ff 52 c6 b1 41 c5 43 c0 | encrypting: 42 48 38 5e 0c f0 1c 05 78 a6 5f a6 07 3e e1 0d | encrypting: 27 89 ac 70 40 99 3f ed 26 ec 1d eb 40 d2 e5 d4 | encrypting: ca 67 dc 7f bf 5d 81 83 fc 37 26 eb 54 39 65 c0 | encrypting: a4 c1 af cd e8 9d 47 a6 22 79 62 c6 6f 0f 40 52 | encrypting: ef e5 ac e6 1c 0e 3f dd e0 61 7e 0b ba a5 f3 4e | encrypting: 71 1b c8 f4 5f 8a 90 16 ea ee 4a 91 13 1f 08 07 | encrypting: 28 a0 1a 6b 91 3a cd e9 92 36 21 ad ba 22 71 e2 | encrypting: bd 02 25 05 3e bf 04 6d c8 b6 57 21 72 1c 8a 1c | encrypting: bd 06 5c 21 a2 98 7d b5 eb d2 fa 63 5f 6d 02 80 | encrypting: 6c ea 72 d7 cb ae 72 a7 d0 92 7e 75 22 c0 74 8b | encrypting: 63 72 a2 01 93 84 cd b3 96 18 56 67 10 44 81 89 | encrypting: fb a0 40 b5 b4 54 e9 f4 fe d0 0b fd bc 35 1a a6 | encrypting: de d8 e0 34 57 e3 d1 71 88 40 a7 a4 89 fb 1b ef | encrypting: 1e 7e 84 29 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 5e 8c e2 e7 b8 26 d9 9e 8d ed 18 a7 dd d6 18 ff | IV: bd d6 09 7b | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: fa ac f3 61 b7 ef 03 4c | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 72 7f ae c0 | c0 94 7a d3 15 eb 47 18 c7 76 71 d9 af fa d1 a7 | 6c c8 8e b4 5a 45 18 c4 96 4c 8b 49 e3 33 45 f2 | 67 6f 6f eb 63 db 9b cc be 52 81 0e 17 61 aa 6b | 71 52 ef 25 b5 ac 17 38 1e 4c 82 9e e5 c3 7d 87 | c9 c3 ca 02 d6 cd f7 1b 80 cf 66 e3 36 a0 bd a7 | ae ce eb d7 c2 ea 93 18 79 97 14 65 38 2e 03 05 | 0c b3 eb 46 b9 84 ad 04 07 00 8b bc 42 d8 a6 66 | bc 63 c3 14 c6 a5 f4 4c 7a d3 43 03 ca 19 79 64 | 52 53 16 45 2e 72 0c c1 83 c9 ed df 7b 5d 11 8e | 08 c5 3a 9f fe 60 dd 86 0c 1e 36 b8 ff 7b 85 8d | 15 bf 17 de e9 32 26 e7 46 5f fc 27 06 c8 9f 4c | 4e d4 f3 10 0f 2d b9 bc b5 62 18 84 4c 5a 8f bf | 75 86 bd c0 3d 64 7c 66 99 74 e5 13 db a4 23 de | 4e 94 3f 79 da 15 f3 b4 5c da b6 ec c2 fa 4a 47 | ce 5e e2 e3 7e 59 8a 22 54 18 09 89 37 36 ca 9f | f6 a1 53 5f 91 39 13 c2 ca 97 47 3c d4 8b 0c 3c | e5 5b cf 90 fd e0 dc 54 16 c1 0f c5 8a 37 92 8c | 0c 81 89 0d 72 7b ac 74 e4 a1 d2 86 49 9e 61 d5 | 25 67 0e 23 51 a8 96 5a f0 ee 14 c5 8f 09 02 62 | 19 59 2d bc a6 2f 1d d3 96 70 32 c3 bf 80 8e 21 | a0 a8 ab a6 e8 4c 62 3f d7 50 54 d9 9a 7d 90 fc | 77 20 7c a7 ac e7 34 4b 89 55 00 88 e4 9e af 5d | 6f 90 fe fc 68 99 7a 95 5d 8f e2 11 7a 41 33 bc | ec ae 31 ac 8f 49 66 5e 64 5d 42 4a a0 18 28 6d | 01 a7 41 79 04 1e 3d 5f b1 9c ab 4b fa ac f3 61 | b7 ef 03 4c | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4ef9d9618 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 "3des" #20: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f2330002b78 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x55a4efa7de68 size 128 | #20 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.134324 | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 0.965 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2324003978 | spent 0.00343 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 6c 37 28 88 | 83 ee 02 1b 37 83 30 15 01 ee c7 b0 0b 01 5a 8e | 2f e1 bc cc 0a a3 b5 7e 2d 7b 2e 37 e0 eb 7b 09 | f9 d6 c0 02 7a 2d f7 22 86 d6 af 55 3b 82 ee 40 | b5 e7 9e db 91 68 9d e8 1a 50 88 4b 7e e7 a8 2c | 9b 8e c7 25 0c eb c7 10 bf 6a 60 96 9f 81 ec 9d | df b7 23 c1 70 35 b7 9b 2e 46 06 75 3c b0 56 75 | 19 9b f7 c6 f3 ca c7 2c c6 89 ee e9 3e 7f 04 42 | 1c bd ed 53 c5 97 fa 62 b5 4f b3 f2 71 80 24 c5 | 91 41 df ed dc fa 58 77 13 40 0c 35 a7 66 24 a2 | 93 37 b1 99 9e 3c 38 83 cc e7 cd 61 1d 6f 13 71 | 73 fb dd b8 04 55 8c a0 f8 f5 1b 03 9c f8 6c a3 | 6a 12 11 f2 b0 cf e2 e6 cc 9b dc f4 eb fb 90 1d | b5 f3 5f 2f cd 5b ef 55 a5 ee c1 5a bc 68 30 65 | 0a af b3 bc e1 5c 35 e2 d7 12 36 89 29 3f 7d 2f | 69 63 e6 12 38 e7 39 bf bf 59 be 41 66 05 ec db | 9f 41 7d b7 03 61 50 e0 5d 88 3a a8 76 69 d5 03 | 3f ae b5 f1 c2 0b 1c 55 f9 1d 51 21 30 8b ab aa | fa fa 3d b4 2c 54 a7 7f 10 41 79 97 4a 14 7c 68 | f6 2d 37 1e b2 2c 05 39 89 a6 82 85 55 b3 72 19 | b0 b0 32 6f 77 66 a6 5b 36 db d3 6e 92 51 e0 fa | 67 47 86 a7 03 44 7f 99 60 31 7a 6b bd d2 eb 15 | d8 31 f8 05 c0 6e db 3d 87 9d f0 5f 16 3c c3 59 | a7 53 9d 92 c5 a8 f6 c6 2c 2d af 64 10 5e 9c 70 | ed d3 5d f8 2e 67 d0 85 e3 7e 02 67 0f 69 9a bc | f2 d4 14 d3 ed cd 2b 64 92 08 08 a4 61 b6 15 32 | 3b b6 5c 41 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #20 in QUICK_I1 (find_state_ikev1) | start processing: state #20 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #20 is idle | #20 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: fa ac f3 61 b7 ef 03 4c | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 61 b6 15 32 3b b6 5c 41 | decrypted payload (starts at offset -408): | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 01 b4 01 00 00 18 | 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 b4 e3 34 03 | 52 de bc e1 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 48 79 32 25 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 03 4f a4 e5 | 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 8c df 4f 58 | e2 de e3 0e 54 05 27 8b 5b f5 ae d8 05 00 01 04 | f9 17 88 0b 16 9b 40 43 ef 50 36 75 7a ba a5 4c | 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 | a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 00 85 29 8c | cd 1e 6e ce fe f5 82 3c b0 90 76 7a 69 70 bb 15 | 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a e2 20 70 92 | 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d | 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c bd 66 bb dd | 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 | 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e | 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 56 07 02 82 | 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 a2 65 39 6a | d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b 16 95 18 44 | 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 | 3d f3 0c d3 65 01 74 70 de 27 3c fb dc ba e7 49 | 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc 4f 08 af cf | 49 bb 0e 80 63 68 3c f2 c0 11 8b df 1c dc 8f a5 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x55a4efa83398 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 00 36 54 0e | HASH(1) PRF sha update Ni_b-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | HASH(1) PRF sha update payload-bytes@0x55a4efa7d78c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 48 79 32 25 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 03 4f a4 e5 7b 9c 3b 2d | 3e 8e 86 b7 34 5d 3c 12 8c df 4f 58 e2 de e3 0e | 54 05 27 8b 5b f5 ae d8 05 00 01 04 f9 17 88 0b | 16 9b 40 43 ef 50 36 75 7a ba a5 4c 64 bb 7a 36 | 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 a9 7a 59 d7 | 22 bc 4d 34 e4 5f 88 38 00 85 29 8c cd 1e 6e ce | fe f5 82 3c b0 90 76 7a 69 70 bb 15 8b e9 dc b1 | 3d 95 d6 66 ca d7 18 7a e2 20 70 92 52 e6 9b a2 | 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d 4a 84 f5 cf | 09 89 0a a0 dc 38 20 6c bd 66 bb dd 84 23 5a 0e | 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 09 62 ce df | 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e 02 aa ba 4e | 50 2a a6 6a 35 9b f5 19 56 07 02 82 70 93 48 f2 | b1 8f 0f 00 cb fb 16 13 a2 65 39 6a d3 45 f5 4b | a1 e8 7f db 9c 2e 28 5b 16 95 18 44 0b 9f ec a1 | c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 3d f3 0c d3 | 65 01 74 70 de 27 3c fb dc ba e7 49 8d 85 98 d9 | c2 98 87 e6 a3 1d 3d dc 4f 08 af cf 49 bb 0e 80 | 63 68 3c f2 c0 11 8b df 1c dc 8f a5 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 b4 e3 34 03 | 52 de bc e1 | quick_inR1_outI2 HASH(2): | 7e 88 d7 f1 b4 5e 38 ce d5 16 e2 f1 b4 e3 34 03 | 52 de bc e1 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 48 79 32 25 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | f9 17 88 0b 16 9b 40 43 ef 50 36 75 7a ba a5 4c | 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 | a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 00 85 29 8c | cd 1e 6e ce fe f5 82 3c b0 90 76 7a 69 70 bb 15 | 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a e2 20 70 92 | 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d | 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c bd 66 bb dd | 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 | 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e | 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 56 07 02 82 | 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 a2 65 39 6a | d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b 16 95 18 44 | 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 | 3d f3 0c d3 65 01 74 70 de 27 3c fb dc ba e7 49 | 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc 4f 08 af cf | 49 bb 0e 80 63 68 3c f2 c0 11 8b df 1c dc 8f a5 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f2324006448: transferring ownership from state #20 to helper IKEv1 DH | adding quick outI2 DH work-order 28 for state #20 | state #20 requesting EVENT_RETRANSMIT to be deleted | #20 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa7de68 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f2330002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f2324003978 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #20 and saving MD | #20 is busy; has a suspended MD | crypto helper 6 resuming | #20 spent 0.142 milliseconds in process_packet_tail() | crypto helper 6 starting work-order 28 for state #20 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 | stop processing: state #20 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: f9 17 88 0b 16 9b 40 43 ef 50 36 75 7a ba a5 4c | spent 0.45 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 64 bb 7a 36 75 9e f2 46 af 4f 9e 62 1d ee 6f 30 | peer's g: a9 7a 59 d7 22 bc 4d 34 e4 5f 88 38 00 85 29 8c | peer's g: cd 1e 6e ce fe f5 82 3c b0 90 76 7a 69 70 bb 15 | peer's g: 8b e9 dc b1 3d 95 d6 66 ca d7 18 7a e2 20 70 92 | peer's g: 52 e6 9b a2 1b 95 38 1d 70 cf 2a a4 06 f1 5d 5d | peer's g: 4a 84 f5 cf 09 89 0a a0 dc 38 20 6c bd 66 bb dd | peer's g: 84 23 5a 0e 5b 2c ed 63 c7 09 f1 43 50 d8 24 57 | peer's g: 09 62 ce df 0b 3e 78 4d 86 f3 8f 43 a1 46 c6 0e | peer's g: 02 aa ba 4e 50 2a a6 6a 35 9b f5 19 56 07 02 82 | peer's g: 70 93 48 f2 b1 8f 0f 00 cb fb 16 13 a2 65 39 6a | peer's g: d3 45 f5 4b a1 e8 7f db 9c 2e 28 5b 16 95 18 44 | peer's g: 0b 9f ec a1 c6 a5 6e a5 54 a8 f8 c6 ca a1 05 03 | peer's g: 3d f3 0c d3 65 01 74 70 de 27 3c fb dc ba e7 49 | peer's g: 8d 85 98 d9 c2 98 87 e6 a3 1d 3d dc 4f 08 af cf | peer's g: 49 bb 0e 80 63 68 3c f2 c0 11 8b df 1c dc 8f a5 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f2324006448: computed shared DH secret key@0x55a4efa7a950 | dh-shared : g^ir-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 time elapsed 0.000873 seconds | (#20) spent 0.846 milliseconds in crypto helper computing work-order 28: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 28 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f23280012c8 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 28 | calling continuation function 0x55a4ef163b50 | quick_inR1_outI2_continue for #20: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3560462 (0x36540e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f2324006448: transferring ownership from helper IKEv1 DH to state #20 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ead8 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa65820 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa65820 | HASH(1): release clone-key@0x55a4efa65820 | HASH(1) PRF sha crypt-prf@0x7f2330001598 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39ebbc (length 4) | 00 36 54 0e | HASH(1) PRF sha update Ni_b-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | HASH(1) PRF sha update Nr_b-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 1a ff bc ac | ed 41 2d 45 | quick_inR1_outI2 HASH(3): | 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 1a ff bc ac | ed 41 2d 45 | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x55a4efa83398 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa83168 | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f2338004218 (length 20) | a4 97 50 c1 6e 81 c9 4e a3 ae f9 8d 3e 5b f0 af | f1 67 43 db | hmac PRF sha final-bytes@0x55a4efa78418 (length 20) | 31 cf 6b b9 04 97 44 41 61 46 90 89 03 b2 79 ec | 46 60 31 1f | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa833e8 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x7f2330001598 | hmac PRF sha update data-bytes@0x7f2338004218 (length 20) | a4 97 50 c1 6e 81 c9 4e a3 ae f9 8d 3e 5b f0 af | f1 67 43 db | hmac PRF sha update data-bytes@0x55a4efa78418 (length 20) | 31 cf 6b b9 04 97 44 41 61 46 90 89 03 b2 79 ec | 46 60 31 1f | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f233800422c (length 20) | 0f 11 68 b9 c2 3f 71 4a 21 70 b8 1e a7 af d3 14 | 10 61 a5 dc | hmac PRF sha final-bytes@0x55a4efa7842c (length 20) | 9c 5b f3 c6 7f 66 1c 38 c9 fd 69 29 c5 33 ae 89 | 7a 86 84 ab | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2328002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x55a4efa83398 | hmac PRF sha init symkey-key@0x55a4efa5af10 (size 20) | hmac: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x7f233c002b50 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa83168 | hmac PRF sha update data-bytes@0x7f233800422c (length 20) | 0f 11 68 b9 c2 3f 71 4a 21 70 b8 1e a7 af d3 14 | 10 61 a5 dc | hmac PRF sha update data-bytes@0x55a4efa7842c (length 20) | 9c 5b f3 c6 7f 66 1c 38 c9 fd 69 29 c5 33 ae 89 | 7a 86 84 ab | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update g^xy-key@0x55a4efa7a950 (size 256) | hmac: g^xy-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7a950 | nss hmac digest hack: symkey-key@0x55a4efa7a950 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: be a0 2a fa 69 a0 4d 7d 1e fa a1 89 4a 7f ec 5f ed ea ed 09 30 d4 db 95 c9 cd ad d0 0e cc 97 ef 31 25 4a 2f 9e 40 d6 ec 87 04 db 5e 87 f8 19 af 2d df b0 68 60 a7 13 fe 25 23 94 19 00 2a 38 b8 5f 3f cf 17 7a 15 64 33 12 88 93 56 0c 9c 5c e9 95 51 1b 3a d2 a8 55 d8 54 69 1c ef 1a 48 83 7a c8 d5 1d d6 b4 35 ea 30 15 6c d9 04 af ba f2 48 0b 2d 54 80 07 32 35 23 5c ee b1 a3 95 6c 20 2c 11 c3 af 9a e0 27 f2 b4 e7 ac af 2c 46 81 45 bd 46 7b c1 b8 6e 1b ad bc a8 90 3a 36 57 6a 4b 5e 9d 04 2c 07 66 48 fd fb 37 d4 43 6e a4 1d b1 e8 d6 cc d5 5c fd e8 5a 0c 61 79 ca 75 a5 70 ea 99 3c fb f7 12 09 8b 32 d2 11 8a 48 68 43 82 8a 4e b7 96 d0 55 c0 18 77 62 40 f1 b0 c7 7c 86 ed 28 ab 91 b8 57 f4 1a cd 0e 6c 1d 32 41 4d 48 e5 05 d1 da 65 ad 76 4d b7 93 7e 7f 4d b3 d6 bf 92 e0 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 14 f8 ac ac 26 8e 52 8d c3 40 9d 4d c9 5b 20 3b | unwrapped: 7a 59 84 a4 eb b5 c3 8e e4 87 84 ce 89 9d e2 19 | unwrapped: 8b 4e 74 6b 78 3f 51 79 83 eb 26 c8 57 d9 43 1a | unwrapped: f6 13 db 5d 66 71 00 40 c2 da 91 c2 5f 86 bd d0 | unwrapped: 84 9d 17 c9 49 3d 69 c3 f6 21 9e a3 a5 67 9b 69 | unwrapped: 33 56 aa 1b 87 f6 31 5c 61 dc 6c c3 fb ed 78 0b | unwrapped: e1 43 7d 4e 6d 11 b9 37 36 36 6c ed 68 e0 23 71 | unwrapped: 03 f3 ea df 42 d7 49 c0 7a b8 0f 52 76 97 0b 77 | unwrapped: 63 95 2d f8 ca af ef dc ed ad df e8 59 58 2f 0f | unwrapped: e0 ff 15 06 be b4 14 d4 33 a3 c1 c9 c6 51 3c e5 | unwrapped: 43 48 7d 9b f8 83 b4 fc 39 b8 20 99 0c b8 c3 80 | unwrapped: 52 1a ea 28 83 31 e9 27 ff 30 a7 13 4c e7 ef 1e | unwrapped: 29 31 eb 5c d2 e8 da 6a 51 c8 8e 0a fe 19 f0 b8 | unwrapped: 0d 4b ef 09 9f 9e 43 95 35 04 5e 1a 8e c0 23 b7 | unwrapped: a3 7c 7a bc 9d da 6a 5e ac 8e 59 bd 2c da 15 3f | unwrapped: d6 c5 45 09 f0 17 86 b5 89 63 1f 2a 29 81 98 bd | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | df cc b3 b1 | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 48 79 32 25 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x7f2324006a98 (length 32) | a7 d5 f6 08 9d bb 23 66 4e 66 b4 6f 7a 5d 31 5b | 70 cd 07 d7 81 fb d9 6b 76 6d cc 03 72 31 c4 88 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha update data-bytes@0x55a4efa7a848 (length 32) | 03 4f a4 e5 7b 9c 3b 2d 3e 8e 86 b7 34 5d 3c 12 | 8c df 4f 58 e2 de e3 0e 54 05 27 8b 5b f5 ae d8 | hmac PRF sha final-bytes@0x7f2338004240 (length 20) | 16 ca 6a a8 7f a5 d5 4a 7b cc 3f 7d 29 dd af 5e | 90 04 39 2e | hmac PRF sha final-bytes@0x55a4efa78440 (length 20) | 2f 41 0f 13 99 ab f9 09 ea fb 9e 30 2c 0e 66 a9 | dc 90 81 5d | install_ipsec_sa() for #20: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.48793225@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.dfccb3b1@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #20: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #20 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x48793225 SPI_OUT=0x | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1642: | cmd( 320):4' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0x48793225 SPI_OUT=0xdfccb3b1 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x48793225 | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x48793225 SPI_OUT=0xdfccb3b1 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x48793225 SPI_ | popen cmd is 1026 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x48793225 SPI_OUT=0xdfccb3b1 ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x55a4efa77778,sr=0x55a4efa77778} to #20 (was #0) (newest_ipsec_sa=#0) | #19 spent 1.89 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 3f 44 ee ce 6c 47 31 87 8f 60 c9 c9 | encrypting: 1a ff bc ac ed 41 2d 45 | IV: 61 b6 15 32 3b b6 5c 41 | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 63 6a 15 4a c8 c7 c6 92 | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #20 (was #0) (spd.eroute=#20) cloned from #19 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #20 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #20: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2324003978 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f2330002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 20 01 00 36 54 0e 00 00 00 34 89 67 cf 7f | e5 00 fa 11 0c 99 25 6a 50 ad 1a cd 63 6a 15 4a | c8 c7 c6 92 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f233c002b78 | inserting event EVENT_SA_REPLACE, timeout in 27921 seconds for #20 | libevent_malloc: new ptr-libevent@0x55a4ef9d9618 size 128 | pstats #20 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #20: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x48793225 <0xdfccb3b1 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 3.41 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f23280012c8 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00454 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00274 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00257 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.dfccb3b1@192.1.2.45 | get_sa_info esp.48793225@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0882 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #20 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #20 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #20 ikev1.ipsec deleted completed | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #20: deleting state (STATE_QUICK_I2) aged 0.102s and sending notification | child state #20: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.48793225@192.1.2.23 | get_sa_info esp.dfccb3b1@192.1.2.45 "3des" #20: ESP traffic information: in=84B out=84B | #20 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 603752998 (0x23fc8a26) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload df cc b3 b1 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7e170 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7e170 | HASH(1): release clone-key@0x55a4efa7e170 | HASH(1) PRF sha crypt-prf@0x55a4efa833e8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 23 fc 8a 26 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 df cc b3 b1 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a a3 df 01 10 | 0f 5b db 03 | send delete HASH(1): | 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a a3 df 01 10 | 0f 5b db 03 | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 23 fc 8a 26 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 2e 89 fa a4 a6 e2 4c 50 92 2d 39 f2 b2 38 4b 8e | e1 3c df cb | encrypting: 0c 00 00 18 3c cf 03 ab 65 b4 89 c2 e9 70 84 2a | encrypting: a3 df 01 10 0f 5b db 03 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 df cc b3 b1 | IV: 2e 89 fa a4 a6 e2 4c 50 92 2d 39 f2 b2 38 4b 8e | IV: e1 3c df cb | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: d6 c1 df c7 68 87 97 d6 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 23 fc 8a 26 00 00 00 44 75 f7 1c d3 | 0e bd 74 d1 27 51 a2 3a eb 3b 6f 7f 20 e4 b5 12 | c1 73 52 55 a1 8f 22 9c 6a 4e 2a ad d6 c1 df c7 | 68 87 97 d6 | state #20 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x55a4ef9d9618 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f233c002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844017' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x48793225 | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844017' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x48793225 SPI_OUT=0xdfccb3b1 ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.48793225@192.1.2.23 | netlink response for Del SA esp.48793225@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.dfccb3b1@192.1.2.45 | netlink response for Del SA esp.dfccb3b1@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #20 in QUICK_I2 | child state #20: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f2324006448: destroyed | stop processing: state #20 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa7a950 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa76810 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #19 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #19 ikev1.isakmp deleted completed | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #19: deleting state (STATE_MAIN_I4) aged 0.126s and sending notification | parent state #19: MAIN_I4(established IKE SA) => delete | #19 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2807883741 (0xa75ce7dd) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 5d 97 d9 f8 3f c6 7d de | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI b6 8a 2c 11 a9 4a 88 72 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa62310 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1) prf: begin sha with context 0x55a4efa783f0 from SKEYID_a-key@0x55a4efa7a950 | HASH(1): release clone-key@0x55a4efa7a950 | HASH(1) PRF sha crypt-prf@0x7f2324003ad8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | a7 5c e7 dd | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 5d 97 d9 f8 | 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 26 22 f5 45 33 94 48 aa a2 eb 0a e9 c4 54 ad 77 | 2f a1 a5 50 | send delete HASH(1): | 26 22 f5 45 33 94 48 aa a2 eb 0a e9 c4 54 ad 77 | 2f a1 a5 50 | last Phase 1 IV: 06 12 b0 19 66 34 98 8a | current Phase 1 IV: 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | 06 12 b0 19 66 34 98 8a | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | a7 5c e7 dd | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 63 e3 05 93 61 5c 4a b3 5b a4 7a 6c ce 0e e1 04 | 43 36 dd b5 | encrypting: 0c 00 00 18 26 22 f5 45 33 94 48 aa a2 eb 0a e9 | encrypting: c4 54 ad 77 2f a1 a5 50 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 | encrypting: a9 4a 88 72 | IV: 63 e3 05 93 61 5c 4a b3 5b a4 7a 6c ce 0e e1 04 | IV: 43 36 dd b5 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 18 df a9 2f a2 78 4f 6e | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 a7 5c e7 dd 00 00 00 54 93 2f 71 ea | d0 e7 c2 d5 0b 61 94 65 57 07 2d ba cf a5 5b 5e | a1 ed f0 9e 23 4c 5b ab 18 35 51 a8 33 5e bc 67 | b8 f3 6b 3d e9 1d 3c 95 fa 5c ba dd 18 df a9 2f | a2 78 4f 6e | state #19 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2330001378 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa782f8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #19 in MAIN_I4 | parent state #19: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f232c002f98: destroyed | stop processing: state #19 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa5c790 | delete_state: release st->st_skeyid_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_d_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa76810 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 2.18 milliseconds in whack | spent 0.00174 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 0d 78 50 30 00 00 00 44 e7 db 28 ad | 92 8e 41 8d f0 cc 8f b6 23 5e 50 ee fc fc 41 87 | ab 1b 22 ff 68 ee d2 f3 1e e1 15 b9 10 09 24 e4 | c4 c7 6f 5f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 225988656 (0xd785030) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x0d785030 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 5d 97 d9 f8 3f c6 7d de | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | b6 8a 2c 11 a9 4a 88 72 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0726 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.005 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00276 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5d 97 d9 f8 3f c6 7d de b6 8a 2c 11 a9 4a 88 72 | 08 10 05 01 88 15 db 10 00 00 00 54 81 19 1f 85 | 6e e6 04 00 f8 28 2b bd d7 dd 7b 39 60 c3 c9 db | 91 39 80 32 a7 c5 1f 92 c8 17 a7 da 8f 40 0e 64 | c7 dc af a5 7c 92 4b 9f 7b bb 00 8d c2 78 9a 0e | 44 a0 0a 7b | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5d 97 d9 f8 3f c6 7d de | responder cookie: | b6 8a 2c 11 a9 4a 88 72 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2283133712 (0x8815db10) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x8815db10 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 5d 97 d9 f8 3f c6 7d de | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | b6 8a 2c 11 a9 4a 88 72 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0822 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a4efa78038 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.01 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00447 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0668 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0472 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0553 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.104 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #21 at 0x55a4efa78798 | State DB: adding IKEv1 state #21 in UNDEFINED | pstats #21 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #21 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #21: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #21 "3des" "3des" #21: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 90 7e 86 5d c4 c6 5a b5 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x55a4efa769c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #21: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #21) | 90 7e 86 5d c4 c6 5a b5 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa782f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #21 | libevent_malloc: new ptr-libevent@0x7f23280012c8 size 128 | #21 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29303.71061 | #21 spent 0.342 milliseconds in main_outI1() | stop processing: state #21 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.393 milliseconds in whack | spent 0.00223 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 90 7e 86 5d c4 c6 5a b5 97 d9 ec 54 c5 11 8c 49 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 90 7e 86 5d c4 c6 5a b5 | responder cookie: | 97 d9 ec 54 c5 11 8c 49 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #21 in MAIN_I1 (find_state_ikev1_init) | start processing: state #21 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #21 is idle | #21 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #21: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #21: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #21 spent 0.0113 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #21 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.127 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x55a4efa782f8 | handling event EVENT_RETRANSMIT for parent state #21 | start processing: state #21 connection "3des" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "3des" #21 keying attempt 1 of 0; retransmit 1 "3des" #21: IMPAIR: retransmit so deleting SA | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #21 ikev1.isakmp failed too-many-retransmits | pstats #21 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #21: deleting state (STATE_MAIN_I1) aged 0.500s and NOT sending notification | parent state #21: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection 3des | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "3des" {0x55a4efa6a378} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #21 "3des" #21: deleting IKE SA for connection '3des' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection '3des' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection 3des | State DB: deleting IKEv1 state #21 in MAIN_I1 | parent state #21: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #21 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f23280012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa782f8 | in statetime_stop() and could not find #21 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection 3des which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #22 at 0x55a4efa78798 | State DB: adding IKEv1 state #22 in UNDEFINED | pstats #22 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #22 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #22: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #22 "3des" "3des" #22: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | f5 c7 14 93 c1 b1 c3 3f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x55a4efa769c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #22: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #22) | f5 c7 14 93 c1 b1 c3 3f 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #22 | libevent_malloc: new ptr-libevent@0x7f23280012c8 size 128 | #22 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.211497 | #22 spent 0.398 milliseconds in main_outI1() | stop processing: state #22 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | spent 0.419 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00179 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f5 c7 14 93 c1 b1 c3 3f 21 04 ae 5b f5 60 67 41 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f5 c7 14 93 c1 b1 c3 3f | responder cookie: | 21 04 ae 5b f5 60 67 41 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #22 in MAIN_I1 (find_state_ikev1_init) | start processing: state #22 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #22 is idle | #22 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #22: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #22: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #22 spent 0.00666 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #22 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0968 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0424 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | removing pending policy for no connection {0x55a4efa6a378} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #22 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #22 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #22 ikev1.isakmp deleted other | [RE]START processing: state #22 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #22: deleting state (STATE_MAIN_I1) aged 0.015s and NOT sending notification | parent state #22: MAIN_I1(half-open IKE SA) => delete | state #22 requesting EVENT_RETRANSMIT to be deleted | #22 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f23280012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #22 in MAIN_I1 | parent state #22: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #22 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x55a4efa78038 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.297 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0512 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0476 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:192 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0516 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x55a4efa78038 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.131 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #23 at 0x55a4efa78798 | State DB: adding IKEv1 state #23 in UNDEFINED | pstats #23 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #23 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #23: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #23 "3des" "3des" #23: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x55a4efa7a848 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #23: IMPAIR: sending key-length attribute value 192 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f23280012c8 size 128 | #23 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.652235 | #23 spent 0.384 milliseconds in main_outI1() | stop processing: state #23 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.438 milliseconds in whack | spent 0.00255 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #23 in MAIN_I1 (find_state_ikev1_init) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 29 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f23280012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f23280012c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #23 and saving MD | crypto helper 0 resuming | crypto helper 0 starting work-order 29 for state #23 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 29 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | #23 is busy; has a suspended MD | #23 spent 0.117 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.244 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7f233c0045a8: created | NSS: Local DH MODP2048 secret (pointer): 0x7f233c0045a8 | NSS: Public DH wire value: | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | Generated nonce: c1 70 9e 94 01 66 b5 85 d4 22 6c c1 22 f7 36 cd | Generated nonce: 25 d8 9a 0f fb 94 2c 70 fe a4 1b de 54 89 d9 7c | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 29 time elapsed 0.00069 seconds | (#23) spent 0.682 milliseconds in crypto helper computing work-order 29: outI2 KE (pcr) | crypto helper 0 sending results from work-order 29 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f233c0048c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 29 | calling continuation function 0x55a4ef163b50 | main_inR1_outI2_continue for #23: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f233c0045a8: transferring ownership from helper KE to state #23 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | keyex value 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | keyex value a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | keyex value 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | keyex value 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | keyex value fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | keyex value 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | keyex value 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | keyex value d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | keyex value 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | keyex value 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | keyex value 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | keyex value 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | keyex value c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | keyex value 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | keyex value d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni c1 70 9e 94 01 66 b5 85 d4 22 6c c1 22 f7 36 cd | Ni 25 d8 9a 0f fb 94 2c 70 fe a4 1b de 54 89 d9 7c | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | natd_hash: hash= 37 b2 91 e6 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | NAT-D 37 b2 91 e6 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe5e39ed30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe5e39ed38 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffe5e39ecb4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39eca6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39ed80 (length 20) | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | natd_hash: hash= c6 dc 0b 90 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | NAT-D c6 dc 0b 90 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #23 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #23: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f23280012c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | 14 00 00 24 c1 70 9e 94 01 66 b5 85 d4 22 6c c1 | 22 f7 36 cd 25 d8 9a 0f fb 94 2c 70 fe a4 1b de | 54 89 d9 7c 14 00 00 18 5f f2 ef 47 d8 08 4d ae | 08 01 d8 1f cf a2 4b f1 37 b2 91 e6 00 00 00 18 | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a4ef9d95d8 size 128 | #23 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.654215 "3des" #23: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.272 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f233c0048c8 | spent 0.00353 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | 14 00 00 24 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 | 2c de ee 0e 47 06 4e 67 5b f5 af a8 04 1e 77 48 | ae 4b 38 84 14 00 00 18 2c f9 9b ce 8a 99 4b af | 71 e4 59 76 c2 c2 60 ec c6 dc 0b 90 00 00 00 18 | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I2 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f233c0045a8: transferring ownership from state #23 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 30 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4ef9d95d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f233c0048c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #23 and saving MD | #23 is busy; has a suspended MD | crypto helper 1 resuming | #23 spent 0.075 milliseconds in process_packet_tail() | crypto helper 1 starting work-order 30 for state #23 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.193 milliseconds in comm_handle_cb() reading and processing packet | peer's g: c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | peer's g: d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | peer's g: e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | peer's g: 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | peer's g: 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | peer's g: 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | peer's g: 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | peer's g: e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | peer's g: f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | peer's g: c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | peer's g: 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | peer's g: 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | peer's g: ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | peer's g: 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | peer's g: f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f233c0045a8: computed shared DH secret key@0x55a4efa76810 | dh-shared : g^ir-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x55a4efa7f8d8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: psk-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x55a4efa62310 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: psk-key@0x55a4efa63dc0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x55a4efa62310 | SKEYID psk prf: created sha context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk prf: begin sha with context 0x7f2334002d60 from psk-key@0x55a4efa63dc0 | SKEYID psk: release clone-key@0x55a4efa63dc0 | SKEYID psk PRF sha crypt-prf@0x7f2334001108 | SKEYID psk PRF sha update Ni-bytes@0x55a4efa7f8fc (length 32) | c1 70 9e 94 01 66 b5 85 d4 22 6c c1 22 f7 36 cd | 25 d8 9a 0f fb 94 2c 70 fe a4 1b de 54 89 d9 7c | SKEYID psk PRF sha update Nr-bytes@0x55a4efa7f91c (length 32) | 70 80 71 d9 d8 d3 d1 db c4 64 d9 01 2c de ee 0e | 47 06 4e 67 5b f5 af a8 04 1e 77 48 ae 4b 38 84 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa62310 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa62310 | SKEYID psk PRF sha final-key@0x55a4efa63dc0 (size 20) | SKEYID psk: key-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_d: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e718 | result: clone-key@0x55a4efa62310 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa62310 | SKEYID_d: release clone-key@0x55a4efa62310 | SKEYID_d PRF sha crypt-prf@0x7f23340010b8 | SKEYID_d PRF sha update g^xy-key@0x55a4efa76810 (size 256) | SKEYID_d: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 4e b5 9c 07 30 a6 d8 e6 c3 3a e1 8e ff b9 b4 6a 56 85 82 7c d9 48 51 ec 7f 4c 68 75 88 c9 aa 08 a7 0a 48 ce 3c 5b e9 03 e3 3a cc 2f 28 04 a2 25 6a 64 7d 37 65 18 19 ac 59 7d af 52 c2 06 61 f3 63 46 8f 7a 4b 4f f5 d9 b5 fb 19 0b 8a 59 16 9c 9d 0e 5b a0 6b f3 8f 08 a1 71 f6 3d 98 28 34 09 ac fb 8d a8 88 90 f6 1d cb e8 54 eb 01 53 99 c6 a0 b8 df bf f6 b5 d6 71 c6 8c 28 43 95 c8 64 d8 dc 5f e8 95 3d bb 98 ef 45 cf 27 2a 16 8b 2c 6a 66 31 6f 96 97 6e 2d 44 37 6d b1 eb d9 cd f4 22 41 dd 40 f9 10 02 bb 56 c9 e4 e0 42 0e 4d 15 8e dc 20 42 94 b3 ed 49 67 76 84 ee 50 29 b7 93 11 a7 c8 4b e0 5b a9 7c 5f c9 b7 09 08 e1 6b 1b 65 d8 54 20 f5 94 8e f1 e8 2d 69 0d 65 03 12 1b 38 38 33 60 37 f5 c2 60 7e 8f 13 81 80 04 71 f7 61 27 f6 9a be f5 74 36 4f 28 b1 95 52 3c d1 a4 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_d PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_d PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e720 | result: final-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: final-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5af10 | SKEYID_d PRF sha final-key@0x55a4efa62310 (size 20) | SKEYID_d: key-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_a: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: clone-key@0x55a4efa5af10 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa5af10 | SKEYID_a: release clone-key@0x55a4efa5af10 | SKEYID_a PRF sha crypt-prf@0x7f2334001108 | SKEYID_a PRF sha update SKEYID_d-key@0x55a4efa62310 (size 20) | SKEYID_a: SKEYID_d-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa62310 | nss hmac digest hack: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156115: d4 14 f5 23 b8 30 38 37 f9 47 89 93 36 1d 9a 0e 97 1a 95 b3 e2 84 28 61 ec 0d e9 d7 49 48 92 32 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2334008c38 | unwrapped: 64 6f 5b d2 eb fa 73 76 db b3 4e e2 9d a3 73 c8 | unwrapped: fc b7 8f 2d 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x55a4efa76810 (size 256) | SKEYID_a: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 4e b5 9c 07 30 a6 d8 e6 c3 3a e1 8e ff b9 b4 6a 56 85 82 7c d9 48 51 ec 7f 4c 68 75 88 c9 aa 08 a7 0a 48 ce 3c 5b e9 03 e3 3a cc 2f 28 04 a2 25 6a 64 7d 37 65 18 19 ac 59 7d af 52 c2 06 61 f3 63 46 8f 7a 4b 4f f5 d9 b5 fb 19 0b 8a 59 16 9c 9d 0e 5b a0 6b f3 8f 08 a1 71 f6 3d 98 28 34 09 ac fb 8d a8 88 90 f6 1d cb e8 54 eb 01 53 99 c6 a0 b8 df bf f6 b5 d6 71 c6 8c 28 43 95 c8 64 d8 dc 5f e8 95 3d bb 98 ef 45 cf 27 2a 16 8b 2c 6a 66 31 6f 96 97 6e 2d 44 37 6d b1 eb d9 cd f4 22 41 dd 40 f9 10 02 bb 56 c9 e4 e0 42 0e 4d 15 8e dc 20 42 94 b3 ed 49 67 76 84 ee 50 29 b7 93 11 a7 c8 4b e0 5b a9 7c 5f c9 b7 09 08 e1 6b 1b 65 d8 54 20 f5 94 8e f1 e8 2d 69 0d 65 03 12 1b 38 38 33 60 37 f5 c2 60 7e 8f 13 81 80 04 71 f7 61 27 f6 9a be f5 74 36 4f 28 b1 95 52 3c d1 a4 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334003db8 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_a PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_a PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e700 | result: final-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: final-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa65c00 | SKEYID_a PRF sha final-key@0x55a4efa5af10 (size 20) | SKEYID_a: key-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x55a4efa63dc0 (size 20) | SKEYID_e: SKEYID-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e708 | result: clone-key@0x55a4efa65c00 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e prf: begin sha with context 0x7f2334002d60 from SKEYID-key@0x55a4efa65c00 | SKEYID_e: release clone-key@0x55a4efa65c00 | SKEYID_e PRF sha crypt-prf@0x7f23340010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x55a4efa5af10 (size 20) | SKEYID_e: SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5af10 | nss hmac digest hack: symkey-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283323412: 6b 5e 40 39 ab cb 6d 60 35 1f 9a e3 45 f4 4c 1e 8b 97 be 49 dc 1b e0 9e 6d 2e 54 2a 3f c5 77 c8 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f23340085b8 | unwrapped: 5b e0 51 57 09 37 8d 17 2f 25 99 38 d1 c6 e3 35 | unwrapped: 67 d9 fc de 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x55a4efa76810 (size 256) | SKEYID_e: g^xy-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa76810 | nss hmac digest hack: symkey-key@0x55a4efa76810 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 4e b5 9c 07 30 a6 d8 e6 c3 3a e1 8e ff b9 b4 6a 56 85 82 7c d9 48 51 ec 7f 4c 68 75 88 c9 aa 08 a7 0a 48 ce 3c 5b e9 03 e3 3a cc 2f 28 04 a2 25 6a 64 7d 37 65 18 19 ac 59 7d af 52 c2 06 61 f3 63 46 8f 7a 4b 4f f5 d9 b5 fb 19 0b 8a 59 16 9c 9d 0e 5b a0 6b f3 8f 08 a1 71 f6 3d 98 28 34 09 ac fb 8d a8 88 90 f6 1d cb e8 54 eb 01 53 99 c6 a0 b8 df bf f6 b5 d6 71 c6 8c 28 43 95 c8 64 d8 dc 5f e8 95 3d bb 98 ef 45 cf 27 2a 16 8b 2c 6a 66 31 6f 96 97 6e 2d 44 37 6d b1 eb d9 cd f4 22 41 dd 40 f9 10 02 bb 56 c9 e4 e0 42 0e 4d 15 8e dc 20 42 94 b3 ed 49 67 76 84 ee 50 29 b7 93 11 a7 c8 4b e0 5b a9 7c 5f c9 b7 09 08 e1 6b 1b 65 d8 54 20 f5 94 8e f1 e8 2d 69 0d 65 03 12 1b 38 38 33 60 37 f5 c2 60 7e 8f 13 81 80 04 71 f7 61 27 f6 9a be f5 74 36 4f 28 b1 95 52 3c d1 a4 79 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f2334004f28 | unwrapped: 01 ed f4 e6 61 46 b6 70 19 93 35 33 42 75 c2 3a | unwrapped: 39 f1 14 5f 3f 7f 77 18 fb a6 64 2d 04 fd 14 b4 | unwrapped: 7e 5f ef 37 c8 38 87 8a 75 e9 1b 76 49 ff 42 20 | unwrapped: 76 20 8c a7 32 75 44 87 51 25 de 8a 58 ec 22 c6 | unwrapped: 14 65 6f e8 32 b9 77 e8 34 08 0e a6 c8 75 ed 41 | unwrapped: f5 47 3d b6 a0 72 24 58 95 e9 6e 67 07 9a ae 09 | unwrapped: 18 22 48 08 ee 10 b7 6a ce f4 8b ab fd 1e 5b 9a | unwrapped: a0 1b 71 4b ce 57 a3 7d 67 a5 b4 70 1e 20 d0 03 | unwrapped: 31 9b 3c 6a 9e 0e 63 d1 11 50 d0 60 f8 2d 2f 17 | unwrapped: cd 96 87 67 49 f6 0d df 6a 52 8e bd 89 0a 16 08 | unwrapped: 16 93 6c 9f b4 24 10 b3 94 e4 ef 8b ae c0 81 de | unwrapped: 2c f0 c8 e3 1c b4 68 2b 77 87 13 71 8f ce ff a8 | unwrapped: 0d 9c 17 f7 c1 c8 9d e5 ae dd f5 b0 50 bf 44 4d | unwrapped: 31 ca 18 47 29 2a 39 5f 08 82 9d 7c d6 9a 82 21 | unwrapped: 95 66 5b 0d 20 61 42 64 13 a5 bd 4f 08 ca e6 a7 | unwrapped: e8 f4 e2 bb dd 31 3d 1b bc a1 f1 68 7b 39 44 8b | SKEYID_e PRF sha update CKI_i-bytes@0x55a4efa7fb3c (length 8) | da c7 ab 6d 01 b2 f8 c9 | SKEYID_e PRF sha update CKI_r-bytes@0x55a4efa7fb44 (length 8) | 6d ef 71 0c f6 3c c0 44 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e710 | result: final-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa5c790 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6f8 | result: final-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa5c790 | SKEYID_e PRF sha final-key@0x55a4efa65c00 (size 20) | SKEYID_e: key-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x55a4efa65c00 (size 20) | appendix_b: SKEYID_e-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: clone-key@0x55a4efa5c790 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f2334002d60 from SKEYID_e-key@0x55a4efa5c790 | appendix_b prf: begin sha with context 0x7f2334002d60 from SKEYID_e-key@0x55a4efa5c790 | appendix_b: release clone-key@0x55a4efa5c790 | appendix_b PRF sha crypt-prf@0x7f2334001108 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e6f0 | result: final-key@0x55a4efa7a950 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa7a950 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6d8 | result: final-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa7a950 | appendix_b PRF sha final-key@0x55a4efa5c790 (size 20) | appendix_b: key-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x55a4efa5c790 | Kn PRF sha init SKEYID_e-key@0x55a4efa65c00 (size 20) | Kn: SKEYID_e-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa65c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6e8 | result: clone-key@0x55a4efa7a950 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f2334002d60 from SKEYID_e-key@0x55a4efa7a950 | Kn prf: begin sha with context 0x7f2334002d60 from SKEYID_e-key@0x55a4efa7a950 | Kn: release clone-key@0x55a4efa7a950 | Kn PRF sha crypt-prf@0x7f23340010b8 | Kn PRF sha update old_k-key@0x55a4efa5c790 (size 20) | Kn: old_k-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x55a4efa5c790 | nss hmac digest hack: symkey-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-283156169: c7 01 ed f3 cb 39 2e d8 7f 91 60 95 f1 ef b8 b7 85 c7 33 bb 1a 43 d0 39 56 e3 27 d8 b2 65 aa 18 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 32 bytes at 0x7f2334008c38 | unwrapped: e8 4c f6 b3 2a bb 49 ca c8 83 87 b7 62 41 25 96 | unwrapped: 61 84 98 3d 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f234305e6f0 | result: final-key@0x55a4efa7e170 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x55a4efa7e170 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e6d8 | result: final-key@0x55a4efa7a950 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x55a4efa7e170 | Kn PRF sha final-key@0x55a4efa7a950 (size 20) | Kn: key-key@0x55a4efa7a950 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x55a4efa5c790 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f234305e768 | result: result-key@0x55a4efa7e170 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x55a4efa5c790 | appendix_b_keymat_e: release old_k#N-key@0x55a4efa5c790 | appendix_b_keymat_e: release old_k#final-key@0x55a4efa7a950 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x55a4efa7e170 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f234305e768 | result: cryptkey-key@0x55a4efa7a950 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x55a4efa7e170 | NSS: pointers skeyid_d 0x55a4efa62310, skeyid_a 0x55a4efa5af10, skeyid_e 0x55a4efa65c00, enc_key 0x55a4efa7a950 | DH_i: 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | DH_i: 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | DH_i: a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | DH_i: 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | DH_i: 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | DH_i: fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | DH_i: 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | DH_i: 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | DH_i: d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | DH_i: 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | DH_i: 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | DH_i: 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | DH_i: 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | DH_i: c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | DH_i: 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | DH_i: d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | DH_r: 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | DH_r: c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | DH_r: d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | DH_r: e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | DH_r: 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | DH_r: 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | DH_r: 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | DH_r: 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | DH_r: e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | DH_r: f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | DH_r: c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | DH_r: 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | DH_r: 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | DH_r: ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | DH_r: 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | DH_r: f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | new IV hash sha init | new IV hash sha digest GI-bytes@0x55a4efa7f93c (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | new IV hash sha digest GR-bytes@0x55a4efa7fa3c (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | new IV hash sha final chunk@0x7f2334008c38 (length 20) | 5d c0 72 ff 13 af ff a1 4a a1 28 6e 13 5e 12 86 | 6b e1 ab de | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 time elapsed 0.001886 seconds | (#23) spent 1.87 milliseconds in crypto helper computing work-order 30: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 30 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 30 | calling continuation function 0x55a4ef163b50 | main_inR2_outI3_cryptotail for #23: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f233c0045a8: transferring ownership from helper IKEv1 DH+IV to state #23 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e790 (length 20) | 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | c6 dc 0b 90 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | natd_hash: hash= c6 dc 0b 90 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x55a4efa78d30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x55a4efa78d38 (length 8) | 6d ef 71 0c f6 3c c0 44 | NATD hash sha digest IP addr-bytes@0x7ffe5e39e6f4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe5e39e6e6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe5e39e7d0 (length 20) | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | natd_hash: hasher=0x55a4ef238800(20) | natd_hash: icookie= da c7 ab 6d 01 b2 f8 c9 | natd_hash: rcookie= 6d ef 71 0c f6 3c c0 44 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | natd_hash: hash= 37 b2 91 e6 | expected NAT-D(me): 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | expected NAT-D(me): c6 dc 0b 90 | expected NAT-D(him): | 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | 37 b2 91 e6 | received NAT-D: 2c f9 9b ce 8a 99 4b af 71 e4 59 76 c2 c2 60 ec | received NAT-D: c6 dc 0b 90 | received NAT-D: 5f f2 ef 47 d8 08 4d ae 08 01 d8 1f cf a2 4b f1 | received NAT-D: 37 b2 91 e6 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39e6e8 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x55a4efa7a898 | hmac PRF sha update data-bytes@0x7f233c001fa8 (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | hmac PRF sha update data-bytes@0x7f2324003db8 (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 6d ef 71 0c f6 3c c0 44 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa782fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x55a4ef2618e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffe5e39ea00 (length 20) | 50 45 05 2e d7 12 35 74 f9 e2 ee 65 ff 71 c9 e4 | 0f 3a a4 97 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 50 45 05 2e d7 12 35 74 f9 e2 ee 65 ff 71 c9 e4 | HASH_I 0f 3a a4 97 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 50 45 05 2e d7 12 35 74 f9 e2 ee 65 ff 71 c9 e4 | encrypting: 0f 3a a4 97 | IV: 5d c0 72 ff 13 af ff a1 4a a1 28 6e 13 5e 12 86 | IV: 6b e1 ab de | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 6f 82 75 67 b5 82 2a 25 | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #23: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f233c0048c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78118 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 e4 e6 06 d9 | 10 17 ee df 5f 07 0d b8 63 40 37 47 ce f4 83 c2 | ed f5 f8 2f ad 91 ab 7a bf f8 1d 63 6f 82 75 67 | b5 82 2a 25 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78118 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x55a4ef9d95d8 size 128 | #23 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.660211 "3des" #23: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.488 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2334003ad8 | spent 0.00252 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 73 e5 dc 5f | d1 39 97 05 65 f7 45 9b fe 78 6d 2c f9 51 3c 7e | ca dc bf 7f b3 b6 16 92 20 f7 09 69 ae a7 26 1a | fc db 67 ba | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I3 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 6f 82 75 67 b5 82 2a 25 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: ae a7 26 1a fc db 67 ba | decrypted payload (starts at offset -40): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 90 6b c1 81 | cc 48 f5 cf 3c 35 85 8d 56 b0 e7 90 e4 b1 2c f4 | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #23: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x55a4efa63dc0 (size 20) | hmac: symkey-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa63dc0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ef98 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac prf: begin sha with context 0x55a4efa783f0 from symkey-key@0x55a4efa7e170 | hmac: release clone-key@0x55a4efa7e170 | hmac PRF sha crypt-prf@0x7f2334008c38 | hmac PRF sha update data-bytes@0x7f2324003db8 (length 256) | 01 4c a6 62 98 1d 70 29 ad 8c 16 7f 3d c8 cf 61 | c0 3f 89 80 3e 55 f2 36 6d 8a a4 38 3b 38 7b ee | d6 1b d6 a1 06 89 28 f9 c0 eb 10 54 3e 14 64 d7 | e5 2d dd ac 3d 78 e6 a9 8b 9b 51 2c bf 61 1d ac | 1a 60 63 73 80 7f a1 ee 81 06 38 56 33 2e 80 f2 | 5c 70 bb b0 fd 37 16 9c 03 87 2b fe 04 e9 c6 bf | 80 f9 19 d1 e4 61 9c e1 9f 25 5c 0b f4 4b f3 6e | 46 c5 14 f6 72 e8 8d 78 c7 b8 1c ea 23 69 27 22 | e3 3a 39 a9 a0 02 20 90 a1 93 02 dd 3a a2 30 22 | f4 72 ab c8 be 84 7c ed bb fa 53 41 7f 13 d3 08 | c8 83 15 2a 51 c8 a8 1e b3 74 e6 91 26 39 fa 3f | 49 da c2 11 b3 76 e5 6e 2a d6 30 66 db cc 97 80 | 8d ea 0a 1d 07 6c 47 ba f6 d4 e2 a2 43 5e d8 4d | ae f1 e5 50 2d f2 eb c0 9f 6c e2 93 05 72 e9 b8 | 92 29 0c cb 7b bc e5 38 9f c5 ee f3 73 49 bb 8f | f1 42 c1 95 81 66 0f eb 06 f9 4d 32 4a f0 82 80 | hmac PRF sha update data-bytes@0x7f233c001fa8 (length 256) | 5d 20 1f 2b c5 22 73 47 b3 48 ec 0f ea 73 62 d2 | 7a e1 e2 6e 95 96 2b 5b 86 bf 99 77 38 a7 b2 1e | a3 ac b9 3b 1e 3c 5f 98 12 9f 79 5a 41 ab 4b 8a | 56 c2 0a d8 d1 5c f0 80 35 5b 3d 03 06 a4 b1 8f | 97 f4 5c 42 55 03 5e 7d 61 84 24 b7 3d 2e 48 96 | fa f6 4f ec bb 76 1b dd 60 b1 b0 b0 ca 81 c8 c6 | 94 bd 28 83 d1 a4 98 3d 94 8c de 88 43 fc e4 63 | 0f 0e 08 f8 5a 72 09 2b fd c4 16 cb 62 93 60 61 | d1 56 6d cf 76 4f ef 03 f4 1b 6c 67 43 9c 6b 6d | 58 1e 16 41 4c 47 cb e1 2b 7e 7c 8c 88 a4 61 62 | 5a 91 36 d2 73 49 81 d1 5e ef 52 33 03 91 b5 4a | 69 fa 52 96 00 a0 ed 5a b4 81 a4 7e d1 5c 15 f0 | 12 63 00 93 19 69 05 ea 17 5a b8 c4 2e 47 db e7 | c4 ce 6b fa 91 d4 06 6d ef 33 21 4c e5 d7 89 bd | 56 93 c1 cc 2d 2c 8f cc 0b 2c 8e 51 16 77 a0 dc | d4 2d dd 4b 82 ee e3 ee 2f 99 82 1d f7 05 59 a3 | hmac PRF sha update data-bytes@0x55a4efa78d38 (length 8) | 6d ef 71 0c f6 3c c0 44 | hmac PRF sha update data-bytes@0x55a4efa78d30 (length 8) | da c7 ab 6d 01 b2 f8 c9 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x55a4efa782fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x55a4efa768e8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffe5e39f120 (length 20) | 90 6b c1 81 cc 48 f5 cf 3c 35 85 8d 56 b0 e7 90 | e4 b1 2c f4 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #23: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4ef9d95d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78118 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x55a4efa78118 | inserting event EVENT_SA_REPLACE, timeout in 2864 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f2334003ad8 size 128 | pstats #23 ikev1.isakmp established "3des" #23: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #23 | creating state object #24 at 0x55a4efa7b648 | State DB: adding IKEv1 state #24 in UNDEFINED | pstats #24 ikev1.ipsec started | duplicating state object #23 "3des" as #24 for IPSEC SA | #24 setting local endpoint to 192.1.2.45:500 from #23.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x55a4efa63dc0 | duplicate_state: reference st_skey_d_nss-key@0x55a4efa62310 | duplicate_state: reference st_skey_ai_nss-key@0x55a4efa5af10 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x55a4efa65c00 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x55a4efa7a950 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #23 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #24 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #24: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #24: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#23 msgid:3ef05ca0 proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 31 for state #24 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78418 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x55a4efa831b8 size 128 | stop processing: state #24 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #23 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "3des" | removing pending policy for no connection {0x55a4efa6a378} | close_any(fd@24) (in release_whack() at state.c:654) | #23 spent 0.395 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | crypto helper 3 resuming | crypto helper 3 starting work-order 31 for state #24 | processing: STOP connection NULL (in process_md() at demux.c:383) | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 31 | spent 0.564 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f2338003188: created | NSS: Local DH MODP2048 secret (pointer): 0x7f2338003188 | NSS: Public DH wire value: | 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe | 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 | 3b df 0f c2 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 | 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 | 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 | ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba | 24 75 cb ea 88 11 7c 74 94 93 07 ff a4 7e 12 06 | 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 ae ed c7 eb | 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee 98 87 50 bd | 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad | 74 98 e9 15 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 | 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e | 86 9a 4e e4 a8 60 14 60 01 bf ef 26 25 44 b7 b1 | ae e6 4d b1 70 eb 88 fa 62 dd fc 03 47 11 06 9b | df cd 66 b9 74 3f b4 4c b3 82 31 35 51 82 94 d6 | c7 54 47 d0 7f 35 71 a8 2e da c5 69 2b 3c 21 ed | Generated nonce: 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | Generated nonce: 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 31 time elapsed 0.000583 seconds | (#24) spent 0.585 milliseconds in crypto helper computing work-order 31: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 31 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 31 | calling continuation function 0x55a4ef163b50 | quick_outI1_continue for #24: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x4448a77a for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 44 48 a7 7a | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | Ni 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f2338003188: transferring ownership from helper KE to state #24 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe | keyex value 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 | keyex value 3b df 0f c2 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 | keyex value 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 | keyex value 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 | keyex value ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba | keyex value 24 75 cb ea 88 11 7c 74 94 93 07 ff a4 7e 12 06 | keyex value 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 ae ed c7 eb | keyex value 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee 98 87 50 bd | keyex value 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad | keyex value 74 98 e9 15 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 | keyex value 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e | keyex value 86 9a 4e e4 a8 60 14 60 01 bf ef 26 25 44 b7 b1 | keyex value ae e6 4d b1 70 eb 88 fa 62 dd fc 03 47 11 06 9b | keyex value df cd 66 b9 74 3f b4 4c b3 82 31 35 51 82 94 d6 | keyex value c7 54 47 d0 7f 35 71 a8 2e da c5 69 2b 3c 21 ed | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ecf8 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7e170 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7e170 | HASH(1): release clone-key@0x55a4efa7e170 | HASH(1) PRF sha crypt-prf@0x55a4efa7a8e8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39eddc (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update payload-bytes@0x55a4ef2618f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 44 48 a7 7a 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 0b 71 ab f5 a6 da 00 6c | 13 7c 92 1d 86 09 54 bb 9a 5b f4 3c 9a 58 e9 15 | be 49 bd 30 18 9e da ee 05 00 01 04 7e 6e e8 7e | 33 a9 df 6d 5b dc 52 20 d4 0f d0 fe 62 ec 63 28 | de 79 bb c4 ac 3a 1d 98 46 7c 99 f0 3b df 0f c2 | 63 8f 9a f9 21 3e 6c bf c3 a2 3b 57 55 bd 77 1a | 0e a5 a9 97 b1 3a e4 86 a5 91 67 16 68 f2 06 79 | 1f 6f fd 96 4e 7b f2 b1 c4 b0 46 39 ae 6e 1e d1 | 5f 90 33 e1 f5 32 87 73 a5 a2 14 ba 24 75 cb ea | 88 11 7c 74 94 93 07 ff a4 7e 12 06 11 cf 0f 14 | be 3c dc b3 98 bf 6c 87 ae ed c7 eb 87 3c 4f 48 | e1 88 28 9b 31 0f 19 ee 98 87 50 bd 2b ed 25 b3 | a9 ec a4 2b 57 97 8f 5e 7b 64 1f ad 74 98 e9 15 | 2e 47 3d 05 49 32 e7 83 95 d4 ee c4 5f bd 5d 51 | 20 d2 61 ac e3 bb 4e 3f b4 ee f5 9e 86 9a 4e e4 | a8 60 14 60 01 bf ef 26 25 44 b7 b1 ae e6 4d b1 | 70 eb 88 fa 62 dd fc 03 47 11 06 9b df cd 66 b9 | 74 3f b4 4c b3 82 31 35 51 82 94 d6 c7 54 47 d0 | 7f 35 71 a8 2e da c5 69 2b 3c 21 ed 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 92 5f 64 98 | 13 da 3c 44 | outI1 HASH(1): | 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 92 5f 64 98 | 13 da 3c 44 | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39edec (length 4) | 3e f0 5c a0 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 7b 2d 21 b9 e4 78 70 18 b8 5d d7 3a b2 e4 a1 7f | 21 17 89 bc | encrypting: 01 00 00 18 96 c0 eb 63 ef 18 e0 ab c7 a1 b5 a3 | encrypting: 92 5f 64 98 13 da 3c 44 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 44 48 a7 7a | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | encrypting: 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | encrypting: 05 00 01 04 7e 6e e8 7e 33 a9 df 6d 5b dc 52 20 | encrypting: d4 0f d0 fe 62 ec 63 28 de 79 bb c4 ac 3a 1d 98 | encrypting: 46 7c 99 f0 3b df 0f c2 63 8f 9a f9 21 3e 6c bf | encrypting: c3 a2 3b 57 55 bd 77 1a 0e a5 a9 97 b1 3a e4 86 | encrypting: a5 91 67 16 68 f2 06 79 1f 6f fd 96 4e 7b f2 b1 | encrypting: c4 b0 46 39 ae 6e 1e d1 5f 90 33 e1 f5 32 87 73 | encrypting: a5 a2 14 ba 24 75 cb ea 88 11 7c 74 94 93 07 ff | encrypting: a4 7e 12 06 11 cf 0f 14 be 3c dc b3 98 bf 6c 87 | encrypting: ae ed c7 eb 87 3c 4f 48 e1 88 28 9b 31 0f 19 ee | encrypting: 98 87 50 bd 2b ed 25 b3 a9 ec a4 2b 57 97 8f 5e | encrypting: 7b 64 1f ad 74 98 e9 15 2e 47 3d 05 49 32 e7 83 | encrypting: 95 d4 ee c4 5f bd 5d 51 20 d2 61 ac e3 bb 4e 3f | encrypting: b4 ee f5 9e 86 9a 4e e4 a8 60 14 60 01 bf ef 26 | encrypting: 25 44 b7 b1 ae e6 4d b1 70 eb 88 fa 62 dd fc 03 | encrypting: 47 11 06 9b df cd 66 b9 74 3f b4 4c b3 82 31 35 | encrypting: 51 82 94 d6 c7 54 47 d0 7f 35 71 a8 2e da c5 69 | encrypting: 2b 3c 21 ed 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 7b 2d 21 b9 e4 78 70 18 b8 5d d7 3a b2 e4 a1 7f | IV: 21 17 89 bc | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 1e 13 76 54 7c 21 66 93 | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 ad 44 2b 49 | fa b3 bb 5c 86 37 b4 1d c0 e1 76 a3 7e 71 77 90 | 46 a7 65 ef 12 5f 50 84 70 25 d9 85 f0 c4 33 b0 | 58 27 18 00 28 b7 09 51 eb 33 17 4b 4c 00 fa 2c | c9 dd 10 1b 8b 7f 3f 2d ac f2 14 a9 77 3d 29 97 | ea d6 e8 51 8d 5e 55 a2 59 45 ac 49 f8 47 f7 c2 | fc 2d 51 1c 3d 96 85 4a 4a 55 e2 dc 88 76 46 fb | 46 1e 8c da 86 0b 9d dc 60 d0 1d f1 ad da b0 03 | e3 65 d1 fb 3d aa 03 a6 a1 76 21 fc 30 1e 90 70 | 88 b7 89 41 7f 41 63 6f cb dc 2a a2 49 66 38 86 | f0 4d bb e8 ad e4 41 b1 de af 39 d8 89 79 35 ff | f4 4a a5 a2 7f f6 da 50 36 0e 71 9e 1b 24 2b 4d | 37 7e 0e d2 18 28 64 e0 a9 82 ba 09 0d d6 39 b0 | e7 d7 03 8f 09 89 7a 6e 1f 52 23 b9 65 c8 79 ae | c5 16 d8 09 7b 23 be e3 ba 90 98 0f 00 3d 31 dc | 99 1e 7d ed f1 93 28 43 07 e8 b6 31 02 21 32 52 | 22 04 00 18 44 a4 08 c7 ef ca 23 98 b7 ba 62 d5 | 4f dd 7e e1 c5 6f a3 83 57 a4 95 56 fd 58 1a cd | b5 9e 6b 64 e0 08 e6 95 2b 2f 95 eb 8c f7 eb cb | ed df b5 09 63 85 ea 22 1e 98 fc 3b 14 c2 8c 18 | 91 a5 96 e1 54 88 12 f2 0c 4f 32 fc 33 7a 8c 82 | ae 12 6d 78 aa 42 e6 ed cb 7f fc 28 67 a6 26 7c | ba c6 71 af 24 a5 58 33 4f 78 6b 2b 90 fd ed ae | 3a f7 a5 b2 52 e0 e6 cb 5e a5 c1 c4 09 d7 fa 3f | b2 02 8e b4 0c 29 64 b3 a0 22 17 11 37 47 60 c4 | c9 aa bd 63 bc 1f 28 98 5c d0 7b 3b 1e 13 76 54 | 7c 21 66 93 | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x55a4efa831b8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78418 | event_schedule: new EVENT_RETRANSMIT-pe@0x55a4efa78418 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #24 | libevent_malloc: new ptr-libevent@0x55a4efa49b78 size 128 | #24 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29304.663127 | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 0.653 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f2338003088 | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 ee 2a ed d6 | 48 ae 98 0d 29 80 85 c4 41 c7 0d 08 0d 75 d1 8b | fb 41 b3 75 cb 52 25 03 19 6f aa d3 22 a0 18 a6 | 55 f7 80 6c 3d 9c a6 22 e7 61 35 3a b1 fd 0c 9c | e3 1d 35 4d 15 dd eb 1d a0 fa dd 81 a1 ac 94 87 | d0 e1 94 df de 0a cc 61 55 22 87 1d d5 7c 17 02 | 73 6c 58 d4 84 81 bb 2d b6 b5 d4 9e 2a 82 d4 be | cf 55 22 4b d3 cd a4 93 fb 2b 09 ab 7b e9 44 0d | c6 f9 0b 6f 50 be 02 aa e2 21 e8 88 b1 80 2b ee | 3a 7d 69 db d2 74 b1 e9 20 47 7e 54 bf 4b 2a 8d | 09 02 3d ff de dd 72 f6 09 42 06 9f f0 af 54 5c | 46 66 f8 35 20 5e 78 b4 cd 0a f2 8f 78 e1 71 37 | c5 dd 40 9a 92 65 1f c8 d1 a8 8e 9d 4d 1f 4a ed | 89 a2 1a ca 6b d7 57 b9 58 98 ee bc 08 62 10 16 | 24 ae e8 ec d9 33 9b cc ad d1 88 c9 fd 32 cb 68 | db 21 cb 86 2f 93 ce 41 8d 50 52 6d db 6c 58 af | b9 29 b3 b6 d4 c5 ef 7c 19 88 55 97 7a cc 23 60 | ef 72 04 63 91 00 be 5b a2 00 14 54 b8 56 b5 51 | 02 4e 17 87 47 4a 5d 67 aa 01 de 60 90 ae 77 01 | af 08 cd 5d 82 df c3 39 b6 38 51 6f e4 41 b7 14 | a2 d6 06 1e 6a 30 f2 ff 2d bb a4 31 93 e4 3b 62 | 2b af 52 47 da 88 d0 7e 15 48 9f 71 2a 1e 67 90 | 44 70 d4 31 22 76 33 d9 01 5f c4 7b 30 9d e2 b7 | 23 c3 c1 ad 65 24 b2 7e 5b 03 0d 5c 3a f7 cb 5e | e0 17 06 e9 cb e7 29 34 4e 69 5e f5 a6 6c b6 91 | 46 29 6a 67 ee 4d 1e 41 87 15 6d 8f 2f 95 23 d6 | 69 f8 86 ab | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #24 in QUICK_I1 (find_state_ikev1) | start processing: state #24 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #24 is idle | #24 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 1e 13 76 54 7c 21 66 93 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 2f 95 23 d6 69 f8 86 ab | decrypted payload (starts at offset -408): | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 01 b4 01 00 00 18 | 37 6e ce b6 e9 cc 59 81 36 92 32 32 30 e6 9e 56 | 2b 4f d3 7b 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 90 90 95 ca 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 a0 84 fb db | d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 e0 9c f6 60 | 55 5b b7 76 2a 74 47 d3 5b e8 33 5e 05 00 01 04 | 08 c2 06 a8 9c 06 6a 98 da cd 33 53 b8 60 98 dd | e3 1d ab 27 8e fd f5 05 21 91 69 81 d0 4e 01 1b | d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 ac fe 54 82 | ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d | 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 | 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 | ce 0f da 53 60 a3 6a e5 92 be d0 fc 19 36 95 e9 | a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 | cb a6 2b 01 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 | 29 5f 25 62 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 | 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f | 59 bb 69 57 2c ca 49 e5 e5 db ce 51 63 01 9e 7b | 52 f2 3d 79 93 44 7e da 1f 32 9b e2 a3 05 ee bd | 76 ab 15 7d 49 7b 77 62 57 73 10 5a 4d 3c e2 db | e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 | 82 46 87 df 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39efe8 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7e170 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa7e170 | HASH(1): release clone-key@0x55a4efa7e170 | HASH(1) PRF sha crypt-prf@0x55a4efa7a8e8 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39f0cc (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | HASH(1) PRF sha update payload-bytes@0x55a4efa7d78c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 90 90 95 ca 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 a0 84 fb db d8 f7 98 80 | f2 e0 15 e6 d6 79 5d 81 e0 9c f6 60 55 5b b7 76 | 2a 74 47 d3 5b e8 33 5e 05 00 01 04 08 c2 06 a8 | 9c 06 6a 98 da cd 33 53 b8 60 98 dd e3 1d ab 27 | 8e fd f5 05 21 91 69 81 d0 4e 01 1b d5 a1 62 01 | dc fe 3a 97 fa c5 3b 71 ac fe 54 82 ff 0d bd 18 | 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d 80 ec 8f 72 | 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 95 8d 3a 47 | 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 ce 0f da 53 | 60 a3 6a e5 92 be d0 fc 19 36 95 e9 a3 83 9c 14 | e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 cb a6 2b 01 | 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 29 5f 25 62 | 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 00 30 48 6e | 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f 59 bb 69 57 | 2c ca 49 e5 e5 db ce 51 63 01 9e 7b 52 f2 3d 79 | 93 44 7e da 1f 32 9b e2 a3 05 ee bd 76 ab 15 7d | 49 7b 77 62 57 73 10 5a 4d 3c e2 db e0 1f f4 43 | 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 82 46 87 df | 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffe5e39f150 (length 20) | 37 6e ce b6 e9 cc 59 81 36 92 32 32 30 e6 9e 56 | 2b 4f d3 7b | quick_inR1_outI2 HASH(2): | 37 6e ce b6 e9 cc 59 81 36 92 32 32 30 e6 9e 56 | 2b 4f d3 7b | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 90 90 95 ca | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 08 c2 06 a8 9c 06 6a 98 da cd 33 53 b8 60 98 dd | e3 1d ab 27 8e fd f5 05 21 91 69 81 d0 4e 01 1b | d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 ac fe 54 82 | ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d | 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 | 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 | ce 0f da 53 60 a3 6a e5 92 be d0 fc 19 36 95 e9 | a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 | cb a6 2b 01 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 | 29 5f 25 62 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 | 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f | 59 bb 69 57 2c ca 49 e5 e5 db ce 51 63 01 9e 7b | 52 f2 3d 79 93 44 7e da 1f 32 9b e2 a3 05 ee bd | 76 ab 15 7d 49 7b 77 62 57 73 10 5a 4d 3c e2 db | e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 | 82 46 87 df 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x55a4ef9d0c48 (line=1) | concluding with best_match=014 best=0x55a4ef9d0c48 (lineno=1) | DH secret MODP2048@0x7f2338003188: transferring ownership from state #24 to helper IKEv1 DH | adding quick outI2 DH work-order 32 for state #24 | state #24 requesting EVENT_RETRANSMIT to be deleted | #24 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x55a4efa49b78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x55a4efa78418 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78418 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f2338003088 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #24 and saving MD | #24 is busy; has a suspended MD | crypto helper 2 resuming | crypto helper 2 starting work-order 32 for state #24 | #24 spent 0.121 milliseconds in process_packet_tail() | crypto helper 2 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 | peer's g: 08 c2 06 a8 9c 06 6a 98 da cd 33 53 b8 60 98 dd | peer's g: e3 1d ab 27 8e fd f5 05 21 91 69 81 d0 4e 01 1b | peer's g: d5 a1 62 01 dc fe 3a 97 fa c5 3b 71 ac fe 54 82 | peer's g: ff 0d bd 18 52 35 1c 9b 25 7a 5c c0 e2 06 fc 1d | peer's g: 80 ec 8f 72 18 e1 d6 85 e4 ee 5d 18 2e 91 ae 13 | peer's g: 95 8d 3a 47 4b bc 27 6a 2f 6f 78 33 e0 57 ea 64 | peer's g: ce 0f da 53 60 a3 6a e5 92 be d0 fc 19 36 95 e9 | peer's g: a3 83 9c 14 e6 c7 f6 dd 0f f1 43 89 9f 85 c2 95 | peer's g: cb a6 2b 01 8d 27 ae e7 ea bf e8 92 2c 5e 03 38 | peer's g: 29 5f 25 62 2d 03 75 18 21 ff 00 60 a9 6f 5b d1 | peer's g: 00 30 48 6e 2f 4b 1c 1c b0 8e c5 7a 1b d4 c5 0f | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: 59 bb 69 57 2c ca 49 e5 e5 db ce 51 63 01 9e 7b | stop processing: state #24 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: 52 f2 3d 79 93 44 7e da 1f 32 9b e2 a3 05 ee bd | spent 0.487 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 76 ab 15 7d 49 7b 77 62 57 73 10 5a 4d 3c e2 db | peer's g: e0 1f f4 43 09 8e 7d 48 60 e8 e8 b4 ef e5 4f b9 | peer's g: 82 46 87 df 96 1d 5c 7b 86 ca db 9c 30 d6 1e 91 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f2338003188: computed shared DH secret key@0x55a4efa7e170 | dh-shared : g^ir-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 2 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 time elapsed 0.00073 seconds | (#24) spent 0.698 milliseconds in crypto helper computing work-order 32: quick outI2 DH (pcr) | crypto helper 2 sending results from work-order 32 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f232c0058f8 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 32 | calling continuation function 0x55a4ef163b50 | quick_inR1_outI2_continue for #24: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1055939744 (0x3ef05ca0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f2338003188: transferring ownership from helper IKEv1 DH to state #24 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ead8 | result: clone-key@0x55a4efa5c790 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa5c790 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa5c790 | HASH(1): release clone-key@0x55a4efa5c790 | HASH(1) PRF sha crypt-prf@0x7f2334008c38 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39ebbc (length 4) | 3e f0 5c a0 | HASH(1) PRF sha update Ni_b-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | HASH(1) PRF sha update Nr_b-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | HASH(1) PRF sha final-bytes@0x55a4ef2618e0 (length 20) | a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 bf 4d 95 60 | aa 86 92 3c | quick_inR1_outI2 HASH(3): | a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 bf 4d 95 60 | aa 86 92 3c | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa5c790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac prf: begin sha with context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac: release clone-key@0x55a4efa5c790 | hmac PRF sha crypt-prf@0x55a4efa7a8e8 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x55a4ef9d9668 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f233c002b78 (length 20) | 52 b8 cc 80 6e 2f 75 68 bd 3b e1 e7 6d cd af b3 | 5e e5 fc 47 | hmac PRF sha final-bytes@0x7f2328002b78 (length 20) | 1e 2c 01 c6 aa 26 74 ca c7 f2 b0 ce 0f 1c 76 c0 | 1f 03 0b 70 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x55a4ef9d9618 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa5c790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac prf: begin sha with context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac: release clone-key@0x55a4efa5c790 | hmac PRF sha crypt-prf@0x7f2334008c38 | hmac PRF sha update data-bytes@0x7f233c002b78 (length 20) | 52 b8 cc 80 6e 2f 75 68 bd 3b e1 e7 6d cd af b3 | 5e e5 fc 47 | hmac PRF sha update data-bytes@0x7f2328002b78 (length 20) | 1e 2c 01 c6 aa 26 74 ca c7 f2 b0 ce 0f 1c 76 c0 | 1f 03 0b 70 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f233c002b8c (length 20) | b0 25 51 57 9c 8b 26 de f5 9e c3 74 70 77 96 ef | 23 b8 f8 1e | hmac PRF sha final-bytes@0x7f2328002b8c (length 20) | ed a7 4f 52 24 32 59 97 cc 2e b7 e6 05 7f ae 7e | 17 70 ed 66 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa5c790 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac prf: begin sha with context 0x7f23380041f0 from symkey-key@0x55a4efa5c790 | hmac: release clone-key@0x55a4efa5c790 | hmac PRF sha crypt-prf@0x55a4efa7a8e8 | hmac PRF sha init symkey-key@0x55a4efa62310 (size 20) | hmac: symkey-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa62310 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e39ea58 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac prf: begin sha with context 0x7f2330002b50 from symkey-key@0x55a4efa65820 | hmac: release clone-key@0x55a4efa65820 | hmac PRF sha crypt-prf@0x55a4ef9d9668 | hmac PRF sha update data-bytes@0x7f233c002b8c (length 20) | b0 25 51 57 9c 8b 26 de f5 9e c3 74 70 77 96 ef | 23 b8 f8 1e | hmac PRF sha update data-bytes@0x7f2328002b8c (length 20) | ed a7 4f 52 24 32 59 97 cc 2e b7 e6 05 7f ae 7e | 17 70 ed 66 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x55a4efa7db38 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update g^xy-key@0x55a4efa7e170 (size 256) | hmac: g^xy-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x55a4efa7e170 | nss hmac digest hack: symkey-key@0x55a4efa7e170 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x55a4ef9db080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x55a4efa5f030 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-283340079: 3e 45 fa 77 cf 8f 45 01 e1 e8 6c 6e 78 ca 3d 66 b5 73 b8 3d 4d fa 75 c5 ed f9 54 15 3d e4 03 71 75 da 2f 5f c1 d6 3e a9 9b 35 2a 04 30 7e 99 f7 16 1f 52 d9 4e f1 62 59 c1 41 5b 29 39 6e 6e c8 d4 f7 7b 25 0a 93 f9 48 f6 c7 84 57 12 1a 2e 2a fc 5a e6 97 1d 09 f8 27 15 41 e1 96 37 8c 29 12 27 47 54 29 bf 6d 6a e0 31 2c 3b f0 84 7b cb ce 55 6d dc c5 24 f2 14 64 05 39 f1 f1 14 45 79 3b 6a 02 e7 be dc 75 04 69 78 d4 4f 6b 0e 74 19 4e 30 44 5f 6e fd 19 c9 35 be ef bd 33 b2 92 83 95 b1 86 18 6f c6 61 8b ca d2 63 64 d7 2e 78 0c c3 2e ac 5a 57 ff f7 0b e8 af b2 c9 58 b9 45 76 f3 8c c0 99 dd 61 d7 ca 42 9d 86 b1 27 3c ba 43 f0 19 ef 8a d9 dc 4f 11 6f b9 16 5f ce b2 5d bb ef 6b c0 28 f9 84 41 e9 23 f1 2b b0 d8 ec 82 25 d2 5f e3 5c 0b 4c fd 6a 0a 48 79 ee e0 3a 92 5a 50 | nss hmac digest hack: release slot-key-key@0x55a4efa5f030 | nss hmac digest hack extracted len 256 bytes at 0x7f233c000b48 | unwrapped: 12 1e a2 28 22 40 a6 fc 5d b5 d2 92 85 ea 93 79 | unwrapped: e5 0c 98 8f 8a 8a a3 1b 5e e3 ff 69 18 b3 72 35 | unwrapped: 3f 38 4c ab 28 e2 35 b1 9d c0 56 86 81 c8 65 74 | unwrapped: 9d 53 94 e3 9f e3 0e e4 28 c7 e1 f9 9d 41 4b e2 | unwrapped: ae 59 c9 e1 09 82 e1 22 76 f8 fd cc c1 68 52 28 | unwrapped: dd 01 6a ca 91 fd a4 55 f1 ca 81 aa d6 17 ad 44 | unwrapped: da 1a 2b be 47 2e 30 59 f2 3b ce cf 20 23 9f 8c | unwrapped: 0e 05 34 1f c9 07 03 66 d9 86 08 82 99 95 1d 69 | unwrapped: a8 f4 65 6f 8e 3a 99 26 56 a2 53 33 ed 9a ee 63 | unwrapped: 7c 92 f2 43 fc 50 80 89 21 13 b9 79 36 c1 44 ca | unwrapped: 20 dd 37 14 05 9f 95 b2 80 81 39 ef f8 1f b4 c2 | unwrapped: 17 db 45 82 9f 62 76 d7 95 14 98 71 50 74 5f 9f | unwrapped: 70 6c a1 2f 9c 18 86 cf 26 6c 71 17 2e 5a b9 92 | unwrapped: 86 6f 2f de 45 d3 f3 8f 21 26 b9 c0 7a 3d 48 e5 | unwrapped: 3d 2c 19 a0 b9 e3 fe 04 15 77 6c b6 37 cb a2 34 | unwrapped: 9d 7d ef 19 fb 79 77 d4 a4 8b f7 20 b8 de 8f a5 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffe5e39eb8c (length 1) | 03 | hmac PRF sha update data-bytes@0x55a4efa7b850 (length 4) | 44 48 a7 7a | hmac PRF sha update data-bytes@0x55a4efa7b830 (length 4) | 90 90 95 ca | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x7f2338003758 (length 32) | 0b 71 ab f5 a6 da 00 6c 13 7c 92 1d 86 09 54 bb | 9a 5b f4 3c 9a 58 e9 15 be 49 bd 30 18 9e da ee | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha update data-bytes@0x55a4efa7a898 (length 32) | a0 84 fb db d8 f7 98 80 f2 e0 15 e6 d6 79 5d 81 | e0 9c f6 60 55 5b b7 76 2a 74 47 d3 5b e8 33 5e | hmac PRF sha final-bytes@0x7f233c002ba0 (length 20) | ca 17 64 0d a4 07 de 9d 29 f3 c5 e9 ea b1 19 8d | 6e a3 2f e1 | hmac PRF sha final-bytes@0x7f2328002ba0 (length 20) | 35 32 81 b5 fd 2a 79 23 62 a4 99 e1 1b 4a 0a 38 | 4a d7 05 97 | install_ipsec_sa() for #24: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.909095ca@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.4448a77a@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #24: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #24 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x909095ca SPI_OUT=0x | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1643: | cmd( 320):2' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0x909095ca SPI_OUT=0x4448a77a ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x909095ca | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x909095ca SPI_OUT=0x4448a77a ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x909095ca SPI_ | popen cmd is 1026 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x909095ca SPI_OUT=0x4448a77a ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x55a4efa77778,sr=0x55a4efa77778} to #24 (was #0) (newest_ipsec_sa=#0) | #23 spent 1.5 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 a0 04 33 9f 70 e6 3f 7d 3a ae 6e f0 | encrypting: bf 4d 95 60 aa 86 92 3c | IV: 2f 95 23 d6 69 f8 86 ab | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 42 0e 5e 9c 1c c7 b3 bb | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #24 (was #0) (spd.eroute=#24) cloned from #23 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #24 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #24: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f2338003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55a4efa78418 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 20 01 3e f0 5c a0 00 00 00 34 5f f6 b0 34 | a2 60 33 8a 9c 2b f2 c3 b9 c5 0e cc 42 0e 5e 9c | 1c c7 b3 bb | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f2330002b78 | inserting event EVENT_SA_REPLACE, timeout in 27983 seconds for #24 | libevent_malloc: new ptr-libevent@0x55a4efa831b8 size 128 | pstats #24 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #24: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x909095ca <0x4448a77a xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 2.53 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f232c0058f8 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00346 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00202 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00194 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.4448a77a@192.1.2.45 | get_sa_info esp.909095ca@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0601 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #24 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #24 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #24 ikev1.ipsec deleted completed | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #24: deleting state (STATE_QUICK_I2) aged 0.063s and sending notification | child state #24: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.909095ca@192.1.2.23 | get_sa_info esp.4448a77a@192.1.2.45 "3des" #24: ESP traffic information: in=84B out=84B | #24 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3223691191 (0xc0259fb7) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 44 48 a7 7a | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa65820 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa65820 | HASH(1) prf: begin sha with context 0x7f23380041f0 from SKEYID_a-key@0x55a4efa65820 | HASH(1): release clone-key@0x55a4efa65820 | HASH(1) PRF sha crypt-prf@0x55a4ef9d9618 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | c0 25 9f b7 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 44 48 a7 7a | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b 21 2e 02 c3 | 06 73 99 a1 | send delete HASH(1): | c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b 21 2e 02 c3 | 06 73 99 a1 | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | c0 25 9f b7 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | d8 56 99 9a f2 f2 1f 46 5c 5f e9 e9 6b 78 35 82 | 21 c2 54 cd | encrypting: 0c 00 00 18 c4 4f 1c 15 91 64 37 ec 1c 58 3a 3b | encrypting: 21 2e 02 c3 06 73 99 a1 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 44 48 a7 7a | IV: d8 56 99 9a f2 f2 1f 46 5c 5f e9 e9 6b 78 35 82 | IV: 21 c2 54 cd | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: d1 b2 d2 05 25 49 45 90 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 c0 25 9f b7 00 00 00 44 6e 73 e6 9e | ed 98 c7 37 3c 2b 06 b8 31 b3 1a c8 c7 31 d7 b4 | 64 fb b1 94 7a 07 ce 81 62 38 8b c3 d1 b2 d2 05 | 25 49 45 90 | state #24 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x55a4efa831b8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f2330002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844018' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x909095ca | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566844018' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x909095ca SPI_OUT=0x4448a77a ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.909095ca@192.1.2.23 | netlink response for Del SA esp.909095ca@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.4448a77a@192.1.2.45 | netlink response for Del SA esp.4448a77a@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #24 in QUICK_I2 | child state #24: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f2338003188: destroyed | stop processing: state #24 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa7e170 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa7a950 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #23 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #23 ikev1.isakmp deleted completed | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #23: deleting state (STATE_MAIN_I4) aged 0.082s and sending notification | parent state #23: MAIN_I4(established IKE SA) => delete | #23 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1068571762 (0x3fb11c72) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI da c7 ab 6d 01 b2 f8 c9 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 6d ef 71 0c f6 3c c0 44 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x55a4efa5af10 (size 20) | HASH(1): SKEYID_a-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x55a4efa5af10 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe5e399888 | result: clone-key@0x55a4efa7e170 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7e170 | HASH(1) prf: begin sha with context 0x7f2328002b50 from SKEYID_a-key@0x55a4efa7e170 | HASH(1): release clone-key@0x55a4efa7e170 | HASH(1) PRF sha crypt-prf@0x7f2338003038 | HASH(1) PRF sha update M-ID-bytes@0x7ffe5e39996c (length 4) | 3f b1 1c 72 | HASH(1) PRF sha update payload-bytes@0x7ffe5e399d14 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 da c7 ab 6d | 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | HASH(1) PRF sha final-bytes@0x7ffe5e399d00 (length 20) | 8a 74 0c 64 bd e2 dd 89 30 e7 61 87 8e 5b 27 11 | 34 88 01 18 | send delete HASH(1): | 8a 74 0c 64 bd e2 dd 89 30 e7 61 87 8e 5b 27 11 | 34 88 01 18 | last Phase 1 IV: ae a7 26 1a fc db 67 ba | current Phase 1 IV: ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x55a4efa78c28 (length 8) | ae a7 26 1a fc db 67 ba | Phase 2 IV hash sha digest MSGID-bytes@0x7ffe5e39997c (length 4) | 3f b1 1c 72 | Phase 2 IV hash sha final bytes@0x55a4efa78ba8 (length 20) | 12 6e 32 07 05 09 cc 2f 99 13 df 95 dd 80 c0 9c | ac 8f c5 4c | encrypting: 0c 00 00 18 8a 74 0c 64 bd e2 dd 89 30 e7 61 87 | encrypting: 8e 5b 27 11 34 88 01 18 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c | encrypting: f6 3c c0 44 | IV: 12 6e 32 07 05 09 cc 2f 99 13 df 95 dd 80 c0 9c | IV: ac 8f c5 4c | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 89 4a c0 5e 2d cf cb 87 | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 3f b1 1c 72 00 00 00 54 d2 38 2f 68 | 23 4b c6 cc 77 2c 09 0c 93 30 97 56 fb d9 b8 ff | 6b 7d 36 ae ec ea 79 3b cb 9c 7f 55 48 b7 a5 52 | 6c ca b6 03 4e 0b 13 39 d0 45 a5 05 89 4a c0 5e | 2d cf cb 87 | state #23 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f2334003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x55a4efa78118 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #23 in MAIN_I4 | parent state #23: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f233c0045a8: destroyed | stop processing: state #23 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x55a4efa76810 | delete_state: release st->st_skeyid_nss-key@0x55a4efa63dc0 | delete_state: release st->st_skey_d_nss-key@0x55a4efa62310 | delete_state: release st->st_skey_ai_nss-key@0x55a4efa5af10 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x55a4efa65c00 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x55a4efa7a950 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.65 milliseconds in whack | spent 0.00178 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 31 59 79 d8 00 00 00 44 e3 22 1f b2 | 59 77 9a 28 0a 4b 57 5d 2e f4 2d 4d 20 a8 bb 1e | f7 d9 8b 12 09 35 f2 ef 91 8d 06 a9 49 a0 7b a3 | 8d 8a 4d 39 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 827947480 (0x315979d8) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x315979d8 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | da c7 ab 6d 01 b2 f8 c9 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 6d ef 71 0c f6 3c c0 44 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0694 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00444 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | da c7 ab 6d 01 b2 f8 c9 6d ef 71 0c f6 3c c0 44 | 08 10 05 01 0e 0e 8d a8 00 00 00 54 7c 29 78 5a | 41 ef eb 2f 68 b5 01 3c 6c 15 08 25 f6 a7 4c 1f | cc da 1b a4 11 20 ad 9e cd 87 4c 46 d0 e3 4c b6 | 40 c1 5d fd 49 21 7d 18 3f a1 b2 3f b8 17 93 e3 | ba ee 86 bf | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | da c7 ab 6d 01 b2 f8 c9 | responder cookie: | 6d ef 71 0c f6 3c c0 44 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 235834792 (0xe0e8da8) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x0e0e8da8 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | da c7 ab 6d 01 b2 f8 c9 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 6d ef 71 0c f6 3c c0 44 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0572 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x55a4efa78038 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.01 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00374 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0797 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.263 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.1.254:4500 shutting down interface eth0/eth0 192.0.1.254:500 shutting down interface eth1/eth1 192.1.2.45:4500 shutting down interface eth1/eth1 192.1.2.45:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x55a4efa6af68 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76d48 | libevent_free: release ptr-libevent@0x55a4efa00268 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76df8 | libevent_free: release ptr-libevent@0x55a4efa00ea8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76ea8 | libevent_free: release ptr-libevent@0x55a4efa020c8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa76f58 | libevent_free: release ptr-libevent@0x55a4ef9d54e8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa77008 | libevent_free: release ptr-libevent@0x55a4ef9d51d8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa770b8 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x55a4efa6b018 | free_event_entry: release EVENT_NULL-pe@0x55a4efa5ecd8 | libevent_free: release ptr-libevent@0x55a4ef9ff9e8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa5ec68 | libevent_free: release ptr-libevent@0x55a4efa426d8 | free_event_entry: release EVENT_NULL-pe@0x55a4efa5e128 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x55a4efa06aa8 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x55a4efa76418 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x55a4efa76528 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x55a4efa76768 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x55a4efa76638 | libevent_free: release ptr-libevent@0x55a4efa59548 | libevent_free: release ptr-libevent@0x55a4efa594f8 | libevent_free: release ptr-libevent@0x7f2338003e78 | libevent_free: release ptr-libevent@0x55a4efa59448 | libevent_free: release ptr-libevent@0x55a4efa761e8 | libevent_free: release ptr-libevent@0x55a4efa76398 | libevent_free: release ptr-libevent@0x55a4efa596f8 | libevent_free: release ptr-libevent@0x55a4efa5e8f8 | libevent_free: release ptr-libevent@0x55a4efa5ede8 | libevent_free: release ptr-libevent@0x55a4efa77128 | libevent_free: release ptr-libevent@0x55a4efa77078 | libevent_free: release ptr-libevent@0x55a4efa76fc8 | libevent_free: release ptr-libevent@0x55a4efa76f18 | libevent_free: release ptr-libevent@0x55a4efa76e68 | libevent_free: release ptr-libevent@0x55a4efa76db8 | libevent_free: release ptr-libevent@0x55a4ef9fd0a8 | libevent_free: release ptr-libevent@0x55a4efa764e8 | libevent_free: release ptr-libevent@0x55a4efa763d8 | libevent_free: release ptr-libevent@0x55a4efa76358 | libevent_free: release ptr-libevent@0x55a4efa765f8 | libevent_free: release ptr-libevent@0x55a4efa76228 | libevent_free: release ptr-libevent@0x55a4ef9d4908 | libevent_free: release ptr-libevent@0x55a4ef9d4d38 | libevent_free: release ptr-libevent@0x55a4ef9fd418 | releasing global libevent data | libevent_free: release ptr-libevent@0x55a4ef9d4ba8 | libevent_free: release ptr-libevent@0x55a4ef9d4cd8 | libevent_free: release ptr-libevent@0x55a4ef9d4dd8 leak detective found no leaks