FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-827-gc9aa82b8a6-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC SYSTEMD_WATCHDOG FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:11758 core dump dir: /tmp secrets file: /etc/ipsec.secrets leak-detective disabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x556ef35ff000 size 40 | libevent_malloc: new ptr-libevent@0x556ef35ff030 size 40 | libevent_malloc: new ptr-libevent@0x556ef3600320 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x556ef36002e0 size 56 | libevent_malloc: new ptr-libevent@0x556ef3600350 size 664 | libevent_malloc: new ptr-libevent@0x556ef36005f0 size 24 | libevent_malloc: new ptr-libevent@0x556ef35f1dd0 size 384 | libevent_malloc: new ptr-libevent@0x556ef3600610 size 16 | libevent_malloc: new ptr-libevent@0x556ef3600630 size 40 | libevent_malloc: new ptr-libevent@0x556ef3600660 size 48 | libevent_realloc: new ptr-libevent@0x556ef3582370 size 256 | libevent_malloc: new ptr-libevent@0x556ef36006a0 size 16 | libevent_free: release ptr-libevent@0x556ef36002e0 | libevent initialized | libevent_realloc: new ptr-libevent@0x556ef36006c0 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds | encryption algorithm assertion checks | encryption algorithm AES_CCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 ESP ID id: 16 enum name: AES_CCM_C | IKEv2 ID id: 16 enum name: AES_CCM_C | encryption algorithm AES_CCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 ESP ID id: 15 enum name: AES_CCM_B | IKEv2 ID id: 15 enum name: AES_CCM_B | encryption algorithm AES_CCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 ESP ID id: 14 enum name: AES_CCM_A | IKEv2 ID id: 14 enum name: AES_CCM_A | encryption algorithm 3DES_CBC, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 3, IKEv2 id: 3 | IKEv1 OAKLEY ID id: 5 enum name: 3DES_CBC | IKEv1 ESP ID id: 3 enum name: 3DES | IKEv2 ID id: 3 enum name: 3DES | encryption algorithm CAMELLIA_CTR, IKEv1 OAKLEY id: 24, IKEv1 ESP_INFO id: 24, IKEv2 id: 24 | IKEv1 OAKLEY ID id: 24 enum name: CAMELLIA_CTR | IKEv1 ESP ID id: 24 enum name: CAMELLIA_CTR | IKEv2 ID id: 24 enum name: CAMELLIA_CTR | encryption algorithm CAMELLIA_CBC, IKEv1 OAKLEY id: 8, IKEv1 ESP_INFO id: 22, IKEv2 id: 23 | IKEv1 OAKLEY ID id: 8 enum name: CAMELLIA_CBC | IKEv1 ESP ID id: 22 enum name: CAMELLIA | IKEv2 ID id: 23 enum name: CAMELLIA_CBC | encryption algorithm AES_GCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 20, IKEv2 id: 20 | IKEv1 ESP ID id: 20 enum name: AES_GCM_C | IKEv2 ID id: 20 enum name: AES_GCM_C | encryption algorithm AES_GCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 19, IKEv2 id: 19 | IKEv1 ESP ID id: 19 enum name: AES_GCM_B | IKEv2 ID id: 19 enum name: AES_GCM_B | encryption algorithm AES_GCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 ESP ID id: 18 enum name: AES_GCM_A | IKEv2 ID id: 18 enum name: AES_GCM_A | encryption algorithm AES_CTR, IKEv1 OAKLEY id: 13, IKEv1 ESP_INFO id: 13, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 13 enum name: AES_CTR | IKEv1 ESP ID id: 13 enum name: AES_CTR | IKEv2 ID id: 13 enum name: AES_CTR | encryption algorithm AES_CBC, IKEv1 OAKLEY id: 7, IKEv1 ESP_INFO id: 12, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 7 enum name: AES_CBC | IKEv1 ESP ID id: 12 enum name: AES | IKEv2 ID id: 12 enum name: AES_CBC | encryption algorithm SERPENT_CBC, IKEv1 OAKLEY id: 65004, IKEv1 ESP_INFO id: 252, IKEv2 id: 65004 | IKEv1 OAKLEY ID id: 65004 enum name: SERPENT_CBC | IKEv1 ESP ID id: 252 enum name: SERPENT | IKEv2 ID id: 65004 enum name: SERPENT_CBC | encryption algorithm TWOFISH_CBC, IKEv1 OAKLEY id: 65005, IKEv1 ESP_INFO id: 253, IKEv2 id: 65005 | IKEv1 OAKLEY ID id: 65005 enum name: TWOFISH_CBC | IKEv1 ESP ID id: 253 enum name: TWOFISH | IKEv2 ID id: 65005 enum name: TWOFISH_CBC | encryption algorithm TWOFISH_SSH, IKEv1 OAKLEY id: 65289, IKEv1 ESP_INFO id: -1, IKEv2 id: 65289 | IKEv1 OAKLEY ID id: 65289 enum name: TWOFISH_CBC_SSH | IKEv2 ID id: 65289 enum name: TWOFISH_CBC_SSH | encryption algorithm NULL_AUTH_AES_GMAC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 23, IKEv2 id: 21 | IKEv1 ESP ID id: 23 enum name: NULL_AUTH_AES_GMAC | IKEv2 ID id: 21 enum name: NULL_AUTH_AES_GMAC | encryption algorithm NULL, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 11, IKEv2 id: 11 | IKEv1 ESP ID id: 11 enum name: NULL | IKEv2 ID id: 11 enum name: NULL | encryption algorithm CHACHA20_POLY1305, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 28 | IKEv2 ID id: 28 enum name: CHACHA20_POLY1305 Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 | hash algorithm assertion checks | hash algorithm MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | hash algorithm SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | hash algorithm SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | hash algorithm SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | hash algorithm SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 | PRF algorithm assertion checks | PRF algorithm HMAC_MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5 | PRF algorithm HMAC_SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1 | PRF algorithm HMAC_SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv2 ID id: 5 enum name: HMAC_SHA2_256 | PRF algorithm HMAC_SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: 6 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv2 ID id: 6 enum name: HMAC_SHA2_384 | PRF algorithm HMAC_SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: 7 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv2 ID id: 7 enum name: HMAC_SHA2_512 | PRF algorithm AES_XCBC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 4 | IKEv2 ID id: 4 enum name: AES128_XCBC PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc | integrity algorithm assertion checks | integrity algorithm HMAC_MD5_96, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: 1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv1 ESP ID id: 1 enum name: HMAC_MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5_96 | integrity algorithm HMAC_SHA1_96, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: 2, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv1 ESP ID id: 2 enum name: HMAC_SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1_96 | integrity algorithm HMAC_SHA2_512_256, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: 7, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv1 ESP ID id: 7 enum name: HMAC_SHA2_512 | IKEv2 ID id: 14 enum name: HMAC_SHA2_512_256 | integrity algorithm HMAC_SHA2_384_192, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 6, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv1 ESP ID id: 6 enum name: HMAC_SHA2_384 | IKEv2 ID id: 13 enum name: HMAC_SHA2_384_192 | integrity algorithm HMAC_SHA2_256_128, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: 5, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv1 ESP ID id: 5 enum name: HMAC_SHA2_256 | IKEv2 ID id: 12 enum name: HMAC_SHA2_256_128 | integrity algorithm HMAC_SHA2_256_TRUNCBUG, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 252, IKEv2 id: -1 | IKEv1 ESP ID id: 252 enum name: HMAC_SHA2_256_TRUNCBUG | integrity algorithm AES_XCBC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 9, IKEv2 id: 5 | IKEv1 ESP ID id: 9 enum name: AES_XCBC | IKEv2 ID id: 5 enum name: AES_XCBC_96 | integrity algorithm AES_CMAC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 250, IKEv2 id: 8 | IKEv1 ESP ID id: 250 enum name: AES_CMAC_96 | IKEv2 ID id: 8 enum name: AES_CMAC_96 | integrity algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 0, IKEv2 id: 0 | IKEv1 ESP ID id: 0 enum name: NONE | IKEv2 ID id: 0 enum name: NONE Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null | DH algorithm assertion checks | DH algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 0 | IKEv2 ID id: 0 enum name: NONE | DH algorithm MODP1536, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 5, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 5 enum name: MODP1536 | IKEv1 ESP ID id: 5 enum name: MODP1536 | IKEv2 ID id: 5 enum name: MODP1536 | DH algorithm MODP2048, IKEv1 OAKLEY id: 14, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 14 enum name: MODP2048 | IKEv1 ESP ID id: 14 enum name: MODP2048 | IKEv2 ID id: 14 enum name: MODP2048 | DH algorithm MODP3072, IKEv1 OAKLEY id: 15, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 OAKLEY ID id: 15 enum name: MODP3072 | IKEv1 ESP ID id: 15 enum name: MODP3072 | IKEv2 ID id: 15 enum name: MODP3072 | DH algorithm MODP4096, IKEv1 OAKLEY id: 16, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 OAKLEY ID id: 16 enum name: MODP4096 | IKEv1 ESP ID id: 16 enum name: MODP4096 | IKEv2 ID id: 16 enum name: MODP4096 | DH algorithm MODP6144, IKEv1 OAKLEY id: 17, IKEv1 ESP_INFO id: 17, IKEv2 id: 17 | IKEv1 OAKLEY ID id: 17 enum name: MODP6144 | IKEv1 ESP ID id: 17 enum name: MODP6144 | IKEv2 ID id: 17 enum name: MODP6144 | DH algorithm MODP8192, IKEv1 OAKLEY id: 18, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 OAKLEY ID id: 18 enum name: MODP8192 | IKEv1 ESP ID id: 18 enum name: MODP8192 | IKEv2 ID id: 18 enum name: MODP8192 | DH algorithm DH19, IKEv1 OAKLEY id: 19, IKEv1 ESP_INFO id: -1, IKEv2 id: 19 | IKEv1 OAKLEY ID id: 19 enum name: ECP_256 | IKEv2 ID id: 19 enum name: ECP_256 | DH algorithm DH20, IKEv1 OAKLEY id: 20, IKEv1 ESP_INFO id: -1, IKEv2 id: 20 | IKEv1 OAKLEY ID id: 20 enum name: ECP_384 | IKEv2 ID id: 20 enum name: ECP_384 | DH algorithm DH21, IKEv1 OAKLEY id: 21, IKEv1 ESP_INFO id: -1, IKEv2 id: 21 | IKEv1 OAKLEY ID id: 21 enum name: ECP_521 | IKEv2 ID id: 21 enum name: ECP_521 | DH algorithm DH31, IKEv1 OAKLEY id: 31, IKEv1 ESP_INFO id: -1, IKEv2 id: 31 | IKEv1 OAKLEY ID id: 31 enum name: CURVE25519 | IKEv2 ID id: 31 enum name: CURVE25519 DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed testing AES_GCM_16: empty string | decode_to_chunk: raw_key: input "0xcf063a34d4a9a76c2c86787d3f96db71" | decode_to_chunk: output: | cf 06 3a 34 d4 a9 a7 6c 2c 86 78 7d 3f 96 db 71 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fff0 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffd8 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_GCM) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: salted IV: input "0x113b9785971864c83b01c787" | decode_to_chunk: output: | 11 3b 97 85 97 18 64 c8 3b 01 c7 87 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "" | decode_to_chunk: output: | | decode_to_chunk: ciphertext: input "" | decode_to_chunk: output: | | decode_to_chunk: tag: input "0x72ac8493e3a5228b5d130a69d2510e42" | decode_to_chunk: output: | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: release sym_key-key@0x556ef3601f40 | test_gcm_vector: passed one block | decode_to_chunk: raw_key: input "0xe98b72a9881a84ca6b76e0f43e68647a" | decode_to_chunk: output: | e9 8b 72 a9 88 1a 84 ca 6b 76 e0 f4 3e 68 64 7a | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fff0 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffd8 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_GCM) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: salted IV: input "0x8b23299fde174053f3d652ba" | decode_to_chunk: output: | 8b 23 29 9f de 17 40 53 f3 d6 52 ba | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0x28286a321293253c3e0aa2704a278032" | decode_to_chunk: output: | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | decode_to_chunk: ciphertext: input "0x5a3c1cf1985dbb8bed818036fdd5ab42" | decode_to_chunk: output: | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | decode_to_chunk: tag: input "0x23c7ab0f952b7091cd324835043b5eb5" | decode_to_chunk: output: | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: release sym_key-key@0x556ef3601f40 | test_gcm_vector: passed two blocks | decode_to_chunk: raw_key: input "0xbfd414a6212958a607a0f5d3ab48471d" | decode_to_chunk: output: | bf d4 14 a6 21 29 58 a6 07 a0 f5 d3 ab 48 47 1d | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fff0 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffd8 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_GCM) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: salted IV: input "0x86d8ea0ab8e40dcc481cd0e2" | decode_to_chunk: output: | 86 d8 ea 0a b8 e4 0d cc 48 1c d0 e2 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0xa6b76a066e63392c9443e60272ceaeb9d25c991b0f2e55e2804e168c05ea591a" | decode_to_chunk: output: | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | decode_to_chunk: ciphertext: input "0x62171db33193292d930bf6647347652c1ef33316d7feca99d54f1db4fcf513f8" | decode_to_chunk: output: | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | decode_to_chunk: tag: input "0xc28280aa5c6c7a8bd366f28c1cfd1f6e" | decode_to_chunk: output: | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: release sym_key-key@0x556ef3601f40 | test_gcm_vector: passed two blocks with associated data | decode_to_chunk: raw_key: input "0x006c458100fc5f4d62949d2c833b82d1" | decode_to_chunk: output: | 00 6c 45 81 00 fc 5f 4d 62 94 9d 2c 83 3b 82 d1 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fff0 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffd8 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_GCM) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: salted IV: input "0xa4e9c4bc5725a21ff42c82b2" | decode_to_chunk: output: | a4 e9 c4 bc 57 25 a2 1f f4 2c 82 b2 | decode_to_chunk: AAD: input "0x2efb14fb3657cdd6b9a8ff1a5f5a39b9" | decode_to_chunk: output: | 2e fb 14 fb 36 57 cd d6 b9 a8 ff 1a 5f 5a 39 b9 | decode_to_chunk: plaintext: input "0xf381d3bfbee0a879f7a4e17b623278cedd6978053dd313530a18f1a836100950" | decode_to_chunk: output: | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | decode_to_chunk: ciphertext: input "0xf39b4db3542d8542fb73fd2d66be568f26d7f814b3f87d1eceac3dd09a8d697e" | decode_to_chunk: output: | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | decode_to_chunk: tag: input "0x39f045cb23b698c925db134d56c5" | decode_to_chunk: output: | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: decrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: encrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: release sym_key-key@0x556ef3601f40 | test_gcm_vector: passed testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E" | decode_to_chunk: output: | ae 68 52 f8 12 10 67 cc 4b f7 a5 76 55 77 f3 9e | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 128-bit key passed Encrypting 32 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63" | decode_to_chunk: output: | 7e 24 06 78 17 fa e0 d7 43 d6 ce 1f 32 53 91 63 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 128-bit key passed Encrypting 36 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC" | decode_to_chunk: output: | 76 91 be 03 5e 50 20 a8 ac 6e 61 85 29 f9 a0 dc | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 128-bit key passed Encrypting 16 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED86 3D 06 CC FD B7 85 15" | decode_to_chunk: output: | 16 af 5b 14 5f c9 f5 79 c1 75 f9 3e 3b fb 0e ed | 86 3d 06 cc fd b7 85 15 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (24-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 192-bit key passed Encrypting 32 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C67 8C 3D B8 E6 F6 A9 1A" | decode_to_chunk: output: | 7c 5c b2 40 1b 3d c3 3c 19 e7 34 08 19 e0 f6 9c | 67 8c 3d b8 e6 f6 a9 1a | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (24-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 192-bit key passed Encrypting 36 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9BF5 9B 60 A7 86 D3 E0 FE" | decode_to_chunk: output: | 02 bf 39 1e e8 ec b1 59 b9 59 61 7b 09 65 27 9b | f5 9b 60 a7 86 d3 e0 fe | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x556ef36037c0 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (24-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 192-bit key passed Encrypting 16 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0x77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04" | decode_to_chunk: output: | 77 6b ef f2 85 1d b0 6f 4c 8a 05 42 c8 69 6f 6c | 6a 81 af 1e ec 96 b4 d3 7f c1 d6 89 e6 c1 c1 04 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (32-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 256-bit key passed Encrypting 32 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xF6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84" | decode_to_chunk: output: | f6 d6 6d 6b d5 2d 59 bb 07 96 36 58 79 ef f8 86 | c6 6d d5 1a 5b 6a 99 74 4b 50 59 0c 87 a2 38 84 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (32-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 256-bit key passed Encrypting 36 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xFF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D" | decode_to_chunk: output: | ff 7a 61 7c e6 91 48 e4 f1 72 6e 2f 43 58 1d e2 | aa 62 d9 f8 05 53 2e df f1 ee d6 87 fb 54 15 3d | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x556ef36037c0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (32-bytes, AES_CTR) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 256-bit key passed testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x06a9214036b8a15b512e03d534120006" | decode_to_chunk: output: | 06 a9 21 40 36 b8 a1 5b 51 2e 03 d5 34 12 00 06 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: ciphertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: cipertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key passed Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0xc286696d887c9aa0611bbb3e2025a45a" | decode_to_chunk: output: | c2 86 69 6d 88 7c 9a a0 61 1b bb 3e 20 25 a4 5a | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: ciphertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: cipertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key passed Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x6c3ea0477630ce21a2ce334aa746c2cd" | decode_to_chunk: output: | 6c 3e a0 47 76 30 ce 21 a2 ce 33 4a a7 46 c2 cd | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | decode_to_chunk: ciphertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: cipertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key passed Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x56e47a38c5598974bc46903dba290349" | decode_to_chunk: output: | 56 e4 7a 38 c5 59 89 74 bc 46 90 3d ba 29 03 49 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550050 | result: symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550038 | result: symkey-key@0x556ef3601f40 (16-bytes, AES_CBC) | symkey: release tmp-key@0x556ef36037c0 | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | decode_to_chunk: ciphertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: cipertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x556ef3601f40 | test_ctr_vector: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key passed testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "" | decode_to_chunk: output: | | decode_to_chunk: test_prf_vector: input "0x75f0251d528ac01c4573dfd584d79f29" | decode_to_chunk: output: | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605260 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef36037c0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef36037c0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3605060 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3600710 (length 0) | | XCBC: data | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-1923810480: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605330 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3605f20 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x556ef3601f40 | PRF chunk interface: release key-key@0x556ef36037c0 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605080 (length 16) | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | chunk output 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef36037c0 (size 16) | PRF symkey interface: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605060 | PRF symkey interface PRF aes_xcbc update symkey message-key@(nil) (size 0) | PRF symkey interface: symkey message-key@NULL | symkey message NULL key has no bytes | XCBC: data | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1023: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605d20 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3607810 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x556ef3605f20 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3607810 | PRF symkey interface: release key-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3605f20 (size 16) | PRF symkey interface: key-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracting all 16 bytes of key@0x556ef3605f20 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: 0d 37 fffffff2 ffffffa0 ffffffb0 62 ffffffa3 ffffffc7 ffffffc1 40 ffffffc5 28 48 ffffffec 2a 24 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracted len 16 bytes at 0x556ef3605280 | unwrapped: 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | test_prf_vector: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input passed | test_prf_vector: release symkey-key@0x556ef3605f20 | test_prf_vector: release message-key@NULL | test_prf_vector: release key-key@0x556ef36037c0 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102" | decode_to_chunk: output: | 00 01 02 | decode_to_chunk: test_prf_vector: input "0x5b376580ae2f19afe7219ceef172756f" | decode_to_chunk: output: | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605060 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3605f20 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3605f20 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef36037c0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3605490 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3605280 (length 3) | 00 01 02 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-1923810480: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605260 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef36037c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3601f40 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x556ef36037c0 | PRF chunk interface: release key-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605040 (length 16) | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | chunk output 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3605f20 (size 16) | PRF symkey interface: key symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605330 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3607810 (19-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 3 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 3-bytes | base: base-key@0x556ef3607810 (19-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3601f40 (3-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3601f40 (size 3) | PRF symkey interface: symkey message-key@0x556ef3601f40 (3-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 3 bytes of key@0x556ef3601f40 | symkey message: symkey-key@0x556ef3601f40 (3-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (3-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1923810272: ffffffb0 ffffff89 ffffffa4 3c 5a ffffffa3 ffffff9f fffffffc ffffff92 0c 4a 13 ffffffe1 ffffffe6 28 ffffffb3 | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 16 bytes at 0x556ef3605fb0 | unwrapped: 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605490 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3607810 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x556ef3607810 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3607810 (size 16) | PRF symkey interface: key-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracting all 16 bytes of key@0x556ef3607810 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffff8e 5c ffffffb5 04 fffffffc 72 ffffffdf 6b 53 74 ffffff9b fffffff8 ffffffc7 ffffff90 47 6d | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracted len 16 bytes at 0x556ef3605490 | unwrapped: 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | test_prf_vector: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input passed | test_prf_vector: release symkey-key@0x556ef3607810 | test_prf_vector: release message-key@0x556ef3601f40 | test_prf_vector: release key-key@0x556ef3605f20 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xd2a246fa349b68a79998a4394ff7a263" | decode_to_chunk: output: | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605fb0 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3601f40 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3601f40 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3605260 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3605490 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605280 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3607810 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x556ef3605f20 | PRF chunk interface: release key-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605040 (length 16) | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | chunk output d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3601f40 (size 16) | PRF symkey interface: key symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605080 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3607810 (size 16) | PRF symkey interface: symkey message-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 16 bytes of key@0x556ef3607810 | symkey message: symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 16 bytes at 0x556ef3605060 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605d20 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef36037c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x556ef36037c0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc final-key@0x556ef36037c0 (size 16) | PRF symkey interface: key-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracting all 16 bytes of key@0x556ef36037c0 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: 67 52 04 66 fffffffd 04 33 ffffffff 27 fffffff1 ffffffe6 ffffff8a ffffffb0 7d 52 32 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracted len 16 bytes at 0x556ef3605d20 | unwrapped: d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | test_prf_vector: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input passed | test_prf_vector: release symkey-key@0x556ef36037c0 | test_prf_vector: release message-key@0x556ef3607810 | test_prf_vector: release key-key@0x556ef3601f40 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605060 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3607810 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3607810 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3605280 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3605d20 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3607810 | K: symkey-key@0x556ef3607810 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605490 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef36037c0 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x556ef3601f40 | PRF chunk interface: release key-key@0x556ef3607810 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605330 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3607810 (size 16) | PRF symkey interface: key symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605260 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3605f20 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3605f20 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef36037c0 (size 20) | PRF symkey interface: symkey message-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x556ef36037c0 | symkey message: symkey-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffff92 ffffffa4 ffffff8e ffffffb0 1f 70 2d ffffffb3 ffffffa8 fffffffd 60 ffffffac ffffffa5 ffffffe6 ffffffb9 19 | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 32 bytes at 0x556ef36058f0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3600710 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x556ef3605f20 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3605f20 (size 16) | PRF symkey interface: key-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracting all 16 bytes of key@0x556ef3605f20 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffc1 ffffffdb 69 fffffff2 ffffffc5 06 ffffff9e ffffffda ffffffa5 ffffff9b 4f ffffffb9 6c ffffff8a ffffffb9 24 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracted len 16 bytes at 0x556ef3600710 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | test_prf_vector: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input passed | test_prf_vector: release symkey-key@0x556ef3605f20 | test_prf_vector: release message-key@0x556ef36037c0 | test_prf_vector: release key-key@0x556ef3607810 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: test_prf_vector: input "0xf54f0ec8d2b9f3d36807734bd5283fd4" | decode_to_chunk: output: | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605490 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef36037c0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef36037c0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3607810 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef36008d0 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef36009a0 (length 32) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3600800 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3607810 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3605f20 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x556ef3607810 | PRF chunk interface: release key-key@0x556ef36037c0 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605fb0 (length 16) | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | chunk output f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef36037c0 (size 16) | PRF symkey interface: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3607810 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605080 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3601f40 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x556ef3601f40 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3605f20 (size 32) | PRF symkey interface: symkey message-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 32 bytes of key@0x556ef3605f20 | symkey message: symkey-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (32-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffffdb ffffff99 55 1f 14 ffffffd4 79 67 ffffffba 15 57 ffffffa5 ffffffa2 03 fffffff8 ffffffbe | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 32 bytes at 0x556ef3605d40 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x556ef3607810 | K: symkey-key@0x556ef3607810 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605d20 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x556ef3601f40 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3601f40 (size 16) | PRF symkey interface: key-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracting all 16 bytes of key@0x556ef3601f40 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffc4 0a ffffff85 fffffff0 43 ffffffea ffffffd4 09 70 78 6b 4e ffffff9b ffffff92 0b 2f | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracted len 16 bytes at 0x556ef3605d20 | unwrapped: f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | test_prf_vector: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input passed | test_prf_vector: release symkey-key@0x556ef3601f40 | test_prf_vector: release message-key@0x556ef3605f20 | test_prf_vector: release key-key@0x556ef36037c0 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | decode_to_chunk: test_prf_vector: input "0xbecbb3bccdb518a30677d5481fb6b4d8" | decode_to_chunk: output: | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605080 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3605f20 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3605f20 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef36037c0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3600800 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef36009d0 (length 34) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3600710 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef36037c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3601f40 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x556ef36037c0 | PRF chunk interface: release key-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605260 (length 16) | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | chunk output be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3605f20 (size 16) | PRF symkey interface: key symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605280 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3607810 (50-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 34 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 34-bytes | base: base-key@0x556ef3607810 (50-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3601f40 (34-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3601f40 (size 34) | PRF symkey interface: symkey message-key@0x556ef3601f40 (34-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 34 bytes of key@0x556ef3601f40 | symkey message: symkey-key@0x556ef3601f40 (34-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (34-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffffdb ffffff99 55 1f 14 ffffffd4 79 67 ffffffba 15 57 ffffffa5 ffffffa2 03 fffffff8 ffffffbe 59 ffffff8a 58 27 ffffffe0 49 2f ffffffd9 34 66 4f 30 ffffffa0 45 ffffffdf ffffffaf | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 48 bytes at 0x556ef36052a0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | unwrapped: 20 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef36008d0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3607810 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x556ef3607810 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3607810 (size 16) | PRF symkey interface: key-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracting all 16 bytes of key@0x556ef3607810 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffff8f 1a ffffffd8 55 4e ffffffa3 02 ffffff9c ffffffc4 ffffffa6 ffffff86 34 1e ffffffd5 24 2a | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracted len 16 bytes at 0x556ef36008d0 | unwrapped: be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | test_prf_vector: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input passed | test_prf_vector: release symkey-key@0x556ef3607810 | test_prf_vector: release message-key@0x556ef3601f40 | test_prf_vector: release key-key@0x556ef3605f20 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xf0dafee895db30253761103b5d84528f" | decode_to_chunk: output: | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605280 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3601f40 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3601f40 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3600710 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef360a910 (length 1000) | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540028960: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605d20 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3607810 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x556ef3605f20 | PRF chunk interface: release key-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605330 (length 16) | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | chunk output f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3605f20 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3601f40 (size 16) | PRF symkey interface: key symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605040 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef36037c0 (1016-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 1000 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 1000-bytes | base: base-key@0x556ef36037c0 (1016-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3607810 (1000-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3607810 (size 1000) | PRF symkey interface: symkey message-key@0x556ef3607810 (1000-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 1000 bytes of key@0x556ef3607810 | symkey message: symkey-key@0x556ef3607810 (1000-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (1000-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 1008 | wrapper: (SECItemType)-1923810272: ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e fffff | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 1008 bytes at 0x556ef360c6c0 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3600800 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef36037c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x556ef36037c0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc final-key@0x556ef36037c0 (size 16) | PRF symkey interface: key-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracting all 16 bytes of key@0x556ef36037c0 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: 60 35 56 51 ffffffa7 77 5c ffffffb7 ffffffd4 ffffffb5 ffffffd0 ffffffd7 ffffffdf ffffffd6 ffffff8a ffffffff | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: release slot-key-key@0x556ef3605c90 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracted len 16 bytes at 0x556ef3600800 | unwrapped: f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | test_prf_vector: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input passed | test_prf_vector: release symkey-key@0x556ef36037c0 | test_prf_vector: release message-key@0x556ef3607810 | test_prf_vector: release key-key@0x556ef3601f40 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605040 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3607810 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3607810 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: key-key@0x556ef3607810 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3605060 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3600800 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3607810 | K: symkey-key@0x556ef3607810 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef36052e0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef36037c0 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x556ef3601f40 | PRF chunk interface: release key-key@0x556ef3607810 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605490 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3607810 (size 16) | PRF symkey interface: key symkey-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: key symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605260 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3605f20 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3605f20 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef36037c0 (size 20) | PRF symkey interface: symkey message-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x556ef36037c0 | symkey message: symkey-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffff92 ffffffa4 ffffff8e ffffffb0 1f 70 2d ffffffb3 ffffffa8 fffffffd 60 ffffffac ffffffa5 ffffffe6 ffffffb9 19 | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 32 bytes at 0x556ef3605d70 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605330 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x556ef3605f20 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3605f20 (size 16) | PRF symkey interface: key-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracting all 16 bytes of key@0x556ef3605f20 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): symkey-key@0x556ef3605f20 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffc1 ffffffdb 69 fffffff2 ffffffc5 06 ffffff9e ffffffda ffffffa5 ffffff9b 4f ffffffb9 6c ffffff8a ffffffb9 24 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): release slot-key-key@0x556ef3605c90 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracted len 16 bytes at 0x556ef3605490 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) passed | test_prf_vector: release symkey-key@0x556ef3605f20 | test_prf_vector: release message-key@0x556ef36037c0 | test_prf_vector: release key-key@0x556ef3607810 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) | decode_to_chunk: test_prf_vector: input "0x00010203040506070809" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x0fa087af7d866e7653434e602fdde835" | decode_to_chunk: output: | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef36052e0 (length 10) | 00 01 02 03 04 05 06 07 08 09 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef36037c0 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x556ef36037c0 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3607810 (10-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef36037c0 | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x556ef3607810 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3607810 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff70 | result: tmp+=0-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef3607810 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff98 | result: PRF chunk interface-key@0x556ef3605f20 (16-bytes, AES_ECB) | PRF chunk interface: release tmp-key@0x556ef36037c0 | PRF chunk interface: release clone-key@0x556ef3607810 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3600710 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3605490 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 56 ffffff91 39 7f 6f 4f 3c 5c ffffffa1 ffffffe9 39 ffffffb3 56 1f ffffffdf 66 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605260 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3607810 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef36037c0 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x556ef3607810 | PRF chunk interface: release key-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605080 (length 16) | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | chunk output 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3607810 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x556ef3607810 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3605f20 (10-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3605f20 (size 10) | PRF symkey interface: key symkey-key@0x556ef3605f20 (10-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x556ef3605f20 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3605f20 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ffa0 | result: tmp+=0-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef3605f20 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3607810 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: PRF symkey interface-key@0x556ef36037c0 (16-bytes, AES_ECB) | PRF symkey interface: release tmp-key@0x556ef3607810 | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605d20 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3607810 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3607810 (size 20) | PRF symkey interface: symkey message-key@0x556ef3607810 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x556ef3607810 | symkey message: symkey-key@0x556ef3607810 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffff92 ffffffa4 ffffff8e ffffffb0 1f 70 2d ffffffb3 ffffffa8 fffffffd 60 ffffffac ffffffa5 ffffffe6 ffffffb9 19 | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 32 bytes at 0x556ef360cac0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 56 ffffff91 39 7f 6f 4f 3c 5c ffffffa1 ffffffe9 39 ffffffb3 56 1f ffffffdf 66 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef36008d0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x556ef3601f40 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef3609090 | PRF symkey interface: release key-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc final-key@0x556ef3601f40 (size 16) | PRF symkey interface: key-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracting all 16 bytes of key@0x556ef3601f40 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): symkey-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffb9 57 ffffffa4 26 ffffffa6 ffffff9a ffffffcf 46 ffffffa0 ffffffbd ffffffae ffffffa8 ffffffaa ffffff8c 0f 11 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): release slot-key-key@0x556ef3605c90 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracted len 16 bytes at 0x556ef3605080 | unwrapped: 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) passed | test_prf_vector: release symkey-key@0x556ef3601f40 | test_prf_vector: release message-key@0x556ef3607810 | test_prf_vector: release key-key@0x556ef3605f20 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0fedcb" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x8cd3c93ae598a9803006ffb67c40e9e4" | decode_to_chunk: output: | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x556ef3605260 (length 18) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffd0 | result: key-key@0x556ef3607810 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x556ef3607810 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffb8 | result: key-key@0x556ef3605f20 (18-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x556ef3607810 | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff70 | result: key-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff58 | result: key-key@0x556ef3607810 (16-bytes, AES_ECB) | key: release tmp-key@0x556ef3601f40 | key extracting all 18 bytes of key@0x556ef3605f20 | key: symkey-key@0x556ef3605f20 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | key: new slot-key@0x556ef3605c90 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffffc4 6b ffffffc7 ffffffee ffffffaa ffffffec 7e ffffffa5 ffffffb2 41 76 fffffff2 39 ffffffa4 ffffff87 5c | key: release slot-key-key@0x556ef3605c90 | key extracted len 32 bytes at 0x556ef36058f0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x556ef3607810 | K: symkey-key@0x556ef3607810 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605280 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fef0 | result: k1-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fed8 | result: k1-key@0x556ef3601f40 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef36037c0 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x556ef3601f40 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff70 | result: key-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff58 | result: key-key@0x556ef3601f40 (16-bytes, AES_ECB) | key: release tmp-key@0x556ef36037c0 | PRF chunk interface: release clone-key@0x556ef3605f20 | PRF chunk interface PRF aes_xcbc crypt-prf@0x556ef3600710 | PRF chunk interface PRF aes_xcbc update message-bytes@0x556ef3605080 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef3601f40 | K: symkey-key@0x556ef3601f40 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 5c ffffffcd 1b 5c 6a 1d fffffffe 25 ffffffcd 63 fffffff6 0a 32 ffffff97 ffffffe8 46 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3605330 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff30 | result: k1-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff18 | result: k1-key@0x556ef3605f20 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef36037c0 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x556ef3605f20 | PRF chunk interface: release key-key@0x556ef3601f40 | PRF chunk interface PRF aes_xcbc final-chunk@0x556ef3605d20 (length 16) | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | chunk output 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3605f20 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x556ef3605f20 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef3601f40 (18-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3605f20 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x556ef3601f40 (size 18) | PRF symkey interface: key symkey-key@0x556ef3601f40 (18-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffa0 | result: key symkey-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff88 | result: key symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x556ef36037c0 | key symkey extracting all 18 bytes of key@0x556ef3601f40 | key symkey: symkey-key@0x556ef3601f40 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | key symkey: new slot-key@0x556ef3605c90 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffffc4 6b ffffffc7 ffffffee ffffffaa ffffffec 7e ffffffa5 ffffffb2 41 76 fffffff2 39 ffffffa4 ffffff87 5c | key symkey: release slot-key-key@0x556ef3605c90 | key symkey extracted len 32 bytes at 0x556ef36058f0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x556ef3605f20 | K: symkey-key@0x556ef3605f20 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: ffffffbd ffffffea ffffffff ffffff84 3e 65 47 ffffff86 fffffffc ffffffa4 02 4e ffffff9e fffffff6 06 ffffffc4 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef36008d0 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff20 | result: k1-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff08 | result: k1-key@0x556ef36037c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef3609090 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x556ef36037c0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffa0 | result: key symkey-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff88 | result: key symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x556ef3609090 | PRF symkey interface PRF aes_xcbc crypt-prf@0x556ef3605490 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef360c4c0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x556ef3609090 (size 20) | PRF symkey interface: symkey message-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x556ef3609090 | symkey message: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-1923810272: 27 35 ffffffab ffffffef ffffff9d ffffffff fffffff2 66 ffffffd0 ffffff83 2e ffffffb1 ffffffcf ffffffee 76 2e ffffff92 ffffffa4 ffffff8e ffffffb0 1f 70 2d ffffffb3 ffffffa8 fffffffd 60 ffffffac ffffffa5 ffffffe6 ffffffb9 19 | symkey message: release slot-key-key@0x556ef3605c90 | symkey message extracted len 32 bytes at 0x556ef36058f0 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x556ef36037c0 | K: symkey-key@0x556ef36037c0 (16-bytes, AES_ECB) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x556ef3605c90 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 5c ffffffcd 1b 5c 6a 1d fffffffe 25 ffffffcd 63 fffffff6 0a 32 ffffff97 ffffffe8 46 | K: release slot-key-key@0x556ef3605c90 | K extracted len 16 bytes at 0x556ef3600710 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ff50 | result: k1-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff38 | result: k1-key@0x556ef360c4c0 (16-bytes, AES_ECB) | k1: release tmp-key@0x556ef360e180 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x556ef360c4c0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffe0 | result: xcbc-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffc8 | result: xcbc-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x556ef360e180 | PRF symkey interface: release key-key@0x556ef36037c0 | PRF symkey interface PRF aes_xcbc final-key@0x556ef360c4c0 (size 16) | PRF symkey interface: key-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracting all 16 bytes of key@0x556ef360c4c0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): symkey-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffd9 02 ffffff8b ffffffa8 5a 27 ffffffaa 3b ffffffb4 44 1a 4f ffffffb4 ffffffca fffffff6 52 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): release slot-key-key@0x556ef3605c90 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracted len 16 bytes at 0x556ef3605280 | unwrapped: 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) passed | test_prf_vector: release symkey-key@0x556ef360c4c0 | test_prf_vector: release message-key@0x556ef3609090 | test_prf_vector: release key-key@0x556ef3601f40 | test_prf_vector: release output-key@NULL testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 | decode_to_chunk: test_prf_vector: input "0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" | decode_to_chunk: output: | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | decode_to_chunk: test_prf_vector: input "Hi There" | decode_to_chunk: output: | 48 69 20 54 68 65 72 65 | decode_to_chunk: test_prf_vector: input "0x9294727a3638bb1c13f48ef8158bfc9d" | decode_to_chunk: output: | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface PRF md5 init key-chunk@0x556ef3605490 (length 16) | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffc0 | result: PRF chunk interface-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffa8 | result: PRF chunk interface-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x556ef3609090 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef3601f40 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x556ef36052e0 | PRF chunk interface PRF md5 update message-bytes@0x556ef3605280 (length 8) | 48 69 20 54 68 65 72 65 | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7fff8d550030 | result: message-key@0x556ef360c4c0 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x556ef3601f40 | PRF HMAC inner hash hash md5 inner-key@0x556ef360c4c0 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef360c4c0 (size 72) | PRF HMAC inner hash: inner-key@0x556ef360c4c0 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3605fb0 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fec0 | result: PRF HMAC inner hash-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fea8 | result: PRF HMAC inner hash-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef36037c0 | PRF chunk interface: release inner-key@0x556ef360c4c0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff30 | result: result-key@0x556ef360c4c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff18 | result: result-key@0x556ef36037c0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef360c4c0 | PRF chunk interface: release hashed-inner-key@0x556ef3601f40 | PRF chunk interface: release key-key@0x556ef3609090 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef36037c0 (size 80) | PRF HMAC outer hash: outer-key@0x556ef36037c0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x556ef3600710 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface: release outer-key@0x556ef36037c0 | PRF chunk interface PRF md5 final-chunk@0x556ef3600710 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | chunk output 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3609090 | PRF symkey interface PRF md5 init key symkey-key@0x556ef36037c0 (size 16) | PRF symkey interface: key symkey-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x556ef36037c0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef36037c0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x556ef3605d20 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef360e180 (24-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 8 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 8-bytes | base: base-key@0x556ef360e180 (24-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef360c4c0 (8-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef360e180 | PRF symkey interface PRF md5 update symkey message-key@0x556ef360c4c0 (size 8) | PRF symkey interface: symkey message-key@0x556ef360c4c0 (8-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d550058 | result: result-key@0x556ef360e180 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef3601f40 | PRF HMAC inner hash hash md5 inner-key@0x556ef360e180 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef360e180 (size 72) | PRF HMAC inner hash: inner-key@0x556ef360e180 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3605080 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fee0 | result: PRF HMAC inner hash-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fec8 | result: PRF HMAC inner hash-key@0x556ef3601f40 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef360fae0 | PRF symkey interface: release inner-key@0x556ef360e180 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff50 | result: result-key@0x556ef360e180 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360e180 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff38 | result: result-key@0x556ef360fae0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef360e180 | PRF symkey interface: release hashed-inner-key@0x556ef3601f40 | PRF symkey interface: release key-key@0x556ef3609090 | PRF HMAC outer hash hash md5 outer-key@0x556ef360fae0 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef360fae0 (size 80) | PRF HMAC outer hash: outer-key@0x556ef360fae0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x556ef3605fb0 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffa0 | result: PRF HMAC outer hash-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff88 | result: PRF HMAC outer hash-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x556ef3601f40 | PRF symkey interface: release outer-key@0x556ef360fae0 | : hashed-outer-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x556ef3609090 (size 16) | PRF symkey interface: key-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 1 extracting all 16 bytes of key@0x556ef3609090 | RFC 2104: MD5_HMAC test 1: symkey-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 1: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: 2a ffffffac 74 37 61 2b ffffff9b ffffffd2 ffffff9c ffffffc0 36 7b ffffffe1 76 15 34 | RFC 2104: MD5_HMAC test 1: release slot-key-key@0x556ef3605c90 | RFC 2104: MD5_HMAC test 1 extracted len 16 bytes at 0x556ef3605080 | unwrapped: 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | test_prf_vector: RFC 2104: MD5_HMAC test 1 passed | test_prf_vector: release symkey-key@0x556ef3609090 | test_prf_vector: release message-key@0x556ef360c4c0 | test_prf_vector: release key-key@0x556ef36037c0 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 2 | decode_to_chunk: test_prf_vector: input "Jefe" | decode_to_chunk: output: | 4a 65 66 65 | decode_to_chunk: test_prf_vector: input "what do ya want for nothing?" | decode_to_chunk: output: | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | decode_to_chunk: test_prf_vector: input "0x750c783e6ab0b503eaa86e310a5db738" | decode_to_chunk: output: | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface PRF md5 init key-chunk@0x556ef3605d20 (length 4) | 4a 65 66 65 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffc0 | result: PRF chunk interface-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffa8 | result: PRF chunk interface-key@0x556ef36037c0 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x556ef360c4c0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef36037c0 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef36037c0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x556ef3605fb0 | PRF chunk interface PRF md5 update message-bytes@0x556ef36058f0 (length 28) | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7fff8d550030 | result: message-key@0x556ef3609090 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x556ef36037c0 | PRF HMAC inner hash hash md5 inner-key@0x556ef3609090 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef3609090 (size 92) | PRF HMAC inner hash: inner-key@0x556ef3609090 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3600800 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fec0 | result: PRF HMAC inner hash-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fea8 | result: PRF HMAC inner hash-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef360fae0 | PRF chunk interface: release inner-key@0x556ef3609090 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff30 | result: result-key@0x556ef3609090 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff18 | result: result-key@0x556ef360fae0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef3609090 | PRF chunk interface: release hashed-inner-key@0x556ef36037c0 | PRF chunk interface: release key-key@0x556ef360c4c0 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef360fae0 (size 80) | PRF HMAC outer hash: outer-key@0x556ef360fae0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x556ef360e2e0 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface: release outer-key@0x556ef360fae0 | PRF chunk interface PRF md5 final-chunk@0x556ef360e2e0 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | chunk output 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef360fae0 (4-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef360c4c0 | PRF symkey interface PRF md5 init key symkey-key@0x556ef360fae0 (size 4) | PRF symkey interface: key symkey-key@0x556ef360fae0 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x556ef360fae0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef360fae0 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef360fae0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x556ef3605fb0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef3601f40 (44-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 28 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 28-bytes | base: base-key@0x556ef3601f40 (44-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef3609090 (28-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef3601f40 | PRF symkey interface PRF md5 update symkey message-key@0x556ef3609090 (size 28) | PRF symkey interface: symkey message-key@0x556ef3609090 (28-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d550058 | result: result-key@0x556ef3601f40 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef36037c0 | PRF HMAC inner hash hash md5 inner-key@0x556ef3601f40 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef3601f40 (size 92) | PRF HMAC inner hash: inner-key@0x556ef3601f40 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3605260 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fee0 | result: PRF HMAC inner hash-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fec8 | result: PRF HMAC inner hash-key@0x556ef36037c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef360e180 | PRF symkey interface: release inner-key@0x556ef3601f40 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff50 | result: result-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3601f40 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff38 | result: result-key@0x556ef360e180 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef3601f40 | PRF symkey interface: release hashed-inner-key@0x556ef36037c0 | PRF symkey interface: release key-key@0x556ef360c4c0 | PRF HMAC outer hash hash md5 outer-key@0x556ef360e180 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef360e180 (size 80) | PRF HMAC outer hash: outer-key@0x556ef360e180 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x556ef36008d0 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffa0 | result: PRF HMAC outer hash-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef36037c0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff88 | result: PRF HMAC outer hash-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x556ef36037c0 | PRF symkey interface: release outer-key@0x556ef360e180 | : hashed-outer-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x556ef360c4c0 (size 16) | PRF symkey interface: key-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 2 extracting all 16 bytes of key@0x556ef360c4c0 | RFC 2104: MD5_HMAC test 2: symkey-key@0x556ef360c4c0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 2: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffc0 ffffff8c ffffffde ffffffae ffffffe6 ffffffca 30 53 54 ffffffb0 ffffffda ffffffc4 2b 45 ffffffd3 5b | RFC 2104: MD5_HMAC test 2: release slot-key-key@0x556ef3605c90 | RFC 2104: MD5_HMAC test 2 extracted len 16 bytes at 0x556ef3605260 | unwrapped: 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | test_prf_vector: RFC 2104: MD5_HMAC test 2 passed | test_prf_vector: release symkey-key@0x556ef360c4c0 | test_prf_vector: release message-key@0x556ef3609090 | test_prf_vector: release key-key@0x556ef360fae0 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 3 | decode_to_chunk: test_prf_vector: input "0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" | decode_to_chunk: output: | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | decode_to_chunk: test_prf_vector: input "0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" | decode_to_chunk: output: | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | decode_to_chunk: test_prf_vector: input "0x56be34521d144c88dbb8c733f0e8b3f6" | decode_to_chunk: output: | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface PRF md5 init key-chunk@0x556ef3605fb0 (length 16) | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffc0 | result: PRF chunk interface-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ffa8 | result: PRF chunk interface-key@0x556ef360fae0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x556ef3609090 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef360fae0 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef360fae0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef360fae0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x556ef36008d0 | PRF chunk interface PRF md5 update message-bytes@0x556ef36052a0 (length 50) | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360fae0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7fff8d550030 | result: message-key@0x556ef360c4c0 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x556ef360fae0 | PRF HMAC inner hash hash md5 inner-key@0x556ef360c4c0 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef360c4c0 (size 114) | PRF HMAC inner hash: inner-key@0x556ef360c4c0 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3605490 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fec0 | result: PRF HMAC inner hash-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360e180 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fea8 | result: PRF HMAC inner hash-key@0x556ef360fae0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef360e180 | PRF chunk interface: release inner-key@0x556ef360c4c0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff30 | result: result-key@0x556ef360c4c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360c4c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff18 | result: result-key@0x556ef360e180 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef360c4c0 | PRF chunk interface: release hashed-inner-key@0x556ef360fae0 | PRF chunk interface: release key-key@0x556ef3609090 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef360e180 (size 80) | PRF HMAC outer hash: outer-key@0x556ef360e180 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x556ef3600800 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface: release outer-key@0x556ef360e180 | PRF chunk interface PRF md5 final-chunk@0x556ef3600800 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | chunk output 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: key symkey-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3609090 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: key symkey-key@0x556ef360e180 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x556ef3609090 | PRF symkey interface PRF md5 init key symkey-key@0x556ef360e180 (size 16) | PRF symkey interface: key symkey-key@0x556ef360e180 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x556ef360e180 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef360e180 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff00 | result: trimed key-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x556ef360e180 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff40 | result: result-key@0x556ef360fae0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x556ef36008d0 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d550040 | result: message symkey-key@0x556ef36037c0 (66-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 50 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 50-bytes | base: base-key@0x556ef36037c0 (66-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d550028 | result: message symkey-key@0x556ef360c4c0 (50-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x556ef36037c0 | PRF symkey interface PRF md5 update symkey message-key@0x556ef360c4c0 (size 50) | PRF symkey interface: symkey message-key@0x556ef360c4c0 (50-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef360fae0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d550058 | result: result-key@0x556ef36037c0 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef360fae0 | PRF HMAC inner hash hash md5 inner-key@0x556ef36037c0 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x556ef36037c0 (size 114) | PRF HMAC inner hash: inner-key@0x556ef36037c0 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x556ef3605330 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54fee0 | result: PRF HMAC inner hash-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef3601f40 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54fec8 | result: PRF HMAC inner hash-key@0x556ef360fae0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x556ef3601f40 | PRF symkey interface: release inner-key@0x556ef36037c0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef3609090 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fff8d54ff50 | result: result-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x556ef36037c0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7fff8d54ff38 | result: result-key@0x556ef3601f40 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x556ef36037c0 | PRF symkey interface: release hashed-inner-key@0x556ef360fae0 | PRF symkey interface: release key-key@0x556ef3609090 | PRF HMAC outer hash hash md5 outer-key@0x556ef3601f40 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x556ef3601f40 (size 80) | PRF HMAC outer hash: outer-key@0x556ef3601f40 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x556ef3605280 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fff8d54ffa0 | result: PRF HMAC outer hash-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x556ef360fae0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54ff88 | result: PRF HMAC outer hash-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x556ef360fae0 | PRF symkey interface: release outer-key@0x556ef3601f40 | : hashed-outer-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x556ef3609090 (size 16) | PRF symkey interface: key-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 3 extracting all 16 bytes of key@0x556ef3609090 | RFC 2104: MD5_HMAC test 3: symkey-key@0x556ef3609090 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 3: new slot-key@0x556ef3605c90 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-222830119: ffffffdd 70 ffffffb6 ffffffc0 42 ffffff99 ffffffe2 ffffff95 ffffff8f fffffffc 6c 32 ffffff8e ffffffb9 3f ffffffa2 | RFC 2104: MD5_HMAC test 3: release slot-key-key@0x556ef3605c90 | RFC 2104: MD5_HMAC test 3 extracted len 16 bytes at 0x556ef3605330 | unwrapped: 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | test_prf_vector: RFC 2104: MD5_HMAC test 3 passed | test_prf_vector: release symkey-key@0x556ef3609090 | test_prf_vector: release message-key@0x556ef360c4c0 | test_prf_vector: release key-key@0x556ef360e180 | test_prf_vector: release output-key@NULL 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 started thread for crypto helper 1 started thread for crypto helper 2 started thread for crypto helper 3 started thread for crypto helper 4 started thread for crypto helper 5 started thread for crypto helper 6 | checking IKEv1 state table | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | starting up helper thread 0 | status value returned by setting the priority of this thread (crypto helper 0) 22 | crypto helper 0 waiting (nothing to do) | starting up helper thread 2 | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 2 waiting (nothing to do) | starting up helper thread 3 | status value returned by setting the priority of this thread (crypto helper 3) 22 | crypto helper 3 waiting (nothing to do) | starting up helper thread 6 | status value returned by setting the priority of this thread (crypto helper 6) 22 | crypto helper 6 waiting (nothing to do) | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.2.11+ | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x556ef36052a0 | libevent_malloc: new ptr-libevent@0x556ef3612030 size 128 | libevent_malloc: new ptr-libevent@0x556ef36008d0 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x556ef36002e0 | libevent_malloc: new ptr-libevent@0x556ef36120c0 size 128 | libevent_malloc: new ptr-libevent@0x556ef3605330 size 16 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba246b (length 11) | 4b 41 4d 45 2f 72 61 63 6f 6f 6e | vendor id hash md5 final bytes@0x556ef3605080 (length 16) | 70 03 cb c1 09 7d be 9c 26 00 ba 69 83 bc 8b 35 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3260 (length 46) | 4e 4c 42 53 5f 50 52 45 53 45 4e 54 28 4e 4c 42 | 2f 4d 53 43 53 20 66 61 73 74 20 66 61 69 6c 6f | 76 65 72 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x556ef3605d20 (length 16) | ec 22 62 b5 12 32 63 83 67 12 3b ce 3d 37 3c 5e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3290 (length 32) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 28 41 | 75 74 68 49 50 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x556ef3605260 (length 16) | 6f fe a4 ae ec 37 f4 9a 02 6f 97 cf b5 53 30 6d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba25ee (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x556ef3600800 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba32b8 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x556ef3605fb0 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2600 (length 23) | 4d 69 63 72 6f 73 6f 66 74 20 58 62 6f 78 20 4f | 6e 65 20 32 30 31 33 | vendor id hash md5 final bytes@0x556ef360e2c0 (length 16) | 8a a3 94 cf 8a 55 77 dc 31 10 c1 13 b0 27 a4 f2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2618 (length 22) | 58 62 6f 78 20 49 4b 45 76 32 20 4e 65 67 6f 74 | 69 61 74 69 6f 6e | vendor id hash md5 final bytes@0x556ef36052e0 (length 16) | aa 28 1f cc d6 8c f8 a8 dc b8 5c c0 a7 10 40 2a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba262f (length 28) | 4d 53 46 54 20 49 50 73 65 63 20 53 65 63 75 72 | 69 74 79 20 52 65 61 6c 6d 20 49 64 | vendor id hash md5 final bytes@0x556ef3600710 (length 16) | 68 6a 8c bd fe 63 4b 40 51 46 fb 2b af 33 e9 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba32e0 (length 39) | 41 20 47 53 53 2d 41 50 49 20 41 75 74 68 65 6e | 74 69 63 61 74 69 6f 6e 20 4d 65 74 68 6f 64 20 | 66 6f 72 20 49 4b 45 | vendor id hash md5 final bytes@0x556ef360e2e0 (length 16) | ad 2c 0d d0 b9 c3 20 83 cc ba 25 b8 86 1e c4 55 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba264c (length 6) | 47 53 53 41 50 49 | vendor id hash md5 final bytes@0x556ef36122d0 (length 16) | 62 1b 04 bb 09 88 2a c1 e1 59 35 fe fa 24 ae ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2653 (length 12) | 53 53 48 20 53 65 6e 74 69 6e 65 6c | vendor id hash md5 final bytes@0x556ef36122f0 (length 16) | 05 41 82 a0 7c 7a e2 06 f9 d2 cf 9d 24 32 c4 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2660 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 31 | vendor id hash md5 final bytes@0x556ef3612310 (length 16) | b9 16 23 e6 93 ca 18 a5 4c 6a 27 78 55 23 05 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2671 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 32 | vendor id hash md5 final bytes@0x556ef3612330 (length 16) | 54 30 88 8d e0 1a 31 a6 fa 8f 60 22 4e 44 99 58 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2682 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 33 | vendor id hash md5 final bytes@0x556ef3612350 (length 16) | 7e e5 cb 85 f7 1c e2 59 c9 4a 5c 73 1e e4 e7 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2693 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | vendor id hash md5 final bytes@0x556ef3612370 (length 16) | 63 d9 a1 a7 00 94 91 b5 a0 a6 fd eb 2a 82 84 f0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba26a4 (length 18) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | 2e 31 | vendor id hash md5 final bytes@0x556ef3612390 (length 16) | eb 4b 0d 96 27 6b 4e 22 0a d1 62 21 a7 b2 a5 e6 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3308 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 30 | vendor id hash md5 final bytes@0x556ef36123b0 (length 16) | fb f4 76 14 98 40 31 fa 8e 3b b6 19 80 89 b2 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3340 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 31 | vendor id hash md5 final bytes@0x556ef36123d0 (length 16) | 19 52 dc 91 ac 20 f6 46 fb 01 cf 42 a3 3a ee 30 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3378 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 32 | vendor id hash md5 final bytes@0x556ef36123f0 (length 16) | e8 bf fa 64 3e 5c 8f 2c d1 0f da 73 70 b6 eb e5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba33b0 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 31 | vendor id hash md5 final bytes@0x556ef3612410 (length 16) | c1 11 1b 2d ee 8c bc 3d 62 05 73 ec 57 aa b9 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba33e8 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 32 | vendor id hash md5 final bytes@0x556ef3612430 (length 16) | 09 ec 27 bf bc 09 c7 58 23 cf ec bf fe 56 5a 2e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3420 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 30 2e 30 | vendor id hash md5 final bytes@0x556ef3612450 (length 16) | 7f 21 a5 96 e4 e3 18 f0 b2 f4 94 4c 23 84 cb 84 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3458 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 30 | vendor id hash md5 final bytes@0x556ef3612470 (length 16) | 28 36 d1 fd 28 07 bc 9e 5a e3 07 86 32 04 51 ec | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3490 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 31 | vendor id hash md5 final bytes@0x556ef3612490 (length 16) | a6 8d e7 56 a9 c5 22 9b ae 66 49 80 40 95 1a d5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba34c8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 32 | vendor id hash md5 final bytes@0x556ef36124b0 (length 16) | 3f 23 72 86 7e 23 7c 1c d8 25 0a 75 55 9c ae 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3500 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 30 | vendor id hash md5 final bytes@0x556ef36124d0 (length 16) | 0e 58 d5 77 4d f6 02 00 7d 0b 02 44 36 60 f7 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3538 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 31 | vendor id hash md5 final bytes@0x556ef36124f0 (length 16) | f5 ce 31 eb c2 10 f4 43 50 cf 71 26 5b 57 38 0f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3570 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x556ef3612510 (length 16) | f6 42 60 af 2e 27 42 da dd d5 69 87 06 8a 99 a0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba35a8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x556ef3612530 (length 16) | 7a 54 d3 bd b3 b1 e6 d9 23 89 20 64 be 2d 98 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba35e0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x556ef3612550 (length 16) | 9a a1 f3 b4 34 72 a4 5d 5f 50 6a eb 26 0c f2 14 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3618 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x556ef3612570 (length 16) | 68 80 c7 d0 26 09 91 14 e4 86 c5 54 30 e7 ab ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3650 (length 41) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 50 4c 55 54 4f 5f 53 45 4e 44 53 | 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7fff8d550130 (length 16) | 44 76 1b d7 6b 80 85 41 74 87 ee 8a 51 cf fc f3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3680 (length 53) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 50 4c 55 54 4f 5f 53 45 4e 44 53 5f 56 45 4e | 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7fff8d550130 (length 16) | b7 0e 8a c3 92 b1 6e 05 48 2f c4 dc 36 10 91 68 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba36b8 (length 58) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 4c 44 41 50 20 50 4c 55 54 4f 5f 53 45 4e 44 | 53 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7fff8d550130 (length 16) | 97 1d ea 93 c3 c2 06 74 f9 ae 35 40 83 de 3e 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2791 (length 14) | 4f 70 65 6e 73 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x7fff8d550130 (length 16) | 08 72 0b ee 9e 28 95 3c e0 8f 0a 18 b6 e2 9d da | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3720 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 31 | vendor id hash md5 final bytes@0x556ef3612770 (length 16) | 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3748 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 32 | vendor id hash md5 final bytes@0x556ef3612790 (length 16) | 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba27b9 (length 10) | 45 53 50 54 68 72 75 4e 41 54 | vendor id hash md5 final bytes@0x556ef36127b0 (length 16) | 50 76 0f 62 4c 63 e5 c5 3e ea 38 6c 68 5c a0 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3770 (length 38) | 64 72 61 66 74 2d 68 75 74 74 75 6e 65 6e 2d 69 | 70 73 65 63 2d 65 73 70 2d 69 6e 2d 75 64 70 2d | 30 30 2e 74 78 74 | vendor id hash md5 final bytes@0x556ef36127d0 (length 16) | 6a 74 34 c1 9d 7e 36 34 80 90 a0 23 34 c9 c8 05 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba27c4 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 30 | vendor id hash md5 final bytes@0x556ef36127f0 (length 16) | 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba27e2 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 31 | vendor id hash md5 final bytes@0x556ef3612810 (length 16) | 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2800 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 | vendor id hash md5 final bytes@0x556ef3612830 (length 16) | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba3798 (length 30) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 0a | vendor id hash md5 final bytes@0x556ef3612850 (length 16) | 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba281e (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 33 | vendor id hash md5 final bytes@0x556ef3612870 (length 16) | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba283c (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 34 | vendor id hash md5 final bytes@0x556ef3612890 (length 16) | 99 09 b6 4e ed 93 7c 65 73 de 52 ac e9 52 fa 6b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba285a (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 35 | vendor id hash md5 final bytes@0x556ef36128b0 (length 16) | 80 d0 bb 3d ef 54 56 5e e8 46 45 d4 c8 5c e3 ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2878 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 36 | vendor id hash md5 final bytes@0x556ef36128d0 (length 16) | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2896 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 37 | vendor id hash md5 final bytes@0x556ef36128f0 (length 16) | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba28b4 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 38 | vendor id hash md5 final bytes@0x556ef3612910 (length 16) | 8f 8d 83 82 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba28d2 (length 26) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 | vendor id hash md5 final bytes@0x556ef3612930 (length 16) | 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba28ed (length 8) | 52 46 43 20 33 39 34 37 | vendor id hash md5 final bytes@0x556ef3612950 (length 16) | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2bab707 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x556ef36125d0 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba299d (length 19) | 56 69 64 2d 49 6e 69 74 69 61 6c 2d 43 6f 6e 74 | 61 63 74 | vendor id hash md5 final bytes@0x556ef3612610 (length 16) | 26 24 4d 38 ed db 61 b3 17 2a 36 e3 d0 cf b8 19 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba32b8 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x556ef36125f0 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba25ee (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x556ef36126a0 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba29b1 (length 14) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 | vendor id hash md5 final bytes@0x556ef36126c0 (length 16) | 21 4c a4 fa ff a7 f3 2d 67 48 e5 30 33 95 ae 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2b91bfd (length 10) | 73 74 72 6f 6e 67 53 77 61 6e | vendor id hash md5 final bytes@0x556ef36126e0 (length 16) | 88 2f e5 6d 6f d2 0d bc 22 51 61 3b 2e be 5b eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba29c0 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x556ef3612680 (length 16) | 2c e9 c9 46 a4 c8 79 bf 11 b5 0b 76 cc 56 92 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba29d1 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x556ef3612b10 (length 16) | 9d bb af cf 1d b0 dd 59 5a e0 65 29 40 03 ad 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba29e2 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 32 | vendor id hash md5 final bytes@0x556ef3612b30 (length 16) | 77 e8 ee a6 f5 56 a4 99 de 3f fe 7f 7f 95 66 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba29f3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 33 | vendor id hash md5 final bytes@0x556ef3612b50 (length 16) | b1 81 b1 8e 11 4f c2 09 b3 c6 e2 6c 3a 80 71 8e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a04 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 34 | vendor id hash md5 final bytes@0x556ef3612b70 (length 16) | 1e f2 83 f8 35 49 b5 ff 96 08 b6 d6 34 f8 4d 75 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a15 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 35 | vendor id hash md5 final bytes@0x556ef3612b90 (length 16) | dd 18 0d 21 e5 ce 65 5a 76 8b a3 22 11 dd 8a d9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a26 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 36 | vendor id hash md5 final bytes@0x556ef3612bb0 (length 16) | 4c 90 13 69 46 57 7b 51 91 9d 8d 9a 6b 8e 4a 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a37 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 37 | vendor id hash md5 final bytes@0x556ef3612bd0 (length 16) | ab 07 46 22 1c c8 fd 0d 52 38 f7 3a 9b 3d a5 57 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a48 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x556ef3612bf0 (length 16) | 47 94 ce f6 84 34 22 98 0d 1a 3d 06 af 41 c5 cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a59 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | vendor id hash md5 final bytes@0x556ef3612c10 (length 16) | d3 f1 c4 88 c3 68 17 5d 5f 40 a8 f5 ca 5f 5e 12 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a6a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 32 | vendor id hash md5 final bytes@0x556ef3612c30 (length 16) | 15 a1 ac e7 ee 52 fd df ef 04 f9 28 db 2d d1 34 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a7b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 33 | vendor id hash md5 final bytes@0x556ef3612c50 (length 16) | 58 49 ab 6d 8b ea bd 6e 4d 09 e5 a3 b8 8c 08 9a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a8c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 34 | vendor id hash md5 final bytes@0x556ef3612c70 (length 16) | 31 2f 9c b1 a6 b9 0e 19 de 75 28 c9 04 ac 30 87 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2a9d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 35 | vendor id hash md5 final bytes@0x556ef3612c90 (length 16) | bf 0f bf 73 06 eb b7 82 70 42 d8 93 53 98 86 e2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2aae (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 36 | vendor id hash md5 final bytes@0x556ef3612cb0 (length 16) | d1 96 83 36 8a f4 b0 ed c2 1c cd e9 82 b1 d1 b0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2abf (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 37 | vendor id hash md5 final bytes@0x556ef3612cd0 (length 16) | ea 84 0a a4 df c9 71 2d 6c 32 b5 a1 6e b3 29 a3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2ad0 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 38 | vendor id hash md5 final bytes@0x556ef3612cf0 (length 16) | 66 a2 04 55 07 c1 19 da 78 a4 66 62 59 cd ea 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2ae1 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 39 | vendor id hash md5 final bytes@0x556ef3612d10 (length 16) | 78 fd d2 87 de f0 1a 3f 07 4b 53 69 ea b4 fd 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2af2 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 30 | vendor id hash md5 final bytes@0x556ef3612d30 (length 16) | bf 3a 89 ae 5b ef 8e 72 d4 4d ac 8b b8 8d 7d 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b04 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 31 | vendor id hash md5 final bytes@0x556ef3612d50 (length 16) | b7 bd 9f 2f 97 8e 32 59 a7 aa 9f 7a 13 96 ad 6c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b16 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x556ef3612d70 (length 16) | 9f 68 90 13 25 a9 72 89 43 35 30 2a 95 31 ab 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b27 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 31 | vendor id hash md5 final bytes@0x556ef3612d90 (length 16) | ba b2 53 f4 cb 10 a8 10 8a 7c 92 7c 56 c8 78 86 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b38 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 32 | vendor id hash md5 final bytes@0x556ef3612db0 (length 16) | 2a 51 7d 0d 23 c3 7d 08 bc e7 c2 92 a0 21 7b 39 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b49 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 33 | vendor id hash md5 final bytes@0x556ef3612dd0 (length 16) | 2d 1f 40 61 18 fb d5 d2 84 74 79 1f fa 00 48 8a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b5a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 38 | vendor id hash md5 final bytes@0x556ef3612df0 (length 16) | 8c 4a 3b cb 72 9b 11 f7 03 d2 2a 5b 39 64 0c a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b6b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 37 | vendor id hash md5 final bytes@0x556ef3612e10 (length 16) | 3a 0d 4e 7c a4 e4 92 ed 4d fe 47 6d 1a c6 01 8b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b7c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 36 | vendor id hash md5 final bytes@0x556ef3612e30 (length 16) | fe 3f 49 70 6e 26 a9 fb 36 a8 7b fc e9 ea 36 ce | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b8d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 35 | vendor id hash md5 final bytes@0x556ef3612e50 (length 16) | 4c 7e fa 31 b3 9e 51 04 32 a3 17 57 0d 97 bb b9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2b9e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 34 | vendor id hash md5 final bytes@0x556ef3612e70 (length 16) | 76 c7 2b fd 39 84 24 dd 00 1b 86 d0 01 2f e0 61 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2baf (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 33 | vendor id hash md5 final bytes@0x556ef3612e90 (length 16) | fb 46 41 ad 0e eb 2a 34 49 1d 15 f4 ef f5 10 63 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2bc0 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 32 | vendor id hash md5 final bytes@0x556ef3612eb0 (length 16) | 29 99 32 27 7b 7d fe 38 2c e2 34 65 33 3a 7d 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2bd1 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 31 | vendor id hash md5 final bytes@0x556ef3612ed0 (length 16) | e3 7f 2d 5b a8 9a 62 cd 20 2e e2 7d ac 06 c8 a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2be2 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 30 | vendor id hash md5 final bytes@0x556ef3612ef0 (length 16) | 32 f0 e9 b9 c0 6d fe 8c 9a d5 59 9a 63 69 71 a1 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2bf3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 33 | vendor id hash md5 final bytes@0x556ef3612f10 (length 16) | 7f 50 cc 4e bf 04 c2 d9 da 73 ab fd 69 b7 7a a2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c04 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 32 | vendor id hash md5 final bytes@0x556ef3612f30 (length 16) | a1 94 e2 aa dd d0 ba fb 95 25 3d d9 6d c7 33 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c15 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 31 | vendor id hash md5 final bytes@0x556ef3612f50 (length 16) | 81 34 87 85 82 12 17 85 ba 65 ea 34 5d 6b a7 24 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c26 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 30 | vendor id hash md5 final bytes@0x556ef3612f70 (length 16) | 07 fa 12 8e 47 54 f9 44 7b 1d d4 63 74 ee f3 60 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c37 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 34 | vendor id hash md5 final bytes@0x556ef3612f90 (length 16) | b9 27 f9 52 19 a0 fe 36 00 db a3 c1 18 2a e5 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c48 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 33 | vendor id hash md5 final bytes@0x556ef3612fb0 (length 16) | b2 86 0e 78 37 f7 11 be f3 d0 ee b1 06 87 2d ed | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c59 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 32 | vendor id hash md5 final bytes@0x556ef3612fd0 (length 16) | 5b 1c d6 fe 7d 05 0e da 6c 93 87 1c 10 7d b3 d2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c6a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 31 | vendor id hash md5 final bytes@0x556ef3612ff0 (length 16) | 66 af bc 12 bb fe 6c e1 08 b1 f6 9f 4b c9 17 b7 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c7b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 30 | vendor id hash md5 final bytes@0x556ef3613010 (length 16) | 3f 32 66 49 9f fd bd 85 95 0e 70 22 98 06 28 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c8c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 37 | vendor id hash md5 final bytes@0x556ef3613030 (length 16) | 1f 44 42 29 6b 83 d7 e3 3a 8b 45 20 9b a0 e5 90 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2c9d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 36 | vendor id hash md5 final bytes@0x556ef3613050 (length 16) | 3c 5e ba 3d 85 64 92 8e 32 ae 43 c3 d9 92 4d ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2cae (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 35 | vendor id hash md5 final bytes@0x556ef3613070 (length 16) | 3f 26 7e d6 21 ad a7 ee 6c 7d 88 93 cc b0 b1 4b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2cbf (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 34 | vendor id hash md5 final bytes@0x556ef3613090 (length 16) | 7a 6b f5 b7 df 89 64 2a 75 a7 8e f7 d6 57 c1 c0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2cd0 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 33 | vendor id hash md5 final bytes@0x556ef36130b0 (length 16) | df 5b 1f 0f 1d 56 79 d9 f8 51 2b 16 c5 5a 60 65 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2ce1 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 32 | vendor id hash md5 final bytes@0x556ef36130d0 (length 16) | 86 1c e5 eb 72 16 4b 19 0e 9e 62 9a 31 cf 49 01 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2cf2 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 31 | vendor id hash md5 final bytes@0x556ef36130f0 (length 16) | 9a 4a 46 48 f6 0f 8e da 7c fc bf e2 71 ee 5b 7d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d03 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 30 | vendor id hash md5 final bytes@0x556ef3613110 (length 16) | 9e b3 d9 07 ed 7a da 4e 3c bc ac b9 17 ab c8 e4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d14 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 34 | vendor id hash md5 final bytes@0x556ef3613130 (length 16) | 48 5a 70 36 1b 44 33 b3 1d ea 1c 6b e0 df 24 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d25 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 33 | vendor id hash md5 final bytes@0x556ef3613150 (length 16) | 98 2b 7a 06 3a 33 c1 43 a8 ea dc 88 24 9f 6b cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d36 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 32 | vendor id hash md5 final bytes@0x556ef3613170 (length 16) | e7 a3 fd 0c 6d 77 1a 8f 1b 8a 86 a4 16 9c 9e a4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d47 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 31 | vendor id hash md5 final bytes@0x556ef3613190 (length 16) | 75 b0 65 3c b2 81 eb 26 d3 1e de 38 c8 e1 e2 28 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d58 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 30 | vendor id hash md5 final bytes@0x556ef36131b0 (length 16) | e8 29 c8 81 49 ba b3 c0 ce e8 5d a6 0e 18 ae 9b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d69 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 32 | vendor id hash md5 final bytes@0x556ef36131d0 (length 16) | 42 a4 83 4c 92 ab 9a 77 77 06 3a fa 25 4b cb 69 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d7a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 31 | vendor id hash md5 final bytes@0x556ef36131f0 (length 16) | f6 97 c1 af cc 2e c8 dd cd f9 9d c7 af 03 a6 7f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d8b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 30 | vendor id hash md5 final bytes@0x556ef3613210 (length 16) | b8 f9 2b 2f a2 d3 fe 5f e1 58 34 4b da 1c c6 ae | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2d9c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 32 | vendor id hash md5 final bytes@0x556ef3613230 (length 16) | 99 dc 7c c8 23 37 6b 3b 33 d0 43 57 89 6a e0 7b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2dad (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 31 | vendor id hash md5 final bytes@0x556ef3613250 (length 16) | d9 11 8b 1e 9d e5 ef ce d9 cc 9d 88 3f 21 68 ff | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2ba2dbe (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x556ef3613270 (length 16) | 85 b6 cb ec 48 0d 5c 8c d9 88 2c 82 5a c2 c2 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x556ef2bab707 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x556ef3613290 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. systemd watchdog not enabled - not sending watchdog keepalives | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x556ef36051b0 | libevent_malloc: new ptr-libevent@0x556ef361c570 size 128 | libevent_malloc: new ptr-libevent@0x556ef361c600 size 16 | libevent_realloc: new ptr-libevent@0x556ef35805b0 size 256 | libevent_malloc: new ptr-libevent@0x556ef361c620 size 8 | libevent_realloc: new ptr-libevent@0x556ef36112c0 size 144 | libevent_malloc: new ptr-libevent@0x556ef361c640 size 152 | libevent_malloc: new ptr-libevent@0x556ef361c6e0 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x556ef361c700 size 8 | libevent_malloc: new ptr-libevent@0x556ef361c720 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x556ef361c7c0 size 8 | libevent_malloc: new ptr-libevent@0x556ef361c7e0 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x556ef361c880 size 8 | libevent_realloc: release ptr-libevent@0x556ef36112c0 | libevent_realloc: new ptr-libevent@0x556ef361c8a0 size 256 | libevent_malloc: new ptr-libevent@0x556ef36112c0 size 152 | signal event handler PLUTO_SIGSYS installed | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 1) 22 | crypto helper 1 waiting (nothing to do) | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) | starting up helper thread 5 | status value returned by setting the priority of this thread (crypto helper 5) 22 | crypto helper 5 waiting (nothing to do) | created addconn helper (pid:12039) using fork+execve | forked child 12039 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | pluto_sd: executing action action: reloading(4), status 0 listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.45:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.45:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.1.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.1.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x556ef361cc50 | libevent_malloc: new ptr-libevent@0x556ef361cc90 size 128 | libevent_malloc: new ptr-libevent@0x556ef361cd20 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x556ef361cd40 | libevent_malloc: new ptr-libevent@0x556ef361cd80 size 128 | libevent_malloc: new ptr-libevent@0x556ef361ce10 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x556ef361ce30 | libevent_malloc: new ptr-libevent@0x556ef361ce70 size 128 | libevent_malloc: new ptr-libevent@0x556ef361cf00 size 16 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x556ef361cf20 | libevent_malloc: new ptr-libevent@0x556ef361cf60 size 128 | libevent_malloc: new ptr-libevent@0x556ef361cff0 size 16 | setup callback for interface eth0 192.0.1.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x556ef361d010 | libevent_malloc: new ptr-libevent@0x556ef361d050 size 128 | libevent_malloc: new ptr-libevent@0x556ef361d0e0 size 16 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x556ef361d100 | libevent_malloc: new ptr-libevent@0x556ef361d140 size 128 | libevent_malloc: new ptr-libevent@0x556ef361d1d0 size 16 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x556ef3612210) PKK_PSK: @west | id type added to secret(0x556ef3612210) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | pluto_sd: executing action action: ready(5), status 0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.631 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | pluto_sd: executing action action: reloading(4), status 0 listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 | no interfaces to sort | libevent_free: release ptr-libevent@0x556ef361cc90 | free_event_entry: release EVENT_NULL-pe@0x556ef361cc50 | add_fd_read_event_handler: new ethX-pe@0x556ef361cc50 | libevent_malloc: new ptr-libevent@0x556ef361cc90 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x556ef361cd80 | free_event_entry: release EVENT_NULL-pe@0x556ef361cd40 | add_fd_read_event_handler: new ethX-pe@0x556ef361cd40 | libevent_malloc: new ptr-libevent@0x556ef361cd80 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x556ef361ce70 | free_event_entry: release EVENT_NULL-pe@0x556ef361ce30 | add_fd_read_event_handler: new ethX-pe@0x556ef361ce30 | libevent_malloc: new ptr-libevent@0x556ef361ce70 size 128 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | libevent_free: release ptr-libevent@0x556ef361cf60 | free_event_entry: release EVENT_NULL-pe@0x556ef361cf20 | add_fd_read_event_handler: new ethX-pe@0x556ef361cf20 | libevent_malloc: new ptr-libevent@0x556ef361cf60 size 128 | setup callback for interface eth0 192.0.1.254:500 fd 19 | libevent_free: release ptr-libevent@0x556ef361d050 | free_event_entry: release EVENT_NULL-pe@0x556ef361d010 | add_fd_read_event_handler: new ethX-pe@0x556ef361d010 | libevent_malloc: new ptr-libevent@0x556ef361d050 size 128 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | libevent_free: release ptr-libevent@0x556ef361d140 | free_event_entry: release EVENT_NULL-pe@0x556ef361d100 | add_fd_read_event_handler: new ethX-pe@0x556ef361d100 | libevent_malloc: new ptr-libevent@0x556ef361d140 size 128 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x556ef3612210) PKK_PSK: @west | id type added to secret(0x556ef3612210) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | pluto_sd: executing action action: ready(5), status 0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.318 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 12039 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.0148 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0436 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef35e95c0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.185 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #1 at 0x556ef361e0c0 | State DB: adding IKEv1 state #1 in UNDEFINED | pstats #1 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #1: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #1 "aes128" "aes128" #1: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef361f5f0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 13 ef 77 1f 50 b5 66 99 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #1 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48950.764084 | #1 spent 0.443 milliseconds in main_outI1() | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.5 milliseconds in whack | spent 0.00154 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #1 in MAIN_I1 (find_state_ikev1_init) | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #1 is idle | #1 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 1 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.15 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.277 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 1 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c10000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c10000d60 | NSS: Public DH wire value: | 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | Generated nonce: 45 24 d3 13 fb 05 67 e4 12 52 8f 7b e1 60 d9 99 | Generated nonce: d2 cb 9d 33 98 a4 11 a8 cc d2 5c 82 93 82 30 8f | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 1 time elapsed 0.001584 seconds | (#1) spent 1.15 milliseconds in crypto helper computing work-order 1: outI2 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f6c10006900 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #1: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c10000d60: transferring ownership from helper KE to state #1 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | keyex value 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | keyex value 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | keyex value e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | keyex value 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | keyex value 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | keyex value 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | keyex value 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | keyex value 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | keyex value 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | keyex value 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | keyex value a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | keyex value 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | keyex value b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | keyex value 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | keyex value d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 45 24 d3 13 fb 05 67 e4 12 52 8f 7b e1 60 d9 99 | Ni d2 cb 9d 33 98 a4 11 a8 cc d2 5c 82 93 82 30 8f | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 13 ef 77 1f 50 b5 66 99 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | e4 fd b7 26 79 cf ac cd | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | 20 d3 8d 83 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 13 ef 77 1f 50 b5 66 99 | natd_hash: rcookie= e4 fd b7 26 79 cf ac cd | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | natd_hash: hash= 20 d3 8d 83 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | NAT-D 20 d3 8d 83 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 13 ef 77 1f 50 b5 66 99 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | e4 fd b7 26 79 cf ac cd | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | 29 c0 92 20 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 13 ef 77 1f 50 b5 66 99 | natd_hash: rcookie= e4 fd b7 26 79 cf ac cd | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | natd_hash: hash= 29 c0 92 20 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | NAT-D 29 c0 92 20 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #1: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | 14 00 00 24 45 24 d3 13 fb 05 67 e4 12 52 8f 7b | e1 60 d9 99 d2 cb 9d 33 98 a4 11 a8 cc d2 5c 82 | 93 82 30 8f 14 00 00 18 e6 f2 6b 09 ca 20 3e 85 | 4d 57 82 e4 19 9c 8a 92 20 d3 8d 83 00 00 00 18 | 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | 29 c0 92 20 | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #1 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48950.767039 "aes128" #1: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.343 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c10006900 | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | 14 00 00 24 d3 1c ca aa 5c c4 d5 a8 c2 78 94 f9 | 2f 2c 70 d2 2c dc b1 25 d5 4a ba c7 c1 eb 9a c0 | e1 7d 44 6e 14 00 00 18 8f bb 2b 21 48 25 67 e7 | 70 68 8f 48 26 27 09 b4 29 c0 92 20 00 00 00 18 | e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | 20 d3 8d 83 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I2 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #1 is idle | #1 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c10000d60: transferring ownership from state #1 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 2 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.0896 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.262 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 2 for state #1 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 | peer's g: 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | peer's g: 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | peer's g: 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | peer's g: 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | peer's g: d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | peer's g: c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | peer's g: 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | peer's g: f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | peer's g: 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | peer's g: 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | peer's g: 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | peer's g: 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | peer's g: 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | peer's g: e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | peer's g: c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | peer's g: fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c10000d60: computed shared DH secret key@0x556ef360e180 | dh-shared : g^ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef3620ae0 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: psk-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: psk-key@0x556ef360c4c0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3609090 | SKEYID psk prf: created sha context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk prf: begin sha with context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk: release clone-key@0x556ef360c4c0 | SKEYID psk PRF sha crypt-prf@0x7f6c08002090 | SKEYID psk PRF sha update Ni-bytes@0x556ef3620b04 (length 32) | 45 24 d3 13 fb 05 67 e4 12 52 8f 7b e1 60 d9 99 | d2 cb 9d 33 98 a4 11 a8 cc d2 5c 82 93 82 30 8f | SKEYID psk PRF sha update Nr-bytes@0x556ef3620b24 (length 32) | d3 1c ca aa 5c c4 d5 a8 c2 78 94 f9 2f 2c 70 d2 | 2c dc b1 25 d5 4a ba c7 c1 eb 9a c0 e1 7d 44 6e | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID psk PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID psk: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6b8 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d: release clone-key@0x556ef3609090 | SKEYID_d PRF sha crypt-prf@0x7f6c08001090 | SKEYID_d PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_d: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312960: ffffffd3 ffffffde 56 ffffffde ffffffb5 7e 2c fffffff5 04 ffffff96 54 4c ffffffb6 ffffffde ffffffe5 ffffffe7 44 ffffffea ffffffde ffffffd5 ffffffe8 fffffffb 40 ffffffbc 20 ffffffd4 ffffff8b ffffffb8 2d 3b ffffffa5 ffffffaf ffffff88 ffffffeb fffffff4 2b 1f ffffffb7 5e 6d ffffff9b 45 ffffff8d 7f 21 6f 59 5f 3d ffffffeb ffffffd2 ffffff8c 1c 50 48 6d ffffffd7 2b 34 ffffff96 fffffffe ffffff9d 20 2a 3a ffffff8c fffffff8 ffffff90 fffffff2 31 ffffffa8 ffffffb3 14 ffffffd9 11 ffffffa8 3a 7c ffffffba 0a 7c 2a 5b ffffff8f 1b ffffff8f ffffffec 1d ffffff98 ffffffac 79 14 64 fffffffb ffffffe1 25 28 7f ffffffb3 5a 2a ffffff96 1f 1c 25 ffffffc0 79 17 ffffffc8 ffffffa2 fffffff3 ffffff86 ffffffe7 ffffffcc ffffffb3 40 12 5e 6b 2c 4b 7f ffffffa3 67 ffffffb5 37 50 6f 04 18 ffffff86 67 ffffffac ffffffd2 ffffffde 5c ffffffac ffffffee ffffffce ffffffa7 2d ffffffe8 ffffffb3 25 13 ffffffda ffffff9b ffffff90 ffffffca 02 11 ffffffa3 ffffffdc ffffffbb 38 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08004db0 | unwrapped: 97 85 bc 27 e1 76 d1 98 54 87 9d 2f 69 56 2c af | unwrapped: f2 b4 1e 5a a1 e9 b3 4e 09 f6 3d 51 78 a7 9f bd | unwrapped: 45 17 f4 18 41 a9 56 c3 56 e9 85 42 b7 b9 c5 e7 | unwrapped: 77 37 ef bf 73 d9 3e 39 db e7 d2 9f f9 5b 01 de | unwrapped: 22 46 3e a2 80 9b 2e 25 62 5e 84 ff fe f9 f6 43 | unwrapped: 5f d4 ee 55 0d 71 07 19 44 4f 1e f6 0c c6 66 0a | unwrapped: e7 33 62 55 00 96 a6 bd cc f9 7a 78 14 f3 b3 5d | unwrapped: d8 88 cf 78 18 b4 a5 e5 75 5a 72 ce 6e 48 e2 a9 | unwrapped: 24 58 1a f5 50 a7 fa 3b 9a 72 1c 00 61 e2 63 f1 | unwrapped: 9a 11 5f e5 cb 28 2e 95 b6 1c f4 95 47 34 75 4c | unwrapped: 82 a1 f9 42 94 6b 2b b3 a4 f1 c1 7e 9d f3 af 5a | unwrapped: d6 e8 6f ff 18 de 2b 9e 7a 29 fc 4e 93 e6 68 67 | unwrapped: 3b 9f 5f 1e ca ed 35 3a f3 c5 a4 4c 78 af 2b 62 | unwrapped: b0 71 87 cb 03 51 0a 3b 74 87 26 d2 61 93 8a b1 | unwrapped: 24 50 e1 7b 71 7c 0c b9 10 86 2e 3d 8a 82 9c a3 | unwrapped: 8d f5 02 af 15 7a 27 f8 d1 4d c4 c2 df 43 8d 39 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef3620d44 (length 8) | 13 ef 77 1f 50 b5 66 99 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef3620d4c (length 8) | e4 fd b7 26 79 cf ac cd | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID_d PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_d: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a: release clone-key@0x556ef3601f40 | SKEYID_a PRF sha crypt-prf@0x7f6c08001ef0 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3609090 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312928: ffffff80 1f ffffffcc 49 ffffffc8 54 3f ffffffb7 07 35 09 ffffff83 ffffffda ffffffa9 ffffffec ffffff91 4e 07 ffffffd3 3d 16 2e 2f ffffffc8 20 45 ffffffac 42 ffffffce 1a ffffff9c ffffff8b | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c080020b0 | unwrapped: 55 8c b1 94 0f f1 8b b8 49 28 64 ab 7d b1 8a 71 | unwrapped: e4 d3 b8 6b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_a: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312928: ffffffd3 ffffffde 56 ffffffde ffffffb5 7e 2c fffffff5 04 ffffff96 54 4c ffffffb6 ffffffde ffffffe5 ffffffe7 44 ffffffea ffffffde ffffffd5 ffffffe8 fffffffb 40 ffffffbc 20 ffffffd4 ffffff8b ffffffb8 2d 3b ffffffa5 ffffffaf ffffff88 ffffffeb fffffff4 2b 1f ffffffb7 5e 6d ffffff9b 45 ffffff8d 7f 21 6f 59 5f 3d ffffffeb ffffffd2 ffffff8c 1c 50 48 6d ffffffd7 2b 34 ffffff96 fffffffe ffffff9d 20 2a 3a ffffff8c fffffff8 ffffff90 fffffff2 31 ffffffa8 ffffffb3 14 ffffffd9 11 ffffffa8 3a 7c ffffffba 0a 7c 2a 5b ffffff8f 1b ffffff8f ffffffec 1d ffffff98 ffffffac 79 14 64 fffffffb ffffffe1 25 28 7f ffffffb3 5a 2a ffffff96 1f 1c 25 ffffffc0 79 17 ffffffc8 ffffffa2 fffffff3 ffffff86 ffffffe7 ffffffcc ffffffb3 40 12 5e 6b 2c 4b 7f ffffffa3 67 ffffffb5 37 50 6f 04 18 ffffff86 67 ffffffac ffffffd2 ffffffde 5c ffffffac ffffffee ffffffce ffffffa7 2d ffffffe8 ffffffb3 25 13 ffffffda ffffff9b ffffff90 ffffffca 02 11 ffffffa3 ffffffdc ffffffbb 38 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003ce0 | unwrapped: 97 85 bc 27 e1 76 d1 98 54 87 9d 2f 69 56 2c af | unwrapped: f2 b4 1e 5a a1 e9 b3 4e 09 f6 3d 51 78 a7 9f bd | unwrapped: 45 17 f4 18 41 a9 56 c3 56 e9 85 42 b7 b9 c5 e7 | unwrapped: 77 37 ef bf 73 d9 3e 39 db e7 d2 9f f9 5b 01 de | unwrapped: 22 46 3e a2 80 9b 2e 25 62 5e 84 ff fe f9 f6 43 | unwrapped: 5f d4 ee 55 0d 71 07 19 44 4f 1e f6 0c c6 66 0a | unwrapped: e7 33 62 55 00 96 a6 bd cc f9 7a 78 14 f3 b3 5d | unwrapped: d8 88 cf 78 18 b4 a5 e5 75 5a 72 ce 6e 48 e2 a9 | unwrapped: 24 58 1a f5 50 a7 fa 3b 9a 72 1c 00 61 e2 63 f1 | unwrapped: 9a 11 5f e5 cb 28 2e 95 b6 1c f4 95 47 34 75 4c | unwrapped: 82 a1 f9 42 94 6b 2b b3 a4 f1 c1 7e 9d f3 af 5a | unwrapped: d6 e8 6f ff 18 de 2b 9e 7a 29 fc 4e 93 e6 68 67 | unwrapped: 3b 9f 5f 1e ca ed 35 3a f3 c5 a4 4c 78 af 2b 62 | unwrapped: b0 71 87 cb 03 51 0a 3b 74 87 26 d2 61 93 8a b1 | unwrapped: 24 50 e1 7b 71 7c 0c b9 10 86 2e 3d 8a 82 9c a3 | unwrapped: 8d f5 02 af 15 7a 27 f8 d1 4d c4 c2 df 43 8d 39 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef3620d44 (length 8) | 13 ef 77 1f 50 b5 66 99 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef3620d4c (length 8) | e4 fd b7 26 79 cf ac cd | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: final-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360fae0 | SKEYID_a PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_a: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: clone-key@0x556ef360fae0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e: release clone-key@0x556ef360fae0 | SKEYID_e PRF sha crypt-prf@0x7f6c08001160 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3601f40 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312944: 1c ffffffb1 ffffffb1 ffffffd5 ffffff9b 69 ffffff9f 62 ffffffd0 6a ffffffbd ffffffcd 56 ffffff85 27 ffffff87 ffffffef ffffff9d fffffff1 ffffffae ffffff84 33 ffffffed 77 ffffffb8 48 ffffffbb fffffff3 ffffffe4 ffffffb3 ffffffb5 48 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c080030a0 | unwrapped: e1 45 13 57 bc b1 ff fc 00 84 66 ac 56 6e af 23 | unwrapped: 17 e0 1a b0 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_e: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312944: ffffffd3 ffffffde 56 ffffffde ffffffb5 7e 2c fffffff5 04 ffffff96 54 4c ffffffb6 ffffffde ffffffe5 ffffffe7 44 ffffffea ffffffde ffffffd5 ffffffe8 fffffffb 40 ffffffbc 20 ffffffd4 ffffff8b ffffffb8 2d 3b ffffffa5 ffffffaf ffffff88 ffffffeb fffffff4 2b 1f ffffffb7 5e 6d ffffff9b 45 ffffff8d 7f 21 6f 59 5f 3d ffffffeb ffffffd2 ffffff8c 1c 50 48 6d ffffffd7 2b 34 ffffff96 fffffffe ffffff9d 20 2a 3a ffffff8c fffffff8 ffffff90 fffffff2 31 ffffffa8 ffffffb3 14 ffffffd9 11 ffffffa8 3a 7c ffffffba 0a 7c 2a 5b ffffff8f 1b ffffff8f ffffffec 1d ffffff98 ffffffac 79 14 64 fffffffb ffffffe1 25 28 7f ffffffb3 5a 2a ffffff96 1f 1c 25 ffffffc0 79 17 ffffffc8 ffffffa2 fffffff3 ffffff86 ffffffe7 ffffffcc ffffffb3 40 12 5e 6b 2c 4b 7f ffffffa3 67 ffffffb5 37 50 6f 04 18 ffffff86 67 ffffffac ffffffd2 ffffffde 5c ffffffac ffffffee ffffffce ffffffa7 2d ffffffe8 ffffffb3 25 13 ffffffda ffffff9b ffffff90 ffffffca 02 11 ffffffa3 ffffffdc ffffffbb 38 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003bd0 | unwrapped: 97 85 bc 27 e1 76 d1 98 54 87 9d 2f 69 56 2c af | unwrapped: f2 b4 1e 5a a1 e9 b3 4e 09 f6 3d 51 78 a7 9f bd | unwrapped: 45 17 f4 18 41 a9 56 c3 56 e9 85 42 b7 b9 c5 e7 | unwrapped: 77 37 ef bf 73 d9 3e 39 db e7 d2 9f f9 5b 01 de | unwrapped: 22 46 3e a2 80 9b 2e 25 62 5e 84 ff fe f9 f6 43 | unwrapped: 5f d4 ee 55 0d 71 07 19 44 4f 1e f6 0c c6 66 0a | unwrapped: e7 33 62 55 00 96 a6 bd cc f9 7a 78 14 f3 b3 5d | unwrapped: d8 88 cf 78 18 b4 a5 e5 75 5a 72 ce 6e 48 e2 a9 | unwrapped: 24 58 1a f5 50 a7 fa 3b 9a 72 1c 00 61 e2 63 f1 | unwrapped: 9a 11 5f e5 cb 28 2e 95 b6 1c f4 95 47 34 75 4c | unwrapped: 82 a1 f9 42 94 6b 2b b3 a4 f1 c1 7e 9d f3 af 5a | unwrapped: d6 e8 6f ff 18 de 2b 9e 7a 29 fc 4e 93 e6 68 67 | unwrapped: 3b 9f 5f 1e ca ed 35 3a f3 c5 a4 4c 78 af 2b 62 | unwrapped: b0 71 87 cb 03 51 0a 3b 74 87 26 d2 61 93 8a b1 | unwrapped: 24 50 e1 7b 71 7c 0c b9 10 86 2e 3d 8a 82 9c a3 | unwrapped: 8d f5 02 af 15 7a 27 f8 d1 4d c4 c2 df 43 8d 39 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef3620d44 (length 8) | 13 ef 77 1f 50 b5 66 99 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef3620d4c (length 8) | e4 fd b7 26 79 cf ac cd | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6b0 | result: final-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36037c0 | SKEYID_e PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID_e: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6f8 | result: keymat-key@0x556ef36037c0 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3609090, skeyid_a 0x556ef3601f40, skeyid_e 0x556ef360fae0, enc_key 0x556ef36037c0 | DH_i: 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | DH_i: 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | DH_i: 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | DH_i: e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | DH_i: 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | DH_i: 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | DH_i: 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | DH_i: 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | DH_i: 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | DH_i: 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | DH_i: 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | DH_i: a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | DH_i: 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | DH_i: b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | DH_i: 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | DH_i: d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | DH_r: 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | DH_r: 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | DH_r: 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | DH_r: 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | DH_r: d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | DH_r: c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | DH_r: 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | DH_r: f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | DH_r: 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | DH_r: 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | DH_r: 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | DH_r: 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | DH_r: 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | DH_r: e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | DH_r: c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | DH_r: fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef3620b44 (length 256) | 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | new IV hash sha digest GR-bytes@0x556ef3620c44 (length 256) | 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | new IV hash sha final chunk@0x7f6c08001230 (length 20) | 8a c7 b2 23 70 63 00 54 15 0d e5 28 74 60 de c6 | b6 29 95 38 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.001998 seconds | (#1) spent 2 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7f6c08008420 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 2 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #1: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c10000d60: transferring ownership from helper IKEv1 DH+IV to state #1 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef361e658 (length 8) | 13 ef 77 1f 50 b5 66 99 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef361e660 (length 8) | e4 fd b7 26 79 cf ac cd | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | 29 c0 92 20 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 13 ef 77 1f 50 b5 66 99 | natd_hash: rcookie= e4 fd b7 26 79 cf ac cd | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | natd_hash: hash= 29 c0 92 20 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef361e658 (length 8) | 13 ef 77 1f 50 b5 66 99 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef361e660 (length 8) | e4 fd b7 26 79 cf ac cd | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | 20 d3 8d 83 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 13 ef 77 1f 50 b5 66 99 | natd_hash: rcookie= e4 fd b7 26 79 cf ac cd | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | natd_hash: hash= 20 d3 8d 83 | expected NAT-D(me): 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | expected NAT-D(me): 29 c0 92 20 | expected NAT-D(him): | e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | 20 d3 8d 83 | received NAT-D: 8f bb 2b 21 48 25 67 e7 70 68 8f 48 26 27 09 b4 | received NAT-D: 29 c0 92 20 | received NAT-D: e6 f2 6b 09 ca 20 3e 85 4d 57 82 e4 19 9c 8a 92 | received NAT-D: 20 d3 8d 83 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef361f630 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | hmac PRF sha update data-bytes@0x556ef361f110 (length 256) | 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | hmac PRF sha update data-bytes@0x556ef361e658 (length 8) | 13 ef 77 1f 50 b5 66 99 | hmac PRF sha update data-bytes@0x556ef361e660 (length 8) | e4 fd b7 26 79 cf ac cd | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ebb4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 6a c6 f6 63 e6 39 a7 69 67 50 c9 e9 21 35 c0 23 | 6a b5 52 c8 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 6a c6 f6 63 e6 39 a7 69 67 50 c9 e9 21 35 c0 23 | HASH_I 6a b5 52 c8 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 6a c6 f6 63 e6 39 a7 69 67 50 c9 e9 21 35 c0 23 | encrypting: 6a b5 52 c8 | IV: 8a c7 b2 23 70 63 00 54 15 0d e5 28 74 60 de c6 | IV: b6 29 95 38 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d4 24 52 9e b7 d0 0a 59 6d 12 e0 87 4c 5b be f8 | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #1: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 05 10 02 01 00 00 00 00 00 00 00 4c 71 09 23 3c | 35 f6 d2 f6 f0 69 fd 57 e6 cd 90 79 80 83 d1 03 | 1c 93 a6 5c c3 0b 02 f3 d0 ae 3d 14 d4 24 52 9e | b7 d0 0a 59 6d 12 e0 87 4c 5b be f8 | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #1 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48950.77192 "aes128" #1: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.435 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c08008420 | spent 0.00185 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 05 10 02 01 00 00 00 00 00 00 00 4c e2 07 05 45 | c8 be ad 9c 5a 6e ce 4c a0 ee c7 22 d9 31 4f a5 | d6 a1 d6 92 cd c9 40 01 cf d1 40 14 dd 93 86 74 | ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I3 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #1 is idle | #1 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: d4 24 52 9e b7 d0 0a 59 6d 12 e0 87 4c 5b be f8 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | decrypted payload (starts at offset -48): | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 77 7c 63 bb | f3 cd b5 e3 a3 a2 b9 77 c8 c6 a2 ed 5a 3c d5 f3 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #1: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef361f610 | hmac PRF sha update data-bytes@0x556ef361f110 (length 256) | 06 59 a3 4f 9f ca 61 18 99 9c bc 2f 30 66 7d 2a | 25 dd a8 3e 6c f8 0b 4b 5e ce ea b1 c9 22 31 a7 | 52 0e 3e 37 b0 11 54 da 13 b2 0e fc fb f3 c1 1f | 7e 00 48 64 df 98 6a da 97 cf 7a 54 68 5d 0d 0a | d1 93 b7 2e 41 ef b3 79 14 48 10 87 fa 5b d1 c7 | c9 57 bf d7 22 87 1e 81 e0 c2 ae 8b 6e 5b be 7d | 9e 15 0f a2 db ba 77 7d 3b 0b 9c f0 4e e2 0b ac | f8 2c 26 4f 4a 9b f9 f0 99 53 66 d1 d6 af 62 72 | 1e 69 9b 6b c1 e6 d6 5c 08 8b 3e 4e 86 76 7c 2a | 50 25 14 15 39 c7 2d 07 08 ed 96 df c6 39 12 0b | 8c 64 42 50 54 c6 ff 17 28 11 68 21 19 2f 3f 9d | 25 25 68 55 13 8c 55 12 8e b2 cc 53 db 2e 96 92 | 01 b4 f5 c5 21 fc 89 32 c5 d8 66 44 94 4a aa d6 | e6 6a 20 f8 b3 ec b7 95 df 43 cd 7c 14 a6 bd d3 | c1 1a 77 bb 95 21 95 3a a5 25 a0 c9 58 b2 75 51 | fd 42 00 d6 5e 21 d9 05 e9 dd f1 65 79 8d 92 64 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 45 ef 35 56 b1 f7 24 61 3c 53 00 be 19 55 88 56 | 0e d1 7c 11 f5 ff 58 18 31 0c b5 dd 91 9b 78 9d | 1c c1 72 78 ec 69 b0 b7 ba 71 08 74 ac 02 1c d8 | e4 25 09 09 f5 58 c3 a7 47 18 d9 ff f9 ec fe 1c | 3f 69 b2 dc 8f 94 84 ca 60 e0 73 f6 d8 d7 45 5a | 12 94 dd 97 8a 25 07 f4 81 a7 ed 0b 22 a4 b8 2a | 76 cc 68 1e c7 27 7b 55 f0 09 5d fe 68 6d 2c b8 | 0f 65 78 86 71 e5 44 ec 9e c1 8f a7 f6 58 85 a2 | 55 bd ac 47 60 a6 a7 3c 87 a2 af 27 c8 ed 31 2e | 60 24 7a cd 66 f6 93 2a 34 1a 37 f8 f9 e8 a1 dc | 0b a4 76 ab 79 a1 21 22 9f 05 9a 2d 10 7b bd 1d | a8 21 d8 cb 97 df 9b 8c e9 7d 29 27 9b 32 75 e8 | 48 81 36 e6 ba 1c bd 5e 57 ed 64 e1 64 30 ff 2b | b1 c8 99 63 d2 d8 ae ed b5 83 a6 cd 22 cf d9 a0 | 15 dc a3 20 53 17 bd 66 88 a6 00 72 32 fb 7a 97 | d9 27 dc 58 87 9c 52 d9 6f 38 96 7e 61 f0 74 4e | hmac PRF sha update data-bytes@0x556ef361e660 (length 8) | e4 fd b7 26 79 cf ac cd | hmac PRF sha update data-bytes@0x556ef361e658 (length 8) | 13 ef 77 1f 50 b5 66 99 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ebb4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef357bdd0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 77 7c 63 bb f3 cd b5 e3 a3 a2 b9 77 c8 c6 a2 ed | 5a 3c d5 f3 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #1: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | pstats #1 ikev1.isakmp established "aes128" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #1 | creating state object #2 at 0x556ef3620a70 | State DB: adding IKEv1 state #2 in UNDEFINED | pstats #2 ikev1.ipsec started | duplicating state object #1 "aes128" as #2 for IPSEC SA | #2 setting local endpoint to 192.1.2.45:500 from #1.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef36037c0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #1 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #2 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #2: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:e479104f proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 3 for state #2 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c10002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f6c08008420 size 128 | stop processing: state #2 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #1 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x556ef357c460} | close_any(fd@24) (in release_whack() at state.c:654) | #1 spent 0.429 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.58 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 3 for state #2 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 3 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c0c000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c0c000d60 | NSS: Public DH wire value: | 8f ef 86 7b a3 1f d4 7c aa ad a9 9d 14 63 ab b6 | 5f 99 2f aa 0b 52 12 d3 d6 ca 22 7d c1 57 0a 8c | e2 14 5d 5c 23 6f ad 17 76 f2 43 73 1e e6 bb 03 | 99 a9 5e 92 05 61 f3 c1 ab f2 13 b8 76 bd 8d a9 | 23 2e be 72 7a 9b df f7 d5 80 79 7b 69 ea 5a 60 | c8 b0 0c 22 22 27 ee b9 b6 de b2 90 86 dc 11 59 | 95 04 d3 f4 23 cf 35 f7 48 1b 52 c2 76 3b 7b b2 | 40 64 34 1e 6b 16 c7 36 64 84 f5 60 47 12 fc 14 | aa ba fd fe a4 fc 6b 37 85 eb fd a9 36 1b 1e ff | d6 c0 e9 f2 25 13 15 ec 03 de bc 19 8e 23 05 06 | 7f f5 36 e7 43 0a 68 01 9c 8d 6b 43 36 75 20 5e | a3 f7 b7 60 11 2e 0c 81 19 27 e4 6a a5 e8 65 20 | 8a c2 ae da 9b e9 43 b9 42 98 6a 73 85 ba dc 4b | da 31 77 a7 be ea f8 da 30 9e 21 da ff 21 b6 8a | fd 2e 8f 10 be ec bb 9d 00 2a ef 86 27 0f 07 c0 | 62 92 49 5d 2e fb e7 02 ac be f5 3e 23 a6 b6 f7 | Generated nonce: b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | Generated nonce: 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 3 time elapsed 0.001411 seconds | (#2) spent 1.1 milliseconds in crypto helper computing work-order 3: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 3 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f6c0c007fa0 size 128 | libevent_realloc: release ptr-libevent@0x556ef36006c0 | libevent_realloc: new ptr-libevent@0x556ef3621560 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 3 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #2: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3833139279 (0xe479104f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x34c86f56 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 34 c8 6f 56 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | Ni 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c0c000d60: transferring ownership from helper KE to state #2 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 8f ef 86 7b a3 1f d4 7c aa ad a9 9d 14 63 ab b6 | keyex value 5f 99 2f aa 0b 52 12 d3 d6 ca 22 7d c1 57 0a 8c | keyex value e2 14 5d 5c 23 6f ad 17 76 f2 43 73 1e e6 bb 03 | keyex value 99 a9 5e 92 05 61 f3 c1 ab f2 13 b8 76 bd 8d a9 | keyex value 23 2e be 72 7a 9b df f7 d5 80 79 7b 69 ea 5a 60 | keyex value c8 b0 0c 22 22 27 ee b9 b6 de b2 90 86 dc 11 59 | keyex value 95 04 d3 f4 23 cf 35 f7 48 1b 52 c2 76 3b 7b b2 | keyex value 40 64 34 1e 6b 16 c7 36 64 84 f5 60 47 12 fc 14 | keyex value aa ba fd fe a4 fc 6b 37 85 eb fd a9 36 1b 1e ff | keyex value d6 c0 e9 f2 25 13 15 ec 03 de bc 19 8e 23 05 06 | keyex value 7f f5 36 e7 43 0a 68 01 9c 8d 6b 43 36 75 20 5e | keyex value a3 f7 b7 60 11 2e 0c 81 19 27 e4 6a a5 e8 65 20 | keyex value 8a c2 ae da 9b e9 43 b9 42 98 6a 73 85 ba dc 4b | keyex value da 31 77 a7 be ea f8 da 30 9e 21 da ff 21 b6 8a | keyex value fd 2e 8f 10 be ec bb 9d 00 2a ef 86 27 0f 07 c0 | keyex value 62 92 49 5d 2e fb e7 02 ac be f5 3e 23 a6 b6 f7 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | e4 79 10 4f | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 34 c8 6f 56 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 b9 50 6e 63 | 7a ec eb de 29 21 b5 b8 72 49 2b a2 37 5a 65 b0 | 78 8f f7 42 c1 ee ef a3 83 b8 58 af 05 00 01 04 | 8f ef 86 7b a3 1f d4 7c aa ad a9 9d 14 63 ab b6 | 5f 99 2f aa 0b 52 12 d3 d6 ca 22 7d c1 57 0a 8c | e2 14 5d 5c 23 6f ad 17 76 f2 43 73 1e e6 bb 03 | 99 a9 5e 92 05 61 f3 c1 ab f2 13 b8 76 bd 8d a9 | 23 2e be 72 7a 9b df f7 d5 80 79 7b 69 ea 5a 60 | c8 b0 0c 22 22 27 ee b9 b6 de b2 90 86 dc 11 59 | 95 04 d3 f4 23 cf 35 f7 48 1b 52 c2 76 3b 7b b2 | 40 64 34 1e 6b 16 c7 36 64 84 f5 60 47 12 fc 14 | aa ba fd fe a4 fc 6b 37 85 eb fd a9 36 1b 1e ff | d6 c0 e9 f2 25 13 15 ec 03 de bc 19 8e 23 05 06 | 7f f5 36 e7 43 0a 68 01 9c 8d 6b 43 36 75 20 5e | a3 f7 b7 60 11 2e 0c 81 19 27 e4 6a a5 e8 65 20 | 8a c2 ae da 9b e9 43 b9 42 98 6a 73 85 ba dc 4b | da 31 77 a7 be ea f8 da 30 9e 21 da ff 21 b6 8a | fd 2e 8f 10 be ec bb 9d 00 2a ef 86 27 0f 07 c0 | 62 92 49 5d 2e fb e7 02 ac be f5 3e 23 a6 b6 f7 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 90 e4 e5 a9 bd 3e 38 db 46 1a 28 7d 82 86 38 7f | 15 46 6f 1d | outI1 HASH(1): | 90 e4 e5 a9 bd 3e 38 db 46 1a 28 7d 82 86 38 7f | 15 46 6f 1d | last Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | current Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef361e550 (length 16) | dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | e4 79 10 4f | Phase 2 IV hash sha final bytes@0x556ef361e4d0 (length 20) | c6 5f 0b 17 74 3f 43 0a f1 10 69 77 a6 47 00 35 | 06 12 5f bf | encrypting: 01 00 00 18 90 e4 e5 a9 bd 3e 38 db 46 1a 28 7d | encrypting: 82 86 38 7f 15 46 6f 1d 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 34 c8 6f 56 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 b9 50 6e 63 7a ec eb de 29 21 b5 b8 | encrypting: 72 49 2b a2 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 | encrypting: 83 b8 58 af 05 00 01 04 8f ef 86 7b a3 1f d4 7c | encrypting: aa ad a9 9d 14 63 ab b6 5f 99 2f aa 0b 52 12 d3 | encrypting: d6 ca 22 7d c1 57 0a 8c e2 14 5d 5c 23 6f ad 17 | encrypting: 76 f2 43 73 1e e6 bb 03 99 a9 5e 92 05 61 f3 c1 | encrypting: ab f2 13 b8 76 bd 8d a9 23 2e be 72 7a 9b df f7 | encrypting: d5 80 79 7b 69 ea 5a 60 c8 b0 0c 22 22 27 ee b9 | encrypting: b6 de b2 90 86 dc 11 59 95 04 d3 f4 23 cf 35 f7 | encrypting: 48 1b 52 c2 76 3b 7b b2 40 64 34 1e 6b 16 c7 36 | encrypting: 64 84 f5 60 47 12 fc 14 aa ba fd fe a4 fc 6b 37 | encrypting: 85 eb fd a9 36 1b 1e ff d6 c0 e9 f2 25 13 15 ec | encrypting: 03 de bc 19 8e 23 05 06 7f f5 36 e7 43 0a 68 01 | encrypting: 9c 8d 6b 43 36 75 20 5e a3 f7 b7 60 11 2e 0c 81 | encrypting: 19 27 e4 6a a5 e8 65 20 8a c2 ae da 9b e9 43 b9 | encrypting: 42 98 6a 73 85 ba dc 4b da 31 77 a7 be ea f8 da | encrypting: 30 9e 21 da ff 21 b6 8a fd 2e 8f 10 be ec bb 9d | encrypting: 00 2a ef 86 27 0f 07 c0 62 92 49 5d 2e fb e7 02 | encrypting: ac be f5 3e 23 a6 b6 f7 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: c6 5f 0b 17 74 3f 43 0a f1 10 69 77 a6 47 00 35 | IV: 06 12 5f bf | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 68 dc 92 25 7e 93 dd cd 3b ee 2c 02 e1 ce 58 c6 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 20 01 e4 79 10 4f 00 00 01 bc 3e 5e 78 1f | ef e0 96 fc 56 ca 27 4c f1 5e 5e d8 56 d6 e0 59 | 5c 7b a3 fc 8d 31 d7 26 84 7c e7 8a ec c3 f8 83 | b4 8a ad 46 ed 0a 96 91 8a 3c ec 2b a2 ed a7 b6 | cc 1f 38 89 11 44 18 59 24 23 48 4d 31 b9 f9 28 | ae 09 eb 2c ec bb a0 32 bf 39 2a a2 0b 74 4e c4 | 2b 57 40 60 61 a4 a0 fe ef d4 1f 1d 40 e9 db f4 | c5 eb 8e 18 5d 69 cb 9f 94 e6 c3 d0 12 40 6b c6 | 98 83 46 a9 04 5e 20 20 6b 95 81 ab 80 51 e3 f8 | 48 90 1f dc e5 b3 a9 95 50 60 ce ba b3 de 0a ef | 9f 7b a0 99 31 5f a7 52 cc 41 86 36 02 a0 c5 5c | ec 8c e3 da d7 47 23 dd bf c8 bf 3d 84 c0 7e dc | 94 76 a5 51 57 e8 ca 7f 03 67 20 8d 4f 67 4c fa | 4b b1 69 2c 13 e8 8f ca 63 68 da dc 28 46 cf 63 | 9c dc d0 9d c8 37 fe 30 0c 28 1a 0a c4 60 37 ce | 10 37 b1 dd 4f ff d3 b2 6a ff 27 ea 63 cd 8c 29 | 8a 80 ec 8d 7d ec b9 23 3a 01 cc ff 6a d0 72 81 | 4e 09 4e 83 bd 71 c5 48 02 f8 a4 27 57 70 67 8f | 77 01 1e 40 a9 9b dc 55 26 64 1e 9e cf e5 4a e5 | 11 8e c7 a8 52 cc 6d 40 7b 7c 3e f1 32 52 c3 bd | e3 18 f0 2d eb da 55 c5 f1 82 0c 8f 67 38 52 64 | 75 80 cc 10 32 c0 1a 03 3a aa 1e 7b ce f8 ad f0 | 5b fa 4c 5c a8 3d 27 e8 6c 3a 33 6e e7 f2 51 61 | cf 4d 84 de 18 eb 84 29 fc ae 36 9a 59 11 fb d4 | 24 b4 7d a8 2a eb f5 4e ff 5c 02 70 79 02 c2 66 | a5 89 3f fb 03 78 49 f8 99 10 83 d8 68 dc 92 25 | 7e 93 dd cd 3b ee 2c 02 e1 ce 58 c6 | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c08008420 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c10002b20 "aes128" #2: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c10002b20 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f6c08008420 size 128 | #2 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48950.778452 | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 0.726 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c0c007fa0 | spent 0.00184 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 20 01 e4 79 10 4f 00 00 01 bc d9 5c 63 1d | 67 5a 59 a1 05 53 eb ab 3c 7a 68 45 2e 20 70 7d | e2 7e 6e 6a 6d 38 3d 40 f6 32 e1 c3 be 9a 07 c9 | 1b 6b 03 e7 19 8e c2 e9 5c 72 a4 fe c9 20 7d e5 | 65 aa 0f 85 b9 83 d7 f9 d3 7f dc 08 a3 c6 9c 06 | 4f 4c c1 91 07 78 b5 7b 43 5d 15 bc 3c 54 70 45 | 28 9e bd 4c 0f 15 d1 4f 56 a5 88 9e 7d 9e 69 53 | 38 8c d3 04 fe 45 d0 b8 f1 f0 0d 5f c8 93 f6 84 | bb 87 99 0d 16 50 ba 94 a8 4a 9f 50 bf 88 49 e5 | 91 f7 0a 47 28 9b 33 ee e6 6b 60 5f e3 36 5c 08 | af 7f f2 cb 4b 2a dc ec 60 96 36 57 f0 16 23 6d | 93 f9 b1 89 63 5a 26 40 95 a5 70 8b 85 25 5d 4b | 20 a9 a0 65 7c ec 29 f4 b4 39 7f c1 0e 28 0f 92 | d5 a0 6e fd a1 59 44 20 07 f8 b8 20 ce 8f 97 95 | c4 0e c8 91 7a a5 ce 23 0a e2 68 9f 2f 02 3f fa | 13 06 69 90 1f b1 0d 2a 4a ec 87 a4 6a fc 0f d4 | 24 de 3e 50 6e 13 2c 82 50 c9 4d 4a 19 7c 01 53 | bf 78 1b 99 c6 84 d5 de 26 d5 47 3d a4 89 81 3f | ea 80 1c 0c 78 06 da 5a 90 20 b6 35 87 45 02 9f | 6c ba eb 0c ca 0e fc 1d 05 e6 dc d0 2b 0b 2b ef | 91 e2 f3 67 94 8f d2 8a 29 23 62 59 9d 00 d5 b2 | 8b 1b b6 c9 a8 99 27 48 ee 02 86 cb 85 25 69 c3 | aa b2 05 9c 80 f1 df 02 9a 64 fb 2b 2a 71 3e b9 | ce 3e 26 09 5a 61 26 57 8b af 29 8f 77 9c 9d a5 | 33 79 71 a6 17 d5 51 bf 8f 55 37 77 e0 56 85 fd | 4d 18 98 a7 ba 66 7b 96 ee 01 a9 fb 31 27 d6 71 | 21 42 2b f4 ea f4 8e ca ad df de 36 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3833139279 (0xe479104f) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #2 in QUICK_I1 (find_state_ikev1) | start processing: state #2 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1609) | #2 is idle | #2 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 68 dc 92 25 7e 93 dd cd 3b ee 2c 02 e1 ce 58 c6 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 31 27 d6 71 21 42 2b f4 ea f4 8e ca ad df de 36 | decrypted payload (starts at offset -416): | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 20 01 e4 79 10 4f 00 00 01 bc 01 00 00 18 | df 73 a4 11 6f a2 30 73 8a ca ab be c0 35 6e 8e | 3e 3d 19 f5 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 ae 87 2b a3 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | 05 00 01 04 71 06 be d0 79 da 43 cb df 1e e8 1e | c0 fc eb a3 ca 73 b2 cb 01 d5 30 5c 6b 79 e8 4f | 5f 5b 08 23 e3 7f 84 6a f4 dd 34 61 a0 65 0d 44 | 08 a8 39 00 69 98 42 3f e6 76 5b fa 73 fd 77 87 | 0f d5 94 ae 5a 69 c3 5f 94 97 6a d0 0a d8 82 e5 | c5 53 28 32 eb d7 f6 86 39 c9 ff 07 6b 0e 3c 15 | 2e 8c 12 22 08 68 18 fc 33 b1 ba ca 4b 52 cd 80 | 62 bb f6 e8 df 3a 52 4c 65 17 38 5f bb fd 35 f7 | b8 8c 48 49 80 05 09 d1 0c c3 71 b6 5e 12 9c 7f | 3d e5 11 d8 5a f1 be b2 64 0b a4 1f 5f d0 8d 88 | 24 47 2d 00 d4 62 05 83 b7 67 2d 60 65 cf 27 72 | d1 6b 0b 23 a0 97 56 6d c3 cb cc 4c ad d0 1c 9b | f6 1c b5 aa 58 4b ae 4a cc 5e a1 21 19 75 b6 96 | 96 10 ef db 3e 6f 74 e6 a5 01 4c 5b 48 4d d1 d4 | 54 e5 31 0d 8b 62 02 a0 cd e3 64 95 82 b1 68 05 | e2 b0 b9 96 c7 62 3d 5e fd c1 29 50 ab 24 b5 21 | 41 22 eb 6c 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | e4 79 10 4f | HASH(1) PRF sha update Ni_b-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | HASH(1) PRF sha update payload-bytes@0x556ef3622b94 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 ae 87 2b a3 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 23 f5 d9 88 | f0 79 c7 94 1f 5c d5 02 79 02 c5 57 24 6d c6 4f | 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a 05 00 01 04 | 71 06 be d0 79 da 43 cb df 1e e8 1e c0 fc eb a3 | ca 73 b2 cb 01 d5 30 5c 6b 79 e8 4f 5f 5b 08 23 | e3 7f 84 6a f4 dd 34 61 a0 65 0d 44 08 a8 39 00 | 69 98 42 3f e6 76 5b fa 73 fd 77 87 0f d5 94 ae | 5a 69 c3 5f 94 97 6a d0 0a d8 82 e5 c5 53 28 32 | eb d7 f6 86 39 c9 ff 07 6b 0e 3c 15 2e 8c 12 22 | 08 68 18 fc 33 b1 ba ca 4b 52 cd 80 62 bb f6 e8 | df 3a 52 4c 65 17 38 5f bb fd 35 f7 b8 8c 48 49 | 80 05 09 d1 0c c3 71 b6 5e 12 9c 7f 3d e5 11 d8 | 5a f1 be b2 64 0b a4 1f 5f d0 8d 88 24 47 2d 00 | d4 62 05 83 b7 67 2d 60 65 cf 27 72 d1 6b 0b 23 | a0 97 56 6d c3 cb cc 4c ad d0 1c 9b f6 1c b5 aa | 58 4b ae 4a cc 5e a1 21 19 75 b6 96 96 10 ef db | 3e 6f 74 e6 a5 01 4c 5b 48 4d d1 d4 54 e5 31 0d | 8b 62 02 a0 cd e3 64 95 82 b1 68 05 e2 b0 b9 96 | c7 62 3d 5e fd c1 29 50 ab 24 b5 21 41 22 eb 6c | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | df 73 a4 11 6f a2 30 73 8a ca ab be c0 35 6e 8e | 3e 3d 19 f5 | quick_inR1_outI2 HASH(2): | df 73 a4 11 6f a2 30 73 8a ca ab be c0 35 6e 8e | 3e 3d 19 f5 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI ae 87 2b a3 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 71 06 be d0 79 da 43 cb df 1e e8 1e c0 fc eb a3 | ca 73 b2 cb 01 d5 30 5c 6b 79 e8 4f 5f 5b 08 23 | e3 7f 84 6a f4 dd 34 61 a0 65 0d 44 08 a8 39 00 | 69 98 42 3f e6 76 5b fa 73 fd 77 87 0f d5 94 ae | 5a 69 c3 5f 94 97 6a d0 0a d8 82 e5 c5 53 28 32 | eb d7 f6 86 39 c9 ff 07 6b 0e 3c 15 2e 8c 12 22 | 08 68 18 fc 33 b1 ba ca 4b 52 cd 80 62 bb f6 e8 | df 3a 52 4c 65 17 38 5f bb fd 35 f7 b8 8c 48 49 | 80 05 09 d1 0c c3 71 b6 5e 12 9c 7f 3d e5 11 d8 | 5a f1 be b2 64 0b a4 1f 5f d0 8d 88 24 47 2d 00 | d4 62 05 83 b7 67 2d 60 65 cf 27 72 d1 6b 0b 23 | a0 97 56 6d c3 cb cc 4c ad d0 1c 9b f6 1c b5 aa | 58 4b ae 4a cc 5e a1 21 19 75 b6 96 96 10 ef db | 3e 6f 74 e6 a5 01 4c 5b 48 4d d1 d4 54 e5 31 0d | 8b 62 02 a0 cd e3 64 95 82 b1 68 05 e2 b0 b9 96 | c7 62 3d 5e fd c1 29 50 ab 24 b5 21 41 22 eb 6c | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c0c000d60: transferring ownership from state #2 to helper IKEv1 DH | adding quick outI2 DH work-order 4 for state #2 | state #2 requesting EVENT_RETRANSMIT to be deleted | #2 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c08008420 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c10002b20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c10002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f6c08008420 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #2 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #2 and saving MD | #2 is busy; has a suspended MD | #2 spent 0.225 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #2 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.637 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 4 for state #2 | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 | peer's g: 71 06 be d0 79 da 43 cb df 1e e8 1e c0 fc eb a3 | peer's g: ca 73 b2 cb 01 d5 30 5c 6b 79 e8 4f 5f 5b 08 23 | peer's g: e3 7f 84 6a f4 dd 34 61 a0 65 0d 44 08 a8 39 00 | peer's g: 69 98 42 3f e6 76 5b fa 73 fd 77 87 0f d5 94 ae | peer's g: 5a 69 c3 5f 94 97 6a d0 0a d8 82 e5 c5 53 28 32 | peer's g: eb d7 f6 86 39 c9 ff 07 6b 0e 3c 15 2e 8c 12 22 | peer's g: 08 68 18 fc 33 b1 ba ca 4b 52 cd 80 62 bb f6 e8 | peer's g: df 3a 52 4c 65 17 38 5f bb fd 35 f7 b8 8c 48 49 | peer's g: 80 05 09 d1 0c c3 71 b6 5e 12 9c 7f 3d e5 11 d8 | peer's g: 5a f1 be b2 64 0b a4 1f 5f d0 8d 88 24 47 2d 00 | peer's g: d4 62 05 83 b7 67 2d 60 65 cf 27 72 d1 6b 0b 23 | peer's g: a0 97 56 6d c3 cb cc 4c ad d0 1c 9b f6 1c b5 aa | peer's g: 58 4b ae 4a cc 5e a1 21 19 75 b6 96 96 10 ef db | peer's g: 3e 6f 74 e6 a5 01 4c 5b 48 4d d1 d4 54 e5 31 0d | peer's g: 8b 62 02 a0 cd e3 64 95 82 b1 68 05 e2 b0 b9 96 | peer's g: c7 62 3d 5e fd c1 29 50 ab 24 b5 21 41 22 eb 6c | Started DH shared-secret computation in NSS: | new : g_ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c0c000d60: computed shared DH secret key@0x7f6c10006900 | dh-shared : g^ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 time elapsed 0.000858 seconds | (#2) spent 0.856 milliseconds in crypto helper computing work-order 4: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 4 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7f6c00001ef0 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 4 | calling continuation function 0x556ef2b25630 | quick_inR1_outI2_continue for #2: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3833139279 (0xe479104f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f6c0c000d60: transferring ownership from helper IKEv1 DH to state #2 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e658 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef361f630 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e73c (length 4) | e4 79 10 4f | HASH(1) PRF sha update Ni_b-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | HASH(1) PRF sha update Nr_b-bytes@0x556ef3621530 (length 32) | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | a2 63 b1 6c 07 36 07 0d 4a 07 1f 53 53 3c 03 e0 | 95 65 ef 59 | quick_inR1_outI2 HASH(3): | a2 63 b1 6c 07 36 07 0d 4a 07 1f 53 53 3c 03 e0 | 95 65 ef 59 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361f5f0 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef36215f0 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffff ffffffc9 ffffffe1 66 ffffffbf 2b 74 ffffffd0 75 ffffffca fffffffa 4d 40 0b ffffff80 6f 4e ffffffdf ffffffbe 71 fffffff5 7c 17 27 ffffffed ffffffc9 31 1b ffffff9d ffffff95 3b ffffffd4 ffffff8f 64 ffffffbd ffffffcf 72 ffffffa6 ffffff9e ffffffc8 ffffffa9 4d 37 00 30 4e 09 22 33 45 70 55 ffffff97 ffffff98 20 5a 19 ffffffd0 ffffff90 66 ffffffe1 19 ffffffe7 40 17 fffffffc 20 ffffff84 36 ffffffb2 51 ffffffde 55 ffffffd8 21 4e 37 64 7f ffffffe5 fffffffe 32 0b 7a 3a 5c ffffff81 ffffffd4 fffffff3 ffffffe6 ffffffcf 2e 47 ffffffce 2f 5f 39 ffffffaf 2e ffffffb5 61 73 ffffffd8 ffffff9b 53 ffffffa2 6f ffffff89 7f 08 50 36 48 0c ffffff93 fffffffa 4e 4d 31 ffffffb4 46 ffffffb5 ffffffe7 ffffffe0 7b 13 ffffffb1 ffffffbb 17 ffffff98 12 ffffffa7 05 ffffff9a 42 36 ffffff8f 04 27 69 ffffffe7 57 ffffffde 3a ffffffed ffffff9a 1e 4e 4c 56 2f 74 ffffffac 2e 71 4f 55 ffffffc0 ffffffe6 5b fffffffe ffffff88 15 fffffff0 0a ffffffff ffffffda ffffff81 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 5d 54 af be 98 4b 1f a3 51 5a bd f9 3c 7e d2 2e | unwrapped: 91 d8 59 92 e3 56 1a 19 20 11 5e 66 f5 19 78 f1 | unwrapped: 83 8d 09 1a dd 56 34 da f9 9a 5b 23 80 18 83 73 | unwrapped: bc 7f 07 2e 98 d2 89 20 0d 5d 00 4d b3 31 94 6e | unwrapped: 2a 80 b8 7e 27 2c 25 e0 62 22 19 d4 5b a0 57 be | unwrapped: ca 27 3a e8 63 45 52 cb 6b 00 63 c2 e5 7c 34 d5 | unwrapped: ab 65 dc 8d da 24 ff d0 fa d9 d0 df 77 bb 98 38 | unwrapped: a1 91 b2 58 c2 36 78 4f 83 99 3d be ac 3c 09 9e | unwrapped: 33 87 63 73 e0 5a 9e d5 09 29 39 8a 1d 82 30 77 | unwrapped: 72 49 9e 0a 60 a7 00 e4 60 04 ae cc 92 66 81 95 | unwrapped: ea 6d 51 f1 ca 0a bc 9e 1f 27 52 c6 45 ba c5 14 | unwrapped: fc 0e d4 31 36 f3 84 cb a3 f7 40 f3 24 06 16 89 | unwrapped: 7c 6a 06 29 cc ed 0f 35 fa 43 71 48 1e 43 59 5c | unwrapped: 39 e2 34 9a 71 4a 2a 96 3a 57 13 9a 7c 0c c3 0f | unwrapped: 6c 29 a7 54 d6 1f df c6 f0 31 d2 aa 14 34 b3 72 | unwrapped: 78 cb 46 cc 88 25 be a4 fb d7 b0 10 86 4d a3 ae | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffff ffffffc9 ffffffe1 66 ffffffbf 2b 74 ffffffd0 75 ffffffca fffffffa 4d 40 0b ffffff80 6f 4e ffffffdf ffffffbe 71 fffffff5 7c 17 27 ffffffed ffffffc9 31 1b ffffff9d ffffff95 3b ffffffd4 ffffff8f 64 ffffffbd ffffffcf 72 ffffffa6 ffffff9e ffffffc8 ffffffa9 4d 37 00 30 4e 09 22 33 45 70 55 ffffff97 ffffff98 20 5a 19 ffffffd0 ffffff90 66 ffffffe1 19 ffffffe7 40 17 fffffffc 20 ffffff84 36 ffffffb2 51 ffffffde 55 ffffffd8 21 4e 37 64 7f ffffffe5 fffffffe 32 0b 7a 3a 5c ffffff81 ffffffd4 fffffff3 ffffffe6 ffffffcf 2e 47 ffffffce 2f 5f 39 ffffffaf 2e ffffffb5 61 73 ffffffd8 ffffff9b 53 ffffffa2 6f ffffff89 7f 08 50 36 48 0c ffffff93 fffffffa 4e 4d 31 ffffffb4 46 ffffffb5 ffffffe7 ffffffe0 7b 13 ffffffb1 ffffffbb 17 ffffff98 12 ffffffa7 05 ffffff9a 42 36 ffffff8f 04 27 69 ffffffe7 57 ffffffde 3a ffffffed ffffff9a 1e 4e 4c 56 2f 74 ffffffac 2e 71 4f 55 ffffffc0 ffffffe6 5b fffffffe ffffff88 15 fffffff0 0a ffffffff ffffffda ffffff81 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 5d 54 af be 98 4b 1f a3 51 5a bd f9 3c 7e d2 2e | unwrapped: 91 d8 59 92 e3 56 1a 19 20 11 5e 66 f5 19 78 f1 | unwrapped: 83 8d 09 1a dd 56 34 da f9 9a 5b 23 80 18 83 73 | unwrapped: bc 7f 07 2e 98 d2 89 20 0d 5d 00 4d b3 31 94 6e | unwrapped: 2a 80 b8 7e 27 2c 25 e0 62 22 19 d4 5b a0 57 be | unwrapped: ca 27 3a e8 63 45 52 cb 6b 00 63 c2 e5 7c 34 d5 | unwrapped: ab 65 dc 8d da 24 ff d0 fa d9 d0 df 77 bb 98 38 | unwrapped: a1 91 b2 58 c2 36 78 4f 83 99 3d be ac 3c 09 9e | unwrapped: 33 87 63 73 e0 5a 9e d5 09 29 39 8a 1d 82 30 77 | unwrapped: 72 49 9e 0a 60 a7 00 e4 60 04 ae cc 92 66 81 95 | unwrapped: ea 6d 51 f1 ca 0a bc 9e 1f 27 52 c6 45 ba c5 14 | unwrapped: fc 0e d4 31 36 f3 84 cb a3 f7 40 f3 24 06 16 89 | unwrapped: 7c 6a 06 29 cc ed 0f 35 fa 43 71 48 1e 43 59 5c | unwrapped: 39 e2 34 9a 71 4a 2a 96 3a 57 13 9a 7c 0c c3 0f | unwrapped: 6c 29 a7 54 d6 1f df c6 f0 31 d2 aa 14 34 b3 72 | unwrapped: 78 cb 46 cc 88 25 be a4 fb d7 b0 10 86 4d a3 ae | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef3620c78 (length 4) | 34 c8 6f 56 | hmac PRF sha update data-bytes@0x556ef3620c58 (length 4) | ae 87 2b a3 | hmac PRF sha update data-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | hmac PRF sha update data-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | hmac PRF sha update data-bytes@0x556ef3621530 (length 32) | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | hmac PRF sha update data-bytes@0x556ef3621530 (length 32) | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | hmac PRF sha final-bytes@0x7f6c080030a0 (length 20) | e1 96 90 c7 c2 a7 e4 75 b6 9d ef 5c ae 32 71 5a | 2b d9 10 17 | hmac PRF sha final-bytes@0x556ef3624f80 (length 20) | 7c fc 0a 3d 0b 6e 88 f3 05 b4 bb ab 2e 43 fd 4d | f7 09 f0 30 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef361f5f0 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361f580 | hmac PRF sha update data-bytes@0x7f6c080030a0 (length 20) | e1 96 90 c7 c2 a7 e4 75 b6 9d ef 5c ae 32 71 5a | 2b d9 10 17 | hmac PRF sha update data-bytes@0x556ef3624f80 (length 20) | 7c fc 0a 3d 0b 6e 88 f3 05 b4 bb ab 2e 43 fd 4d | f7 09 f0 30 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffff ffffffc9 ffffffe1 66 ffffffbf 2b 74 ffffffd0 75 ffffffca fffffffa 4d 40 0b ffffff80 6f 4e ffffffdf ffffffbe 71 fffffff5 7c 17 27 ffffffed ffffffc9 31 1b ffffff9d ffffff95 3b ffffffd4 ffffff8f 64 ffffffbd ffffffcf 72 ffffffa6 ffffff9e ffffffc8 ffffffa9 4d 37 00 30 4e 09 22 33 45 70 55 ffffff97 ffffff98 20 5a 19 ffffffd0 ffffff90 66 ffffffe1 19 ffffffe7 40 17 fffffffc 20 ffffff84 36 ffffffb2 51 ffffffde 55 ffffffd8 21 4e 37 64 7f ffffffe5 fffffffe 32 0b 7a 3a 5c ffffff81 ffffffd4 fffffff3 ffffffe6 ffffffcf 2e 47 ffffffce 2f 5f 39 ffffffaf 2e ffffffb5 61 73 ffffffd8 ffffff9b 53 ffffffa2 6f ffffff89 7f 08 50 36 48 0c ffffff93 fffffffa 4e 4d 31 ffffffb4 46 ffffffb5 ffffffe7 ffffffe0 7b 13 ffffffb1 ffffffbb 17 ffffff98 12 ffffffa7 05 ffffff9a 42 36 ffffff8f 04 27 69 ffffffe7 57 ffffffde 3a ffffffed ffffff9a 1e 4e 4c 56 2f 74 ffffffac 2e 71 4f 55 ffffffc0 ffffffe6 5b fffffffe ffffff88 15 fffffff0 0a ffffffff ffffffda ffffff81 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 5d 54 af be 98 4b 1f a3 51 5a bd f9 3c 7e d2 2e | unwrapped: 91 d8 59 92 e3 56 1a 19 20 11 5e 66 f5 19 78 f1 | unwrapped: 83 8d 09 1a dd 56 34 da f9 9a 5b 23 80 18 83 73 | unwrapped: bc 7f 07 2e 98 d2 89 20 0d 5d 00 4d b3 31 94 6e | unwrapped: 2a 80 b8 7e 27 2c 25 e0 62 22 19 d4 5b a0 57 be | unwrapped: ca 27 3a e8 63 45 52 cb 6b 00 63 c2 e5 7c 34 d5 | unwrapped: ab 65 dc 8d da 24 ff d0 fa d9 d0 df 77 bb 98 38 | unwrapped: a1 91 b2 58 c2 36 78 4f 83 99 3d be ac 3c 09 9e | unwrapped: 33 87 63 73 e0 5a 9e d5 09 29 39 8a 1d 82 30 77 | unwrapped: 72 49 9e 0a 60 a7 00 e4 60 04 ae cc 92 66 81 95 | unwrapped: ea 6d 51 f1 ca 0a bc 9e 1f 27 52 c6 45 ba c5 14 | unwrapped: fc 0e d4 31 36 f3 84 cb a3 f7 40 f3 24 06 16 89 | unwrapped: 7c 6a 06 29 cc ed 0f 35 fa 43 71 48 1e 43 59 5c | unwrapped: 39 e2 34 9a 71 4a 2a 96 3a 57 13 9a 7c 0c c3 0f | unwrapped: 6c 29 a7 54 d6 1f df c6 f0 31 d2 aa 14 34 b3 72 | unwrapped: 78 cb 46 cc 88 25 be a4 fb d7 b0 10 86 4d a3 ae | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffff ffffffc9 ffffffe1 66 ffffffbf 2b 74 ffffffd0 75 ffffffca fffffffa 4d 40 0b ffffff80 6f 4e ffffffdf ffffffbe 71 fffffff5 7c 17 27 ffffffed ffffffc9 31 1b ffffff9d ffffff95 3b ffffffd4 ffffff8f 64 ffffffbd ffffffcf 72 ffffffa6 ffffff9e ffffffc8 ffffffa9 4d 37 00 30 4e 09 22 33 45 70 55 ffffff97 ffffff98 20 5a 19 ffffffd0 ffffff90 66 ffffffe1 19 ffffffe7 40 17 fffffffc 20 ffffff84 36 ffffffb2 51 ffffffde 55 ffffffd8 21 4e 37 64 7f ffffffe5 fffffffe 32 0b 7a 3a 5c ffffff81 ffffffd4 fffffff3 ffffffe6 ffffffcf 2e 47 ffffffce 2f 5f 39 ffffffaf 2e ffffffb5 61 73 ffffffd8 ffffff9b 53 ffffffa2 6f ffffff89 7f 08 50 36 48 0c ffffff93 fffffffa 4e 4d 31 ffffffb4 46 ffffffb5 ffffffe7 ffffffe0 7b 13 ffffffb1 ffffffbb 17 ffffff98 12 ffffffa7 05 ffffff9a 42 36 ffffff8f 04 27 69 ffffffe7 57 ffffffde 3a ffffffed ffffff9a 1e 4e 4c 56 2f 74 ffffffac 2e 71 4f 55 ffffffc0 ffffffe6 5b fffffffe ffffff88 15 fffffff0 0a ffffffff ffffffda ffffff81 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 5d 54 af be 98 4b 1f a3 51 5a bd f9 3c 7e d2 2e | unwrapped: 91 d8 59 92 e3 56 1a 19 20 11 5e 66 f5 19 78 f1 | unwrapped: 83 8d 09 1a dd 56 34 da f9 9a 5b 23 80 18 83 73 | unwrapped: bc 7f 07 2e 98 d2 89 20 0d 5d 00 4d b3 31 94 6e | unwrapped: 2a 80 b8 7e 27 2c 25 e0 62 22 19 d4 5b a0 57 be | unwrapped: ca 27 3a e8 63 45 52 cb 6b 00 63 c2 e5 7c 34 d5 | unwrapped: ab 65 dc 8d da 24 ff d0 fa d9 d0 df 77 bb 98 38 | unwrapped: a1 91 b2 58 c2 36 78 4f 83 99 3d be ac 3c 09 9e | unwrapped: 33 87 63 73 e0 5a 9e d5 09 29 39 8a 1d 82 30 77 | unwrapped: 72 49 9e 0a 60 a7 00 e4 60 04 ae cc 92 66 81 95 | unwrapped: ea 6d 51 f1 ca 0a bc 9e 1f 27 52 c6 45 ba c5 14 | unwrapped: fc 0e d4 31 36 f3 84 cb a3 f7 40 f3 24 06 16 89 | unwrapped: 7c 6a 06 29 cc ed 0f 35 fa 43 71 48 1e 43 59 5c | unwrapped: 39 e2 34 9a 71 4a 2a 96 3a 57 13 9a 7c 0c c3 0f | unwrapped: 6c 29 a7 54 d6 1f df c6 f0 31 d2 aa 14 34 b3 72 | unwrapped: 78 cb 46 cc 88 25 be a4 fb d7 b0 10 86 4d a3 ae | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef3620c78 (length 4) | 34 c8 6f 56 | hmac PRF sha update data-bytes@0x556ef3620c58 (length 4) | ae 87 2b a3 | hmac PRF sha update data-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | hmac PRF sha update data-bytes@0x7f6c0c004190 (length 32) | b9 50 6e 63 7a ec eb de 29 21 b5 b8 72 49 2b a2 | 37 5a 65 b0 78 8f f7 42 c1 ee ef a3 83 b8 58 af | hmac PRF sha update data-bytes@0x556ef3621530 (length 32) | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | hmac PRF sha update data-bytes@0x556ef3621530 (length 32) | 23 f5 d9 88 f0 79 c7 94 1f 5c d5 02 79 02 c5 57 | 24 6d c6 4f 3e 7b 64 e4 df a9 95 44 5b a1 3c 4a | hmac PRF sha final-bytes@0x7f6c080030b4 (length 20) | 57 cf d3 c0 d1 cc b3 19 b6 14 f9 03 31 b6 b5 6d | 9d 29 f8 d2 | hmac PRF sha final-bytes@0x556ef3624f94 (length 20) | b8 fb 65 c7 5d 1b 40 0a b7 d3 51 15 f2 7a 99 5a | bd 31 2f 61 | install_ipsec_sa() for #2: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.ae872ba3@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.34c86f56@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #2: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xae872ba3 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0xae872ba3 SPI_OUT=0x34c86f56 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xae872ba | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0xae872ba3 SPI_OUT=0x34c86f56 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xae872ba3 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xae872ba3 SPI_OUT=0x34c86f56 ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x556ef361dae0,sr=0x556ef361dae0} to #2 (was #0) (newest_ipsec_sa=#0) | #1 spent 0.922 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 a2 63 b1 6c 07 36 07 0d 4a 07 1f 53 | encrypting: 53 3c 03 e0 95 65 ef 59 | IV: 31 27 d6 71 21 42 2b f4 ea f4 8e ca ad df de 36 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: cf a8 9c d2 5f d6 6f 2b 60 d9 12 28 42 62 af 05 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #2 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #2 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #2: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c08008420 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c10002b20 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 20 01 e4 79 10 4f 00 00 00 3c 12 45 68 ae | 8a 08 21 72 41 fa 02 ce b7 0c 73 8b cf a8 9c d2 | 5f d6 6f 2b 60 d9 12 28 42 62 af 05 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6c10002b20 | inserting event EVENT_SA_REPLACE, timeout in 28048 seconds for #2 | libevent_malloc: new ptr-libevent@0x7f6c08008420 size 128 | pstats #2 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xae872ba3 <0x34c86f56 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 2.03 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c00001ef0 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00443 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00256 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00274 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.34c86f56@192.1.2.45 | get_sa_info esp.ae872ba3@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0714 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #2 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #2 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #2 ikev1.ipsec deleted completed | [RE]START processing: state #2 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #2: deleting state (STATE_QUICK_I2) aged 0.255s and sending notification | child state #2: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.ae872ba3@192.1.2.23 | get_sa_info esp.34c86f56@192.1.2.45 "aes128" #2: ESP traffic information: in=84B out=84B | #2 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2989833290 (0xb2353c4a) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 34 c8 6f 56 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef361f610 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | b2 35 3c 4a | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 34 c8 6f 56 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 85 2e 78 43 d0 67 49 99 05 3d 8a 76 c4 64 09 6d | 83 36 16 b5 | send delete HASH(1): | 85 2e 78 43 d0 67 49 99 05 3d 8a 76 c4 64 09 6d | 83 36 16 b5 | last Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | current Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef361e550 (length 16) | dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | b2 35 3c 4a | Phase 2 IV hash sha final bytes@0x556ef361e4d0 (length 20) | 19 d1 e5 a5 43 2f 5b 3c e1 61 13 94 a7 30 b9 18 | d9 ed 32 95 | encrypting: 0c 00 00 18 85 2e 78 43 d0 67 49 99 05 3d 8a 76 | encrypting: c4 64 09 6d 83 36 16 b5 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 34 c8 6f 56 | IV: 19 d1 e5 a5 43 2f 5b 3c e1 61 13 94 a7 30 b9 18 | IV: d9 ed 32 95 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 41 7c bd 75 dd 76 11 7b 0f f5 3d f9 d0 bd 14 94 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 05 01 b2 35 3c 4a 00 00 00 4c 42 1a c5 70 | d5 20 16 ab a9 3b 35 d2 e3 0d 4e d6 8b e3 0a 8c | 64 a2 12 5f 2b 33 b7 9b bf 30 c9 6a 41 7c bd 75 | dd 76 11 7b 0f f5 3d f9 d0 bd 14 94 | state #2 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c08008420 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6c10002b20 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050304' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xae872ba | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050304' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0xae872ba3 SPI_OUT=0x34c86f56 ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.ae872ba3@192.1.2.23 | netlink response for Del SA esp.ae872ba3@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.34c86f56@192.1.2.45 | netlink response for Del SA esp.34c86f56@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #2 in QUICK_I2 | child state #2: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c0c000d60: destroyed | stop processing: state #2 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x7f6c10006900 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #1 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | start processing: state #1 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #1 ikev1.isakmp deleted completed | [RE]START processing: state #1 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #1: deleting state (STATE_MAIN_I4) aged 0.305s and sending notification | parent state #1: MAIN_I4(established IKE SA) => delete | #1 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3114467572 (0xb9a300f4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 13 ef 77 1f 50 b5 66 99 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI e4 fd b7 26 79 cf ac cd | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | b9 a3 00 f4 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 13 ef 77 1f | 50 b5 66 99 e4 fd b7 26 79 cf ac cd | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 90 2a 82 b3 46 89 5e 3d 35 00 30 e7 52 4a 17 74 | ed 55 f6 7d | send delete HASH(1): | 90 2a 82 b3 46 89 5e 3d 35 00 30 e7 52 4a 17 74 | ed 55 f6 7d | last Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | current Phase 1 IV: dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef361e550 (length 16) | dd 93 86 74 ee 5d 20 0b 68 cd 43 c0 0d 4f f5 00 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | b9 a3 00 f4 | Phase 2 IV hash sha final bytes@0x556ef361e4d0 (length 20) | 4a b8 0b 36 c7 d5 7f ba 27 d4 7d 5a dd 9f 93 3f | ab d6 96 2a | encrypting: 0c 00 00 18 90 2a 82 b3 46 89 5e 3d 35 00 30 e7 | encrypting: 52 4a 17 74 ed 55 f6 7d 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 | encrypting: 79 cf ac cd | IV: 4a b8 0b 36 c7 d5 7f ba 27 d4 7d 5a dd 9f 93 3f | IV: ab d6 96 2a | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a2 f1 4a a4 19 7b a7 66 72 02 da 38 a4 c5 ad a9 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 05 01 b9 a3 00 f4 00 00 00 5c 90 b7 7b e7 | 72 99 19 2c 9b 11 6a 31 99 bd 91 dc f8 ee b7 fc | 1e c7 c7 28 7e 26 6f 0e b8 46 ff 68 2a e9 bc 55 | 42 41 cb 9f ac 8f 97 b8 22 38 8c 9e a2 f1 4a a4 | 19 7b a7 66 72 02 da 38 a4 c5 ad a9 | state #1 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #1 in MAIN_I4 | parent state #1: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c10000d60: destroyed | stop processing: state #1 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef360e180 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.3 milliseconds in whack | spent 0.00167 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 05 01 53 a6 8d b9 00 00 00 4c c0 dc 6e 6a | c7 a6 6c 71 12 4f 5d 4b d9 d5 8d 49 df 96 4d da | 68 99 ed bb cc 79 47 44 7e 12 75 3e ef 8e 42 9d | 08 2a 4b e0 ee 9f 59 3f 45 83 c1 65 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1403424185 (0x53a68db9) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x53a68db9 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 13 ef 77 1f 50 b5 66 99 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | e4 fd b7 26 79 cf ac cd | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0634 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00416 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00248 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 13 ef 77 1f 50 b5 66 99 e4 fd b7 26 79 cf ac cd | 08 10 05 01 6f c9 96 4a 00 00 00 5c 77 d6 45 3b | e4 58 17 cd 4b 4f a9 13 64 11 ca 83 bd 61 b5 92 | 06 85 44 dc c3 90 d4 e8 96 ec 98 90 01 67 78 5f | b6 37 b6 a2 28 7e 7a 31 76 af a7 65 88 ae 3b 9d | f8 f4 5a 43 d5 b2 56 6d bb cf 29 f5 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 13 ef 77 1f 50 b5 66 99 | responder cookie: | e4 fd b7 26 79 cf ac cd | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1875482186 (0x6fc9964a) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x6fc9964a | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 13 ef 77 1f 50 b5 66 99 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | e4 fd b7 26 79 cf ac cd | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0781 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x556ef35e95c0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.466 milliseconds in whack | kernel_process_msg_cb process netlink message | netlink_get: XFRM_MSG_UPDPOLICY message | spent 0.00731 milliseconds in kernel message | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00446 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0496 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0529 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0529 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.147 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #3 at 0x556ef3620a70 | State DB: adding IKEv1 state #3 in UNDEFINED | pstats #3 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #3 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #3: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #3 "aes128" "aes128" #3: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 0c 21 1e bf f7 19 78 2f | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef36236c0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #3: IMPAIR: stripping key-length "aes128" #3: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #3) | 0c 21 1e bf f7 19 78 2f 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ebb0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #3 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48951.952381 | #3 spent 0.409 milliseconds in main_outI1() | stop processing: state #3 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.469 milliseconds in whack | spent 0.00198 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0c 21 1e bf f7 19 78 2f 99 95 f3 b3 22 a3 a4 df | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0c 21 1e bf f7 19 78 2f | responder cookie: | 99 95 f3 b3 22 a3 a4 df | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #3 in MAIN_I1 (find_state_ikev1_init) | start processing: state #3 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #3 is idle | #3 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #3: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #3: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #3 spent 0.00829 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #3 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.107 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x556ef361ebb0 | handling event EVENT_RETRANSMIT for parent state #3 | start processing: state #3 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #3 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #3 keying attempt 1 of 0; retransmit 1 "aes128" #3: IMPAIR: retransmit so deleting SA | [RE]START processing: state #3 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #3 ikev1.isakmp failed too-many-retransmits | pstats #3 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #3 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #3: deleting state (STATE_MAIN_I1) aged 0.502s and NOT sending notification | parent state #3: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x556ef357b8e0} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #3 "aes128" #3: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #3 in MAIN_I1 | parent state #3: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #3 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ebb0 | in statetime_stop() and could not find #3 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #4 at 0x556ef3620a70 | State DB: adding IKEv1 state #4 in UNDEFINED | pstats #4 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #4 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #4: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #4 "aes128" "aes128" #4: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 67 55 86 4b 90 93 63 46 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef361d350 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #4: IMPAIR: stripping key-length "aes128" #4: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #4) | 67 55 86 4b 90 93 63 46 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ebb0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #4 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #4 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48952.454899 | #4 spent 0.401 milliseconds in main_outI1() | stop processing: state #4 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.425 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00204 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 67 55 86 4b 90 93 63 46 1b e4 0e c5 98 fd a2 92 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 67 55 86 4b 90 93 63 46 | responder cookie: | 1b e4 0e c5 98 fd a2 92 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #4 in MAIN_I1 (find_state_ikev1_init) | start processing: state #4 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #4 is idle | #4 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #4: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #4: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #4 spent 0.00729 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #4 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.104 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0504 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x556ef357b8e0} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #4 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #4 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #4 ikev1.isakmp deleted other | [RE]START processing: state #4 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #4: deleting state (STATE_MAIN_I1) aged 0.098s and NOT sending notification | parent state #4: MAIN_I1(half-open IKE SA) => delete | state #4 requesting EVENT_RETRANSMIT to be deleted | #4 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ebb0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #4 in MAIN_I1 | parent state #4: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #4 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef361eee0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.241 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0674 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0456 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0575 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.156 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #5 at 0x556ef3620a70 | State DB: adding IKEv1 state #5 in UNDEFINED | pstats #5 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #5: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #5 "aes128" "aes128" #5: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef362a7d0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 6a 34 90 6d 35 f5 0f e3 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #5 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48953.031266 | #5 spent 0.398 milliseconds in main_outI1() | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.459 milliseconds in whack | spent 0.00209 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #5 in MAIN_I1 (find_state_ikev1_init) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #5 is idle | #5 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 5 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #5 and saving MD | #5 is busy; has a suspended MD | #5 spent 0.149 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.282 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 5 for state #5 | crypto helper 1 doing build KE and nonce (outI2 KE); request ID 5 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c04000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c04000d60 | NSS: Public DH wire value: | c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | Generated nonce: 96 a7 2b ce 6c d7 2e 3d 17 a5 a7 96 b7 4d f4 a6 | Generated nonce: 0e 04 80 33 5a 1e cb 1e ec 62 38 fc 97 c5 6b 69 | crypto helper 1 finished build KE and nonce (outI2 KE); request ID 5 time elapsed 0.00107 seconds | (#5) spent 1.07 milliseconds in crypto helper computing work-order 5: outI2 KE (pcr) | crypto helper 1 sending results from work-order 5 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f6c04006900 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 5 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #5: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c04000d60: transferring ownership from helper KE to state #5 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | keyex value 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | keyex value d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | keyex value a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | keyex value 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | keyex value e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | keyex value 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | keyex value a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | keyex value 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | keyex value bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | keyex value 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | keyex value c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | keyex value 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | keyex value eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | keyex value aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | keyex value 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 96 a7 2b ce 6c d7 2e 3d 17 a5 a7 96 b7 4d f4 a6 | Ni 0e 04 80 33 5a 1e cb 1e ec 62 38 fc 97 c5 6b 69 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 6a 34 90 6d 35 f5 0f e3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | a1 6f 18 5d 14 e9 47 9e | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | 02 4b 1a 3d | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6a 34 90 6d 35 f5 0f e3 | natd_hash: rcookie= a1 6f 18 5d 14 e9 47 9e | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | natd_hash: hash= 02 4b 1a 3d | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | NAT-D 02 4b 1a 3d | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 6a 34 90 6d 35 f5 0f e3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | a1 6f 18 5d 14 e9 47 9e | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | ff e8 33 7f | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6a 34 90 6d 35 f5 0f e3 | natd_hash: rcookie= a1 6f 18 5d 14 e9 47 9e | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | natd_hash: hash= ff e8 33 7f | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | NAT-D ff e8 33 7f | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #5 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #5: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | 14 00 00 24 96 a7 2b ce 6c d7 2e 3d 17 a5 a7 96 | b7 4d f4 a6 0e 04 80 33 5a 1e cb 1e ec 62 38 fc | 97 c5 6b 69 14 00 00 18 da fc 56 54 a7 0a 27 8e | 42 28 bd 43 8c 99 1a 34 02 4b 1a 3d 00 00 00 18 | d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | ff e8 33 7f | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #5 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48953.033763 "aes128" #5: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.391 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c04006900 | spent 0.00319 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | 14 00 00 24 ef 9c 66 68 2d 86 10 03 0c 23 36 af | 67 85 e1 ab b4 ff b2 46 df 3b 4e 53 c1 13 12 1b | ea 08 13 27 14 00 00 18 d7 88 e0 3f 22 e6 31 35 | cf 90 4b e6 14 2b 8a 55 ff e8 33 7f 00 00 00 18 | da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | 02 4b 1a 3d | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I2 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #5 is idle | #5 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c04000d60: transferring ownership from state #5 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 6 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #5 and saving MD | #5 is busy; has a suspended MD | #5 spent 0.104 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.265 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 4 resuming | crypto helper 4 starting work-order 6 for state #5 | crypto helper 4 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 | peer's g: 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | peer's g: 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | peer's g: e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | peer's g: 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | peer's g: 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | peer's g: a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | peer's g: 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | peer's g: 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | peer's g: e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | peer's g: fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | peer's g: 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | peer's g: eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | peer's g: 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | peer's g: ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | peer's g: 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | peer's g: 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c04000d60: computed shared DH secret key@0x556ef36037c0 | dh-shared : g^ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef36251d0 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c17eed6a0 | result: psk-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed688 | result: psk-key@0x556ef360fae0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3601f40 | SKEYID psk prf: created sha context 0x7f6bf8002d60 from psk-key@0x556ef360fae0 | SKEYID psk prf: begin sha with context 0x7f6bf8002d60 from psk-key@0x556ef360fae0 | SKEYID psk: release clone-key@0x556ef360fae0 | SKEYID psk PRF sha crypt-prf@0x7f6bf8002090 | SKEYID psk PRF sha update Ni-bytes@0x556ef36251f4 (length 32) | 96 a7 2b ce 6c d7 2e 3d 17 a5 a7 96 b7 4d f4 a6 | 0e 04 80 33 5a 1e cb 1e ec 62 38 fc 97 c5 6b 69 | SKEYID psk PRF sha update Nr-bytes@0x556ef3625214 (length 32) | ef 9c 66 68 2d 86 10 03 0c 23 36 af 67 85 e1 ab | b4 ff b2 46 df 3b 4e 53 c1 13 12 1b ea 08 13 27 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c17eed6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed6a8 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID psk PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID psk: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed6b8 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6bf8002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_d prf: begin sha with context 0x7f6bf8002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_d: release clone-key@0x556ef3601f40 | SKEYID_d PRF sha crypt-prf@0x7f6bf8001090 | SKEYID_d PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_d: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)401527552: ffffffe5 ffffffea 01 44 28 fffffff2 ffffffbc ffffffac 7d ffffff91 ffffffde ffffffac ffffffce 62 68 ffffffea ffffff91 ffffffe2 ffffffc1 1b 24 ffffffec 39 ffffff84 01 1e 43 53 14 13 ffffffa6 ffffffc5 3e ffffffb1 ffffff82 24 44 65 ffffff89 ffffff99 ffffffb7 ffffffec 5e 67 fffffffe ffffffc9 ffffffe5 ffffffad ffffffb6 ffffffcf 61 13 76 45 fffffffc ffffffd5 23 fffffff7 ffffffea 60 7a fffffff4 4b ffffffc3 ffffffbe ffffffab ffffffbf fffffff2 ffffffaf ffffffd2 0f 30 41 63 fffffff5 38 ffffffc5 ffffff86 ffffffdd ffffffa2 6e 1a 6d 62 39 ffffffab 15 ffffffb7 5c ffffff81 2c 00 25 ffffffb7 fffffff7 ffffffe7 1f 48 ffffff82 ffffffca 67 fffffff1 2f 24 78 7c 66 16 ffffffb2 ffffffc3 ffffffcf 30 78 ffffffde 5e ffffffd9 75 ffffffb7 76 ffffffcd ffffffb0 ffffff89 ffffffb0 ffffffc3 1d 10 fffffff0 ffffff80 07 fffffff8 ffffffb4 7c ffffff9c 7c ffffffa5 ffffffb6 fffffff9 09 ffffffca 71 fffffff0 28 ffffffe0 7d fffffffa ffffffa4 22 15 29 ffffffb1 29 60 fffffff7 6 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6bf8004db0 | unwrapped: 57 24 8e 2f 93 a1 f3 d7 86 27 ef ff 81 7d 17 b5 | unwrapped: d2 0b 5d 86 cd a4 a8 20 20 76 fe 0d 78 92 41 e2 | unwrapped: 1c 9d c6 91 30 50 9f 8e 23 8e 1e 71 6e 08 5e 87 | unwrapped: b0 c8 b5 da 96 7f 67 d7 3f d1 f7 cf 0d 30 ad 42 | unwrapped: d6 cb 7f 43 05 1f 2e 8a 16 8d fe 10 7a 8b 59 92 | unwrapped: 6f 28 84 a1 95 7c 49 59 28 f2 11 4f b5 23 9e f9 | unwrapped: 41 7b 86 51 9a df 45 3f 7a 39 43 6e 00 03 68 31 | unwrapped: 70 6d d8 1b 77 ee b2 05 a3 ad 29 53 e1 33 1d 40 | unwrapped: 90 c8 41 6d b6 23 86 0a 55 8b 72 55 9a 47 fa ea | unwrapped: de 8c 72 ca 50 dd 53 84 fc a3 c3 bf 09 f4 2e 11 | unwrapped: c7 db 25 b2 35 21 d6 23 4e 9c 87 e0 02 13 7a 3c | unwrapped: 3a 15 f6 38 69 13 ca 6a de 53 19 01 04 7b 0f d4 | unwrapped: 5e 0c 54 88 0e 18 c6 f1 34 58 b2 1f 24 0f 24 2e | unwrapped: 59 77 99 f6 40 33 90 73 9b 5f 3a 79 b7 d8 49 b9 | unwrapped: 0e 1f 0a 0b 2d 4c 75 a8 9e 1e 2d 4b eb 18 c6 69 | unwrapped: 09 a3 a5 76 2c 30 7d 49 c7 22 d3 b4 f7 a2 57 83 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef3625434 (length 8) | 6a 34 90 6d 35 f5 0f e3 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef362543c (length 8) | a1 6f 18 5d 14 e9 47 9e | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c17eed6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed6a8 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID_d PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_d: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed698 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6bf8002d60 from SKEYID-key@0x556ef3609090 | SKEYID_a prf: begin sha with context 0x7f6bf8002d60 from SKEYID-key@0x556ef3609090 | SKEYID_a: release clone-key@0x556ef3609090 | SKEYID_a PRF sha crypt-prf@0x7f6bf8001ef0 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3601f40 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)401527520: ffffffc2 1c ffffffba 63 fffffffc ffffffb0 ffffffaa ffffff8a 14 68 3b ffffffdd ffffffe6 fffffffe ffffff87 60 ffffffc7 6d 3f 7f fffffffd 4f 45 26 ffffffdc ffffffcc 1b 44 71 38 1f 67 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6bf80020b0 | unwrapped: 61 3a 66 21 79 40 82 fd 4a 2f fc e2 fb f4 1f a1 | unwrapped: 36 7f bc ef 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_a: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)401527520: ffffffe5 ffffffea 01 44 28 fffffff2 ffffffbc ffffffac 7d ffffff91 ffffffde ffffffac ffffffce 62 68 ffffffea ffffff91 ffffffe2 ffffffc1 1b 24 ffffffec 39 ffffff84 01 1e 43 53 14 13 ffffffa6 ffffffc5 3e ffffffb1 ffffff82 24 44 65 ffffff89 ffffff99 ffffffb7 ffffffec 5e 67 fffffffe ffffffc9 ffffffe5 ffffffad ffffffb6 ffffffcf 61 13 76 45 fffffffc ffffffd5 23 fffffff7 ffffffea 60 7a fffffff4 4b ffffffc3 ffffffbe ffffffab ffffffbf fffffff2 ffffffaf ffffffd2 0f 30 41 63 fffffff5 38 ffffffc5 ffffff86 ffffffdd ffffffa2 6e 1a 6d 62 39 ffffffab 15 ffffffb7 5c ffffff81 2c 00 25 ffffffb7 fffffff7 ffffffe7 1f 48 ffffff82 ffffffca 67 fffffff1 2f 24 78 7c 66 16 ffffffb2 ffffffc3 ffffffcf 30 78 ffffffde 5e ffffffd9 75 ffffffb7 76 ffffffcd ffffffb0 ffffff89 ffffffb0 ffffffc3 1d 10 fffffff0 ffffff80 07 fffffff8 ffffffb4 7c ffffff9c 7c ffffffa5 ffffffb6 fffffff9 09 ffffffca 71 fffffff0 28 ffffffe0 7d fffffffa ffffffa4 22 15 29 ffffffb1 29 60 fffffff7 6 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6bf8003ce0 | unwrapped: 57 24 8e 2f 93 a1 f3 d7 86 27 ef ff 81 7d 17 b5 | unwrapped: d2 0b 5d 86 cd a4 a8 20 20 76 fe 0d 78 92 41 e2 | unwrapped: 1c 9d c6 91 30 50 9f 8e 23 8e 1e 71 6e 08 5e 87 | unwrapped: b0 c8 b5 da 96 7f 67 d7 3f d1 f7 cf 0d 30 ad 42 | unwrapped: d6 cb 7f 43 05 1f 2e 8a 16 8d fe 10 7a 8b 59 92 | unwrapped: 6f 28 84 a1 95 7c 49 59 28 f2 11 4f b5 23 9e f9 | unwrapped: 41 7b 86 51 9a df 45 3f 7a 39 43 6e 00 03 68 31 | unwrapped: 70 6d d8 1b 77 ee b2 05 a3 ad 29 53 e1 33 1d 40 | unwrapped: 90 c8 41 6d b6 23 86 0a 55 8b 72 55 9a 47 fa ea | unwrapped: de 8c 72 ca 50 dd 53 84 fc a3 c3 bf 09 f4 2e 11 | unwrapped: c7 db 25 b2 35 21 d6 23 4e 9c 87 e0 02 13 7a 3c | unwrapped: 3a 15 f6 38 69 13 ca 6a de 53 19 01 04 7b 0f d4 | unwrapped: 5e 0c 54 88 0e 18 c6 f1 34 58 b2 1f 24 0f 24 2e | unwrapped: 59 77 99 f6 40 33 90 73 9b 5f 3a 79 b7 d8 49 b9 | unwrapped: 0e 1f 0a 0b 2d 4c 75 a8 9e 1e 2d 4b eb 18 c6 69 | unwrapped: 09 a3 a5 76 2c 30 7d 49 c7 22 d3 b4 f7 a2 57 83 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef3625434 (length 8) | 6a 34 90 6d 35 f5 0f e3 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef362543c (length 8) | a1 6f 18 5d 14 e9 47 9e | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c17eed6a0 | result: final-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed688 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360c4c0 | SKEYID_a PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_a: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed6a8 | result: clone-key@0x556ef360c4c0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6bf8002d60 from SKEYID-key@0x556ef360c4c0 | SKEYID_e prf: begin sha with context 0x7f6bf8002d60 from SKEYID-key@0x556ef360c4c0 | SKEYID_e: release clone-key@0x556ef360c4c0 | SKEYID_e PRF sha crypt-prf@0x7f6bf8001160 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3609090 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)401527536: 0b 77 19 2e ffffff8b ffffffa3 fffffffa 43 74 34 0c ffffff8f 42 42 48 78 1f 17 ffffff8f 09 ffffffda ffffffe5 ffffffa3 0f ffffffd5 fffffff6 ffffffe3 37 ffffff93 fffffff5 2f ffffffd1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6bf80030a0 | unwrapped: 5b e4 ba 74 05 b6 bd 96 d7 70 2e 60 73 0f 0b aa | unwrapped: c4 84 60 13 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_e: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)401527536: ffffffe5 ffffffea 01 44 28 fffffff2 ffffffbc ffffffac 7d ffffff91 ffffffde ffffffac ffffffce 62 68 ffffffea ffffff91 ffffffe2 ffffffc1 1b 24 ffffffec 39 ffffff84 01 1e 43 53 14 13 ffffffa6 ffffffc5 3e ffffffb1 ffffff82 24 44 65 ffffff89 ffffff99 ffffffb7 ffffffec 5e 67 fffffffe ffffffc9 ffffffe5 ffffffad ffffffb6 ffffffcf 61 13 76 45 fffffffc ffffffd5 23 fffffff7 ffffffea 60 7a fffffff4 4b ffffffc3 ffffffbe ffffffab ffffffbf fffffff2 ffffffaf ffffffd2 0f 30 41 63 fffffff5 38 ffffffc5 ffffff86 ffffffdd ffffffa2 6e 1a 6d 62 39 ffffffab 15 ffffffb7 5c ffffff81 2c 00 25 ffffffb7 fffffff7 ffffffe7 1f 48 ffffff82 ffffffca 67 fffffff1 2f 24 78 7c 66 16 ffffffb2 ffffffc3 ffffffcf 30 78 ffffffde 5e ffffffd9 75 ffffffb7 76 ffffffcd ffffffb0 ffffff89 ffffffb0 ffffffc3 1d 10 fffffff0 ffffff80 07 fffffff8 ffffffb4 7c ffffff9c 7c ffffffa5 ffffffb6 fffffff9 09 ffffffca 71 fffffff0 28 ffffffe0 7d fffffffa ffffffa4 22 15 29 ffffffb1 29 60 fffffff7 6 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6bf8003bd0 | unwrapped: 57 24 8e 2f 93 a1 f3 d7 86 27 ef ff 81 7d 17 b5 | unwrapped: d2 0b 5d 86 cd a4 a8 20 20 76 fe 0d 78 92 41 e2 | unwrapped: 1c 9d c6 91 30 50 9f 8e 23 8e 1e 71 6e 08 5e 87 | unwrapped: b0 c8 b5 da 96 7f 67 d7 3f d1 f7 cf 0d 30 ad 42 | unwrapped: d6 cb 7f 43 05 1f 2e 8a 16 8d fe 10 7a 8b 59 92 | unwrapped: 6f 28 84 a1 95 7c 49 59 28 f2 11 4f b5 23 9e f9 | unwrapped: 41 7b 86 51 9a df 45 3f 7a 39 43 6e 00 03 68 31 | unwrapped: 70 6d d8 1b 77 ee b2 05 a3 ad 29 53 e1 33 1d 40 | unwrapped: 90 c8 41 6d b6 23 86 0a 55 8b 72 55 9a 47 fa ea | unwrapped: de 8c 72 ca 50 dd 53 84 fc a3 c3 bf 09 f4 2e 11 | unwrapped: c7 db 25 b2 35 21 d6 23 4e 9c 87 e0 02 13 7a 3c | unwrapped: 3a 15 f6 38 69 13 ca 6a de 53 19 01 04 7b 0f d4 | unwrapped: 5e 0c 54 88 0e 18 c6 f1 34 58 b2 1f 24 0f 24 2e | unwrapped: 59 77 99 f6 40 33 90 73 9b 5f 3a 79 b7 d8 49 b9 | unwrapped: 0e 1f 0a 0b 2d 4c 75 a8 9e 1e 2d 4b eb 18 c6 69 | unwrapped: 09 a3 a5 76 2c 30 7d 49 c7 22 d3 b4 f7 a2 57 83 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef3625434 (length 8) | 6a 34 90 6d 35 f5 0f e3 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef362543c (length 8) | a1 6f 18 5d 14 e9 47 9e | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c17eed6b0 | result: final-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed698 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360e180 | SKEYID_e PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID_e: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c17eed6f8 | result: keymat-key@0x556ef360e180 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3601f40, skeyid_a 0x556ef3609090, skeyid_e 0x556ef360c4c0, enc_key 0x556ef360e180 | DH_i: c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | DH_i: 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | DH_i: d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | DH_i: a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | DH_i: 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | DH_i: e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | DH_i: 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | DH_i: a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | DH_i: 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | DH_i: bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | DH_i: 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | DH_i: c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | DH_i: 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | DH_i: eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | DH_i: aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | DH_i: 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | DH_r: 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | DH_r: 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | DH_r: e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | DH_r: 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | DH_r: 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | DH_r: a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | DH_r: 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | DH_r: 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | DH_r: e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | DH_r: fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | DH_r: 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | DH_r: eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | DH_r: 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | DH_r: ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | DH_r: 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | DH_r: 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef3625234 (length 256) | c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | new IV hash sha digest GR-bytes@0x556ef3625334 (length 256) | 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | new IV hash sha final chunk@0x7f6bf8001230 (length 20) | 29 de 81 17 69 ad f9 47 93 d6 97 b9 1a 14 b4 47 | cb da c3 19 | crypto helper 4 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 time elapsed 0.002298 seconds | (#5) spent 2.29 milliseconds in crypto helper computing work-order 6: aggr outR1 DH (pcr) | crypto helper 4 sending results from work-order 6 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7f6bf8003e90 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 6 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #5: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c04000d60: transferring ownership from helper IKEv1 DH+IV to state #5 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef3621008 (length 8) | 6a 34 90 6d 35 f5 0f e3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3621010 (length 8) | a1 6f 18 5d 14 e9 47 9e | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | ff e8 33 7f | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6a 34 90 6d 35 f5 0f e3 | natd_hash: rcookie= a1 6f 18 5d 14 e9 47 9e | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | natd_hash: hash= ff e8 33 7f | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef3621008 (length 8) | 6a 34 90 6d 35 f5 0f e3 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3621010 (length 8) | a1 6f 18 5d 14 e9 47 9e | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | 02 4b 1a 3d | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6a 34 90 6d 35 f5 0f e3 | natd_hash: rcookie= a1 6f 18 5d 14 e9 47 9e | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | natd_hash: hash= 02 4b 1a 3d | expected NAT-D(me): d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | expected NAT-D(me): ff e8 33 7f | expected NAT-D(him): | da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | 02 4b 1a 3d | received NAT-D: d7 88 e0 3f 22 e6 31 35 cf 90 4b e6 14 2b 8a 55 | received NAT-D: ff e8 33 7f | received NAT-D: da fc 56 54 a7 0a 27 8e 42 28 bd 43 8c 99 1a 34 | received NAT-D: 02 4b 1a 3d | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef362a810 | hmac PRF sha update data-bytes@0x7f6c04000b20 (length 256) | c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | hmac PRF sha update data-bytes@0x7f6c0c002780 (length 256) | 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | hmac PRF sha update data-bytes@0x556ef3621008 (length 8) | 6a 34 90 6d 35 f5 0f e3 | hmac PRF sha update data-bytes@0x556ef3621010 (length 8) | a1 6f 18 5d 14 e9 47 9e | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ebb4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 12 c4 ea b8 62 b5 11 00 42 b1 00 d6 2d 92 4a 20 | 9f a2 6b 98 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 12 c4 ea b8 62 b5 11 00 42 b1 00 d6 2d 92 4a 20 | HASH_I 9f a2 6b 98 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 12 c4 ea b8 62 b5 11 00 42 b1 00 d6 2d 92 4a 20 | encrypting: 9f a2 6b 98 | IV: 29 de 81 17 69 ad f9 47 93 d6 97 b9 1a 14 b4 47 | IV: cb da c3 19 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a0 96 ea c9 15 4b e8 11 4a bf d8 0a e4 a9 73 b7 | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #5: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 05 10 02 01 00 00 00 00 00 00 00 4c 97 26 54 6b | b9 6a cf 0e 23 b8 8c 5e 2b 89 b1 98 41 60 b7 4f | d1 94 88 ab 1a 79 ca af c1 df d7 b3 a0 96 ea c9 | 15 4b e8 11 4a bf d8 0a e4 a9 73 b7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #5 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48953.044686 "aes128" #5: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.453 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bf8003e90 | spent 0.00221 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 05 10 02 01 00 00 00 00 00 00 00 4c 48 51 fc d8 | 8d 67 8f 5e 55 97 0a cc 49 1b f1 11 61 13 8e 48 | 1f f9 d3 39 6e a3 94 bb 24 e3 4f 70 77 ba e0 02 | ed 3c ce 99 29 90 83 64 75 4d c7 29 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I3 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: a0 96 ea c9 15 4b e8 11 4a bf d8 0a e4 a9 73 b7 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | decrypted payload (starts at offset -48): | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 24 a8 ab 18 | 01 a1 98 81 c4 c9 a2 1d 7a 4f 55 92 69 27 f5 70 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #5: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef362a7f0 | hmac PRF sha update data-bytes@0x7f6c0c002780 (length 256) | 6a 36 ba 93 c8 f9 7f 05 7c 0b 4c 7e dd 70 2f 4f | 32 1c bd 22 57 6b 22 43 e5 37 ab a8 11 f3 01 ce | e1 82 a5 98 14 b3 c2 88 f2 f6 05 b3 c9 c1 15 90 | 20 bb b8 2c 4f b1 fd fc d2 1f 3f 9e 83 32 82 d4 | 3d 9c ee e5 3d d8 de 4e 54 c5 53 cc de 61 0d 10 | a2 39 e4 db bf bc ed fd 92 dd 4f d9 33 33 70 7e | 91 a1 04 7c 93 8c a5 36 e6 61 39 7a 9a 2b 8b 46 | 57 d8 2f a2 71 40 64 8b e7 d7 ce 24 94 79 6f d0 | e0 c5 b2 4a 82 50 28 65 b4 7b 0f 3b 1c c2 3e 23 | fc 08 0e 7d dd dc 48 4d 13 1e 04 1e 5d 5f 16 22 | 53 29 94 dd e8 6e de cd 7c aa 7f 72 23 fa 0b ab | eb 26 c3 c8 cb 55 af f1 7f 45 c9 c4 c0 b6 88 cc | 7b aa 3d fb 8b 40 b8 20 13 99 58 45 cb 44 c3 6b | ab 03 e1 b0 75 13 08 91 71 68 70 29 60 15 74 4d | 7d ef 12 8f f9 30 8f 62 47 9c 1c 6f c1 4d 04 b5 | 28 e5 9d c7 75 3a de a8 8c b8 38 5f 79 c7 11 63 | hmac PRF sha update data-bytes@0x7f6c04000b20 (length 256) | c4 7b fe 50 2e a4 3b c8 bf 8e 3d c2 95 fa 67 b8 | 94 c2 4f aa fc df f4 a6 97 0a b2 fe 34 7c d1 e0 | d1 0c 2c e2 29 69 3f 35 15 cd 6f 1b 20 01 b3 27 | a3 52 cc 97 61 b9 e2 b1 87 c9 6f 51 49 a0 1b 13 | 74 44 e9 ed d2 4e 4a ec d8 cd 42 77 f8 28 a1 7a | e2 fb f0 a8 92 af a5 41 66 a9 e6 7d 24 db ae 53 | 12 c6 45 39 27 bc 1c f6 10 d9 a0 28 b1 12 a8 90 | a5 f0 13 56 de 95 9c 4c b4 c6 a2 cc 32 d8 a3 f3 | 9e 6c 85 30 ea 99 dd e8 fc 28 2d da 9d 56 b1 f8 | bd 7e e1 b4 2e 54 48 0d aa 93 d9 15 3b ce 9d 5e | 38 89 b2 99 be 82 ea de 06 6e 52 cd 56 d7 69 be | c0 6c 7f 32 52 fb 83 69 e3 c0 65 f5 5a 58 37 c9 | 39 eb 1b 70 c2 13 b7 ac 81 b3 44 1a 09 b0 3e dc | eb 68 8d 7e 5a 23 5c db 95 aa 05 e8 7f b2 33 e1 | aa cf aa 64 ce 3c 7b f7 08 09 f0 28 2a d1 96 d5 | 54 ee e4 7a b2 ef bf 5b eb b1 07 72 f8 ea 73 78 | hmac PRF sha update data-bytes@0x556ef3621010 (length 8) | a1 6f 18 5d 14 e9 47 9e | hmac PRF sha update data-bytes@0x556ef3621008 (length 8) | 6a 34 90 6d 35 f5 0f e3 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ebb4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef357c480 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 24 a8 ab 18 01 a1 98 81 c4 c9 a2 1d 7a 4f 55 92 | 69 27 f5 70 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #5: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2638 seconds for #5 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | pstats #5 ikev1.isakmp established "aes128" #5: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #5 | creating state object #6 at 0x556ef3625160 | State DB: adding IKEv1 state #6 in UNDEFINED | pstats #6 ikev1.ipsec started | duplicating state object #5 "aes128" as #6 for IPSEC SA | #6 setting local endpoint to 192.1.2.45:500 from #5.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef360e180 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #5 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #6 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #6: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#5 msgid:d15753ab proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 7 for state #6 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c04002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6 | libevent_malloc: new ptr-libevent@0x7f6bf8003e90 size 128 | stop processing: state #6 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #5 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x556ef357b8e0} | close_any(fd@24) (in release_whack() at state.c:654) | #5 spent 0.384 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.52 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 5 resuming | crypto helper 5 starting work-order 7 for state #6 | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 7 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6bfc000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6bfc000d60 | NSS: Public DH wire value: | a5 cd 61 ff 49 02 42 9d 9e 0b 0e 79 c7 ef fa 62 | a7 38 e7 de de 77 54 fb aa e1 c6 5e 11 d9 ce 03 | fa 60 a6 9a 86 e1 b1 24 68 17 9f f9 70 25 04 fc | b6 cc 46 12 c0 67 08 a4 41 7c ca b9 ad 94 f8 07 | 1a d9 80 67 9c 3d c3 5b b6 22 86 60 ad 95 60 27 | cc 84 9b c1 f2 00 c1 4e e7 36 b5 4e 4a 81 1e ef | 98 ca 34 66 50 08 0b ba 68 2f dc ef 3d 65 fd d5 | 13 09 25 ce 97 76 c5 a6 89 ee 0f 19 fc 0b c2 4f | 74 bb 25 be f8 78 09 a4 c9 94 aa 92 e6 a2 5e 92 | 79 37 57 e1 13 df a6 54 3a c1 e7 1e 7f c5 2a 51 | ca 21 a3 2e 21 e1 52 e6 97 9b 09 08 8f 5c 7a 79 | 1b 18 79 85 4a 49 e3 fa b2 c2 c6 c4 98 03 f7 5e | 2f 11 be b8 9e 5e f8 d3 4d b2 5a 36 07 3e ec 9b | 7c ea c0 20 bf 37 76 8a f0 e0 96 b7 e1 50 36 9f | e5 6d 16 0a 88 a5 48 75 be e8 16 93 8e 11 1d 7f | df 92 72 ef 79 03 be 0f b8 67 20 30 38 51 e8 df | Generated nonce: 8b ae f3 2d fb d6 02 0a fc 95 8b e2 5e 58 bd 1b | Generated nonce: 37 88 24 5b bf bb 96 45 d3 a3 1a f2 48 72 b5 4f | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 7 time elapsed 0.002096 seconds | (#6) spent 0.906 milliseconds in crypto helper computing work-order 7: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 7 for state #6 to event queue | scheduling resume sending helper answer for #6 | libevent_malloc: new ptr-libevent@0x7f6bfc006900 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #6 | start processing: state #6 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 7 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #6: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3512161195 (0xd15753ab) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xd997dab0 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI d9 97 da b0 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #6: IMPAIR: stripping key-length "aes128" #6: IMPAIR: duplicating key-length | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 36 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 8b ae f3 2d fb d6 02 0a fc 95 8b e2 5e 58 bd 1b | Ni 37 88 24 5b bf bb 96 45 d3 a3 1a f2 48 72 b5 4f | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6bfc000d60: transferring ownership from helper KE to state #6 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value a5 cd 61 ff 49 02 42 9d 9e 0b 0e 79 c7 ef fa 62 | keyex value a7 38 e7 de de 77 54 fb aa e1 c6 5e 11 d9 ce 03 | keyex value fa 60 a6 9a 86 e1 b1 24 68 17 9f f9 70 25 04 fc | keyex value b6 cc 46 12 c0 67 08 a4 41 7c ca b9 ad 94 f8 07 | keyex value 1a d9 80 67 9c 3d c3 5b b6 22 86 60 ad 95 60 27 | keyex value cc 84 9b c1 f2 00 c1 4e e7 36 b5 4e 4a 81 1e ef | keyex value 98 ca 34 66 50 08 0b ba 68 2f dc ef 3d 65 fd d5 | keyex value 13 09 25 ce 97 76 c5 a6 89 ee 0f 19 fc 0b c2 4f | keyex value 74 bb 25 be f8 78 09 a4 c9 94 aa 92 e6 a2 5e 92 | keyex value 79 37 57 e1 13 df a6 54 3a c1 e7 1e 7f c5 2a 51 | keyex value ca 21 a3 2e 21 e1 52 e6 97 9b 09 08 8f 5c 7a 79 | keyex value 1b 18 79 85 4a 49 e3 fa b2 c2 c6 c4 98 03 f7 5e | keyex value 2f 11 be b8 9e 5e f8 d3 4d b2 5a 36 07 3e ec 9b | keyex value 7c ea c0 20 bf 37 76 8a f0 e0 96 b7 e1 50 36 9f | keyex value e5 6d 16 0a 88 a5 48 75 be e8 16 93 8e 11 1d 7f | keyex value df 92 72 ef 79 03 be 0f b8 67 20 30 38 51 e8 df | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6bf8001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | d1 57 53 ab | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 388) | 0a 00 00 3c 00 00 00 01 00 00 00 01 00 00 00 30 | 00 03 04 01 d9 97 da b0 00 00 00 24 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 80 06 00 80 04 00 00 24 | 8b ae f3 2d fb d6 02 0a fc 95 8b e2 5e 58 bd 1b | 37 88 24 5b bf bb 96 45 d3 a3 1a f2 48 72 b5 4f | 05 00 01 04 a5 cd 61 ff 49 02 42 9d 9e 0b 0e 79 | c7 ef fa 62 a7 38 e7 de de 77 54 fb aa e1 c6 5e | 11 d9 ce 03 fa 60 a6 9a 86 e1 b1 24 68 17 9f f9 | 70 25 04 fc b6 cc 46 12 c0 67 08 a4 41 7c ca b9 | ad 94 f8 07 1a d9 80 67 9c 3d c3 5b b6 22 86 60 | ad 95 60 27 cc 84 9b c1 f2 00 c1 4e e7 36 b5 4e | 4a 81 1e ef 98 ca 34 66 50 08 0b ba 68 2f dc ef | 3d 65 fd d5 13 09 25 ce 97 76 c5 a6 89 ee 0f 19 | fc 0b c2 4f 74 bb 25 be f8 78 09 a4 c9 94 aa 92 | e6 a2 5e 92 79 37 57 e1 13 df a6 54 3a c1 e7 1e | 7f c5 2a 51 ca 21 a3 2e 21 e1 52 e6 97 9b 09 08 | 8f 5c 7a 79 1b 18 79 85 4a 49 e3 fa b2 c2 c6 c4 | 98 03 f7 5e 2f 11 be b8 9e 5e f8 d3 4d b2 5a 36 | 07 3e ec 9b 7c ea c0 20 bf 37 76 8a f0 e0 96 b7 | e1 50 36 9f e5 6d 16 0a 88 a5 48 75 be e8 16 93 | 8e 11 1d 7f df 92 72 ef 79 03 be 0f b8 67 20 30 | 38 51 e8 df 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 9b ce 97 3c 3f b3 93 d9 92 c3 0c c8 2f ca 9a ef | 14 48 6d 15 | outI1 HASH(1): | 9b ce 97 3c 3f b3 93 d9 92 c3 0c c8 2f ca 9a ef | 14 48 6d 15 | last Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | current Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef3620f00 (length 16) | 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | d1 57 53 ab | Phase 2 IV hash sha final bytes@0x556ef3620e80 (length 20) | 09 7b 4b 01 b3 cd 3c 31 9f 96 61 9f f3 85 21 f4 | 19 29 51 16 | encrypting: 01 00 00 18 9b ce 97 3c 3f b3 93 d9 92 c3 0c c8 | encrypting: 2f ca 9a ef 14 48 6d 15 0a 00 00 3c 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 30 00 03 04 01 d9 97 da b0 | encrypting: 00 00 00 24 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 80 06 00 80 04 00 00 24 8b ae f3 2d fb d6 02 0a | encrypting: fc 95 8b e2 5e 58 bd 1b 37 88 24 5b bf bb 96 45 | encrypting: d3 a3 1a f2 48 72 b5 4f 05 00 01 04 a5 cd 61 ff | encrypting: 49 02 42 9d 9e 0b 0e 79 c7 ef fa 62 a7 38 e7 de | encrypting: de 77 54 fb aa e1 c6 5e 11 d9 ce 03 fa 60 a6 9a | encrypting: 86 e1 b1 24 68 17 9f f9 70 25 04 fc b6 cc 46 12 | encrypting: c0 67 08 a4 41 7c ca b9 ad 94 f8 07 1a d9 80 67 | encrypting: 9c 3d c3 5b b6 22 86 60 ad 95 60 27 cc 84 9b c1 | encrypting: f2 00 c1 4e e7 36 b5 4e 4a 81 1e ef 98 ca 34 66 | encrypting: 50 08 0b ba 68 2f dc ef 3d 65 fd d5 13 09 25 ce | encrypting: 97 76 c5 a6 89 ee 0f 19 fc 0b c2 4f 74 bb 25 be | encrypting: f8 78 09 a4 c9 94 aa 92 e6 a2 5e 92 79 37 57 e1 | encrypting: 13 df a6 54 3a c1 e7 1e 7f c5 2a 51 ca 21 a3 2e | encrypting: 21 e1 52 e6 97 9b 09 08 8f 5c 7a 79 1b 18 79 85 | encrypting: 4a 49 e3 fa b2 c2 c6 c4 98 03 f7 5e 2f 11 be b8 | encrypting: 9e 5e f8 d3 4d b2 5a 36 07 3e ec 9b 7c ea c0 20 | encrypting: bf 37 76 8a f0 e0 96 b7 e1 50 36 9f e5 6d 16 0a | encrypting: 88 a5 48 75 be e8 16 93 8e 11 1d 7f df 92 72 ef | encrypting: 79 03 be 0f b8 67 20 30 38 51 e8 df 05 00 00 10 | encrypting: 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | encrypting: 04 00 00 00 c0 00 02 00 ff ff ff 00 | IV: 09 7b 4b 01 b3 cd 3c 31 9f 96 61 9f f3 85 21 f4 | IV: 19 29 51 16 | unpadded size is: 412 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: f4 c1 00 52 ca e7 ef bf 06 f7 aa 81 3d d3 a8 f5 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #6) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 08 10 20 01 d1 57 53 ab 00 00 01 bc d7 ac fb 4f | 82 b7 ae e4 67 05 79 f5 e9 18 f1 47 3e fe 26 c7 | 5b ac 8f 8e 00 bc 84 a9 08 7a d9 c8 cd 36 16 28 | 27 e2 aa 11 b4 4d 96 d4 c4 cb 2d 80 03 94 0b 1c | 81 7b ba 83 34 20 54 c2 34 c3 cd bd 9e 0f 1f cd | 89 f0 4b 8c 46 c6 ff dd 39 7c c0 ec c4 dd c7 b8 | 0f 64 95 90 de fb f0 0c 50 f6 94 61 30 79 2b 31 | 4c c5 89 1b c2 91 58 4b e6 48 c3 8b 7a 17 f8 86 | 6a b2 c7 8d 5a 49 99 c1 58 60 15 17 ea 14 fa d2 | e5 f4 7f 04 d5 50 05 d0 cf 73 52 0e 1c db b5 92 | ba 32 75 5a d1 be 21 2f 39 5c 14 dd 87 09 5c 5d | dd 1a d6 0a 0f 05 31 27 b5 04 6d b0 f0 2d 39 f4 | 38 b0 cf c6 f4 a2 52 5e 5d 95 cf 7a 96 68 10 19 | ca 42 a2 8a 66 1a 2f 97 62 60 a7 25 33 b9 3f c4 | 4b 1c c8 81 e2 17 0c d3 63 cf bc 6f aa 74 b4 d1 | d4 84 a3 8c 4e 5c 81 4f 14 b0 3b 53 41 5a ab a8 | 25 c9 9c 45 52 4b 92 32 69 b1 46 9a e8 df a4 42 | 20 fc 97 e0 14 d4 61 6d 67 86 ed f2 20 f3 24 10 | 3f 26 6c 04 9a d9 47 43 c1 97 9c 98 5d 6e d8 12 | e6 8d 86 33 61 b4 ed 62 89 a9 b3 99 f7 3d e5 8d | 4a 2e e3 db 7b 74 e9 d6 2b 96 af c8 86 be 8b 36 | eb 15 08 ea f3 f9 3e 00 ad d9 28 53 36 c4 cd 65 | 40 f3 a2 f5 a2 5c 7d 80 eb 91 59 e0 94 6d 52 59 | eb c3 44 99 74 8f d7 7b 7a 20 1d b4 46 3a 04 0b | bb b7 57 86 ed b9 d7 12 a8 53 21 ce 94 c3 24 3a | d0 c9 55 fc 0a 01 a3 0b 53 0b 44 45 f4 c1 00 52 | ca e7 ef bf 06 f7 aa 81 3d d3 a8 f5 | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf8003e90 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c04002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c04002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #6 | libevent_malloc: new ptr-libevent@0x7f6bf8003e90 size 128 | #6 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48953.048961 | resume sending helper answer for #6 suppresed complete_v1_state_transition() | #6 spent 0.666 milliseconds in resume sending helper answer | stop processing: state #6 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bfc006900 | spent 0.00207 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 08 10 05 01 f0 9d 8b de 00 00 00 4c 65 fd c0 e1 | 49 a7 a1 1d e1 8f 02 44 61 51 d4 c2 16 54 31 50 | 8b e7 65 1d 8c 55 96 da ec b3 48 72 fd fb 73 9d | ed 1e 67 36 c4 1e de f3 49 4f f6 dd | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4036856798 (0xf09d8bde) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #6; msgid=00000000 st_msgid=d15753ab st_msgid_phase15=00000000 | peer and cookies match on #5; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #5 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #5 in MAIN_I4 (find_v1_info_state) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | last Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | current Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef3620f00 (length 16) | 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54ee1c (length 4) | f0 9d 8b de | Phase 2 IV hash sha final bytes@0x556ef3620e80 (length 20) | 23 1e 9f d5 f2 8f ca f8 1b 0d 6f c2 cd 15 bd df | 96 ca 59 dc | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 23 1e 9f d5 f2 8f ca f8 1b 0d 6f c2 cd 15 bd df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: fd fb 73 9d ed 1e 67 36 c4 1e de f3 49 4f f6 dd | decrypted payload (starts at offset -48): | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 08 10 05 01 f0 9d 8b de 00 00 00 4c 0b 00 00 18 | 0a 8d 16 12 ef 22 5b 3c 8c 34 f9 e9 a4 f8 d9 ef | 1c 50 c8 a4 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6bf8001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | f0 9d 8b de | HASH(1) PRF sha update payload-bytes@0x556ef357c494 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | 0a 8d 16 12 ef 22 5b 3c 8c 34 f9 e9 a4 f8 d9 ef | 1c 50 c8 a4 | informational HASH(1): | 0a 8d 16 12 ef 22 5b 3c 8c 34 f9 e9 a4 f8 d9 ef | 1c 50 c8 a4 | received 'informational' message HASH(1) data ok "aes128" #5: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #5: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #5 spent 0.00853 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.289 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6c04002b20 | handling event EVENT_RETRANSMIT for child state #6 | start processing: state #6 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #6 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #6 keying attempt 1 of 0; retransmit 1 "aes128" #6: IMPAIR: retransmit so deleting SA | [RE]START processing: state #6 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #6 ikev1.ipsec failed too-many-retransmits | pstats #6 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #6 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #6: deleting state (STATE_QUICK_I1) aged 0.505s and NOT sending notification | child state #6: QUICK_I1(established CHILD SA) => delete | child state #6: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #6 in CHILDSA_DEL | child state #6: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f6bfc000d60: destroyed | stop processing: state #6 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f6bf8003e90 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c04002b20 | in statetime_stop() and could not find #6 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0481 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #5 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #5 ikev1.isakmp deleted completed | [RE]START processing: state #5 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #5: deleting state (STATE_MAIN_I4) aged 0.595s and sending notification | parent state #5: MAIN_I4(established IKE SA) => delete | #5 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1984561610 (0x764a01ca) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 6a 34 90 6d 35 f5 0f e3 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI a1 6f 18 5d 14 e9 47 9e | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x556ef362a7f0 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 76 4a 01 ca | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 6a 34 90 6d | 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | bc c7 94 fb 22 e5 02 9c db e0 aa 1c 20 7f a1 7f | 6b 1d cb 75 | send delete HASH(1): | bc c7 94 fb 22 e5 02 9c db e0 aa 1c 20 7f a1 7f | 6b 1d cb 75 | last Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | current Phase 1 IV: 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef3620f00 (length 16) | 77 ba e0 02 ed 3c ce 99 29 90 83 64 75 4d c7 29 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 76 4a 01 ca | Phase 2 IV hash sha final bytes@0x556ef3620e80 (length 20) | 5b 72 6a 2e 86 d2 86 33 9f 87 a7 53 ee 07 e4 28 | 42 ab d6 9f | encrypting: 0c 00 00 18 bc c7 94 fb 22 e5 02 9c db e0 aa 1c | encrypting: 20 7f a1 7f 6b 1d cb 75 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d | encrypting: 14 e9 47 9e | IV: 5b 72 6a 2e 86 d2 86 33 9f 87 a7 53 ee 07 e4 28 | IV: 42 ab d6 9f | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ee ca a6 9b 26 fd af d9 1f df 0e 55 0d bf 30 bd | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 08 10 05 01 76 4a 01 ca 00 00 00 5c a3 8e 37 29 | d5 36 9b 65 67 d5 eb 39 68 52 57 bd 53 90 fd 2b | bb 0c d5 45 a8 f3 86 42 6f 69 8a 1e ee 7a c3 27 | bf de 80 7e 66 05 57 17 03 d9 32 d3 ee ca a6 9b | 26 fd af d9 1f df 0e 55 0d bf 30 bd | state #5 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #5 in MAIN_I4 | parent state #5: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c04000d60: destroyed | stop processing: state #5 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef36037c0 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef361eee0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.551 milliseconds in whack | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6a 34 90 6d 35 f5 0f e3 a1 6f 18 5d 14 e9 47 9e | 08 10 05 01 e9 fb ee 2c 00 00 00 5c b1 9d 18 92 | 60 47 f0 57 18 3d 26 9a 17 ad 99 f8 8f ab 29 48 | fa 86 20 8e 5d 72 76 a2 a0 eb 8d d9 6f b2 47 7b | 56 64 93 03 b1 fe 44 e2 4d 26 96 f0 5a 06 25 b7 | 7f d9 2e 9a 7e 41 30 84 2f ad b7 6c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6a 34 90 6d 35 f5 0f e3 | responder cookie: | a1 6f 18 5d 14 e9 47 9e | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3925601836 (0xe9fbee2c) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xe9fbee2c | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 6a 34 90 6d 35 f5 0f e3 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | a1 6f 18 5d 14 e9 47 9e | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0702 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0582 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0473 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0603 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef35e95c0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.14 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #7 at 0x556ef3625160 | State DB: adding IKEv1 state #7 in UNDEFINED | pstats #7 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #7 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #7: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #7 "aes128" "aes128" #7: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | d9 3a 8d 6d 8c 7e 63 fa | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef361d350 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #7: IMPAIR: stripping key-length "aes128" #7: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #7) | d9 3a 8d 6d 8c 7e 63 fa 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c04002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #7 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #7 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48954.249726 | #7 spent 0.413 milliseconds in main_outI1() | stop processing: state #7 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.471 milliseconds in whack | spent 0.00199 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d9 3a 8d 6d 8c 7e 63 fa 9b 22 fa 27 83 dd 3c 2f | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d9 3a 8d 6d 8c 7e 63 fa | responder cookie: | 9b 22 fa 27 83 dd 3c 2f | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #7 in MAIN_I1 (find_state_ikev1_init) | start processing: state #7 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #7 is idle | #7 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #7: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #7: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #7 spent 0.00858 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #7 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.106 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6c04002b20 | handling event EVENT_RETRANSMIT for parent state #7 | start processing: state #7 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #7 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #7 keying attempt 1 of 0; retransmit 1 "aes128" #7: IMPAIR: retransmit so deleting SA | [RE]START processing: state #7 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #7 ikev1.isakmp failed too-many-retransmits | pstats #7 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #7 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #7: deleting state (STATE_MAIN_I1) aged 0.505s and NOT sending notification | parent state #7: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x556ef3580890} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #7 "aes128" #7: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #7 in MAIN_I1 | parent state #7: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #7 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c04002b20 | in statetime_stop() and could not find #7 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #8 at 0x556ef3625160 | State DB: adding IKEv1 state #8 in UNDEFINED | pstats #8 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #8 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #8: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #8 "aes128" "aes128" #8: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 6b 78 a9 f7 71 bd 69 16 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef361eee0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #8: IMPAIR: stripping key-length "aes128" #8: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #8) | 6b 78 a9 f7 71 bd 69 16 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #8 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #8 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48954.755342 | #8 spent 0.368 milliseconds in main_outI1() | stop processing: state #8 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.387 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00179 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6b 78 a9 f7 71 bd 69 16 05 46 8c 67 71 ae 98 01 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6b 78 a9 f7 71 bd 69 16 | responder cookie: | 05 46 8c 67 71 ae 98 01 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #8 in MAIN_I1 (find_state_ikev1_init) | start processing: state #8 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #8 is idle | #8 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #8: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #8: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #8 spent 0.00596 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #8 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0948 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0462 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x556ef3580890} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #8 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #8 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #8 ikev1.isakmp deleted other | [RE]START processing: state #8 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #8: deleting state (STATE_MAIN_I1) aged 0.067s and NOT sending notification | parent state #8: MAIN_I1(half-open IKE SA) => delete | state #8 requesting EVENT_RETRANSMIT to be deleted | #8 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #8 in MAIN_I1 | parent state #8: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #8 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef35e95c0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.235 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0608 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0466 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0517 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef35e95c0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.13 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #9 at 0x556ef3625160 | State DB: adding IKEv1 state #9 in UNDEFINED | pstats #9 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #9: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #9 "aes128" "aes128" #9: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef362a810 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | ac 44 ea a6 dc ef c6 5c 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #9 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48955.263499 | #9 spent 0.394 milliseconds in main_outI1() | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.456 milliseconds in whack | spent 0.00217 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #9 in MAIN_I1 (find_state_ikev1_init) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #9 is idle | #9 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 8 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | #9 spent 0.147 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.272 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 8 for state #9 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 8 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c100010c0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c100010c0 | NSS: Public DH wire value: | 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | Generated nonce: 7d a5 9e ed 92 bf c5 c1 aa a6 4f c1 f3 4a e0 a5 | Generated nonce: 3f ff 4b 0b 68 1e cb 7d a3 7c 69 b5 96 00 2a a1 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 8 time elapsed 0.001092 seconds | (#9) spent 1.05 milliseconds in crypto helper computing work-order 8: outI2 KE (pcr) | crypto helper 0 sending results from work-order 8 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 8 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #9: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c100010c0: transferring ownership from helper KE to state #9 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | keyex value b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | keyex value d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | keyex value a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | keyex value 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | keyex value cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | keyex value 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | keyex value 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | keyex value a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | keyex value 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | keyex value dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | keyex value 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | keyex value 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | keyex value 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | keyex value 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | keyex value f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 7d a5 9e ed 92 bf c5 c1 aa a6 4f c1 f3 4a e0 a5 | Ni 3f ff 4b 0b 68 1e cb 7d a3 7c 69 b5 96 00 2a a1 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | ac 44 ea a6 dc ef c6 5c | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | 63 97 1a 69 98 14 81 fa | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | 58 5b 90 cf | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= ac 44 ea a6 dc ef c6 5c | natd_hash: rcookie= 63 97 1a 69 98 14 81 fa | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | natd_hash: hash= 58 5b 90 cf | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | NAT-D 58 5b 90 cf | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | ac 44 ea a6 dc ef c6 5c | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | 63 97 1a 69 98 14 81 fa | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | 5b b1 00 33 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= ac 44 ea a6 dc ef c6 5c | natd_hash: rcookie= 63 97 1a 69 98 14 81 fa | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | natd_hash: hash= 5b b1 00 33 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | NAT-D 5b b1 00 33 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #9 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #9: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | 14 00 00 24 7d a5 9e ed 92 bf c5 c1 aa a6 4f c1 | f3 4a e0 a5 3f ff 4b 0b 68 1e cb 7d a3 7c 69 b5 | 96 00 2a a1 14 00 00 18 09 2b 7e f0 55 bb 07 2b | 0a c0 fb fc 4c 6e 1f be 58 5b 90 cf 00 00 00 18 | 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | 5b b1 00 33 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #9 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48955.266057 "aes128" #9: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.346 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c100016f0 | spent 0.00252 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | 14 00 00 24 eb 51 22 1f 70 00 58 c0 da a5 05 7d | 04 62 d1 d7 b8 89 ed c6 ac 08 2d 6d 3f a6 de 74 | d1 c2 d6 30 14 00 00 18 9d ad 33 05 85 11 ce a2 | c8 7c 06 f7 6f 51 62 3b 5b b1 00 33 00 00 00 18 | 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | 58 5b 90 cf | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I2 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #9 is idle | #9 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c100010c0: transferring ownership from state #9 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 9 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | #9 spent 0.0884 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.225 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 9 for state #9 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 | peer's g: 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | peer's g: 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | peer's g: ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | peer's g: 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | peer's g: 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | peer's g: 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | peer's g: 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | peer's g: 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | peer's g: 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | peer's g: 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | peer's g: 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | peer's g: 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | peer's g: 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | peer's g: c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | peer's g: 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | peer's g: 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c100010c0: computed shared DH secret key@0x556ef360e180 | dh-shared : g^ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: psk-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: psk-key@0x556ef360c4c0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3609090 | SKEYID psk prf: created sha context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk prf: begin sha with context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk: release clone-key@0x556ef360c4c0 | SKEYID psk PRF sha crypt-prf@0x7f6c08001ef0 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | 7d a5 9e ed 92 bf c5 c1 aa a6 4f c1 f3 4a e0 a5 | 3f ff 4b 0b 68 1e cb 7d a3 7c 69 b5 96 00 2a a1 | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | eb 51 22 1f 70 00 58 c0 da a5 05 7d 04 62 d1 d7 | b8 89 ed c6 ac 08 2d 6d 3f a6 de 74 d1 c2 d6 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID psk PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID psk: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6b8 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d: release clone-key@0x556ef3609090 | SKEYID_d PRF sha crypt-prf@0x7f6c08001fc0 | SKEYID_d PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_d: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312960: ffffff87 2c 2a ffffff95 57 54 26 ffffffc2 ffffffa3 46 ffffff9d 5d 54 7e 4c 35 0f 51 fffffff2 27 2c 58 ffffff82 42 36 1b 01 ffffffeb 32 fffffffe ffffff85 5c 43 2c ffffff9b ffffffe8 ffffff97 75 41 ffffffcc ffffff99 39 ffffffb4 ffffffe0 11 06 13 ffffff9d ffffffc2 ffffffce ffffff8c 28 ffffff9d ffffff9e ffffff83 ffffff97 fffffffe ffffffaa 47 ffffffe1 ffffffd3 5d 31 fffffff3 56 77 07 09 ffffff85 5f ffffff83 54 fffffff5 ffffffa6 ffffff8a 36 28 0a ffffff8f ffffffc6 24 ffffffc5 ffffffe8 33 fffffff6 32 62 ffffffc5 63 ffffffe2 ffffffac 6d ffffff92 1f ffffffa4 13 3f 52 5a 40 ffffffbe ffffffbf ffffffd9 7a 0b 0d 0a ffffffd2 ffffffe1 43 ffffffa0 40 ffffffe0 26 70 69 ffffffc4 fffffff2 ffffff92 ffffff8c 7c 46 12 2f 6e 3d ffffffde ffffffb6 0f 22 6a 71 64 ffffff97 0b 5a 32 ffffffcf 2e ffffffca 63 ffffff82 ffffffd8 05 ffffff9f 59 6f 56 ffffffc9 6a 47 6b 44 2e fffffffb 40 70 ffffffe3 5e ffffffd9 ffffffa4 ffffff9b ffffffe7 ffffffa9 ffffffe2 ffffff99 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08001de0 | unwrapped: 70 86 9d 7d 8d a6 67 f6 02 c5 14 0c 51 08 f1 5b | unwrapped: b4 2f 56 e9 23 3b 5f cf 26 ae 80 95 43 1f 5d 4e | unwrapped: a5 a3 d6 7f fc b8 b0 11 39 7a 1a 30 a1 5f ef af | unwrapped: ff 48 e6 f9 c6 50 db c9 70 5b 5d b1 19 51 64 4d | unwrapped: 85 0b 7a 41 c1 6b 0e d3 2c 13 14 16 aa 1c 81 46 | unwrapped: d1 a1 5b 89 af 1c b5 17 40 b4 8e 39 02 38 73 10 | unwrapped: 72 90 8a bb d8 98 1d 0a e9 8b 67 4f c9 78 37 bd | unwrapped: 26 58 d1 79 fe b4 19 e7 7a 40 88 51 4e 96 ce 57 | unwrapped: 54 eb da 64 d0 b4 7b b6 b6 ef e0 ad b4 1f ad 9d | unwrapped: e3 3c 58 83 e9 53 8b 07 89 fb 4f e0 c5 1f bb 86 | unwrapped: 50 58 29 39 63 32 e1 40 d9 19 b3 12 cc 71 ae af | unwrapped: c0 a0 27 c3 41 7e a2 81 a6 49 b0 34 e1 8b 57 f7 | unwrapped: b4 20 92 d7 6a 52 1d f9 a0 cd 4d 62 f3 50 5b 62 | unwrapped: 0a e7 5d 4b ae 89 5e 5b 3a 7a 4f 92 8f ec 81 47 | unwrapped: e1 c7 d8 bc 4a c3 e5 0c dc b6 26 fe 5a a4 f3 a8 | unwrapped: e8 06 ee 61 99 75 46 c1 6c 44 2f 50 51 41 b7 1a | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | ac 44 ea a6 dc ef c6 5c | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 63 97 1a 69 98 14 81 fa | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID_d PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_d: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a: release clone-key@0x556ef3601f40 | SKEYID_a PRF sha crypt-prf@0x7f6c08001270 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3609090 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312928: ffffff89 22 54 3f 23 ffffff81 ffffffbc ffffffed ffffffbc 25 71 ffffff9f 36 ffffffb1 ffffffa9 ffffffd5 48 06 ffffff97 ffffffa2 1f ffffff98 08 ffffff88 ffffffcd ffffffc9 1a 2a 6d 18 ffffffc0 11 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c080030d0 | unwrapped: aa 46 b8 0f 0b 4d 57 94 4e 7c e4 8e 09 6f 94 a1 | unwrapped: 8e 66 01 6f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_a: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312928: ffffff87 2c 2a ffffff95 57 54 26 ffffffc2 ffffffa3 46 ffffff9d 5d 54 7e 4c 35 0f 51 fffffff2 27 2c 58 ffffff82 42 36 1b 01 ffffffeb 32 fffffffe ffffff85 5c 43 2c ffffff9b ffffffe8 ffffff97 75 41 ffffffcc ffffff99 39 ffffffb4 ffffffe0 11 06 13 ffffff9d ffffffc2 ffffffce ffffff8c 28 ffffff9d ffffff9e ffffff83 ffffff97 fffffffe ffffffaa 47 ffffffe1 ffffffd3 5d 31 fffffff3 56 77 07 09 ffffff85 5f ffffff83 54 fffffff5 ffffffa6 ffffff8a 36 28 0a ffffff8f ffffffc6 24 ffffffc5 ffffffe8 33 fffffff6 32 62 ffffffc5 63 ffffffe2 ffffffac 6d ffffff92 1f ffffffa4 13 3f 52 5a 40 ffffffbe ffffffbf ffffffd9 7a 0b 0d 0a ffffffd2 ffffffe1 43 ffffffa0 40 ffffffe0 26 70 69 ffffffc4 fffffff2 ffffff92 ffffff8c 7c 46 12 2f 6e 3d ffffffde ffffffb6 0f 22 6a 71 64 ffffff97 0b 5a 32 ffffffcf 2e ffffffca 63 ffffff82 ffffffd8 05 ffffff9f 59 6f 56 ffffffc9 6a 47 6b 44 2e fffffffb 40 70 ffffffe3 5e ffffffd9 ffffffa4 ffffff9b ffffffe7 ffffffa9 ffffffe2 ffffff99 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08000b20 | unwrapped: 70 86 9d 7d 8d a6 67 f6 02 c5 14 0c 51 08 f1 5b | unwrapped: b4 2f 56 e9 23 3b 5f cf 26 ae 80 95 43 1f 5d 4e | unwrapped: a5 a3 d6 7f fc b8 b0 11 39 7a 1a 30 a1 5f ef af | unwrapped: ff 48 e6 f9 c6 50 db c9 70 5b 5d b1 19 51 64 4d | unwrapped: 85 0b 7a 41 c1 6b 0e d3 2c 13 14 16 aa 1c 81 46 | unwrapped: d1 a1 5b 89 af 1c b5 17 40 b4 8e 39 02 38 73 10 | unwrapped: 72 90 8a bb d8 98 1d 0a e9 8b 67 4f c9 78 37 bd | unwrapped: 26 58 d1 79 fe b4 19 e7 7a 40 88 51 4e 96 ce 57 | unwrapped: 54 eb da 64 d0 b4 7b b6 b6 ef e0 ad b4 1f ad 9d | unwrapped: e3 3c 58 83 e9 53 8b 07 89 fb 4f e0 c5 1f bb 86 | unwrapped: 50 58 29 39 63 32 e1 40 d9 19 b3 12 cc 71 ae af | unwrapped: c0 a0 27 c3 41 7e a2 81 a6 49 b0 34 e1 8b 57 f7 | unwrapped: b4 20 92 d7 6a 52 1d f9 a0 cd 4d 62 f3 50 5b 62 | unwrapped: 0a e7 5d 4b ae 89 5e 5b 3a 7a 4f 92 8f ec 81 47 | unwrapped: e1 c7 d8 bc 4a c3 e5 0c dc b6 26 fe 5a a4 f3 a8 | unwrapped: e8 06 ee 61 99 75 46 c1 6c 44 2f 50 51 41 b7 1a | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | ac 44 ea a6 dc ef c6 5c | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 63 97 1a 69 98 14 81 fa | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: final-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360fae0 | SKEYID_a PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_a: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: clone-key@0x556ef360fae0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e: release clone-key@0x556ef360fae0 | SKEYID_e PRF sha crypt-prf@0x7f6c080084b0 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3601f40 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312944: 3e ffffffb7 5f 4d ffffffcd 4a ffffffb9 fffffffe fffffff2 ffffffde 39 72 75 1a 7a ffffffcb 35 ffffffcb 24 ffffffd6 48 ffffffaf 0b 39 ffffff92 ffffffb4 6c 46 ffffffd8 0f 73 55 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08003100 | unwrapped: 8f d3 9a f3 71 60 e7 47 48 69 6a da 81 66 0d ec | unwrapped: e9 ec 71 ab 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_e: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312944: ffffff87 2c 2a ffffff95 57 54 26 ffffffc2 ffffffa3 46 ffffff9d 5d 54 7e 4c 35 0f 51 fffffff2 27 2c 58 ffffff82 42 36 1b 01 ffffffeb 32 fffffffe ffffff85 5c 43 2c ffffff9b ffffffe8 ffffff97 75 41 ffffffcc ffffff99 39 ffffffb4 ffffffe0 11 06 13 ffffff9d ffffffc2 ffffffce ffffff8c 28 ffffff9d ffffff9e ffffff83 ffffff97 fffffffe ffffffaa 47 ffffffe1 ffffffd3 5d 31 fffffff3 56 77 07 09 ffffff85 5f ffffff83 54 fffffff5 ffffffa6 ffffff8a 36 28 0a ffffff8f ffffffc6 24 ffffffc5 ffffffe8 33 fffffff6 32 62 ffffffc5 63 ffffffe2 ffffffac 6d ffffff92 1f ffffffa4 13 3f 52 5a 40 ffffffbe ffffffbf ffffffd9 7a 0b 0d 0a ffffffd2 ffffffe1 43 ffffffa0 40 ffffffe0 26 70 69 ffffffc4 fffffff2 ffffff92 ffffff8c 7c 46 12 2f 6e 3d ffffffde ffffffb6 0f 22 6a 71 64 ffffff97 0b 5a 32 ffffffcf 2e ffffffca 63 ffffff82 ffffffd8 05 ffffff9f 59 6f 56 ffffffc9 6a 47 6b 44 2e fffffffb 40 70 ffffffe3 5e ffffffd9 ffffffa4 ffffff9b ffffffe7 ffffffa9 ffffffe2 ffffff99 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08001cd0 | unwrapped: 70 86 9d 7d 8d a6 67 f6 02 c5 14 0c 51 08 f1 5b | unwrapped: b4 2f 56 e9 23 3b 5f cf 26 ae 80 95 43 1f 5d 4e | unwrapped: a5 a3 d6 7f fc b8 b0 11 39 7a 1a 30 a1 5f ef af | unwrapped: ff 48 e6 f9 c6 50 db c9 70 5b 5d b1 19 51 64 4d | unwrapped: 85 0b 7a 41 c1 6b 0e d3 2c 13 14 16 aa 1c 81 46 | unwrapped: d1 a1 5b 89 af 1c b5 17 40 b4 8e 39 02 38 73 10 | unwrapped: 72 90 8a bb d8 98 1d 0a e9 8b 67 4f c9 78 37 bd | unwrapped: 26 58 d1 79 fe b4 19 e7 7a 40 88 51 4e 96 ce 57 | unwrapped: 54 eb da 64 d0 b4 7b b6 b6 ef e0 ad b4 1f ad 9d | unwrapped: e3 3c 58 83 e9 53 8b 07 89 fb 4f e0 c5 1f bb 86 | unwrapped: 50 58 29 39 63 32 e1 40 d9 19 b3 12 cc 71 ae af | unwrapped: c0 a0 27 c3 41 7e a2 81 a6 49 b0 34 e1 8b 57 f7 | unwrapped: b4 20 92 d7 6a 52 1d f9 a0 cd 4d 62 f3 50 5b 62 | unwrapped: 0a e7 5d 4b ae 89 5e 5b 3a 7a 4f 92 8f ec 81 47 | unwrapped: e1 c7 d8 bc 4a c3 e5 0c dc b6 26 fe 5a a4 f3 a8 | unwrapped: e8 06 ee 61 99 75 46 c1 6c 44 2f 50 51 41 b7 1a | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | ac 44 ea a6 dc ef c6 5c | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 63 97 1a 69 98 14 81 fa | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6b0 | result: final-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36037c0 | SKEYID_e PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID_e: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6f8 | result: keymat-key@0x556ef36037c0 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3609090, skeyid_a 0x556ef3601f40, skeyid_e 0x556ef360fae0, enc_key 0x556ef36037c0 | DH_i: 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | DH_i: b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | DH_i: d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | DH_i: a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | DH_i: 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | DH_i: cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | DH_i: 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | DH_i: 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | DH_i: a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | DH_i: 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | DH_i: dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | DH_i: 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | DH_i: 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | DH_i: 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | DH_i: 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | DH_i: f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | DH_r: 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | DH_r: 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | DH_r: ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | DH_r: 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | DH_r: 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | DH_r: 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | DH_r: 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | DH_r: 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | DH_r: 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | DH_r: 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | DH_r: 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | DH_r: 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | DH_r: 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | DH_r: c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | DH_r: 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | DH_r: 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | new IV hash sha final chunk@0x7f6c08002090 (length 20) | df 7f 24 47 72 4f 3e f8 e8 63 35 c5 61 17 c9 f6 | a9 2f 05 31 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 time elapsed 0.002028 seconds | (#9) spent 2.02 milliseconds in crypto helper computing work-order 9: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 9 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7f6c08003a00 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 9 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #9: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c100010c0: transferring ownership from helper IKEv1 DH+IV to state #9 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | ac 44 ea a6 dc ef c6 5c | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | 63 97 1a 69 98 14 81 fa | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | 5b b1 00 33 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= ac 44 ea a6 dc ef c6 5c | natd_hash: rcookie= 63 97 1a 69 98 14 81 fa | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | natd_hash: hash= 5b b1 00 33 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | ac 44 ea a6 dc ef c6 5c | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | 63 97 1a 69 98 14 81 fa | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | 58 5b 90 cf | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= ac 44 ea a6 dc ef c6 5c | natd_hash: rcookie= 63 97 1a 69 98 14 81 fa | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | natd_hash: hash= 58 5b 90 cf | expected NAT-D(me): 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | expected NAT-D(me): 5b b1 00 33 | expected NAT-D(him): | 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | 58 5b 90 cf | received NAT-D: 9d ad 33 05 85 11 ce a2 c8 7c 06 f7 6f 51 62 3b | received NAT-D: 5b b1 00 33 | received NAT-D: 09 2b 7e f0 55 bb 07 2b 0a c0 fb fc 4c 6e 1f be | received NAT-D: 58 5b 90 cf | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef36236a0 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | hmac PRF sha update data-bytes@0x7f6bfc000ea0 (length 256) | 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | ac 44 ea a6 dc ef c6 5c | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | 63 97 1a 69 98 14 81 fa | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 04 a6 85 c5 67 e3 6a 50 2c d7 f9 fb c0 a4 5b fe | b3 23 70 96 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 04 a6 85 c5 67 e3 6a 50 2c d7 f9 fb c0 a4 5b fe | HASH_I b3 23 70 96 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 04 a6 85 c5 67 e3 6a 50 2c d7 f9 fb c0 a4 5b fe | encrypting: b3 23 70 96 | IV: df 7f 24 47 72 4f 3e f8 e8 63 35 c5 61 17 c9 f6 | IV: a9 2f 05 31 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: bc 87 e9 4d 2c d2 f2 85 6a bf e6 0c 23 d1 1a b7 | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #9: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 05 10 02 01 00 00 00 00 00 00 00 4c 85 b5 09 34 | 87 fc 1f fa a4 66 83 a6 f2 68 b9 be 73 fe 28 3c | ea 9d bb 3b 84 f0 eb c3 94 43 7d af bc 87 e9 4d | 2c d2 f2 85 6a bf e6 0c 23 d1 1a b7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x556ef361ed10 size 128 | #9 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48955.270841 "aes128" #9: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.445 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c08003a00 | spent 0.00222 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 05 10 02 01 00 00 00 00 00 00 00 4c a7 ee 55 e8 | 6b 6e 21 84 4b 4a e0 cb 58 b3 85 87 22 a8 b4 42 | fc cf de aa c8 09 51 07 cc 4e 59 9d a8 c7 22 d7 | 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I3 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: bc 87 e9 4d 2c d2 f2 85 6a bf e6 0c 23 d1 1a b7 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | decrypted payload (starts at offset -48): | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 16 46 0c 63 | 41 85 60 e4 30 3b 63 41 3f cd 37 60 52 d3 c1 3e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #9: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef3623680 | hmac PRF sha update data-bytes@0x7f6bfc000ea0 (length 256) | 09 0c df 29 e4 d8 17 a7 ff 0a 5a f0 45 45 c5 c6 | 24 43 99 f4 80 ff b2 4c 2c eb 88 99 f5 09 fd da | ed c9 ce ea e1 9d 63 00 9f 6d 14 e6 da 4c bc 71 | 32 ee ec 8b 72 14 c6 8b d0 bf 54 68 2a 62 e2 25 | 62 21 c6 e2 fd da e0 9b bf 8b e0 c3 c0 9e c4 32 | 83 cc 68 26 a0 48 91 d5 8e 87 e2 40 54 40 f7 2b | 69 78 16 4b f4 53 25 9f 12 36 a7 55 1a 7a 53 20 | 9c a2 93 42 6d 70 d9 94 df 4c ae 45 d7 3d 78 12 | 66 c3 0a 5b 28 6c 4c a5 08 ea 57 a2 38 98 1b 0a | 74 a0 0d 43 1e 71 c9 d1 61 d2 24 a1 44 dc 1b d4 | 1c 91 9b 1e 6d de e9 7d 3f ec e6 0a c6 3c ca 3a | 40 24 fa c6 b3 62 55 79 a4 a8 4e 52 d1 78 e5 f1 | 3e cb bd 1c 6e 37 2e 80 9d 88 85 24 eb ff f0 bf | c3 2e 4b 86 65 11 2b 9c 58 5d 8e 00 85 16 ea af | 0f c0 97 db 6b 1c d1 9b 6e 28 fd 8d a5 56 02 b5 | 0f 10 1d a1 6f 69 41 ba 1d a0 f6 03 f6 0b 66 20 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 2a bf 7c 01 99 85 ab da a9 c3 25 af 42 8a c3 87 | b6 01 fd 74 d1 82 3e bf fa c4 36 42 99 a8 81 84 | d5 7b b6 67 01 8f 9d f8 fa 93 1c 80 5e c6 38 8f | a6 59 bf a5 67 c1 27 fd cf 60 21 e5 55 a2 05 9d | 1f 36 98 2c b7 5e bc 74 c0 01 10 b0 87 8f d0 a0 | cd 3e fc df 00 fa 50 7d a1 48 0d dc 55 4a 30 bc | 4e 65 60 e8 47 89 be 0f 40 c5 10 d7 58 6b ef 52 | 46 5a d1 c9 84 a0 85 e1 4d dd db 4e 67 1a a0 74 | a7 ef 1f 05 32 49 c7 f0 21 eb 22 eb 2a da 51 9e | 76 6f 54 e2 d9 7d c4 23 d2 3e 66 17 fd 3b 29 1c | dc b1 aa 1e 18 86 f4 2a 07 1c b9 74 0e 50 b5 a5 | 28 33 a5 97 61 c3 09 ce 1c f6 5e 17 9b 2b d7 63 | 07 ad f2 0d e8 f2 48 22 10 56 ad 2a bb a5 5a 29 | 0a e3 f4 22 d9 df 57 03 d6 53 e4 6a 4a 48 28 bb | 09 6a a5 5d 82 8e 45 30 8a e5 33 8d bd 72 3c 59 | f6 d2 aa c0 19 42 f5 2d 8d c5 02 56 50 d8 c3 4d | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | 63 97 1a 69 98 14 81 fa | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | ac 44 ea a6 dc ef c6 5c | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef357b900 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 16 46 0c 63 41 85 60 e4 30 3b 63 41 3f cd 37 60 | 52 d3 c1 3e | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #9: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x556ef361ed10 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2629 seconds for #9 | libevent_malloc: new ptr-libevent@0x7f6c08003a00 size 128 | pstats #9 ikev1.isakmp established "aes128" #9: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #9 | creating state object #10 at 0x556ef361d990 | State DB: adding IKEv1 state #10 in UNDEFINED | pstats #10 ikev1.ipsec started | duplicating state object #9 "aes128" as #10 for IPSEC SA | #10 setting local endpoint to 192.1.2.45:500 from #9.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef36037c0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #9 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #10 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #10: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#9 msgid:8f95fed9 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 10 for state #10 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #10 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | stop processing: state #10 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #9 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x556ef3580890} | close_any(fd@24) (in release_whack() at state.c:654) | #9 spent 0.351 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.479 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 10 for state #10 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 10 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c0c002760: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c0c002760 | NSS: Public DH wire value: | cb c1 60 fc 30 45 b1 3b 2f 3b 9b 48 a4 73 a5 2b | 19 27 55 db 62 e8 3a 66 bb 9f 33 d3 21 54 f6 ca | a6 07 57 77 e0 ed 57 20 1e 80 95 2c 5d e9 ea 09 | a3 00 7c 05 91 ed 31 c7 c8 24 58 62 8b 3f c7 61 | 01 fb da 07 c9 d8 75 72 8a a4 0a f8 6f 5f 7b 28 | 3a 97 88 c4 fd 39 2c fc 5b 10 07 65 98 f0 87 bd | af 06 6f 58 3d 0d aa 38 58 af 76 0e 20 5e ab 9e | e4 b3 0d 11 a2 69 80 98 85 34 c3 07 ef 03 04 43 | 9b 44 8e 7c 21 1b e2 03 28 6e 16 b5 d7 40 6c 3b | 76 16 f9 a7 ee b9 71 4f 6a a0 87 e7 77 50 78 c4 | 6d 82 3e 0e 0e 99 1b b5 94 a7 79 86 7e fd 03 ca | fd 24 2b 6f e4 6a 23 7e 34 eb af 4b 71 5d 20 8f | c9 96 e7 62 e1 c6 9c 94 65 d6 da 59 46 e9 b4 bf | 22 d3 78 a2 c4 68 b3 a6 c3 62 f8 d6 30 6e 56 cc | 23 13 ed 0d 61 55 7a e2 2f b1 3c 30 fe 51 0d 54 | c4 5a a9 32 c4 08 b1 5b 4a 1f 9a a7 8b 5b 81 58 | Generated nonce: 8d 5e f6 1f 0c 79 1c ce 33 b4 f6 ec 7d 10 b6 2d | Generated nonce: 84 aa 4b c0 07 33 eb 95 1c 95 68 79 e9 74 b1 77 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 10 time elapsed 0.001042 seconds | (#10) spent 1.04 milliseconds in crypto helper computing work-order 10: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 10 for state #10 to event queue | scheduling resume sending helper answer for #10 | libevent_malloc: new ptr-libevent@0x7f6c0c003000 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #10 | start processing: state #10 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 10 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #10: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2408971993 (0x8f95fed9) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xad035819 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI ad 03 58 19 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #10: IMPAIR: stripping key-length "aes128" #10: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 8d 5e f6 1f 0c 79 1c ce 33 b4 f6 ec 7d 10 b6 2d | Ni 84 aa 4b c0 07 33 eb 95 1c 95 68 79 e9 74 b1 77 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c0c002760: transferring ownership from helper KE to state #10 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value cb c1 60 fc 30 45 b1 3b 2f 3b 9b 48 a4 73 a5 2b | keyex value 19 27 55 db 62 e8 3a 66 bb 9f 33 d3 21 54 f6 ca | keyex value a6 07 57 77 e0 ed 57 20 1e 80 95 2c 5d e9 ea 09 | keyex value a3 00 7c 05 91 ed 31 c7 c8 24 58 62 8b 3f c7 61 | keyex value 01 fb da 07 c9 d8 75 72 8a a4 0a f8 6f 5f 7b 28 | keyex value 3a 97 88 c4 fd 39 2c fc 5b 10 07 65 98 f0 87 bd | keyex value af 06 6f 58 3d 0d aa 38 58 af 76 0e 20 5e ab 9e | keyex value e4 b3 0d 11 a2 69 80 98 85 34 c3 07 ef 03 04 43 | keyex value 9b 44 8e 7c 21 1b e2 03 28 6e 16 b5 d7 40 6c 3b | keyex value 76 16 f9 a7 ee b9 71 4f 6a a0 87 e7 77 50 78 c4 | keyex value 6d 82 3e 0e 0e 99 1b b5 94 a7 79 86 7e fd 03 ca | keyex value fd 24 2b 6f e4 6a 23 7e 34 eb af 4b 71 5d 20 8f | keyex value c9 96 e7 62 e1 c6 9c 94 65 d6 da 59 46 e9 b4 bf | keyex value 22 d3 78 a2 c4 68 b3 a6 c3 62 f8 d6 30 6e 56 cc | keyex value 23 13 ed 0d 61 55 7a e2 2f b1 3c 30 fe 51 0d 54 | keyex value c4 5a a9 32 c4 08 b1 5b 4a 1f 9a a7 8b 5b 81 58 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08002090 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | 8f 95 fe d9 | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 ad 03 58 19 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 00 04 00 00 24 8d 5e f6 1f | 0c 79 1c ce 33 b4 f6 ec 7d 10 b6 2d 84 aa 4b c0 | 07 33 eb 95 1c 95 68 79 e9 74 b1 77 05 00 01 04 | cb c1 60 fc 30 45 b1 3b 2f 3b 9b 48 a4 73 a5 2b | 19 27 55 db 62 e8 3a 66 bb 9f 33 d3 21 54 f6 ca | a6 07 57 77 e0 ed 57 20 1e 80 95 2c 5d e9 ea 09 | a3 00 7c 05 91 ed 31 c7 c8 24 58 62 8b 3f c7 61 | 01 fb da 07 c9 d8 75 72 8a a4 0a f8 6f 5f 7b 28 | 3a 97 88 c4 fd 39 2c fc 5b 10 07 65 98 f0 87 bd | af 06 6f 58 3d 0d aa 38 58 af 76 0e 20 5e ab 9e | e4 b3 0d 11 a2 69 80 98 85 34 c3 07 ef 03 04 43 | 9b 44 8e 7c 21 1b e2 03 28 6e 16 b5 d7 40 6c 3b | 76 16 f9 a7 ee b9 71 4f 6a a0 87 e7 77 50 78 c4 | 6d 82 3e 0e 0e 99 1b b5 94 a7 79 86 7e fd 03 ca | fd 24 2b 6f e4 6a 23 7e 34 eb af 4b 71 5d 20 8f | c9 96 e7 62 e1 c6 9c 94 65 d6 da 59 46 e9 b4 bf | 22 d3 78 a2 c4 68 b3 a6 c3 62 f8 d6 30 6e 56 cc | 23 13 ed 0d 61 55 7a e2 2f b1 3c 30 fe 51 0d 54 | c4 5a a9 32 c4 08 b1 5b 4a 1f 9a a7 8b 5b 81 58 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | d1 44 89 84 48 95 3f fc d5 6a 23 8c a7 a7 43 0f | c7 b8 d7 65 | outI1 HASH(1): | d1 44 89 84 48 95 3f fc d5 6a 23 8c a7 a7 43 0f | c7 b8 d7 65 | last Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | current Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | 8f 95 fe d9 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 0f 3b ab 87 f1 7e bb fc d7 6c 9e 68 71 d8 c7 73 | 0c cd 1d 84 | encrypting: 01 00 00 18 d1 44 89 84 48 95 3f fc d5 6a 23 8c | encrypting: a7 a7 43 0f c7 b8 d7 65 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 ad 03 58 19 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 00 | encrypting: 04 00 00 24 8d 5e f6 1f 0c 79 1c ce 33 b4 f6 ec | encrypting: 7d 10 b6 2d 84 aa 4b c0 07 33 eb 95 1c 95 68 79 | encrypting: e9 74 b1 77 05 00 01 04 cb c1 60 fc 30 45 b1 3b | encrypting: 2f 3b 9b 48 a4 73 a5 2b 19 27 55 db 62 e8 3a 66 | encrypting: bb 9f 33 d3 21 54 f6 ca a6 07 57 77 e0 ed 57 20 | encrypting: 1e 80 95 2c 5d e9 ea 09 a3 00 7c 05 91 ed 31 c7 | encrypting: c8 24 58 62 8b 3f c7 61 01 fb da 07 c9 d8 75 72 | encrypting: 8a a4 0a f8 6f 5f 7b 28 3a 97 88 c4 fd 39 2c fc | encrypting: 5b 10 07 65 98 f0 87 bd af 06 6f 58 3d 0d aa 38 | encrypting: 58 af 76 0e 20 5e ab 9e e4 b3 0d 11 a2 69 80 98 | encrypting: 85 34 c3 07 ef 03 04 43 9b 44 8e 7c 21 1b e2 03 | encrypting: 28 6e 16 b5 d7 40 6c 3b 76 16 f9 a7 ee b9 71 4f | encrypting: 6a a0 87 e7 77 50 78 c4 6d 82 3e 0e 0e 99 1b b5 | encrypting: 94 a7 79 86 7e fd 03 ca fd 24 2b 6f e4 6a 23 7e | encrypting: 34 eb af 4b 71 5d 20 8f c9 96 e7 62 e1 c6 9c 94 | encrypting: 65 d6 da 59 46 e9 b4 bf 22 d3 78 a2 c4 68 b3 a6 | encrypting: c3 62 f8 d6 30 6e 56 cc 23 13 ed 0d 61 55 7a e2 | encrypting: 2f b1 3c 30 fe 51 0d 54 c4 5a a9 32 c4 08 b1 5b | encrypting: 4a 1f 9a a7 8b 5b 81 58 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 0f 3b ab 87 f1 7e bb fc d7 6c 9e 68 71 d8 c7 73 | IV: 0c cd 1d 84 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ef 3c f4 b2 79 6f dc e8 06 0f 9f a3 5f 90 ca 93 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #10) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 08 10 20 01 8f 95 fe d9 00 00 01 bc bf 72 0b e2 | db 24 f8 1d 09 b3 68 a4 91 3c 45 ee 9c 10 3a a4 | 3d d9 8f 14 6e fd 7a 61 b2 94 65 a5 07 8f 6c 87 | fb 8b 09 e5 20 f4 58 ca 06 30 ed 81 c8 2b da ca | 98 d3 d5 3a 97 68 ac 0a 46 5b 69 e0 ed c7 8c e3 | 34 b9 5d 99 a6 43 f9 f5 43 b8 b5 94 23 fe 34 4e | d1 66 c6 26 73 41 c1 1c 07 c0 d7 af 78 d7 38 d7 | f7 c8 fd 98 12 11 a8 71 27 fd 1d dd 41 ce 6f 1b | 2d 36 3c 5d ba f5 3d 7f 07 0a 8c c5 dd 24 41 aa | e8 b3 96 be e6 9b cb 78 fa 1e 02 3e c0 03 f2 5a | 33 c8 0c 50 be 15 57 6a 3c c2 7e b6 86 17 ce 73 | 8f 77 12 af c8 db 50 03 e2 90 26 bd 2e 7d 9b 48 | 72 9c 83 a2 ff 92 a1 ed 20 e1 b5 5c c0 a9 3a f3 | ec e3 a1 05 86 08 83 bf de 39 34 1d ef 3f f1 f3 | 54 94 d7 b9 8c 6f dd 5e 54 de e5 6c 41 80 e4 b6 | 92 a8 f8 a0 8d df 88 aa 35 1c 6b 09 8d 74 ba 38 | 3b 7d 3d fa d0 d4 03 d7 e4 f8 83 77 bf 7b 1e 73 | 53 15 73 93 af ef ea 52 d2 a6 b1 7f 54 35 fa b8 | 39 48 23 8e 06 df dd 4b a3 9f e0 9c d5 63 c7 3b | 8f d0 7d f4 ac 2a bb d9 8a 04 59 8b a0 bc 4e 4f | 30 f3 cb 77 c3 4f f7 78 28 4d 5d 02 ed 6d 8c b5 | ef e3 c9 e6 a7 c8 ad ef 7d 04 f1 e3 2d f1 a1 8c | d1 90 7f 95 fe ef 73 c3 a3 dd 0e b4 ed ec 68 0a | 55 f4 21 6e 4c ec 5f d0 c6 53 21 e5 14 47 6b b8 | ad a2 12 2d 7a b3 22 0a 63 ca 65 d3 99 56 ab 22 | d5 4c 56 e0 41 01 ef 9e 0b 55 69 21 ef 3c f4 b2 | 79 6f dc e8 06 0f 9f a3 5f 90 ca 93 | state #10 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #10 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | #10 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48955.273751 | resume sending helper answer for #10 suppresed complete_v1_state_transition() | #10 spent 0.606 milliseconds in resume sending helper answer | stop processing: state #10 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c0c003000 | spent 0.00322 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 08 10 05 01 a2 eb ee bd 00 00 00 4c e8 10 ca 10 | b7 0a 03 25 65 5d eb c5 ca 85 6d f7 ed f4 18 2f | 8b cb f2 90 ab d1 7d 75 63 8c b7 37 b9 39 67 0f | e9 1f ba 29 6e 0d a9 20 64 54 11 80 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2733371069 (0xa2ebeebd) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #10; msgid=00000000 st_msgid=8f95fed9 st_msgid_phase15=00000000 | peer and cookies match on #9; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #9 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #9 in MAIN_I4 (find_v1_info_state) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | last Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | current Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54ee1c (length 4) | a2 eb ee bd | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | ef 3d 94 d7 26 27 81 2d de 72 86 72 b3 31 29 23 | 13 4c 2e 7e | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: ef 3d 94 d7 26 27 81 2d de 72 86 72 b3 31 29 23 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: b9 39 67 0f e9 1f ba 29 6e 0d a9 20 64 54 11 80 | decrypted payload (starts at offset -48): | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 08 10 05 01 a2 eb ee bd 00 00 00 4c 0b 00 00 18 | 4f 78 6b 5c 32 87 fc 70 f8 20 5e ea d2 ad 1e ea | 52 0e 62 69 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08002090 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | a2 eb ee bd | HASH(1) PRF sha update payload-bytes@0x556ef357b914 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | 4f 78 6b 5c 32 87 fc 70 f8 20 5e ea d2 ad 1e ea | 52 0e 62 69 | informational HASH(1): | 4f 78 6b 5c 32 87 fc 70 f8 20 5e ea d2 ad 1e ea | 52 0e 62 69 | received 'informational' message HASH(1) data ok "aes128" #9: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #9: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #9 spent 0.00855 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.274 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6bfc002b20 | handling event EVENT_RETRANSMIT for child state #10 | start processing: state #10 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #10 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #10 keying attempt 1 of 0; retransmit 1 "aes128" #10: IMPAIR: retransmit so deleting SA | [RE]START processing: state #10 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #10 ikev1.ipsec failed too-many-retransmits | pstats #10 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #10 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #10: deleting state (STATE_QUICK_I1) aged 0.502s and NOT sending notification | child state #10: QUICK_I1(established CHILD SA) => delete | child state #10: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #10 in CHILDSA_DEL | child state #10: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f6c0c002760: destroyed | stop processing: state #10 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | in statetime_stop() and could not find #10 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0479 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #9 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #9 ikev1.isakmp deleted completed | [RE]START processing: state #9 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #9: deleting state (STATE_MAIN_I4) aged 0.581s and sending notification | parent state #9: MAIN_I4(established IKE SA) => delete | #9 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3623218822 (0xd7f5ee86) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI ac 44 ea a6 dc ef c6 5c | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 63 97 1a 69 98 14 81 fa | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x556ef3623680 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | d7 f5 ee 86 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 ac 44 ea a6 | dc ef c6 5c 63 97 1a 69 98 14 81 fa | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | f7 d4 3f 72 5f 51 2f 43 52 1c cd a9 94 a1 c0 60 | ca 8e c0 f4 | send delete HASH(1): | f7 d4 3f 72 5f 51 2f 43 52 1c cd a9 94 a1 c0 60 | ca 8e c0 f4 | last Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | current Phase 1 IV: a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | a8 c7 22 d7 60 87 b1 f5 57 2c dc 48 45 87 d2 15 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | d7 f5 ee 86 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | ec 80 f9 1e 14 d4 fe fe bd 23 d4 91 50 c5 06 09 | 8e bd e4 c1 | encrypting: 0c 00 00 18 f7 d4 3f 72 5f 51 2f 43 52 1c cd a9 | encrypting: 94 a1 c0 60 ca 8e c0 f4 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 ac 44 ea a6 dc ef c6 5c 63 97 1a 69 | encrypting: 98 14 81 fa | IV: ec 80 f9 1e 14 d4 fe fe bd 23 d4 91 50 c5 06 09 | IV: 8e bd e4 c1 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: bf 0d b7 9a c4 a0 8a 1b a5 42 f2 7d 32 d5 0a d9 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 08 10 05 01 d7 f5 ee 86 00 00 00 5c eb 5b 79 30 | 78 13 63 60 0f 64 fc c8 82 a9 fa ac 03 64 32 51 | 71 c7 0b 92 fc 9f fa 46 91 14 03 a9 63 a9 b4 23 | d4 7b 35 c2 f2 66 99 23 08 09 4f 3b bf 0d b7 9a | c4 a0 8a 1b a5 42 f2 7d 32 d5 0a d9 | state #9 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c08003a00 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #9 in MAIN_I4 | parent state #9: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c100010c0: destroyed | stop processing: state #9 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef360e180 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef35e95c0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.522 milliseconds in whack | spent 0.00265 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | ac 44 ea a6 dc ef c6 5c 63 97 1a 69 98 14 81 fa | 08 10 05 01 36 9b c0 e4 00 00 00 5c 1a 54 2c 21 | 11 e4 18 b1 6d ac ec 3c bc 1c 5a 2b 39 69 d7 88 | df 01 94 45 e7 12 c2 f1 01 d1 6d 8d 1d a2 9e 48 | ef 18 df 56 57 77 1b bd 83 f7 19 b7 c9 22 7d fc | 01 ae a2 2b 71 3b 27 9c 5a 68 e4 22 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | ac 44 ea a6 dc ef c6 5c | responder cookie: | 63 97 1a 69 98 14 81 fa | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 916177124 (0x369bc0e4) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x369bc0e4 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | ac 44 ea a6 dc ef c6 5c | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 63 97 1a 69 98 14 81 fa | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0724 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0594 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0497 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0529 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef3625c20 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.139 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #11 at 0x556ef3625160 | State DB: adding IKEv1 state #11 in UNDEFINED | pstats #11 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #11: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #11 "aes128" "aes128" #11: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef361ed10 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #11: IMPAIR: stripping key-length "aes128" #11: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | dd 49 0b 8f 1b 56 8a 7b 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | #11 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48956.366364 | #11 spent 0.461 milliseconds in main_outI1() | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.529 milliseconds in whack | spent 0.00242 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #11 in MAIN_I1 (find_state_ikev1_init) | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #11 is idle | #11 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 11 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #11 and saving MD | #11 is busy; has a suspended MD | #11 spent 0.161 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.305 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 11 for state #11 | crypto helper 6 doing build KE and nonce (outI2 KE); request ID 11 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c000017d0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c000017d0 | NSS: Public DH wire value: | 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | Generated nonce: cc 6b e6 38 d4 3b 9b 62 2f 95 95 2c 71 41 d6 56 | Generated nonce: 04 fb a6 b3 e5 e0 bc eb f8 36 34 a8 1d 66 b5 cc | crypto helper 6 finished build KE and nonce (outI2 KE); request ID 11 time elapsed 0.001023 seconds | (#11) spent 0.981 milliseconds in crypto helper computing work-order 11: outI2 KE (pcr) | crypto helper 6 sending results from work-order 11 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f6c000069c0 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 11 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #11: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c000017d0: transferring ownership from helper KE to state #11 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | keyex value 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | keyex value b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | keyex value bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | keyex value 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | keyex value d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | keyex value 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | keyex value 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | keyex value 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | keyex value e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | keyex value 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | keyex value c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | keyex value 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | keyex value a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | keyex value 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | keyex value fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni cc 6b e6 38 d4 3b 9b 62 2f 95 95 2c 71 41 d6 56 | Ni 04 fb a6 b3 e5 e0 bc eb f8 36 34 a8 1d 66 b5 cc | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | dd 49 0b 8f 1b 56 8a 7b | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | b9 60 dc 45 e8 fe 63 75 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | 0b 60 4f 01 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= dd 49 0b 8f 1b 56 8a 7b | natd_hash: rcookie= b9 60 dc 45 e8 fe 63 75 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | natd_hash: hash= 0b 60 4f 01 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | NAT-D 0b 60 4f 01 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | dd 49 0b 8f 1b 56 8a 7b | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | b9 60 dc 45 e8 fe 63 75 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | 32 79 97 07 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= dd 49 0b 8f 1b 56 8a 7b | natd_hash: rcookie= b9 60 dc 45 e8 fe 63 75 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | natd_hash: hash= 32 79 97 07 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | NAT-D 32 79 97 07 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #11 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #11: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | 14 00 00 24 cc 6b e6 38 d4 3b 9b 62 2f 95 95 2c | 71 41 d6 56 04 fb a6 b3 e5 e0 bc eb f8 36 34 a8 | 1d 66 b5 cc 14 00 00 18 50 d1 6b 24 4c 60 8b e6 | 54 4b 80 ac f1 72 e4 2e 0b 60 4f 01 00 00 00 18 | d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | 32 79 97 07 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | #11 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48956.369564 "aes128" #11: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.35 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c000069c0 | spent 0.00254 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | 14 00 00 24 66 8b a4 5e ba 52 d8 4a ca 7c 7d b1 | 43 22 b0 a2 61 a0 7c d1 27 cc 79 de 49 6e 43 98 | 94 96 f4 6b 14 00 00 18 d3 58 04 c0 ac 59 6f e1 | f4 db 35 52 c9 33 b3 b6 32 79 97 07 00 00 00 18 | 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | 0b 60 4f 01 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I2 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #11 is idle | #11 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c000017d0: transferring ownership from state #11 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 12 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c000069c0 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #11 and saving MD | #11 is busy; has a suspended MD | #11 spent 0.0869 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.221 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 12 for state #11 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 | peer's g: 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | peer's g: b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | peer's g: 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | peer's g: 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | peer's g: 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | peer's g: a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | peer's g: de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | peer's g: 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | peer's g: eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | peer's g: b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | peer's g: 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | peer's g: ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | peer's g: 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | peer's g: 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | peer's g: db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | peer's g: 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c000017d0: computed shared DH secret key@0x556ef36037c0 | dh-shared : g^ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: psk-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: psk-key@0x556ef360fae0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3601f40 | SKEYID psk prf: created sha context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk prf: begin sha with context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk: release clone-key@0x556ef360fae0 | SKEYID psk PRF sha crypt-prf@0x7f6c04000d60 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | cc 6b e6 38 d4 3b 9b 62 2f 95 95 2c 71 41 d6 56 | 04 fb a6 b3 e5 e0 bc eb f8 36 34 a8 1d 66 b5 cc | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | 66 8b a4 5e ba 52 d8 4a ca 7c 7d b1 43 22 b0 a2 | 61 a0 7c d1 27 cc 79 de 49 6e 43 98 94 96 f4 6b | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID psk PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID psk: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06b8 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d: release clone-key@0x556ef3601f40 | SKEYID_d PRF sha crypt-prf@0x7f6c04001570 | SKEYID_d PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_d: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705664: fffffff0 6d 7d 37 6f 12 ffffffd8 ffffffe1 ffffffd5 7a 72 ffffffc2 fffffff0 67 0f ffffff9c fffffff2 27 49 ffffff90 14 ffffffee ffffff9d 09 ffffff94 19 4b 4b 0b 3b 22 ffffffe0 56 ffffffff fffffffa 41 7b 23 5e 3c fffffff7 ffffffab 2e ffffffed ffffff85 25 ffffff87 4a 49 25 4a ffffffaa 0e fffffff4 ffffffe4 16 1c 50 ffffffc1 73 ffffffd9 6b 3a ffffffc8 ffffff96 33 fffffffe 27 13 ffffff96 ffffffc7 ffffff94 6d ffffffbc 30 ffffff9d 0d ffffffc7 15 75 ffffff9e ffffffb8 1e ffffffe1 ffffffbb ffffff8e fffffff0 fffffffb ffffffa5 ffffffdf 21 ffffffaf 58 ffffff97 4a ffffffd1 2e fffffff0 ffffff88 6a ffffff9f 56 ffffffee 15 10 ffffff9f 3d 01 75 ffffffe2 fffffffa ffffffd4 5b 6b 4d 0c 24 fffffff1 fffffff7 13 3a ffffffee 38 07 65 ffffff87 11 52 ffffffd9 4a 3a 16 49 ffffff88 4a 10 ffffffbf ffffff82 ffffffd0 ffffffe2 ffffff90 ffffffc3 ffffff82 7b ffffffbf ffffffc5 63 5c ffffffeb fffffff1 68 fffffff5 1e ffffff89 ffffffe6 72 ffffffac 07 38 ffffff96 30 fffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c040045f0 | unwrapped: 78 3f a1 97 f2 d0 15 eb 08 a3 d7 45 98 73 3c 2d | unwrapped: 17 f6 2c 90 f1 c8 cb e9 4c a1 0a 0f 1c 4b de de | unwrapped: 43 14 c9 6f b6 4e 48 74 c6 52 20 5a c0 62 53 8c | unwrapped: 08 8a 85 c2 42 61 16 ce 99 ac f0 d2 f7 ce b2 64 | unwrapped: 14 41 8e 37 64 72 4f 63 1d 8c 69 9e 91 05 d0 65 | unwrapped: ba 89 a8 e6 3a fb 20 dc de 59 9f 77 a5 fc a5 ab | unwrapped: 6f 28 b6 95 66 cb 00 87 6c 2c fb 94 4c 40 03 d1 | unwrapped: 67 40 17 0f 8a 70 50 aa 4d ba 5f bb e0 28 d0 ea | unwrapped: 7d 30 7c 33 67 89 93 01 f0 e1 50 70 ec 04 50 bd | unwrapped: a7 e4 36 cc 27 1a 31 8d 3c da 0c fc 97 f2 8a 85 | unwrapped: d9 23 ba a8 b0 eb 7c 6e b9 bf 83 3c 38 49 dc e2 | unwrapped: 60 60 18 bc 75 7f 63 e6 33 35 c8 07 0f 6c b5 1a | unwrapped: 87 c0 91 8a 96 64 13 d3 a9 7a d9 3f e8 e1 f7 16 | unwrapped: 52 17 df a5 cb 9a bc 72 50 06 0e 2d 79 be 34 7b | unwrapped: 40 40 df 3e 4c bf f0 0e d3 1c 4b 6e 7d 29 1a 06 | unwrapped: 0e 12 4f 28 6c 19 98 f7 09 9e fd 01 e1 7f 7b 29 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | dd 49 0b 8f 1b 56 8a 7b | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | b9 60 dc 45 e8 fe 63 75 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID_d PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_d: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a: release clone-key@0x556ef3609090 | SKEYID_a PRF sha crypt-prf@0x7f6c040010c0 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3601f40 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705632: 42 ffffffdb 01 ffffffff 64 ffffffaf 20 ffffffcb ffffffab 12 13 61 ffffff9a ffffff8a 19 ffffffb9 51 3f 75 0f 02 61 7e 2c 22 66 1d 43 43 5c ffffff8c ffffffe9 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04004b70 | unwrapped: 24 a9 0e 2d 78 24 3c f1 32 86 98 56 79 54 1f 24 | unwrapped: 59 a5 77 68 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_a: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705632: fffffff0 6d 7d 37 6f 12 ffffffd8 ffffffe1 ffffffd5 7a 72 ffffffc2 fffffff0 67 0f ffffff9c fffffff2 27 49 ffffff90 14 ffffffee ffffff9d 09 ffffff94 19 4b 4b 0b 3b 22 ffffffe0 56 ffffffff fffffffa 41 7b 23 5e 3c fffffff7 ffffffab 2e ffffffed ffffff85 25 ffffff87 4a 49 25 4a ffffffaa 0e fffffff4 ffffffe4 16 1c 50 ffffffc1 73 ffffffd9 6b 3a ffffffc8 ffffff96 33 fffffffe 27 13 ffffff96 ffffffc7 ffffff94 6d ffffffbc 30 ffffff9d 0d ffffffc7 15 75 ffffff9e ffffffb8 1e ffffffe1 ffffffbb ffffff8e fffffff0 fffffffb ffffffa5 ffffffdf 21 ffffffaf 58 ffffff97 4a ffffffd1 2e fffffff0 ffffff88 6a ffffff9f 56 ffffffee 15 10 ffffff9f 3d 01 75 ffffffe2 fffffffa ffffffd4 5b 6b 4d 0c 24 fffffff1 fffffff7 13 3a ffffffee 38 07 65 ffffff87 11 52 ffffffd9 4a 3a 16 49 ffffff88 4a 10 ffffffbf ffffff82 ffffffd0 ffffffe2 ffffff90 ffffffc3 ffffff82 7b ffffffbf ffffffc5 63 5c ffffffeb fffffff1 68 fffffff5 1e ffffff89 ffffffe6 72 ffffffac 07 38 ffffff96 30 fffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04001890 | unwrapped: 78 3f a1 97 f2 d0 15 eb 08 a3 d7 45 98 73 3c 2d | unwrapped: 17 f6 2c 90 f1 c8 cb e9 4c a1 0a 0f 1c 4b de de | unwrapped: 43 14 c9 6f b6 4e 48 74 c6 52 20 5a c0 62 53 8c | unwrapped: 08 8a 85 c2 42 61 16 ce 99 ac f0 d2 f7 ce b2 64 | unwrapped: 14 41 8e 37 64 72 4f 63 1d 8c 69 9e 91 05 d0 65 | unwrapped: ba 89 a8 e6 3a fb 20 dc de 59 9f 77 a5 fc a5 ab | unwrapped: 6f 28 b6 95 66 cb 00 87 6c 2c fb 94 4c 40 03 d1 | unwrapped: 67 40 17 0f 8a 70 50 aa 4d ba 5f bb e0 28 d0 ea | unwrapped: 7d 30 7c 33 67 89 93 01 f0 e1 50 70 ec 04 50 bd | unwrapped: a7 e4 36 cc 27 1a 31 8d 3c da 0c fc 97 f2 8a 85 | unwrapped: d9 23 ba a8 b0 eb 7c 6e b9 bf 83 3c 38 49 dc e2 | unwrapped: 60 60 18 bc 75 7f 63 e6 33 35 c8 07 0f 6c b5 1a | unwrapped: 87 c0 91 8a 96 64 13 d3 a9 7a d9 3f e8 e1 f7 16 | unwrapped: 52 17 df a5 cb 9a bc 72 50 06 0e 2d 79 be 34 7b | unwrapped: 40 40 df 3e 4c bf f0 0e d3 1c 4b 6e 7d 29 1a 06 | unwrapped: 0e 12 4f 28 6c 19 98 f7 09 9e fd 01 e1 7f 7b 29 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | dd 49 0b 8f 1b 56 8a 7b | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | b9 60 dc 45 e8 fe 63 75 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: final-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360c4c0 | SKEYID_a PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_a: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: clone-key@0x556ef360c4c0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e: release clone-key@0x556ef360c4c0 | SKEYID_e PRF sha crypt-prf@0x7f6c040013a0 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3609090 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705648: 52 fffffff1 ffffffcc ffffff8a fffffff1 ffffffe6 60 1b ffffffd2 00 ffffffcd 6f ffffffea ffffffc1 1c ffffffd9 77 ffffff97 5f fffffffb 7d ffffffc2 69 ffffffaa ffffff8f ffffffcd 37 55 ffffffac ffffffa5 ffffffc8 ffffffb9 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04002100 | unwrapped: 0b 52 77 76 04 91 a1 67 dc f3 fb 31 7a 7b ee 9d | unwrapped: a6 05 b1 9a 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_e: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705648: fffffff0 6d 7d 37 6f 12 ffffffd8 ffffffe1 ffffffd5 7a 72 ffffffc2 fffffff0 67 0f ffffff9c fffffff2 27 49 ffffff90 14 ffffffee ffffff9d 09 ffffff94 19 4b 4b 0b 3b 22 ffffffe0 56 ffffffff fffffffa 41 7b 23 5e 3c fffffff7 ffffffab 2e ffffffed ffffff85 25 ffffff87 4a 49 25 4a ffffffaa 0e fffffff4 ffffffe4 16 1c 50 ffffffc1 73 ffffffd9 6b 3a ffffffc8 ffffff96 33 fffffffe 27 13 ffffff96 ffffffc7 ffffff94 6d ffffffbc 30 ffffff9d 0d ffffffc7 15 75 ffffff9e ffffffb8 1e ffffffe1 ffffffbb ffffff8e fffffff0 fffffffb ffffffa5 ffffffdf 21 ffffffaf 58 ffffff97 4a ffffffd1 2e fffffff0 ffffff88 6a ffffff9f 56 ffffffee 15 10 ffffff9f 3d 01 75 ffffffe2 fffffffa ffffffd4 5b 6b 4d 0c 24 fffffff1 fffffff7 13 3a ffffffee 38 07 65 ffffff87 11 52 ffffffd9 4a 3a 16 49 ffffff88 4a 10 ffffffbf ffffff82 ffffffd0 ffffffe2 ffffff90 ffffffc3 ffffff82 7b ffffffbf ffffffc5 63 5c ffffffeb fffffff1 68 fffffff5 1e ffffff89 ffffffe6 72 ffffffac 07 38 ffffff96 30 fffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04001780 | unwrapped: 78 3f a1 97 f2 d0 15 eb 08 a3 d7 45 98 73 3c 2d | unwrapped: 17 f6 2c 90 f1 c8 cb e9 4c a1 0a 0f 1c 4b de de | unwrapped: 43 14 c9 6f b6 4e 48 74 c6 52 20 5a c0 62 53 8c | unwrapped: 08 8a 85 c2 42 61 16 ce 99 ac f0 d2 f7 ce b2 64 | unwrapped: 14 41 8e 37 64 72 4f 63 1d 8c 69 9e 91 05 d0 65 | unwrapped: ba 89 a8 e6 3a fb 20 dc de 59 9f 77 a5 fc a5 ab | unwrapped: 6f 28 b6 95 66 cb 00 87 6c 2c fb 94 4c 40 03 d1 | unwrapped: 67 40 17 0f 8a 70 50 aa 4d ba 5f bb e0 28 d0 ea | unwrapped: 7d 30 7c 33 67 89 93 01 f0 e1 50 70 ec 04 50 bd | unwrapped: a7 e4 36 cc 27 1a 31 8d 3c da 0c fc 97 f2 8a 85 | unwrapped: d9 23 ba a8 b0 eb 7c 6e b9 bf 83 3c 38 49 dc e2 | unwrapped: 60 60 18 bc 75 7f 63 e6 33 35 c8 07 0f 6c b5 1a | unwrapped: 87 c0 91 8a 96 64 13 d3 a9 7a d9 3f e8 e1 f7 16 | unwrapped: 52 17 df a5 cb 9a bc 72 50 06 0e 2d 79 be 34 7b | unwrapped: 40 40 df 3e 4c bf f0 0e d3 1c 4b 6e 7d 29 1a 06 | unwrapped: 0e 12 4f 28 6c 19 98 f7 09 9e fd 01 e1 7f 7b 29 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | dd 49 0b 8f 1b 56 8a 7b | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | b9 60 dc 45 e8 fe 63 75 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06b0 | result: final-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360e180 | SKEYID_e PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID_e: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06f8 | result: keymat-key@0x556ef360e180 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3601f40, skeyid_a 0x556ef3609090, skeyid_e 0x556ef360c4c0, enc_key 0x556ef360e180 | DH_i: 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | DH_i: 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | DH_i: b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | DH_i: bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | DH_i: 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | DH_i: d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | DH_i: 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | DH_i: 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | DH_i: 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | DH_i: e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | DH_i: 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | DH_i: c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | DH_i: 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | DH_i: a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | DH_i: 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | DH_i: fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | DH_r: 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | DH_r: b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | DH_r: 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | DH_r: 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | DH_r: 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | DH_r: a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | DH_r: de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | DH_r: 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | DH_r: eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | DH_r: b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | DH_r: 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | DH_r: ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | DH_r: 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | DH_r: 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | DH_r: db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | DH_r: 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | new IV hash sha final chunk@0x7f6c04001640 (length 20) | 4d b9 71 50 6d 63 15 ba 5c 73 10 36 b1 39 93 52 | 2d 54 90 84 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 time elapsed 0.012926 seconds | (#11) spent 2.08 milliseconds in crypto helper computing work-order 12: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 12 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7f6c040013c0 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 12 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #11: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c000017d0: transferring ownership from helper IKEv1 DH+IV to state #11 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | dd 49 0b 8f 1b 56 8a 7b | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | b9 60 dc 45 e8 fe 63 75 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | 32 79 97 07 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= dd 49 0b 8f 1b 56 8a 7b | natd_hash: rcookie= b9 60 dc 45 e8 fe 63 75 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | natd_hash: hash= 32 79 97 07 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | dd 49 0b 8f 1b 56 8a 7b | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | b9 60 dc 45 e8 fe 63 75 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | 0b 60 4f 01 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= dd 49 0b 8f 1b 56 8a 7b | natd_hash: rcookie= b9 60 dc 45 e8 fe 63 75 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | natd_hash: hash= 0b 60 4f 01 | expected NAT-D(me): d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | expected NAT-D(me): 32 79 97 07 | expected NAT-D(him): | 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | 0b 60 4f 01 | received NAT-D: d3 58 04 c0 ac 59 6f e1 f4 db 35 52 c9 33 b3 b6 | received NAT-D: 32 79 97 07 | received NAT-D: 50 d1 6b 24 4c 60 8b e6 54 4b 80 ac f1 72 e4 2e | received NAT-D: 0b 60 4f 01 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef361ed50 | hmac PRF sha update data-bytes@0x7f6c00001de0 (length 256) | 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | hmac PRF sha update data-bytes@0x7f6c0c000b20 (length 256) | 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | dd 49 0b 8f 1b 56 8a 7b | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | b9 60 dc 45 e8 fe 63 75 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 25 fa 0a 4e ce 0d df 20 d9 05 a5 0e 1c d6 10 13 | 7b af 8b 17 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 25 fa 0a 4e ce 0d df 20 d9 05 a5 0e 1c d6 10 13 | HASH_I 7b af 8b 17 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 25 fa 0a 4e ce 0d df 20 d9 05 a5 0e 1c d6 10 13 | encrypting: 7b af 8b 17 | IV: 4d b9 71 50 6d 63 15 ba 5c 73 10 36 b1 39 93 52 | IV: 2d 54 90 84 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 57 f4 96 f8 07 d2 8d 1e c9 dc 14 d8 6c 11 4e 2c | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #11: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c000069c0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 05 10 02 01 00 00 00 00 00 00 00 4c 0a a3 42 2b | 4a 98 54 ff a0 6b ef 07 05 b2 50 8f 94 a6 ae a2 | e7 8b fa 72 f2 86 6b 1c 63 49 b5 6f 57 f4 96 f8 | 07 d2 8d 1e c9 dc 14 d8 6c 11 4e 2c | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c000069c0 size 128 | #11 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48956.394564 "aes128" #11: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.479 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c040013c0 | spent 0.00165 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 05 10 02 01 00 00 00 00 00 00 00 4c e0 12 89 f4 | 8e a6 31 75 4b fd 95 16 11 12 75 80 31 01 29 3c | fb c5 fc f4 04 07 bd 33 84 d0 49 9e 28 fc 73 02 | 12 52 28 37 77 5c 3e 86 67 15 d6 06 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I3 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #11 is idle | #11 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 57 f4 96 f8 07 d2 8d 1e c9 dc 14 d8 6c 11 4e 2c | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | decrypted payload (starts at offset -48): | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 63 89 95 c8 | 43 71 21 ed f7 b3 80 31 00 1d 8d 68 f1 54 66 4b | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #11: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef361ed30 | hmac PRF sha update data-bytes@0x7f6c0c000b20 (length 256) | 2a 7a 3a b5 05 cf 97 3f 53 b5 e0 60 cf 39 1e 6e | b4 8e c1 ba 27 ed ef b2 88 60 a8 25 d7 38 7a 40 | 2e 8a 7a 38 75 58 57 a8 ca a8 a0 51 14 7d e2 ed | 79 d6 48 56 d2 73 67 bb ac 32 3d 8c bd ce 86 c8 | 2a 8d b3 60 db 35 c0 b8 62 86 7a 25 f3 54 fb b1 | a1 ec 0d 14 e3 75 f1 30 e2 98 f0 73 f7 95 2b 2b | de 45 34 15 eb de 38 2a b6 c3 c3 8f c5 ca ba 2d | 16 ef 3d 8a d8 6e e0 63 02 ea bd 03 14 d4 7e a1 | eb 7f 27 82 19 75 9c 29 03 fc b3 59 6a c0 52 c2 | b7 a4 c4 80 ea 92 4e ee 9e f3 3b dc af f1 af 52 | 7c e0 fb b5 e6 9d 86 bd 29 52 0b ae 8e a3 69 e2 | ec a1 bd 73 a2 76 28 e3 84 dd 89 7f ea 86 a6 7f | 8a 50 2f 99 84 dd 5e 43 97 bf 99 84 17 1c 9b 5b | 91 23 6f 24 67 45 99 6d 1e b6 d6 84 9a 34 cf 78 | db 85 31 c9 97 43 89 85 ac cc 39 12 a0 24 ce e2 | 37 a9 24 7f 35 45 8d cd 04 d2 f6 16 e7 21 27 c1 | hmac PRF sha update data-bytes@0x7f6c00001de0 (length 256) | 6e 93 4b 3c b8 25 44 a7 99 1a 9e 7f 01 f9 dd de | 04 df ab 3a 6e 7c 78 fb 74 80 33 14 91 ef 35 82 | b8 58 44 23 1a e3 25 ab 25 8a 4a 2b a5 16 fd 7d | bd 42 dd e9 40 96 47 95 68 3f 83 b6 9d fd 2c ab | 96 28 4a 62 c5 79 d8 b6 b0 cd 3e c9 7f 2f 2c 02 | d3 69 6b 30 3b 23 58 5c ef 76 de 2c 32 3a 24 47 | 86 47 bd a4 ab 84 93 41 00 48 35 00 45 06 cb e9 | 3a 82 56 8d b3 ff cf 5b 3b e7 d6 c1 f0 e3 6d 9c | 47 a1 ba 54 26 42 79 36 b6 98 0d 5a 35 93 26 3b | e0 f8 36 46 2b 17 eb bf 12 64 8c a1 01 b0 01 f6 | 8c eb 60 22 85 9d b7 dd af ef 4d 4f be 95 62 c1 | c5 4d f1 e4 11 a2 a7 94 0d 1c cf ba c8 7c 90 11 | 92 a0 2c 4d eb d8 0c 02 7c ca 18 80 5b 70 49 2e | a0 4d a4 b9 22 0b 7e 50 f2 4d 2d e1 83 00 b7 71 | 87 40 39 a5 51 e1 5b 16 07 75 57 ec bc 5e a5 e2 | fb 07 2f 3b 48 8b fc c0 dc 3e e0 84 14 29 93 d7 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | b9 60 dc 45 e8 fe 63 75 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | dd 49 0b 8f 1b 56 8a 7b | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x556ef35808b0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 63 89 95 c8 43 71 21 ed f7 b3 80 31 00 1d 8d 68 | f1 54 66 4b | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #11: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c000069c0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2568 seconds for #11 | libevent_malloc: new ptr-libevent@0x7f6c040013c0 size 128 | pstats #11 ikev1.isakmp established "aes128" #11: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #11 | creating state object #12 at 0x556ef361d990 | State DB: adding IKEv1 state #12 in UNDEFINED | pstats #12 ikev1.ipsec started | duplicating state object #11 "aes128" as #12 for IPSEC SA | #12 setting local endpoint to 192.1.2.45:500 from #11.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef360e180 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #11 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #12 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #12: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #12: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#11 msgid:cc56df0f proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 13 for state #12 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f6c0c003000 size 128 | stop processing: state #12 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | crypto helper 4 resuming | crypto helper 4 starting work-order 13 for state #12 | crypto helper 4 doing build KE and nonce (quick_outI1 KE); request ID 13 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | resume processing: state #11 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x556ef357bdb0} | close_any(fd@24) (in release_whack() at state.c:654) | #11 spent 0.362 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #11 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.493 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7f6bf8001fc0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6bf8001fc0 | NSS: Public DH wire value: | 63 3a 10 2d f3 f8 83 80 d1 9d b4 0f a4 6e dd 12 | 7d 2f 55 f6 a8 5a c6 5e cb 9e 2f e5 93 92 6d 62 | 00 20 01 47 23 5a c0 0f 40 69 fe ec 9f 12 18 39 | 9b 3b de 5b 90 9e e6 5d e5 ac eb c4 b6 95 ae 2e | 9e 97 8a 84 03 32 6f 72 11 0b 1a cb c1 ec 19 b0 | 28 6d 0a 2c 70 63 13 f5 7b ac 0a 6b a2 aa 58 b2 | 5f 64 3f c0 76 88 1b a0 93 64 38 4e 2f 97 72 c5 | 06 bb 08 81 cf e4 a6 8f 2f 4f 89 9c 8b 5e 9c 12 | c0 8e f2 73 64 b8 60 b1 0d 44 4e 1c ff 69 e9 24 | 96 52 a5 f3 02 81 b6 4b dd c6 6f 20 f0 97 96 4d | a9 a4 25 80 eb 1a 2b 81 a1 71 9d cc a3 27 7c 61 | aa fb 44 a8 7a e7 e9 02 7c 3f 58 37 48 f0 31 8a | a7 40 d8 b5 18 fa 69 3e 9c 5c 50 22 99 cc c4 44 | 5c de ad 74 60 ef 10 db c8 2c 3d d6 74 d1 c0 ee | b1 48 f9 e9 c1 ae 6e 10 f0 34 8e be 4a 7c 21 bb | 27 43 4c 3f e2 a0 21 4d 06 9a 66 ba c8 74 33 99 | Generated nonce: fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | Generated nonce: a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | crypto helper 4 finished build KE and nonce (quick_outI1 KE); request ID 13 time elapsed 0.001044 seconds | (#12) spent 1.05 milliseconds in crypto helper computing work-order 13: quick_outI1 KE (pcr) | crypto helper 4 sending results from work-order 13 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 13 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #12: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3428245263 (0xcc56df0f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x1f45259a for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 1f 45 25 9a | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | Ni a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6bf8001fc0: transferring ownership from helper KE to state #12 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 63 3a 10 2d f3 f8 83 80 d1 9d b4 0f a4 6e dd 12 | keyex value 7d 2f 55 f6 a8 5a c6 5e cb 9e 2f e5 93 92 6d 62 | keyex value 00 20 01 47 23 5a c0 0f 40 69 fe ec 9f 12 18 39 | keyex value 9b 3b de 5b 90 9e e6 5d e5 ac eb c4 b6 95 ae 2e | keyex value 9e 97 8a 84 03 32 6f 72 11 0b 1a cb c1 ec 19 b0 | keyex value 28 6d 0a 2c 70 63 13 f5 7b ac 0a 6b a2 aa 58 b2 | keyex value 5f 64 3f c0 76 88 1b a0 93 64 38 4e 2f 97 72 c5 | keyex value 06 bb 08 81 cf e4 a6 8f 2f 4f 89 9c 8b 5e 9c 12 | keyex value c0 8e f2 73 64 b8 60 b1 0d 44 4e 1c ff 69 e9 24 | keyex value 96 52 a5 f3 02 81 b6 4b dd c6 6f 20 f0 97 96 4d | keyex value a9 a4 25 80 eb 1a 2b 81 a1 71 9d cc a3 27 7c 61 | keyex value aa fb 44 a8 7a e7 e9 02 7c 3f 58 37 48 f0 31 8a | keyex value a7 40 d8 b5 18 fa 69 3e 9c 5c 50 22 99 cc c4 44 | keyex value 5c de ad 74 60 ef 10 db c8 2c 3d d6 74 d1 c0 ee | keyex value b1 48 f9 e9 c1 ae 6e 10 f0 34 8e be 4a 7c 21 bb | keyex value 27 43 4c 3f e2 a0 21 4d 06 9a 66 ba c8 74 33 99 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04001640 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | cc 56 df 0f | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 1f 45 25 9a 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 fe 63 99 eb | 99 d5 eb 01 af bb ea 5f 93 10 52 82 a5 3c b1 1b | a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac 05 00 01 04 | 63 3a 10 2d f3 f8 83 80 d1 9d b4 0f a4 6e dd 12 | 7d 2f 55 f6 a8 5a c6 5e cb 9e 2f e5 93 92 6d 62 | 00 20 01 47 23 5a c0 0f 40 69 fe ec 9f 12 18 39 | 9b 3b de 5b 90 9e e6 5d e5 ac eb c4 b6 95 ae 2e | 9e 97 8a 84 03 32 6f 72 11 0b 1a cb c1 ec 19 b0 | 28 6d 0a 2c 70 63 13 f5 7b ac 0a 6b a2 aa 58 b2 | 5f 64 3f c0 76 88 1b a0 93 64 38 4e 2f 97 72 c5 | 06 bb 08 81 cf e4 a6 8f 2f 4f 89 9c 8b 5e 9c 12 | c0 8e f2 73 64 b8 60 b1 0d 44 4e 1c ff 69 e9 24 | 96 52 a5 f3 02 81 b6 4b dd c6 6f 20 f0 97 96 4d | a9 a4 25 80 eb 1a 2b 81 a1 71 9d cc a3 27 7c 61 | aa fb 44 a8 7a e7 e9 02 7c 3f 58 37 48 f0 31 8a | a7 40 d8 b5 18 fa 69 3e 9c 5c 50 22 99 cc c4 44 | 5c de ad 74 60 ef 10 db c8 2c 3d d6 74 d1 c0 ee | b1 48 f9 e9 c1 ae 6e 10 f0 34 8e be 4a 7c 21 bb | 27 43 4c 3f e2 a0 21 4d 06 9a 66 ba c8 74 33 99 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 31 75 72 68 59 a1 3c a9 7d 58 bb e0 72 2e ac 18 | d3 ea 59 f0 | outI1 HASH(1): | 31 75 72 68 59 a1 3c a9 7d 58 bb e0 72 2e ac 18 | d3 ea 59 f0 | last Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | current Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | cc 56 df 0f | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 47 ff 14 4a 7e c3 e1 8e fd cf 01 61 c0 44 7c 68 | c3 b4 fd 42 | encrypting: 01 00 00 18 31 75 72 68 59 a1 3c a9 7d 58 bb e0 | encrypting: 72 2e ac 18 d3 ea 59 f0 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 1f 45 25 9a | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 fe 63 99 eb 99 d5 eb 01 af bb ea 5f | encrypting: 93 10 52 82 a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d | encrypting: bc 45 2c ac 05 00 01 04 63 3a 10 2d f3 f8 83 80 | encrypting: d1 9d b4 0f a4 6e dd 12 7d 2f 55 f6 a8 5a c6 5e | encrypting: cb 9e 2f e5 93 92 6d 62 00 20 01 47 23 5a c0 0f | encrypting: 40 69 fe ec 9f 12 18 39 9b 3b de 5b 90 9e e6 5d | encrypting: e5 ac eb c4 b6 95 ae 2e 9e 97 8a 84 03 32 6f 72 | encrypting: 11 0b 1a cb c1 ec 19 b0 28 6d 0a 2c 70 63 13 f5 | encrypting: 7b ac 0a 6b a2 aa 58 b2 5f 64 3f c0 76 88 1b a0 | encrypting: 93 64 38 4e 2f 97 72 c5 06 bb 08 81 cf e4 a6 8f | encrypting: 2f 4f 89 9c 8b 5e 9c 12 c0 8e f2 73 64 b8 60 b1 | encrypting: 0d 44 4e 1c ff 69 e9 24 96 52 a5 f3 02 81 b6 4b | encrypting: dd c6 6f 20 f0 97 96 4d a9 a4 25 80 eb 1a 2b 81 | encrypting: a1 71 9d cc a3 27 7c 61 aa fb 44 a8 7a e7 e9 02 | encrypting: 7c 3f 58 37 48 f0 31 8a a7 40 d8 b5 18 fa 69 3e | encrypting: 9c 5c 50 22 99 cc c4 44 5c de ad 74 60 ef 10 db | encrypting: c8 2c 3d d6 74 d1 c0 ee b1 48 f9 e9 c1 ae 6e 10 | encrypting: f0 34 8e be 4a 7c 21 bb 27 43 4c 3f e2 a0 21 4d | encrypting: 06 9a 66 ba c8 74 33 99 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 47 ff 14 4a 7e c3 e1 8e fd cf 01 61 c0 44 7c 68 | IV: c3 b4 fd 42 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 5e 6f dc 87 ce 1a 1c 63 40 f1 7e 9d 5f af c8 4b | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 20 01 cc 56 df 0f 00 00 01 bc 37 3c b2 1d | f8 e2 a2 81 c3 8c 44 f3 bf 59 22 91 30 d9 2f 39 | 92 35 09 12 07 f3 f0 f0 ab 07 ca 3e 3e 2d 3d 6e | 07 6b 5d b0 a7 63 d7 e0 93 5a 2c 66 e0 b9 5d 76 | 80 d0 f2 70 29 e5 fa 85 c9 2a cd 98 f9 2f bb 51 | f1 77 25 e7 d4 7a 57 eb 4d 97 3e b8 9b 1c 19 07 | 40 53 df d5 41 ad d7 cc f9 80 32 85 45 74 36 47 | 7e 60 a1 2d 76 0a 90 7b 0b 82 2d d8 bc 96 8c 40 | 78 1e c6 8f 2e db 2c 0a 5e 82 d9 a6 58 c5 66 28 | a6 20 73 42 f1 5d 91 b5 2b f8 d1 d1 cc 0c 13 c8 | f4 6c 59 63 9d 80 5c d2 87 c2 7f 23 ee b9 1c 38 | 02 18 19 66 f9 0b 44 39 33 e7 da d5 75 3c 49 41 | 70 53 81 12 f5 d0 29 cb aa ea 0e d6 53 ee 5d 15 | ce dc f9 1d e2 57 d7 f3 56 d0 bb fe b3 6c b9 01 | 56 e6 19 32 3b 99 10 14 1b 7e 75 83 a0 a1 c4 1c | 23 72 5e d9 8e 9b 53 c1 2f c7 ab 88 35 da c5 1f | 1b 2e 0a 06 97 c1 6e ce 71 62 e7 52 ed f2 c2 96 | 46 ce e1 5d 04 ed 7e 44 0f 04 c7 5a 5c 3c 5a e7 | df 71 a7 40 16 6c aa c9 18 73 0e aa 3f 43 ed ab | 21 c8 bf e9 a3 86 2d 0a c2 42 26 79 da 71 39 21 | ea 88 93 72 74 f4 c0 74 57 05 9d 91 8f 3e f2 35 | 05 7d 6d 71 08 c9 21 7c 8d 08 62 20 52 66 10 4c | 13 94 32 31 3e 73 13 59 ca c5 db 20 74 8f 9a 52 | cf 62 fa 20 e7 ec e1 99 86 a1 27 94 8b 9d 16 bf | e3 ac 9d bb 86 9b 1e 97 3c 6c cf 19 4a 8f 39 40 | 2b 18 9d 0b 80 53 9d 2c 0b e2 7b 0e 5e 6f dc 87 | ce 1a 1c 63 40 f1 7e 9d 5f af c8 4b | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c003000 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f6c0c003000 size 128 | #12 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48956.398777 | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 0.978 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bf8007f00 | spent 0.00284 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 20 01 cc 56 df 0f 00 00 01 bc 57 f5 df dd | f8 d5 bc 5b 74 d7 bb c1 a5 06 81 5d 67 0e 5b 2f | 48 90 7c 65 a1 e6 0a 06 54 65 dc 27 bf 55 74 ef | 9b bd ea c9 0b 3b e5 14 88 b6 e2 ce 52 a1 c9 e0 | c3 44 ce 30 dc e5 29 a2 b2 57 66 b6 5b 27 01 48 | f0 a0 04 53 d5 b4 e3 0d 6f ef ab 90 36 b3 60 12 | 79 a8 cd 56 70 32 96 48 b1 6b ee 35 48 21 3c 8c | 07 a6 ea c0 d9 d1 0a 7a 44 1a e5 0c c4 0a e0 a9 | 36 c7 96 c6 a5 3b a5 c2 fa 28 ef df 1d 58 98 3a | 6b 6f 23 98 ac 24 f3 10 21 db 2e c4 3e 8e af 35 | 29 09 34 7f 29 40 d8 07 e7 a5 0c 35 64 2b e9 ac | a9 4d cf 72 41 cc 58 d6 7f 46 55 ea 46 4f cd 6e | b8 46 f3 30 2e 83 53 6f 0a 60 23 10 6b 69 30 83 | bc f3 88 2d aa a2 e2 2d d8 8b 3d af cf 59 6d 9d | d7 c8 e1 fc c3 0f cb 4e 58 6e b1 e2 8b 6e d2 1d | 78 65 bb c2 c0 3e 4d 2e be ea 27 2e 4c 76 e6 0b | 69 e6 0c 7c 0b 9a 29 21 0a d8 57 93 a0 54 2a 79 | aa 70 00 04 91 87 65 4d 6c d0 c2 fd e6 a1 a3 74 | 1f 63 d4 9a 61 92 16 cd 1d d4 c7 f9 62 00 1c ca | 13 ef 3c 54 8e 9d 77 19 f8 50 7f 9c 6d 83 94 5a | df 96 62 19 a8 6e 35 95 a4 b0 b3 c7 1b c6 f5 23 | c6 81 66 74 a2 bc 93 85 8d ed ce b0 2e 52 86 f7 | 7e 9b 34 7d 43 aa b6 5f 1e df 5f a2 df 74 a9 94 | 20 bb db d9 6a 97 e7 fe 10 a6 a6 e7 07 fa 71 74 | a0 26 21 cf 1f 91 fe 94 f3 57 fb 2f 8a 82 a1 3d | 90 d5 4a ec f8 b0 99 fb 7a 60 2f 1b 77 4b 0e 48 | bf 3a 99 18 aa 11 3d 67 5a ca ec 69 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3428245263 (0xcc56df0f) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #12 in QUICK_I1 (find_state_ikev1) | start processing: state #12 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1609) | #12 is idle | #12 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 5e 6f dc 87 ce 1a 1c 63 40 f1 7e 9d 5f af c8 4b | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 77 4b 0e 48 bf 3a 99 18 aa 11 3d 67 5a ca ec 69 | decrypted payload (starts at offset -416): | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 20 01 cc 56 df 0f 00 00 01 bc 01 00 00 18 | dc 7c 35 92 df 03 07 78 3b b4 b4 f9 e9 85 2c f4 | 1f 06 cf 79 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 2f bd d1 31 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | 05 00 01 04 f7 c1 cc 78 37 45 f3 82 89 d1 63 61 | e8 48 55 b9 15 20 ad 17 d2 9a a7 6f a0 8b 8b a5 | bc 51 bd 21 91 4f ae 8d 80 75 26 0f 70 ef 70 52 | ba 28 d4 fe 6f a4 67 e2 55 50 5e 74 5b b4 ac ee | 7a fd 34 a5 b2 14 bc 20 95 48 b8 62 d9 66 f4 e9 | 09 2a cd d2 58 56 56 c1 38 1c 6e b3 6b 16 d4 01 | 16 17 27 2b 31 f2 71 6b d2 3f 19 8d 0f ae 46 3e | 5a ce 15 45 b9 10 71 b1 bb 16 47 3b fe 74 bb c2 | 4a 43 dc 8f 60 80 c9 de 6f ab e5 60 b3 83 75 ca | 85 93 c1 88 75 59 06 36 52 c1 b3 be 8c f1 9c cf | a7 70 4a f9 51 f1 f5 75 4a 23 76 23 e2 b2 6d f0 | 06 75 96 71 75 50 b9 02 ca 18 ad 2a cb 41 74 4b | 49 d9 c9 fd cb 67 28 b7 0c 20 db 98 35 32 f2 50 | b9 24 56 c4 93 03 89 e9 97 32 85 ba a8 2a c4 b4 | 4c 0d d7 01 23 6d fe 68 65 11 ee 97 b0 d1 70 d2 | 69 40 50 66 5a 22 a5 dc a1 55 da 51 8a 37 c2 8d | 12 de ad f8 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04001640 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | cc 56 df 0f | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | HASH(1) PRF sha update payload-bytes@0x556ef3622b94 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 2f bd d1 31 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 68 c0 9f 81 | 40 fb 04 74 78 ad 98 15 2a c0 32 b9 38 74 9a b4 | 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 05 00 01 04 | f7 c1 cc 78 37 45 f3 82 89 d1 63 61 e8 48 55 b9 | 15 20 ad 17 d2 9a a7 6f a0 8b 8b a5 bc 51 bd 21 | 91 4f ae 8d 80 75 26 0f 70 ef 70 52 ba 28 d4 fe | 6f a4 67 e2 55 50 5e 74 5b b4 ac ee 7a fd 34 a5 | b2 14 bc 20 95 48 b8 62 d9 66 f4 e9 09 2a cd d2 | 58 56 56 c1 38 1c 6e b3 6b 16 d4 01 16 17 27 2b | 31 f2 71 6b d2 3f 19 8d 0f ae 46 3e 5a ce 15 45 | b9 10 71 b1 bb 16 47 3b fe 74 bb c2 4a 43 dc 8f | 60 80 c9 de 6f ab e5 60 b3 83 75 ca 85 93 c1 88 | 75 59 06 36 52 c1 b3 be 8c f1 9c cf a7 70 4a f9 | 51 f1 f5 75 4a 23 76 23 e2 b2 6d f0 06 75 96 71 | 75 50 b9 02 ca 18 ad 2a cb 41 74 4b 49 d9 c9 fd | cb 67 28 b7 0c 20 db 98 35 32 f2 50 b9 24 56 c4 | 93 03 89 e9 97 32 85 ba a8 2a c4 b4 4c 0d d7 01 | 23 6d fe 68 65 11 ee 97 b0 d1 70 d2 69 40 50 66 | 5a 22 a5 dc a1 55 da 51 8a 37 c2 8d 12 de ad f8 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | dc 7c 35 92 df 03 07 78 3b b4 b4 f9 e9 85 2c f4 | 1f 06 cf 79 | quick_inR1_outI2 HASH(2): | dc 7c 35 92 df 03 07 78 3b b4 b4 f9 e9 85 2c f4 | 1f 06 cf 79 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 2f bd d1 31 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | f7 c1 cc 78 37 45 f3 82 89 d1 63 61 e8 48 55 b9 | 15 20 ad 17 d2 9a a7 6f a0 8b 8b a5 bc 51 bd 21 | 91 4f ae 8d 80 75 26 0f 70 ef 70 52 ba 28 d4 fe | 6f a4 67 e2 55 50 5e 74 5b b4 ac ee 7a fd 34 a5 | b2 14 bc 20 95 48 b8 62 d9 66 f4 e9 09 2a cd d2 | 58 56 56 c1 38 1c 6e b3 6b 16 d4 01 16 17 27 2b | 31 f2 71 6b d2 3f 19 8d 0f ae 46 3e 5a ce 15 45 | b9 10 71 b1 bb 16 47 3b fe 74 bb c2 4a 43 dc 8f | 60 80 c9 de 6f ab e5 60 b3 83 75 ca 85 93 c1 88 | 75 59 06 36 52 c1 b3 be 8c f1 9c cf a7 70 4a f9 | 51 f1 f5 75 4a 23 76 23 e2 b2 6d f0 06 75 96 71 | 75 50 b9 02 ca 18 ad 2a cb 41 74 4b 49 d9 c9 fd | cb 67 28 b7 0c 20 db 98 35 32 f2 50 b9 24 56 c4 | 93 03 89 e9 97 32 85 ba a8 2a c4 b4 4c 0d d7 01 | 23 6d fe 68 65 11 ee 97 b0 d1 70 d2 69 40 50 66 | 5a 22 a5 dc a1 55 da 51 8a 37 c2 8d 12 de ad f8 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6bf8001fc0: transferring ownership from state #12 to helper IKEv1 DH | adding quick outI2 DH work-order 14 for state #12 | state #12 requesting EVENT_RETRANSMIT to be deleted | #12 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c0c003000 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f6c0c003000 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #12 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #12 and saving MD | #12 is busy; has a suspended MD | #12 spent 0.17 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #12 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.52 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 5 resuming | crypto helper 5 starting work-order 14 for state #12 | crypto helper 5 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 | peer's g: f7 c1 cc 78 37 45 f3 82 89 d1 63 61 e8 48 55 b9 | peer's g: 15 20 ad 17 d2 9a a7 6f a0 8b 8b a5 bc 51 bd 21 | peer's g: 91 4f ae 8d 80 75 26 0f 70 ef 70 52 ba 28 d4 fe | peer's g: 6f a4 67 e2 55 50 5e 74 5b b4 ac ee 7a fd 34 a5 | peer's g: b2 14 bc 20 95 48 b8 62 d9 66 f4 e9 09 2a cd d2 | peer's g: 58 56 56 c1 38 1c 6e b3 6b 16 d4 01 16 17 27 2b | peer's g: 31 f2 71 6b d2 3f 19 8d 0f ae 46 3e 5a ce 15 45 | peer's g: b9 10 71 b1 bb 16 47 3b fe 74 bb c2 4a 43 dc 8f | peer's g: 60 80 c9 de 6f ab e5 60 b3 83 75 ca 85 93 c1 88 | peer's g: 75 59 06 36 52 c1 b3 be 8c f1 9c cf a7 70 4a f9 | peer's g: 51 f1 f5 75 4a 23 76 23 e2 b2 6d f0 06 75 96 71 | peer's g: 75 50 b9 02 ca 18 ad 2a cb 41 74 4b 49 d9 c9 fd | peer's g: cb 67 28 b7 0c 20 db 98 35 32 f2 50 b9 24 56 c4 | peer's g: 93 03 89 e9 97 32 85 ba a8 2a c4 b4 4c 0d d7 01 | peer's g: 23 6d fe 68 65 11 ee 97 b0 d1 70 d2 69 40 50 66 | peer's g: 5a 22 a5 dc a1 55 da 51 8a 37 c2 8d 12 de ad f8 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6bf8001fc0: computed shared DH secret key@0x7f6c10006900 | dh-shared : g^ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 5 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 time elapsed 0.000955 seconds | (#12) spent 0.956 milliseconds in crypto helper computing work-order 14: quick outI2 DH (pcr) | crypto helper 5 sending results from work-order 14 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 14 | calling continuation function 0x556ef2b25630 | quick_inR1_outI2_continue for #12: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3428245263 (0xcc56df0f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f6bf8001fc0: transferring ownership from helper IKEv1 DH to state #12 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e658 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef361ed50 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e73c (length 4) | cc 56 df 0f | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | HASH(1) PRF sha update Nr_b-bytes@0x7f6c04002100 (length 32) | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 98 27 75 43 fe 91 ac 17 b1 35 4d b7 b4 b0 3c 48 | a7 bb 7a e6 | quick_inR1_outI2 HASH(3): | 98 27 75 43 fe 91 ac 17 b1 35 4d b7 b4 b0 3c 48 | a7 bb 7a e6 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361ed10 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef3628c50 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffd4 33 28 ffffffdb 1f 23 ffffffe3 39 ffffffc0 6d ffffffac 22 ffffffc4 ffffffb6 20 fffffffe 4b 0a 48 65 ffffffc1 12 ffffff98 68 ffffff95 44 42 5f 6f ffffff86 ffffffbf ffffff88 3b ffffffe6 ffffffb2 55 ffffff90 11 57 ffffff88 ffffffd8 ffffffb4 ffffff86 ffffffd6 4a ffffffd8 6f 28 54 3d 23 24 fffffff5 ffffff98 ffffffc2 59 36 4c ffffffb4 06 fffffff5 ffffffb1 ffffffb3 fffffff9 ffffff88 28 ffffffd8 ffffff9a ffffffc8 29 ffffff87 ffffffb6 ffffffee 43 ffffffe5 ffffffdd ffffffb6 7f ffffff9c 0b 57 ffffffcd 2e 49 0c ffffffa7 ffffff9d ffffffcd 78 ffffffa4 2c 42 5e 01 37 ffffff86 27 43 ffffffe4 6b 61 ffffffc8 ffffffe6 04 6a ffffffe8 52 70 76 ffffff96 ffffffe4 3a ffffff86 ffffffae 67 04 ffffffd6 72 4a ffffffbc ffffffda ffffffd7 7b 65 ffffffde ffffffb3 ffffffa9 ffffff9d fffffffc ffffff94 68 ffffffed 5c ffffffd4 ffffffd2 ffffffec ffffffc6 ffffffd4 3d 34 ffffffa1 ffffff80 ffffffc9 fffffff4 27 1c 15 ffffffff ffffff85 ffffffb0 17 ffffffd4 ffffff90 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 37 71 51 5e 84 0d 71 a9 74 06 62 0e 54 b0 30 22 | unwrapped: c2 5c db 37 b7 07 89 dc c3 10 cd 69 e7 92 17 9d | unwrapped: 82 92 d7 37 1f 2b d5 1e 2a e2 ef 76 49 85 57 51 | unwrapped: 90 f7 9f 90 43 4f 1f 95 3d d9 07 11 9a c9 af 37 | unwrapped: d5 0c 75 fa 5b 67 23 1c b0 c7 c1 61 9f 93 cf b1 | unwrapped: 7b b6 1f 44 c7 be bb ba 8b a4 5e 40 94 34 5b 2d | unwrapped: f0 b9 b7 19 50 48 ee 32 d9 e5 85 34 47 68 83 98 | unwrapped: 75 f2 c7 da f3 0c 52 30 fd 92 3f 08 26 b1 55 6b | unwrapped: 8e aa 5f ee fb b5 f9 a7 36 57 03 3c 3c b5 65 e9 | unwrapped: 95 e0 5c 02 7e 76 a9 91 af 32 c9 aa b8 3d 72 f7 | unwrapped: d0 6d 79 ca 2b 50 e2 91 6d 06 26 5d 25 80 70 84 | unwrapped: d4 3d f9 31 c8 30 5d d6 5d 6c c0 59 79 12 85 02 | unwrapped: 0a 79 81 8f 56 8c b8 6d 8c 9a 72 64 16 da 3a e1 | unwrapped: d7 57 c1 ef 26 7c 92 80 85 76 9b d7 0b ac 2c 41 | unwrapped: 03 e8 f2 3f e4 7f 5b 39 64 d3 95 35 bb 98 72 5c | unwrapped: 3f 91 50 d7 5c af 3c a5 6a 0e 79 d3 73 c3 d4 58 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffd4 33 28 ffffffdb 1f 23 ffffffe3 39 ffffffc0 6d ffffffac 22 ffffffc4 ffffffb6 20 fffffffe 4b 0a 48 65 ffffffc1 12 ffffff98 68 ffffff95 44 42 5f 6f ffffff86 ffffffbf ffffff88 3b ffffffe6 ffffffb2 55 ffffff90 11 57 ffffff88 ffffffd8 ffffffb4 ffffff86 ffffffd6 4a ffffffd8 6f 28 54 3d 23 24 fffffff5 ffffff98 ffffffc2 59 36 4c ffffffb4 06 fffffff5 ffffffb1 ffffffb3 fffffff9 ffffff88 28 ffffffd8 ffffff9a ffffffc8 29 ffffff87 ffffffb6 ffffffee 43 ffffffe5 ffffffdd ffffffb6 7f ffffff9c 0b 57 ffffffcd 2e 49 0c ffffffa7 ffffff9d ffffffcd 78 ffffffa4 2c 42 5e 01 37 ffffff86 27 43 ffffffe4 6b 61 ffffffc8 ffffffe6 04 6a ffffffe8 52 70 76 ffffff96 ffffffe4 3a ffffff86 ffffffae 67 04 ffffffd6 72 4a ffffffbc ffffffda ffffffd7 7b 65 ffffffde ffffffb3 ffffffa9 ffffff9d fffffffc ffffff94 68 ffffffed 5c ffffffd4 ffffffd2 ffffffec ffffffc6 ffffffd4 3d 34 ffffffa1 ffffff80 ffffffc9 fffffff4 27 1c 15 ffffffff ffffff85 ffffffb0 17 ffffffd4 ffffff90 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 37 71 51 5e 84 0d 71 a9 74 06 62 0e 54 b0 30 22 | unwrapped: c2 5c db 37 b7 07 89 dc c3 10 cd 69 e7 92 17 9d | unwrapped: 82 92 d7 37 1f 2b d5 1e 2a e2 ef 76 49 85 57 51 | unwrapped: 90 f7 9f 90 43 4f 1f 95 3d d9 07 11 9a c9 af 37 | unwrapped: d5 0c 75 fa 5b 67 23 1c b0 c7 c1 61 9f 93 cf b1 | unwrapped: 7b b6 1f 44 c7 be bb ba 8b a4 5e 40 94 34 5b 2d | unwrapped: f0 b9 b7 19 50 48 ee 32 d9 e5 85 34 47 68 83 98 | unwrapped: 75 f2 c7 da f3 0c 52 30 fd 92 3f 08 26 b1 55 6b | unwrapped: 8e aa 5f ee fb b5 f9 a7 36 57 03 3c 3c b5 65 e9 | unwrapped: 95 e0 5c 02 7e 76 a9 91 af 32 c9 aa b8 3d 72 f7 | unwrapped: d0 6d 79 ca 2b 50 e2 91 6d 06 26 5d 25 80 70 84 | unwrapped: d4 3d f9 31 c8 30 5d d6 5d 6c c0 59 79 12 85 02 | unwrapped: 0a 79 81 8f 56 8c b8 6d 8c 9a 72 64 16 da 3a e1 | unwrapped: d7 57 c1 ef 26 7c 92 80 85 76 9b d7 0b ac 2c 41 | unwrapped: 03 e8 f2 3f e4 7f 5b 39 64 d3 95 35 bb 98 72 5c | unwrapped: 3f 91 50 d7 5c af 3c a5 6a 0e 79 d3 73 c3 d4 58 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 1f 45 25 9a | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | 2f bd d1 31 | hmac PRF sha update data-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | hmac PRF sha update data-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | hmac PRF sha update data-bytes@0x7f6c04002100 (length 32) | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | hmac PRF sha update data-bytes@0x7f6c04002100 (length 32) | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | hmac PRF sha final-bytes@0x556ef361ed70 (length 20) | ed d4 13 e6 b6 06 64 35 85 24 a8 1a 3f 36 86 cd | b7 c3 7d aa | hmac PRF sha final-bytes@0x7f6c080030a0 (length 20) | 6d 37 1f dc 33 f1 90 0c 2a 75 14 91 2a a7 6a a7 | 61 04 c3 c5 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef361d330 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361ed50 | hmac PRF sha update data-bytes@0x556ef361ed70 (length 20) | ed d4 13 e6 b6 06 64 35 85 24 a8 1a 3f 36 86 cd | b7 c3 7d aa | hmac PRF sha update data-bytes@0x7f6c080030a0 (length 20) | 6d 37 1f dc 33 f1 90 0c 2a 75 14 91 2a a7 6a a7 | 61 04 c3 c5 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffd4 33 28 ffffffdb 1f 23 ffffffe3 39 ffffffc0 6d ffffffac 22 ffffffc4 ffffffb6 20 fffffffe 4b 0a 48 65 ffffffc1 12 ffffff98 68 ffffff95 44 42 5f 6f ffffff86 ffffffbf ffffff88 3b ffffffe6 ffffffb2 55 ffffff90 11 57 ffffff88 ffffffd8 ffffffb4 ffffff86 ffffffd6 4a ffffffd8 6f 28 54 3d 23 24 fffffff5 ffffff98 ffffffc2 59 36 4c ffffffb4 06 fffffff5 ffffffb1 ffffffb3 fffffff9 ffffff88 28 ffffffd8 ffffff9a ffffffc8 29 ffffff87 ffffffb6 ffffffee 43 ffffffe5 ffffffdd ffffffb6 7f ffffff9c 0b 57 ffffffcd 2e 49 0c ffffffa7 ffffff9d ffffffcd 78 ffffffa4 2c 42 5e 01 37 ffffff86 27 43 ffffffe4 6b 61 ffffffc8 ffffffe6 04 6a ffffffe8 52 70 76 ffffff96 ffffffe4 3a ffffff86 ffffffae 67 04 ffffffd6 72 4a ffffffbc ffffffda ffffffd7 7b 65 ffffffde ffffffb3 ffffffa9 ffffff9d fffffffc ffffff94 68 ffffffed 5c ffffffd4 ffffffd2 ffffffec ffffffc6 ffffffd4 3d 34 ffffffa1 ffffff80 ffffffc9 fffffff4 27 1c 15 ffffffff ffffff85 ffffffb0 17 ffffffd4 ffffff90 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 37 71 51 5e 84 0d 71 a9 74 06 62 0e 54 b0 30 22 | unwrapped: c2 5c db 37 b7 07 89 dc c3 10 cd 69 e7 92 17 9d | unwrapped: 82 92 d7 37 1f 2b d5 1e 2a e2 ef 76 49 85 57 51 | unwrapped: 90 f7 9f 90 43 4f 1f 95 3d d9 07 11 9a c9 af 37 | unwrapped: d5 0c 75 fa 5b 67 23 1c b0 c7 c1 61 9f 93 cf b1 | unwrapped: 7b b6 1f 44 c7 be bb ba 8b a4 5e 40 94 34 5b 2d | unwrapped: f0 b9 b7 19 50 48 ee 32 d9 e5 85 34 47 68 83 98 | unwrapped: 75 f2 c7 da f3 0c 52 30 fd 92 3f 08 26 b1 55 6b | unwrapped: 8e aa 5f ee fb b5 f9 a7 36 57 03 3c 3c b5 65 e9 | unwrapped: 95 e0 5c 02 7e 76 a9 91 af 32 c9 aa b8 3d 72 f7 | unwrapped: d0 6d 79 ca 2b 50 e2 91 6d 06 26 5d 25 80 70 84 | unwrapped: d4 3d f9 31 c8 30 5d d6 5d 6c c0 59 79 12 85 02 | unwrapped: 0a 79 81 8f 56 8c b8 6d 8c 9a 72 64 16 da 3a e1 | unwrapped: d7 57 c1 ef 26 7c 92 80 85 76 9b d7 0b ac 2c 41 | unwrapped: 03 e8 f2 3f e4 7f 5b 39 64 d3 95 35 bb 98 72 5c | unwrapped: 3f 91 50 d7 5c af 3c a5 6a 0e 79 d3 73 c3 d4 58 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffd4 33 28 ffffffdb 1f 23 ffffffe3 39 ffffffc0 6d ffffffac 22 ffffffc4 ffffffb6 20 fffffffe 4b 0a 48 65 ffffffc1 12 ffffff98 68 ffffff95 44 42 5f 6f ffffff86 ffffffbf ffffff88 3b ffffffe6 ffffffb2 55 ffffff90 11 57 ffffff88 ffffffd8 ffffffb4 ffffff86 ffffffd6 4a ffffffd8 6f 28 54 3d 23 24 fffffff5 ffffff98 ffffffc2 59 36 4c ffffffb4 06 fffffff5 ffffffb1 ffffffb3 fffffff9 ffffff88 28 ffffffd8 ffffff9a ffffffc8 29 ffffff87 ffffffb6 ffffffee 43 ffffffe5 ffffffdd ffffffb6 7f ffffff9c 0b 57 ffffffcd 2e 49 0c ffffffa7 ffffff9d ffffffcd 78 ffffffa4 2c 42 5e 01 37 ffffff86 27 43 ffffffe4 6b 61 ffffffc8 ffffffe6 04 6a ffffffe8 52 70 76 ffffff96 ffffffe4 3a ffffff86 ffffffae 67 04 ffffffd6 72 4a ffffffbc ffffffda ffffffd7 7b 65 ffffffde ffffffb3 ffffffa9 ffffff9d fffffffc ffffff94 68 ffffffed 5c ffffffd4 ffffffd2 ffffffec ffffffc6 ffffffd4 3d 34 ffffffa1 ffffff80 ffffffc9 fffffff4 27 1c 15 ffffffff ffffff85 ffffffb0 17 ffffffd4 ffffff90 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 37 71 51 5e 84 0d 71 a9 74 06 62 0e 54 b0 30 22 | unwrapped: c2 5c db 37 b7 07 89 dc c3 10 cd 69 e7 92 17 9d | unwrapped: 82 92 d7 37 1f 2b d5 1e 2a e2 ef 76 49 85 57 51 | unwrapped: 90 f7 9f 90 43 4f 1f 95 3d d9 07 11 9a c9 af 37 | unwrapped: d5 0c 75 fa 5b 67 23 1c b0 c7 c1 61 9f 93 cf b1 | unwrapped: 7b b6 1f 44 c7 be bb ba 8b a4 5e 40 94 34 5b 2d | unwrapped: f0 b9 b7 19 50 48 ee 32 d9 e5 85 34 47 68 83 98 | unwrapped: 75 f2 c7 da f3 0c 52 30 fd 92 3f 08 26 b1 55 6b | unwrapped: 8e aa 5f ee fb b5 f9 a7 36 57 03 3c 3c b5 65 e9 | unwrapped: 95 e0 5c 02 7e 76 a9 91 af 32 c9 aa b8 3d 72 f7 | unwrapped: d0 6d 79 ca 2b 50 e2 91 6d 06 26 5d 25 80 70 84 | unwrapped: d4 3d f9 31 c8 30 5d d6 5d 6c c0 59 79 12 85 02 | unwrapped: 0a 79 81 8f 56 8c b8 6d 8c 9a 72 64 16 da 3a e1 | unwrapped: d7 57 c1 ef 26 7c 92 80 85 76 9b d7 0b ac 2c 41 | unwrapped: 03 e8 f2 3f e4 7f 5b 39 64 d3 95 35 bb 98 72 5c | unwrapped: 3f 91 50 d7 5c af 3c a5 6a 0e 79 d3 73 c3 d4 58 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 1f 45 25 9a | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | 2f bd d1 31 | hmac PRF sha update data-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | hmac PRF sha update data-bytes@0x7f6bf80020b0 (length 32) | fe 63 99 eb 99 d5 eb 01 af bb ea 5f 93 10 52 82 | a5 3c b1 1b a9 e5 32 9f 0a 4a 93 4d bc 45 2c ac | hmac PRF sha update data-bytes@0x7f6c04002100 (length 32) | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | hmac PRF sha update data-bytes@0x7f6c04002100 (length 32) | 68 c0 9f 81 40 fb 04 74 78 ad 98 15 2a c0 32 b9 | 38 74 9a b4 45 62 db a2 a1 c6 c0 43 b9 d8 80 60 | hmac PRF sha final-bytes@0x556ef361ed84 (length 20) | d1 93 d3 1b 25 30 9d 0c 85 ed ab ae 7d 0f fc b0 | 7b 65 fb 97 | hmac PRF sha final-bytes@0x7f6c080030b4 (length 20) | 01 c9 26 a1 43 2c 9b df 13 19 7a 87 6d 57 1a bf | e3 63 a9 19 | install_ipsec_sa() for #12: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2fbdd131@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.1f45259a@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #12: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #12 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2fbdd131 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0x2fbdd131 SPI_OUT=0x1f45259a ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2fbdd13 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0x2fbdd131 SPI_OUT=0x1f45259a ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2fbdd131 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x2fbdd131 SPI_OUT=0x1f45259a ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x556ef3620bc0,sr=0x556ef3620bc0} to #12 (was #0) (newest_ipsec_sa=#0) | #11 spent 0.8 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 98 27 75 43 fe 91 ac 17 b1 35 4d b7 | encrypting: b4 b0 3c 48 a7 bb 7a e6 | IV: 77 4b 0e 48 bf 3a 99 18 aa 11 3d 67 5a ca ec 69 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8c a6 9b 19 e4 be bf a5 7a 96 43 23 56 d9 64 8b | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #12 (was #0) (spd.eroute=#12) cloned from #11 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #12 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #12 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #12: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c003000 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 20 01 cc 56 df 0f 00 00 00 3c 4b eb c1 f1 | 53 d2 8d d6 0a 57 06 57 a3 59 cc d9 8c a6 9b 19 | e4 be bf a5 7a 96 43 23 56 d9 64 8b | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6bfc002b20 | inserting event EVENT_SA_REPLACE, timeout in 28154 seconds for #12 | libevent_malloc: new ptr-libevent@0x7f6c0c003000 size 128 | pstats #12 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #12: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x2fbdd131 <0x1f45259a xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 1.86 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bfc002030 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00479 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00423 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00281 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.1f45259a@192.1.2.45 | get_sa_info esp.2fbdd131@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0953 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #12 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #12 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #12 ikev1.ipsec deleted completed | [RE]START processing: state #12 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #12: deleting state (STATE_QUICK_I2) aged 0.247s and sending notification | child state #12: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.2fbdd131@192.1.2.23 | get_sa_info esp.1f45259a@192.1.2.45 "aes128" #12: ESP traffic information: in=84B out=84B | #12 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1737369039 (0x678e25cf) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 1f 45 25 9a | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef361ed10 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 67 8e 25 cf | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 1f 45 25 9a | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | bf 38 00 01 ac 99 3a b0 e0 59 37 df 36 c7 f0 70 | 32 33 22 cd | send delete HASH(1): | bf 38 00 01 ac 99 3a b0 e0 59 37 df 36 c7 f0 70 | 32 33 22 cd | last Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | current Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 67 8e 25 cf | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | b4 1e 00 5f a2 c5 03 14 99 93 77 d7 aa 72 63 2d | 09 bc 40 9e | encrypting: 0c 00 00 18 bf 38 00 01 ac 99 3a b0 e0 59 37 df | encrypting: 36 c7 f0 70 32 33 22 cd 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 1f 45 25 9a | IV: b4 1e 00 5f a2 c5 03 14 99 93 77 d7 aa 72 63 2d | IV: 09 bc 40 9e | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 8b ed 2f 9d f9 66 7a 21 74 f5 12 10 10 3e ba a3 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 05 01 67 8e 25 cf 00 00 00 4c a6 49 6e f7 | 80 8c 61 28 2f d0 64 31 be 60 70 63 aa 61 2a 10 | ea 90 0a da 10 c4 43 42 b8 9b 38 16 8b ed 2f 9d | f9 66 7a 21 74 f5 12 10 10 3e ba a3 | state #12 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c0c003000 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6bfc002b20 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050310' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2fbdd13 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050310' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0x2fbdd131 SPI_OUT=0x1f45259a ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.2fbdd131@192.1.2.23 | netlink response for Del SA esp.2fbdd131@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.1f45259a@192.1.2.45 | netlink response for Del SA esp.1f45259a@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #12 in QUICK_I2 | child state #12: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6bf8001fc0: destroyed | stop processing: state #12 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x7f6c10006900 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #11 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #11 | start processing: state #11 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #11 ikev1.isakmp deleted completed | [RE]START processing: state #11 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #11: deleting state (STATE_MAIN_I4) aged 0.294s and sending notification | parent state #11: MAIN_I4(established IKE SA) => delete | #11 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1582582209 (0x5e5449c1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI dd 49 0b 8f 1b 56 8a 7b | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI b9 60 dc 45 e8 fe 63 75 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04001640 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 5e 54 49 c1 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 dd 49 0b 8f | 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 35 42 f6 98 ac 49 cd 16 1f 85 70 cd 72 b6 35 19 | dc cd 20 75 | send delete HASH(1): | 35 42 f6 98 ac 49 cd 16 1f 85 70 cd 72 b6 35 19 | dc cd 20 75 | last Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | current Phase 1 IV: 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 28 fc 73 02 12 52 28 37 77 5c 3e 86 67 15 d6 06 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 5e 54 49 c1 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 7d c2 83 fc f1 a5 bb 79 e9 c3 5b d2 56 f5 08 c9 | b6 ac 06 b8 | encrypting: 0c 00 00 18 35 42 f6 98 ac 49 cd 16 1f 85 70 cd | encrypting: 72 b6 35 19 dc cd 20 75 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 | encrypting: e8 fe 63 75 | IV: 7d c2 83 fc f1 a5 bb 79 e9 c3 5b d2 56 f5 08 c9 | IV: b6 ac 06 b8 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 9b d9 01 35 0e 19 75 5a 92 88 a0 cd 07 ad ea ad | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 05 01 5e 54 49 c1 00 00 00 5c 05 33 f2 d6 | 9d 57 7e af 5d b6 ea 7a d6 30 bf 0e 13 ae a6 45 | c2 9a 89 f2 7a ba b9 51 f3 b9 00 ae 72 85 77 e0 | bc c8 85 d4 76 b9 5d 49 b1 34 c4 ba 9b d9 01 35 | 0e 19 75 5a 92 88 a0 cd 07 ad ea ad | state #11 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c040013c0 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #11 in MAIN_I4 | parent state #11: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c000017d0: destroyed | stop processing: state #11 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef36037c0 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.28 milliseconds in whack | spent 0.00166 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 05 01 7c 03 04 62 00 00 00 4c 1e 61 c8 a0 | a9 66 fc 00 b1 0e 26 30 d3 91 85 77 94 74 67 a8 | e6 f7 53 98 b3 96 5b de 21 ee 88 12 fd 89 65 82 | 18 de 8d d8 b5 b4 9f a0 59 60 dc 00 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2080572514 (0x7c030462) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x7c030462 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | dd 49 0b 8f 1b 56 8a 7b | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | b9 60 dc 45 e8 fe 63 75 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0683 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00422 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00411 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | dd 49 0b 8f 1b 56 8a 7b b9 60 dc 45 e8 fe 63 75 | 08 10 05 01 e9 23 62 0f 00 00 00 5c e7 15 cd 8f | 05 7c 5d 48 cb 5a 8e 63 17 d9 a7 3f c3 af 98 2e | 0c 5f 09 91 3c c4 aa 51 2a ce 69 6e c5 e3 22 59 | d1 af 7e 3f 46 ce 07 79 b6 ec 48 10 81 3d 81 97 | 85 f1 a9 4c 1c 0c e4 d2 e0 4c 9a d8 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | dd 49 0b 8f 1b 56 8a 7b | responder cookie: | b9 60 dc 45 e8 fe 63 75 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3911410191 (0xe923620f) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xe923620f | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | dd 49 0b 8f 1b 56 8a 7b | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | b9 60 dc 45 e8 fe 63 75 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.102 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x556ef3625c20 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.517 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00449 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0565 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.05 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0528 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.152 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #13 at 0x556ef3625160 | State DB: adding IKEv1 state #13 in UNDEFINED | pstats #13 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #13: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #13 "aes128" "aes128" #13: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef36236a0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 28 7e 70 3d 50 bf 44 78 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #13 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48957.179423 | #13 spent 0.461 milliseconds in main_outI1() | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.522 milliseconds in whack | spent 0.00218 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #13 in MAIN_I1 (find_state_ikev1_init) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #13 is idle | #13 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 15 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 0 resuming | crypto helper 0 starting work-order 15 for state #13 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 15 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c10002a80: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c10002a80 | NSS: Public DH wire value: | 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | Generated nonce: 1b fc 82 11 4a 88 98 3f ab d6 a4 48 2a f1 da b0 | Generated nonce: d4 99 90 33 25 10 09 6a 7d b6 53 01 6f 7f 03 de | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 15 time elapsed 0.000947 seconds | (#13) spent 0.946 milliseconds in crypto helper computing work-order 15: outI2 KE (pcr) | crypto helper 0 sending results from work-order 15 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | crypto helper 0 waiting (nothing to do) | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | #13 spent 0.175 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.314 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 15 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #13: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c10002a80: transferring ownership from helper KE to state #13 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | keyex value f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | keyex value 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | keyex value d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | keyex value 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | keyex value f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | keyex value 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | keyex value b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | keyex value a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | keyex value 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | keyex value 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | keyex value ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | keyex value 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | keyex value 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | keyex value 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | keyex value a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 1b fc 82 11 4a 88 98 3f ab d6 a4 48 2a f1 da b0 | Ni d4 99 90 33 25 10 09 6a 7d b6 53 01 6f 7f 03 de | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 28 7e 70 3d 50 bf 44 78 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | 59 c4 4f fe c4 22 a4 7d | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | 93 a0 02 12 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 28 7e 70 3d 50 bf 44 78 | natd_hash: rcookie= 59 c4 4f fe c4 22 a4 7d | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | natd_hash: hash= 93 a0 02 12 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | NAT-D 93 a0 02 12 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 28 7e 70 3d 50 bf 44 78 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | 59 c4 4f fe c4 22 a4 7d | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | 8c a5 6f 13 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 28 7e 70 3d 50 bf 44 78 | natd_hash: rcookie= 59 c4 4f fe c4 22 a4 7d | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | natd_hash: hash= 8c a5 6f 13 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | NAT-D 8c a5 6f 13 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #13 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #13: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | 14 00 00 24 1b fc 82 11 4a 88 98 3f ab d6 a4 48 | 2a f1 da b0 d4 99 90 33 25 10 09 6a 7d b6 53 01 | 6f 7f 03 de 14 00 00 18 5d 72 14 67 da 5f 98 48 | 46 da 31 f6 11 cb 24 7b 93 a0 02 12 00 00 00 18 | d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | 8c a5 6f 13 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #13 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48957.182289 "aes128" #13: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.357 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c100016f0 | spent 0.00269 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | 14 00 00 24 2d 15 8f c8 db b3 bc 64 3d 0d 5d b8 | 85 8d fa 97 f4 d3 5f 2d 81 6d a6 a7 ef fb c1 7b | 87 ea 16 a9 14 00 00 18 d6 2d b9 07 88 b5 04 fe | e0 76 f5 f0 39 8f ec 84 8c a5 6f 13 00 00 00 18 | 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | 93 a0 02 12 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I2 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #13 is idle | #13 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c10002a80: transferring ownership from state #13 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 16 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | #13 spent 0.0898 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.228 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 16 for state #13 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 | peer's g: d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | peer's g: 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | peer's g: 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | peer's g: 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | peer's g: 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | peer's g: ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | peer's g: d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | peer's g: 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | peer's g: 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | peer's g: da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | peer's g: bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | peer's g: b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | peer's g: 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | peer's g: f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | peer's g: fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | peer's g: 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c10002a80: computed shared DH secret key@0x556ef360e180 | dh-shared : g^ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: psk-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: psk-key@0x556ef360c4c0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3609090 | SKEYID psk prf: created sha context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk prf: begin sha with context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk: release clone-key@0x556ef360c4c0 | SKEYID psk PRF sha crypt-prf@0x7f6c08001270 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | 1b fc 82 11 4a 88 98 3f ab d6 a4 48 2a f1 da b0 | d4 99 90 33 25 10 09 6a 7d b6 53 01 6f 7f 03 de | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | 2d 15 8f c8 db b3 bc 64 3d 0d 5d b8 85 8d fa 97 | f4 d3 5f 2d 81 6d a6 a7 ef fb c1 7b 87 ea 16 a9 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID psk PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID psk: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6b8 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d: release clone-key@0x556ef3609090 | SKEYID_d PRF sha crypt-prf@0x7f6c08001230 | SKEYID_d PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_d: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312960: 3d ffffffce ffffffe8 fffffff8 4a 53 ffffff8d 23 fffffffa 77 29 ffffffc5 48 6a 77 44 3e 5d 46 57 1f 24 33 0e 46 36 ffffffff 74 43 fffffff5 fffffffa 53 59 16 ffffffec ffffffc9 37 51 ffffffa1 36 ffffffc4 ffffff92 62 ffffff9e 36 ffffff9e 59 0f 2c 43 ffffffde 43 1f 0b ffffffb7 7f 26 fffffffe 7a ffffffdd 54 ffffffab 02 ffffff8e 4b 4b ffffffef 0a ffffffe1 ffffffff 17 ffffffe7 ffffff94 11 0a ffffffb0 5c ffffff8f 79 2a 63 ffffff9c 67 ffffffb2 ffffffae 1d ffffffe4 50 ffffffd4 36 7f 12 ffffff9e 75 ffffffb3 2c ffffff8b fffffffc ffffffbb ffffff81 1c 10 43 12 7e ffffff9a 45 ffffffb2 ffffffc0 ffffffb1 ffffff94 07 ffffffc9 ffffff9d ffffffc2 08 ffffffe7 0d 69 ffffffd8 ffffffef 58 73 61 6b 6e ffffffaa ffffffb4 ffffff83 7d ffffff8c ffffffa1 23 05 14 23 ffffffd1 53 ffffff88 11 01 ffffff88 ffffff89 26 ffffffc4 52 6d 65 2c 35 ffffff96 ffffffa3 ffffffe0 ffffff87 ffffffde ffffffa1 ffffffd3 ffffff86 5a ffffffef 41 ffffff91 ffffffe0 1d ffffffb4 0b 1d ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08004db0 | unwrapped: f6 fd 58 1f 01 a2 8c 06 08 b7 7f 63 2f 7b 43 ec | unwrapped: 9e 29 c9 17 09 23 5f b6 60 65 26 2a ac b5 b4 db | unwrapped: c9 5b 67 ea 1e b0 34 ed 56 00 00 e2 66 49 80 f1 | unwrapped: 82 6a ce 1c ab f8 32 7c 78 c7 66 6a ea 08 23 35 | unwrapped: ef 18 f8 c6 56 f5 bb ec 4d 6f 00 1b 65 c5 f0 aa | unwrapped: a2 47 84 55 ec af fc e1 53 36 8b 68 e2 fb 3e 98 | unwrapped: 9f e1 3f bc 12 41 96 53 c3 e3 ef 9e e4 20 5d 40 | unwrapped: fd 6c 2e 90 73 36 09 f7 e2 71 dd be 72 d7 e1 1c | unwrapped: ad 6b 73 8c 17 c2 05 e1 33 80 14 63 02 91 93 d3 | unwrapped: 9e c1 0e e4 0a 25 72 c8 99 e6 1c 3e e7 ea a2 e9 | unwrapped: f6 7e 9d 37 8b c2 14 ad 02 f4 11 f2 be e5 77 32 | unwrapped: 5d 49 f0 2d f6 91 94 c5 3d 6c 16 5b 7d ee f2 58 | unwrapped: 4d 21 d7 45 4e e5 00 42 88 af 2a ee 69 0f cf 94 | unwrapped: 4e 06 53 d5 52 a1 46 66 f0 81 81 90 ca 38 5f 1b | unwrapped: ac 6a ca 2b bd 45 30 34 f7 92 b9 de 0c d3 fd 43 | unwrapped: af d8 f8 c3 b2 3e cb 1d 8b ec 72 b7 f1 62 c0 9e | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 28 7e 70 3d 50 bf 44 78 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 59 c4 4f fe c4 22 a4 7d | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID_d PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_d: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a: release clone-key@0x556ef3601f40 | SKEYID_a PRF sha crypt-prf@0x7f6c08001250 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3609090 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312928: ffffff81 ffffff85 ffffffc2 ffffffac ffffffeb 48 56 2b 1b ffffffeb 5f 0a 37 ffffffa4 ffffffd6 ffffffe4 ffffff8d ffffffa8 5f 3e ffffffd6 ffffffc0 ffffffe6 ffffff83 ffffffa8 6b 54 ffffffb5 ffffff9f ffffff9b 53 72 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08003100 | unwrapped: 44 4b dd 6a 7b de b2 08 5e f9 db 83 3c 4b e1 3e | unwrapped: 9e 23 e7 91 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_a: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312928: 3d ffffffce ffffffe8 fffffff8 4a 53 ffffff8d 23 fffffffa 77 29 ffffffc5 48 6a 77 44 3e 5d 46 57 1f 24 33 0e 46 36 ffffffff 74 43 fffffff5 fffffffa 53 59 16 ffffffec ffffffc9 37 51 ffffffa1 36 ffffffc4 ffffff92 62 ffffff9e 36 ffffff9e 59 0f 2c 43 ffffffde 43 1f 0b ffffffb7 7f 26 fffffffe 7a ffffffdd 54 ffffffab 02 ffffff8e 4b 4b ffffffef 0a ffffffe1 ffffffff 17 ffffffe7 ffffff94 11 0a ffffffb0 5c ffffff8f 79 2a 63 ffffff9c 67 ffffffb2 ffffffae 1d ffffffe4 50 ffffffd4 36 7f 12 ffffff9e 75 ffffffb3 2c ffffff8b fffffffc ffffffbb ffffff81 1c 10 43 12 7e ffffff9a 45 ffffffb2 ffffffc0 ffffffb1 ffffff94 07 ffffffc9 ffffff9d ffffffc2 08 ffffffe7 0d 69 ffffffd8 ffffffef 58 73 61 6b 6e ffffffaa ffffffb4 ffffff83 7d ffffff8c ffffffa1 23 05 14 23 ffffffd1 53 ffffff88 11 01 ffffff88 ffffff89 26 ffffffc4 52 6d 65 2c 35 ffffff96 ffffffa3 ffffffe0 ffffff87 ffffffde ffffffa1 ffffffd3 ffffff86 5a ffffffef 41 ffffff91 ffffffe0 1d ffffffb4 0b 1d ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003bd0 | unwrapped: f6 fd 58 1f 01 a2 8c 06 08 b7 7f 63 2f 7b 43 ec | unwrapped: 9e 29 c9 17 09 23 5f b6 60 65 26 2a ac b5 b4 db | unwrapped: c9 5b 67 ea 1e b0 34 ed 56 00 00 e2 66 49 80 f1 | unwrapped: 82 6a ce 1c ab f8 32 7c 78 c7 66 6a ea 08 23 35 | unwrapped: ef 18 f8 c6 56 f5 bb ec 4d 6f 00 1b 65 c5 f0 aa | unwrapped: a2 47 84 55 ec af fc e1 53 36 8b 68 e2 fb 3e 98 | unwrapped: 9f e1 3f bc 12 41 96 53 c3 e3 ef 9e e4 20 5d 40 | unwrapped: fd 6c 2e 90 73 36 09 f7 e2 71 dd be 72 d7 e1 1c | unwrapped: ad 6b 73 8c 17 c2 05 e1 33 80 14 63 02 91 93 d3 | unwrapped: 9e c1 0e e4 0a 25 72 c8 99 e6 1c 3e e7 ea a2 e9 | unwrapped: f6 7e 9d 37 8b c2 14 ad 02 f4 11 f2 be e5 77 32 | unwrapped: 5d 49 f0 2d f6 91 94 c5 3d 6c 16 5b 7d ee f2 58 | unwrapped: 4d 21 d7 45 4e e5 00 42 88 af 2a ee 69 0f cf 94 | unwrapped: 4e 06 53 d5 52 a1 46 66 f0 81 81 90 ca 38 5f 1b | unwrapped: ac 6a ca 2b bd 45 30 34 f7 92 b9 de 0c d3 fd 43 | unwrapped: af d8 f8 c3 b2 3e cb 1d 8b ec 72 b7 f1 62 c0 9e | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 28 7e 70 3d 50 bf 44 78 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 59 c4 4f fe c4 22 a4 7d | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: final-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360fae0 | SKEYID_a PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_a: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: clone-key@0x556ef360fae0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e: release clone-key@0x556ef360fae0 | SKEYID_e PRF sha crypt-prf@0x7f6c08001ef0 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3601f40 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312944: 12 31 00 ffffff94 6d 0a ffffffd3 7a 46 18 ffffff9c ffffffe9 6f ffffffc4 2e ffffffa3 ffffff98 74 26 7f 07 62 ffffff84 ffffffe2 55 ffffff98 34 ffffffea ffffffb9 fffffff9 66 ffffffbd | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c080030d0 | unwrapped: 0a d1 70 48 8a cb b4 fa 80 b1 ca f0 61 8c a9 de | unwrapped: 2b 96 d5 92 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_e: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312944: 3d ffffffce ffffffe8 fffffff8 4a 53 ffffff8d 23 fffffffa 77 29 ffffffc5 48 6a 77 44 3e 5d 46 57 1f 24 33 0e 46 36 ffffffff 74 43 fffffff5 fffffffa 53 59 16 ffffffec ffffffc9 37 51 ffffffa1 36 ffffffc4 ffffff92 62 ffffff9e 36 ffffff9e 59 0f 2c 43 ffffffde 43 1f 0b ffffffb7 7f 26 fffffffe 7a ffffffdd 54 ffffffab 02 ffffff8e 4b 4b ffffffef 0a ffffffe1 ffffffff 17 ffffffe7 ffffff94 11 0a ffffffb0 5c ffffff8f 79 2a 63 ffffff9c 67 ffffffb2 ffffffae 1d ffffffe4 50 ffffffd4 36 7f 12 ffffff9e 75 ffffffb3 2c ffffff8b fffffffc ffffffbb ffffff81 1c 10 43 12 7e ffffff9a 45 ffffffb2 ffffffc0 ffffffb1 ffffff94 07 ffffffc9 ffffff9d ffffffc2 08 ffffffe7 0d 69 ffffffd8 ffffffef 58 73 61 6b 6e ffffffaa ffffffb4 ffffff83 7d ffffff8c ffffffa1 23 05 14 23 ffffffd1 53 ffffff88 11 01 ffffff88 ffffff89 26 ffffffc4 52 6d 65 2c 35 ffffff96 ffffffa3 ffffffe0 ffffff87 ffffffde ffffffa1 ffffffd3 ffffff86 5a ffffffef 41 ffffff91 ffffffe0 1d ffffffb4 0b 1d ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003ce0 | unwrapped: f6 fd 58 1f 01 a2 8c 06 08 b7 7f 63 2f 7b 43 ec | unwrapped: 9e 29 c9 17 09 23 5f b6 60 65 26 2a ac b5 b4 db | unwrapped: c9 5b 67 ea 1e b0 34 ed 56 00 00 e2 66 49 80 f1 | unwrapped: 82 6a ce 1c ab f8 32 7c 78 c7 66 6a ea 08 23 35 | unwrapped: ef 18 f8 c6 56 f5 bb ec 4d 6f 00 1b 65 c5 f0 aa | unwrapped: a2 47 84 55 ec af fc e1 53 36 8b 68 e2 fb 3e 98 | unwrapped: 9f e1 3f bc 12 41 96 53 c3 e3 ef 9e e4 20 5d 40 | unwrapped: fd 6c 2e 90 73 36 09 f7 e2 71 dd be 72 d7 e1 1c | unwrapped: ad 6b 73 8c 17 c2 05 e1 33 80 14 63 02 91 93 d3 | unwrapped: 9e c1 0e e4 0a 25 72 c8 99 e6 1c 3e e7 ea a2 e9 | unwrapped: f6 7e 9d 37 8b c2 14 ad 02 f4 11 f2 be e5 77 32 | unwrapped: 5d 49 f0 2d f6 91 94 c5 3d 6c 16 5b 7d ee f2 58 | unwrapped: 4d 21 d7 45 4e e5 00 42 88 af 2a ee 69 0f cf 94 | unwrapped: 4e 06 53 d5 52 a1 46 66 f0 81 81 90 ca 38 5f 1b | unwrapped: ac 6a ca 2b bd 45 30 34 f7 92 b9 de 0c d3 fd 43 | unwrapped: af d8 f8 c3 b2 3e cb 1d 8b ec 72 b7 f1 62 c0 9e | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 28 7e 70 3d 50 bf 44 78 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | 59 c4 4f fe c4 22 a4 7d | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6b0 | result: final-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36037c0 | SKEYID_e PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID_e: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6f8 | result: keymat-key@0x556ef36037c0 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3609090, skeyid_a 0x556ef3601f40, skeyid_e 0x556ef360fae0, enc_key 0x556ef36037c0 | DH_i: 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | DH_i: f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | DH_i: 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | DH_i: d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | DH_i: 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | DH_i: f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | DH_i: 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | DH_i: b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | DH_i: a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | DH_i: 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | DH_i: 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | DH_i: ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | DH_i: 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | DH_i: 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | DH_i: 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | DH_i: a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | DH_r: d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | DH_r: 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | DH_r: 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | DH_r: 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | DH_r: 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | DH_r: ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | DH_r: d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | DH_r: 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | DH_r: 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | DH_r: da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | DH_r: bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | DH_r: b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | DH_r: 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | DH_r: f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | DH_r: fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | DH_r: 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | new IV hash sha final chunk@0x7f6c08002090 (length 20) | 91 08 a4 85 c5 13 df 48 e0 ab b5 41 46 f4 3a 3e | 60 3f 3b bd | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 time elapsed 0.002134 seconds | (#13) spent 2.03 milliseconds in crypto helper computing work-order 16: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 16 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 16 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #13: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c10002a80: transferring ownership from helper IKEv1 DH+IV to state #13 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 28 7e 70 3d 50 bf 44 78 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | 59 c4 4f fe c4 22 a4 7d | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | 8c a5 6f 13 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 28 7e 70 3d 50 bf 44 78 | natd_hash: rcookie= 59 c4 4f fe c4 22 a4 7d | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | natd_hash: hash= 8c a5 6f 13 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 28 7e 70 3d 50 bf 44 78 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | 59 c4 4f fe c4 22 a4 7d | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | 93 a0 02 12 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 28 7e 70 3d 50 bf 44 78 | natd_hash: rcookie= 59 c4 4f fe c4 22 a4 7d | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | natd_hash: hash= 93 a0 02 12 | expected NAT-D(me): d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | expected NAT-D(me): 8c a5 6f 13 | expected NAT-D(him): | 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | 93 a0 02 12 | received NAT-D: d6 2d b9 07 88 b5 04 fe e0 76 f5 f0 39 8f ec 84 | received NAT-D: 8c a5 6f 13 | received NAT-D: 5d 72 14 67 da 5f 98 48 46 da 31 f6 11 cb 24 7b | received NAT-D: 93 a0 02 12 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef3628c90 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | hmac PRF sha update data-bytes@0x7f6bf8001cd0 (length 256) | d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 28 7e 70 3d 50 bf 44 78 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | 59 c4 4f fe c4 22 a4 7d | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | d8 fe d9 db 50 17 00 ae ae cc 44 51 b3 01 3f e2 | 9a 3e c7 b4 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I d8 fe d9 db 50 17 00 ae ae cc 44 51 b3 01 3f e2 | HASH_I 9a 3e c7 b4 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: d8 fe d9 db 50 17 00 ae ae cc 44 51 b3 01 3f e2 | encrypting: 9a 3e c7 b4 | IV: 91 08 a4 85 c5 13 df 48 e0 ab b5 41 46 f4 3a 3e | IV: 60 3f 3b bd | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6d f1 14 51 a7 a9 83 5d 26 bf 16 4d 51 20 6a f6 | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #13: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 05 10 02 01 00 00 00 00 00 00 00 4c 64 9c 74 d4 | 7c 9e c0 4d 86 fe 3d 37 b6 1b a6 be 8e 1c 05 84 | 7b b1 b0 73 01 84 6a 54 dc 86 4d 7f 6d f1 14 51 | a7 a9 83 5d 26 bf 16 4d 51 20 6a f6 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6c100016f0 size 128 | #13 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48957.190095 "aes128" #13: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.458 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c08001090 | spent 0.00172 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 05 10 02 01 00 00 00 00 00 00 00 4c 31 fd c0 25 | 7b a4 b0 34 70 f2 cf 0c 42 a4 13 38 cd fb d1 92 | 8f a6 5a af e3 b2 c2 5c 73 35 7e d3 e1 16 6f fd | 88 8c 34 39 26 11 34 75 e1 d8 31 20 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I3 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 6d f1 14 51 a7 a9 83 5d 26 bf 16 4d 51 20 6a f6 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | decrypted payload (starts at offset -48): | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 a0 29 7b 14 | ec 03 f3 04 c6 9d 69 24 33 6a 62 54 3c 10 79 d3 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #13: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef36236c0 | hmac PRF sha update data-bytes@0x7f6bf8001cd0 (length 256) | d0 47 da 34 95 c9 91 ad 05 e3 80 20 69 c9 07 f7 | 8a 0f 6d 78 70 c5 2d 6a 3c 8a 9a d4 9e 53 cf 4d | 36 17 11 c4 16 71 4b 8c a1 a2 1e 0a 5b e5 5c d7 | 28 4f 1c 2d 4a da 99 fa 69 96 a5 d7 fd 32 cf 82 | 03 59 31 14 5f 06 88 00 f9 d0 53 5c 91 74 e6 29 | ec 8d 49 f0 bb d9 cf 1c 52 b0 49 ad 51 af 00 94 | d1 29 22 55 dd 3d b2 c4 42 64 c0 05 dd 1c b8 eb | 7b 79 7e e0 d4 de 5c d5 7c 1f fd 4c 04 2e ba 54 | 3e f9 16 f2 b2 ea a7 80 cb a8 14 a6 29 95 a1 b0 | da 5d 30 f9 16 ae 62 60 87 4a c7 0b 5a 98 19 bb | bf 1d b9 1e ee c4 74 24 e0 f2 83 b8 0e 59 75 3d | b0 8d 01 d5 6e 81 95 71 57 06 a7 fd 12 23 14 60 | 39 ef a9 5c 9c 39 9f 95 58 08 a4 3b 2e 96 32 81 | f0 8c eb 34 7e 97 ad 4e 58 ce 30 12 a0 e8 fe 2c | fb 32 21 a4 6a a7 f5 79 42 b4 2f 9d ef 01 27 a4 | 03 a5 dc ec 30 e2 d3 e9 5b 56 ab 52 dd c3 9f 41 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 05 71 0b 4d e4 18 1f b7 65 bd 81 bd 5e ab 97 08 | f9 03 00 ff 4b 1d f9 89 ff 6f ed dd d3 14 e5 14 | 76 38 73 ab c1 37 c9 db 84 c2 bd fc 51 fa 0f 0b | d8 53 53 0b 60 fe 1a 82 54 12 bc cb 33 35 66 00 | 11 ac c5 f9 75 6a 38 60 7e 38 92 2b bf 5f ef a9 | f9 6a d0 31 6d c3 fd 28 7b 4c 2a 95 38 69 6f dd | 3f 27 01 31 f1 65 c4 e7 b2 d2 57 6c 99 7a 8f 1d | b2 47 9a 0c de f2 a8 8e 80 e3 75 cf 85 80 c3 e5 | a0 7c 68 fb 1a b6 f5 ae 92 8a 10 08 6c 85 6c 74 | 11 3e 2a 8f f8 b5 c2 78 fd d3 d3 23 11 40 7d 7f | 3e e9 ad 00 7b 8b ce 81 15 21 7f 6c 55 1f b6 c9 | ef 88 f8 2c 14 11 e6 a6 4d e3 8d b8 d6 62 f5 fc | 8e 2b c0 a4 6c 65 a3 19 a1 50 a8 83 16 91 9f b0 | 02 5d 38 84 ef 46 dc ba a5 8d d2 ec 51 e1 3d b8 | 4d a9 1e 18 c5 a9 91 a3 d9 6f f8 70 39 5f b7 0a | a8 3c f0 36 0d 6d 14 9a 6e 0d 33 1d 75 13 0f f5 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | 59 c4 4f fe c4 22 a4 7d | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 28 7e 70 3d 50 bf 44 78 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef357bdd0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | a0 29 7b 14 ec 03 f3 04 c6 9d 69 24 33 6a 62 54 | 3c 10 79 d3 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #13: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c100016f0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2879 seconds for #13 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | pstats #13 ikev1.isakmp established "aes128" #13: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #13 | creating state object #14 at 0x556ef361d990 | State DB: adding IKEv1 state #14 in UNDEFINED | pstats #14 ikev1.ipsec started | duplicating state object #13 "aes128" as #14 for IPSEC SA | #14 setting local endpoint to 192.1.2.45:500 from #13.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef36037c0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #13 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #14 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #14: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #14: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#13 msgid:3ffbe204 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 17 for state #14 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #14 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | stop processing: state #14 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #13 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x7f6bf8003a50} | close_any(fd@24) (in release_whack() at state.c:654) | #13 spent 0.356 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.482 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 17 for state #14 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 17 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c0c004120: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c0c004120 | NSS: Public DH wire value: | 44 8c 1b 86 4a 5c ed 22 4a dc 49 4f af d3 e1 4e | e6 ab 5f a8 37 77 bc 3f 51 1f 8e fc 8e 12 60 81 | c9 11 bf d6 d2 55 e2 8d a5 35 a1 12 fb 11 6f aa | 32 d6 dd 3a f6 fe 9f 15 1d 75 e1 3e 88 e4 24 c3 | bc 46 8e 2e 87 87 d0 17 ed aa f9 80 81 dc 03 75 | ea 7f 7f 80 0b be f4 03 b2 4e 24 c1 10 6d c8 01 | 46 bd 83 5a 77 9a 84 d7 72 22 b8 c0 12 e2 d4 b0 | 19 1b 25 9b a7 4c 2a f3 6a 8f 59 61 33 5d 7c 46 | b4 06 e7 86 ea a3 72 14 82 36 d2 45 f8 43 cb be | 70 4a f8 3b f7 4a a9 bd c1 5c 74 6b d8 4e e2 37 | c8 e1 f0 49 02 cb 57 f6 b5 0a 90 52 4f d0 ac e6 | 11 54 68 10 50 4c e6 d7 f5 ef 46 e4 b9 64 3a d9 | 1f a5 00 b0 d8 96 ee 73 3b 38 d5 c5 63 ce 07 38 | ed 58 a3 57 d0 ff df 23 72 8a 62 ec b4 a6 4a f2 | ad 92 9a a1 08 a4 fe fa 56 cb 24 d5 11 b1 60 8f | 8a c0 a5 5d ab ba cd ca 59 45 13 08 1c a2 06 f2 | Generated nonce: 2e 4e 66 d9 66 94 74 79 93 0e c0 fc c2 05 b1 28 | Generated nonce: 46 ca 5e 8f 78 70 6d b3 67 30 a0 57 89 cf 43 e0 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 17 time elapsed 0.00106 seconds | (#14) spent 1.05 milliseconds in crypto helper computing work-order 17: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 17 for state #14 to event queue | scheduling resume sending helper answer for #14 | libevent_malloc: new ptr-libevent@0x7f6c0c002d00 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #14 | start processing: state #14 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 17 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #14: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1073472004 (0x3ffbe204) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x8733c1ca for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 87 33 c1 ca | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #14: IMPAIR: stripping key-length "aes128" #14: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 2e 4e 66 d9 66 94 74 79 93 0e c0 fc c2 05 b1 28 | Ni 46 ca 5e 8f 78 70 6d b3 67 30 a0 57 89 cf 43 e0 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c0c004120: transferring ownership from helper KE to state #14 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 44 8c 1b 86 4a 5c ed 22 4a dc 49 4f af d3 e1 4e | keyex value e6 ab 5f a8 37 77 bc 3f 51 1f 8e fc 8e 12 60 81 | keyex value c9 11 bf d6 d2 55 e2 8d a5 35 a1 12 fb 11 6f aa | keyex value 32 d6 dd 3a f6 fe 9f 15 1d 75 e1 3e 88 e4 24 c3 | keyex value bc 46 8e 2e 87 87 d0 17 ed aa f9 80 81 dc 03 75 | keyex value ea 7f 7f 80 0b be f4 03 b2 4e 24 c1 10 6d c8 01 | keyex value 46 bd 83 5a 77 9a 84 d7 72 22 b8 c0 12 e2 d4 b0 | keyex value 19 1b 25 9b a7 4c 2a f3 6a 8f 59 61 33 5d 7c 46 | keyex value b4 06 e7 86 ea a3 72 14 82 36 d2 45 f8 43 cb be | keyex value 70 4a f8 3b f7 4a a9 bd c1 5c 74 6b d8 4e e2 37 | keyex value c8 e1 f0 49 02 cb 57 f6 b5 0a 90 52 4f d0 ac e6 | keyex value 11 54 68 10 50 4c e6 d7 f5 ef 46 e4 b9 64 3a d9 | keyex value 1f a5 00 b0 d8 96 ee 73 3b 38 d5 c5 63 ce 07 38 | keyex value ed 58 a3 57 d0 ff df 23 72 8a 62 ec b4 a6 4a f2 | keyex value ad 92 9a a1 08 a4 fe fa 56 cb 24 d5 11 b1 60 8f | keyex value 8a c0 a5 5d ab ba cd ca 59 45 13 08 1c a2 06 f2 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08002090 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | 3f fb e2 04 | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 87 33 c1 ca 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 2e 4e 66 d9 66 94 74 79 | 93 0e c0 fc c2 05 b1 28 46 ca 5e 8f 78 70 6d b3 | 67 30 a0 57 89 cf 43 e0 05 00 01 04 44 8c 1b 86 | 4a 5c ed 22 4a dc 49 4f af d3 e1 4e e6 ab 5f a8 | 37 77 bc 3f 51 1f 8e fc 8e 12 60 81 c9 11 bf d6 | d2 55 e2 8d a5 35 a1 12 fb 11 6f aa 32 d6 dd 3a | f6 fe 9f 15 1d 75 e1 3e 88 e4 24 c3 bc 46 8e 2e | 87 87 d0 17 ed aa f9 80 81 dc 03 75 ea 7f 7f 80 | 0b be f4 03 b2 4e 24 c1 10 6d c8 01 46 bd 83 5a | 77 9a 84 d7 72 22 b8 c0 12 e2 d4 b0 19 1b 25 9b | a7 4c 2a f3 6a 8f 59 61 33 5d 7c 46 b4 06 e7 86 | ea a3 72 14 82 36 d2 45 f8 43 cb be 70 4a f8 3b | f7 4a a9 bd c1 5c 74 6b d8 4e e2 37 c8 e1 f0 49 | 02 cb 57 f6 b5 0a 90 52 4f d0 ac e6 11 54 68 10 | 50 4c e6 d7 f5 ef 46 e4 b9 64 3a d9 1f a5 00 b0 | d8 96 ee 73 3b 38 d5 c5 63 ce 07 38 ed 58 a3 57 | d0 ff df 23 72 8a 62 ec b4 a6 4a f2 ad 92 9a a1 | 08 a4 fe fa 56 cb 24 d5 11 b1 60 8f 8a c0 a5 5d | ab ba cd ca 59 45 13 08 1c a2 06 f2 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 19 2d b0 54 fb 66 8a 86 f2 69 4e de 8a ef bb a3 | 3f c6 10 7b | outI1 HASH(1): | 19 2d b0 54 fb 66 8a 86 f2 69 4e de 8a ef bb a3 | 3f c6 10 7b | last Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | current Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | 3f fb e2 04 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | a3 e3 d9 db 7a f7 ca fd 56 d0 65 7b 80 b1 ea a9 | bb 4d e6 74 | encrypting: 01 00 00 18 19 2d b0 54 fb 66 8a 86 f2 69 4e de | encrypting: 8a ef bb a3 3f c6 10 7b 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 87 33 c1 ca | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 2e 4e 66 d9 66 94 74 79 93 0e c0 fc c2 05 b1 28 | encrypting: 46 ca 5e 8f 78 70 6d b3 67 30 a0 57 89 cf 43 e0 | encrypting: 05 00 01 04 44 8c 1b 86 4a 5c ed 22 4a dc 49 4f | encrypting: af d3 e1 4e e6 ab 5f a8 37 77 bc 3f 51 1f 8e fc | encrypting: 8e 12 60 81 c9 11 bf d6 d2 55 e2 8d a5 35 a1 12 | encrypting: fb 11 6f aa 32 d6 dd 3a f6 fe 9f 15 1d 75 e1 3e | encrypting: 88 e4 24 c3 bc 46 8e 2e 87 87 d0 17 ed aa f9 80 | encrypting: 81 dc 03 75 ea 7f 7f 80 0b be f4 03 b2 4e 24 c1 | encrypting: 10 6d c8 01 46 bd 83 5a 77 9a 84 d7 72 22 b8 c0 | encrypting: 12 e2 d4 b0 19 1b 25 9b a7 4c 2a f3 6a 8f 59 61 | encrypting: 33 5d 7c 46 b4 06 e7 86 ea a3 72 14 82 36 d2 45 | encrypting: f8 43 cb be 70 4a f8 3b f7 4a a9 bd c1 5c 74 6b | encrypting: d8 4e e2 37 c8 e1 f0 49 02 cb 57 f6 b5 0a 90 52 | encrypting: 4f d0 ac e6 11 54 68 10 50 4c e6 d7 f5 ef 46 e4 | encrypting: b9 64 3a d9 1f a5 00 b0 d8 96 ee 73 3b 38 d5 c5 | encrypting: 63 ce 07 38 ed 58 a3 57 d0 ff df 23 72 8a 62 ec | encrypting: b4 a6 4a f2 ad 92 9a a1 08 a4 fe fa 56 cb 24 d5 | encrypting: 11 b1 60 8f 8a c0 a5 5d ab ba cd ca 59 45 13 08 | encrypting: 1c a2 06 f2 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: a3 e3 d9 db 7a f7 ca fd 56 d0 65 7b 80 b1 ea a9 | IV: bb 4d e6 74 | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 86 cf a7 3b fb 67 1e cb 6b aa ef 4c 52 61 02 f4 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #14) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 08 10 20 01 3f fb e2 04 00 00 01 bc 78 39 82 de | 83 60 10 21 37 9a 3a af ee 2b 82 16 56 9d a4 d4 | 4b c5 66 c2 60 48 2c 1d 3f e9 99 fa fe 74 f3 03 | 6b d3 e8 58 ff 84 85 b9 9b c7 8f f1 b5 c1 3b 42 | e2 a2 8d fb be 38 24 31 47 e4 8c eb a9 9e 87 32 | fd 4e c6 66 02 ee 51 7c d2 89 0d b8 5f bc 99 d1 | be a6 77 4f 00 95 91 01 d2 10 36 4f 86 b4 63 3a | 99 a7 7c b9 1e 60 83 f0 33 db b5 b4 a0 63 22 5d | b1 28 d7 8e c9 71 29 ab e3 58 c1 8e 71 46 03 bf | b6 3a a8 a1 26 98 44 01 8c e0 80 7b 96 19 5b b2 | fa 23 95 ee cb 47 70 4c a9 c4 9e 42 e2 d4 0d ee | 9f c4 df 19 a9 82 c0 e5 21 12 f9 a7 ce 8c 7b f6 | ff ff 7a 6f b4 2f cf f9 77 7e 57 fb d3 b5 40 5d | 29 19 14 54 2a 57 80 86 72 ee ef ec d5 e9 8e aa | ce de bf 75 82 2f 2b 19 ba b9 a2 9a 0e 75 1c 85 | 64 91 e3 1c 9d 82 db 2a b6 f9 4e 68 a2 02 ee f3 | 76 42 8a 3a 41 90 ad ca 1d de b0 38 20 a6 1a f0 | 80 1e 4c 0c 10 a6 ed ec 7e bb e1 45 8b c8 91 10 | f7 49 ff 1d 44 0f 27 f5 68 93 f6 c0 0a a5 6e cd | 87 e7 5c 84 9d a1 ee c8 8f a2 30 ee 32 b2 c8 18 | d4 3f 11 1f e0 f2 5f 8c e2 a3 f3 ba be e6 f0 eb | b0 96 fb a7 6b 51 f3 5a 52 f0 6a 9e a2 56 99 76 | 84 61 29 87 05 ad 9d 5b 57 1b df 07 4c 07 72 3a | cb 60 a1 af 6e 42 b2 34 44 99 3a b7 69 91 50 94 | f1 94 c2 d8 4d 17 f6 51 f7 5c cb b1 3b b9 ee 61 | b3 c7 1c 3a 63 ae 54 60 46 89 4c fc 86 cf a7 3b | fb 67 1e cb 6b aa ef 4c 52 61 02 f4 | state #14 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf8007f00 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #14 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | #14 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48957.193427 | resume sending helper answer for #14 suppresed complete_v1_state_transition() | #14 spent 0.567 milliseconds in resume sending helper answer | stop processing: state #14 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c0c002d00 | spent 0.00171 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 08 10 05 01 6b dd b0 3f 00 00 00 4c 47 33 9a 79 | 09 d1 3a ae 7f ea 98 97 06 c6 32 92 e4 d6 ae 70 | 0d 42 21 31 6c a0 eb 95 88 d4 d8 1c 5a 9e 41 9a | 2b e3 76 b6 e7 37 19 61 93 08 00 7c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1809690687 (0x6bddb03f) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #14; msgid=00000000 st_msgid=3ffbe204 st_msgid_phase15=00000000 | peer and cookies match on #13; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #13 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #13 in MAIN_I4 (find_v1_info_state) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | last Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | current Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54ee1c (length 4) | 6b dd b0 3f | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 73 35 06 ac 60 16 48 38 85 9c b0 21 03 19 53 5a | 9d 9e f3 bf | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 73 35 06 ac 60 16 48 38 85 9c b0 21 03 19 53 5a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 5a 9e 41 9a 2b e3 76 b6 e7 37 19 61 93 08 00 7c | decrypted payload (starts at offset -48): | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 08 10 05 01 6b dd b0 3f 00 00 00 4c 0b 00 00 18 | a9 26 92 35 4a 3a 3b a5 17 4e b7 e8 28 bc 5f 7e | dc c5 24 60 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08002090 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | 6b dd b0 3f | HASH(1) PRF sha update payload-bytes@0x556ef357bde4 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | a9 26 92 35 4a 3a 3b a5 17 4e b7 e8 28 bc 5f 7e | dc c5 24 60 | informational HASH(1): | a9 26 92 35 4a 3a 3b a5 17 4e b7 e8 28 bc 5f 7e | dc c5 24 60 | received 'informational' message HASH(1) data ok "aes128" #13: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #13: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #13 spent 0.00708 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.233 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6bfc002b20 | handling event EVENT_RETRANSMIT for child state #14 | start processing: state #14 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #14 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #14 keying attempt 1 of 0; retransmit 1 "aes128" #14: IMPAIR: retransmit so deleting SA | [RE]START processing: state #14 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #14 ikev1.ipsec failed too-many-retransmits | pstats #14 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #14 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #14: deleting state (STATE_QUICK_I1) aged 0.501s and NOT sending notification | child state #14: QUICK_I1(established CHILD SA) => delete | child state #14: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #14 in CHILDSA_DEL | child state #14: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f6c0c004120: destroyed | stop processing: state #14 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f6bf8007f00 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | in statetime_stop() and could not find #14 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0502 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #13 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #13 ikev1.isakmp deleted completed | [RE]START processing: state #13 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #13: deleting state (STATE_MAIN_I4) aged 0.538s and sending notification | parent state #13: MAIN_I4(established IKE SA) => delete | #13 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 575091636 (0x224733b4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 28 7e 70 3d 50 bf 44 78 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 59 c4 4f fe c4 22 a4 7d | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x556ef36236c0 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 22 47 33 b4 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 28 7e 70 3d | 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | c3 05 f3 8d f5 03 a9 03 02 28 da 29 e7 13 43 c0 | 0f b5 f0 af | send delete HASH(1): | c3 05 f3 8d f5 03 a9 03 02 28 da 29 e7 13 43 c0 | 0f b5 f0 af | last Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | current Phase 1 IV: e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | e1 16 6f fd 88 8c 34 39 26 11 34 75 e1 d8 31 20 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 22 47 33 b4 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 56 61 23 ab 90 d2 b6 5a e0 a6 54 07 52 a0 d0 57 | 52 2c ad 25 | encrypting: 0c 00 00 18 c3 05 f3 8d f5 03 a9 03 02 28 da 29 | encrypting: e7 13 43 c0 0f b5 f0 af 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 28 7e 70 3d 50 bf 44 78 59 c4 4f fe | encrypting: c4 22 a4 7d | IV: 56 61 23 ab 90 d2 b6 5a e0 a6 54 07 52 a0 d0 57 | IV: 52 2c ad 25 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: e8 ab 0c b6 d5 1b bd 2c 2e 13 1a d8 0b 0a 5e 9f | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 08 10 05 01 22 47 33 b4 00 00 00 5c 7f 6d 27 fd | dc 1b 09 97 d9 fd 3f a1 8f 4f 69 60 82 08 d2 14 | c5 64 15 8e ff 3d 1e e9 4b 71 68 83 53 16 8b 93 | d9 9b af 18 e3 29 a4 f7 23 30 6e 90 e8 ab 0c b6 | d5 1b bd 2c 2e 13 1a d8 0b 0a 5e 9f | state #13 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c08001090 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #13 in MAIN_I4 | parent state #13: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c10002a80: destroyed | stop processing: state #13 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef360e180 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef361eee0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.516 milliseconds in whack | spent 0.00196 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 28 7e 70 3d 50 bf 44 78 59 c4 4f fe c4 22 a4 7d | 08 10 05 01 8a ed f0 02 00 00 00 5c 10 24 2b 9e | 48 59 b4 e7 e6 3b 0c 3b 31 44 82 d3 a1 f4 b4 6b | 55 54 e2 07 1e 16 6b 1c 57 df 3b 06 2d 13 cd f2 | 7b e0 b9 61 06 c6 ba 67 4c ef f0 d3 b5 46 f9 a8 | af ea 7d db 94 40 43 61 7b 85 41 6a | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 28 7e 70 3d 50 bf 44 78 | responder cookie: | 59 c4 4f fe c4 22 a4 7d | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2330849282 (0x8aedf002) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x8aedf002 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 28 7e 70 3d 50 bf 44 78 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 59 c4 4f fe c4 22 a4 7d | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0725 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0539 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0443 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0474 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.052 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef362a7b0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.112 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #15 at 0x556ef3625160 | State DB: adding IKEv1 state #15 in UNDEFINED | pstats #15 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #15: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #15 "aes128" "aes128" #15: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef357b900 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #15: IMPAIR: stripping key-length "aes128" #15: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | 92 55 ad 91 85 d3 19 b4 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | #15 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.272828 | #15 spent 0.403 milliseconds in main_outI1() | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.458 milliseconds in whack | spent 0.00316 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #15 in MAIN_I1 (find_state_ikev1_init) | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #15 is idle | #15 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 18 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bf8007f00 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #15 and saving MD | #15 is busy; has a suspended MD | #15 spent 0.208 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.39 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 18 for state #15 | crypto helper 6 doing build KE and nonce (outI2 KE); request ID 18 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c000017d0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c000017d0 | NSS: Public DH wire value: | 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | Generated nonce: d5 61 1e 0a 2d c7 24 48 ea d6 ea 41 70 6c a4 65 | Generated nonce: 84 6b 58 84 c0 49 3d aa 04 21 a1 21 65 53 21 7f | crypto helper 6 finished build KE and nonce (outI2 KE); request ID 18 time elapsed 0.001393 seconds | (#15) spent 1.38 milliseconds in crypto helper computing work-order 18: outI2 KE (pcr) | crypto helper 6 sending results from work-order 18 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f6c00005a90 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 18 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #15: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c000017d0: transferring ownership from helper KE to state #15 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | keyex value 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | keyex value fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | keyex value 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | keyex value 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | keyex value 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | keyex value a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | keyex value f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | keyex value eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | keyex value d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | keyex value f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | keyex value 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | keyex value be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | keyex value 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | keyex value be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | keyex value 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni d5 61 1e 0a 2d c7 24 48 ea d6 ea 41 70 6c a4 65 | Ni 84 6b 58 84 c0 49 3d aa 04 21 a1 21 65 53 21 7f | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 92 55 ad 91 85 d3 19 b4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | ee 2d 95 51 3b 31 36 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | 55 a2 94 75 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 92 55 ad 91 85 d3 19 b4 | natd_hash: rcookie= ee 2d 95 51 3b 31 36 02 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | natd_hash: hash= 55 a2 94 75 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | NAT-D 55 a2 94 75 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 92 55 ad 91 85 d3 19 b4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | ee 2d 95 51 3b 31 36 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | 9d 51 8b e7 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 92 55 ad 91 85 d3 19 b4 | natd_hash: rcookie= ee 2d 95 51 3b 31 36 02 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | natd_hash: hash= 9d 51 8b e7 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | NAT-D 9d 51 8b e7 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #15 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #15: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf8007f00 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | 14 00 00 24 d5 61 1e 0a 2d c7 24 48 ea d6 ea 41 | 70 6c a4 65 84 6b 58 84 c0 49 3d aa 04 21 a1 21 | 65 53 21 7f 14 00 00 18 65 41 d6 d9 50 cb 1b 89 | 91 0b 6a 22 57 54 13 44 55 a2 94 75 00 00 00 18 | d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | 9d 51 8b e7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6bf8007f00 size 128 | #15 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.275638 "aes128" #15: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.243 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c00005a90 | spent 0.00185 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | 14 00 00 24 62 e5 79 c0 76 1e 34 0b e9 af 3a 14 | b2 2e 0f c4 32 b6 62 c5 c5 55 bc d5 30 10 69 58 | 8f 7e 61 46 14 00 00 18 d7 7b 56 1b 2c 2a 38 8f | 61 2d 6b 65 79 03 54 4a 9d 51 8b e7 00 00 00 18 | 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | 55 a2 94 75 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I2 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #15 is idle | #15 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c000017d0: transferring ownership from state #15 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 19 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bf8007f00 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6c00005a90 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 1 resuming | crypto helper 1 starting work-order 19 for state #15 | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 | peer's g: 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | peer's g: 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | suspending state #15 and saving MD | peer's g: 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | peer's g: b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | #15 is busy; has a suspended MD | peer's g: 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | peer's g: bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | peer's g: 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | #15 spent 0.106 milliseconds in process_packet_tail() | peer's g: 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | peer's g: e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | peer's g: 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | peer's g: 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | peer's g: bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | peer's g: 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | peer's g: 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | peer's g: 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | Started DH shared-secret computation in NSS: | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.213 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c000017d0: computed shared DH secret key@0x556ef36037c0 | dh-shared : g^ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: psk-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: psk-key@0x556ef360fae0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3601f40 | SKEYID psk prf: created sha context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk prf: begin sha with context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk: release clone-key@0x556ef360fae0 | SKEYID psk PRF sha crypt-prf@0x7f6c040010c0 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | d5 61 1e 0a 2d c7 24 48 ea d6 ea 41 70 6c a4 65 | 84 6b 58 84 c0 49 3d aa 04 21 a1 21 65 53 21 7f | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | 62 e5 79 c0 76 1e 34 0b e9 af 3a 14 b2 2e 0f c4 | 32 b6 62 c5 c5 55 bc d5 30 10 69 58 8f 7e 61 46 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID psk PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID psk: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06b8 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d: release clone-key@0x556ef3601f40 | SKEYID_d PRF sha crypt-prf@0x7f6c040020e0 | SKEYID_d PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_d: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705664: ffffff80 ffffff8b ffffffe3 ffffff93 4e ffffffd9 34 ffffff9e 37 7b 5b 6a ffffffb2 6e 4f 58 5a 48 5b ffffffb0 51 ffffff90 fffffff0 67 ffffffd8 ffffffa6 4c 7d 21 fffffff1 11 ffffffd8 0e ffffff8f ffffffa7 3a 02 fffffff0 ffffffc2 28 5f fffffff9 ffffff91 5f 3c ffffffc3 36 6d 6c 26 26 1c ffffffc4 1a ffffff96 ffffff86 7b 0e 1d ffffffc0 54 ffffff8f 41 ffffffb4 ffffffd7 ffffff92 56 24 07 2a 57 1d ffffffa2 ffffff9c ffffffca 55 31 22 ffffffb5 ffffffac 34 ffffffff 52 0a 09 2d 5b 35 ffffffb5 ffffffb9 70 ffffff9d 46 fffffff9 ffffff95 55 ffffffc2 fffffffa ffffff8f 0d ffffffd0 ffffffdc 1e ffffff86 6b ffffffcf 3d 71 4f ffffffd0 ffffff93 ffffffb1 ffffffeb ffffff95 ffffffc4 6f ffffffe1 0b 36 26 64 ffffff9d 56 62 ffffff86 ffffffc0 13 ffffff8b ffffffe5 ffffff9f 3d 78 08 ffffff8a 18 fffffff2 00 ffffffd5 66 ffffffa2 ffffffae ffffffb3 ffffffa1 fffffff1 3f ffffff98 fffffff6 70 68 12 ffffffdf ffffffe1 47 fffffff3 4f 07 54 02 20 61 60 ffffffe1 26 ffffffca f | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c040010e0 | unwrapped: 74 ff 6d a8 27 aa 27 54 b5 60 45 97 04 33 d7 77 | unwrapped: cf c4 ac 7d 4a 18 02 ee 2f 5b 70 0f e8 4a d9 ba | unwrapped: 83 16 3b f9 cf bd 75 c6 2c 3f 75 aa 76 0f a0 8f | unwrapped: c6 1f ba e0 ea b8 b6 3c d8 c4 6e a4 78 de 57 df | unwrapped: 7c 77 0f 1e 5d 13 a1 58 ee f8 0c e6 51 92 91 b9 | unwrapped: 12 d9 d6 ad c7 33 31 07 e0 13 ec 17 c2 4b bb 27 | unwrapped: 0b dd 64 62 86 88 78 14 94 b6 a7 3d ef 56 ca d8 | unwrapped: ce 88 82 11 a8 0b 02 ec ec 94 16 35 6d e1 41 4c | unwrapped: 11 0d 3b 20 2d 65 35 20 5d 5c cf 96 c0 d8 0b 1a | unwrapped: 08 b7 28 18 1f 54 7d cc 9d fc 39 1f 2d 12 bc 7d | unwrapped: 8d cb 54 3c ee 06 17 38 8c 31 76 be 7e d7 36 be | unwrapped: 96 97 74 4b 47 c2 30 e7 2b cd a5 82 f0 54 1f c0 | unwrapped: ea 56 1c 33 d7 ce 90 ed 03 8d 64 0a 8f 59 a6 90 | unwrapped: f0 c2 cc 5c 72 a1 c1 33 82 f6 37 0d 06 ac a2 f8 | unwrapped: 47 55 f6 c8 ea cd 0a de e3 44 9b 90 79 2c 95 d5 | unwrapped: 18 c9 e2 fd 76 57 16 f3 f0 36 55 7b 7e bc da a2 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 92 55 ad 91 85 d3 19 b4 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | ee 2d 95 51 3b 31 36 02 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID_d PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_d: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a: release clone-key@0x556ef3609090 | SKEYID_a PRF sha crypt-prf@0x7f6c04002a80 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3601f40 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705632: ffffffda ffffffb7 ffffffa6 27 ffffffb7 ffffffe2 17 fffffffa 58 fffffff5 ffffffe0 74 ffffffd7 ffffff8a ffffffde 15 ffffffc5 68 6f ffffffa6 ffffff97 15 ffffffc6 ffffff91 ffffff9b ffffffc7 7e ffffff90 39 73 fffffffb 2f | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04004bc0 | unwrapped: f6 41 71 ae bf 6d c6 26 9e 7e 75 5c e9 ba 1b 5d | unwrapped: d1 74 e0 81 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_a: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705632: ffffff80 ffffff8b ffffffe3 ffffff93 4e ffffffd9 34 ffffff9e 37 7b 5b 6a ffffffb2 6e 4f 58 5a 48 5b ffffffb0 51 ffffff90 fffffff0 67 ffffffd8 ffffffa6 4c 7d 21 fffffff1 11 ffffffd8 0e ffffff8f ffffffa7 3a 02 fffffff0 ffffffc2 28 5f fffffff9 ffffff91 5f 3c ffffffc3 36 6d 6c 26 26 1c ffffffc4 1a ffffff96 ffffff86 7b 0e 1d ffffffc0 54 ffffff8f 41 ffffffb4 ffffffd7 ffffff92 56 24 07 2a 57 1d ffffffa2 ffffff9c ffffffca 55 31 22 ffffffb5 ffffffac 34 ffffffff 52 0a 09 2d 5b 35 ffffffb5 ffffffb9 70 ffffff9d 46 fffffff9 ffffff95 55 ffffffc2 fffffffa ffffff8f 0d ffffffd0 ffffffdc 1e ffffff86 6b ffffffcf 3d 71 4f ffffffd0 ffffff93 ffffffb1 ffffffeb ffffff95 ffffffc4 6f ffffffe1 0b 36 26 64 ffffff9d 56 62 ffffff86 ffffffc0 13 ffffff8b ffffffe5 ffffff9f 3d 78 08 ffffff8a 18 fffffff2 00 ffffffd5 66 ffffffa2 ffffffae ffffffb3 ffffffa1 fffffff1 3f ffffff98 fffffff6 70 68 12 ffffffdf ffffffe1 47 fffffff3 4f 07 54 02 20 61 60 ffffffe1 26 ffffffca f | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04000b20 | unwrapped: 74 ff 6d a8 27 aa 27 54 b5 60 45 97 04 33 d7 77 | unwrapped: cf c4 ac 7d 4a 18 02 ee 2f 5b 70 0f e8 4a d9 ba | unwrapped: 83 16 3b f9 cf bd 75 c6 2c 3f 75 aa 76 0f a0 8f | unwrapped: c6 1f ba e0 ea b8 b6 3c d8 c4 6e a4 78 de 57 df | unwrapped: 7c 77 0f 1e 5d 13 a1 58 ee f8 0c e6 51 92 91 b9 | unwrapped: 12 d9 d6 ad c7 33 31 07 e0 13 ec 17 c2 4b bb 27 | unwrapped: 0b dd 64 62 86 88 78 14 94 b6 a7 3d ef 56 ca d8 | unwrapped: ce 88 82 11 a8 0b 02 ec ec 94 16 35 6d e1 41 4c | unwrapped: 11 0d 3b 20 2d 65 35 20 5d 5c cf 96 c0 d8 0b 1a | unwrapped: 08 b7 28 18 1f 54 7d cc 9d fc 39 1f 2d 12 bc 7d | unwrapped: 8d cb 54 3c ee 06 17 38 8c 31 76 be 7e d7 36 be | unwrapped: 96 97 74 4b 47 c2 30 e7 2b cd a5 82 f0 54 1f c0 | unwrapped: ea 56 1c 33 d7 ce 90 ed 03 8d 64 0a 8f 59 a6 90 | unwrapped: f0 c2 cc 5c 72 a1 c1 33 82 f6 37 0d 06 ac a2 f8 | unwrapped: 47 55 f6 c8 ea cd 0a de e3 44 9b 90 79 2c 95 d5 | unwrapped: 18 c9 e2 fd 76 57 16 f3 f0 36 55 7b 7e bc da a2 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 92 55 ad 91 85 d3 19 b4 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | ee 2d 95 51 3b 31 36 02 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: final-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360c4c0 | SKEYID_a PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_a: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: clone-key@0x556ef360c4c0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e: release clone-key@0x556ef360c4c0 | SKEYID_e PRF sha crypt-prf@0x7f6c04004ba0 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3609090 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705648: fffffffb 52 1a fffffffa ffffffe4 ffffffa8 0e 4a ffffff89 60 60 24 4c 49 1f 2b ffffffad 26 5a ffffff9b 12 ffffffb9 ffffff83 ffffffd5 3f 18 06 15 21 ffffff9f 77 5c | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04006510 | unwrapped: b1 2a 74 74 f8 25 0f c5 7c 99 83 e0 bb 2e 7b 13 | unwrapped: 82 6f 89 6a 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_e: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705648: ffffff80 ffffff8b ffffffe3 ffffff93 4e ffffffd9 34 ffffff9e 37 7b 5b 6a ffffffb2 6e 4f 58 5a 48 5b ffffffb0 51 ffffff90 fffffff0 67 ffffffd8 ffffffa6 4c 7d 21 fffffff1 11 ffffffd8 0e ffffff8f ffffffa7 3a 02 fffffff0 ffffffc2 28 5f fffffff9 ffffff91 5f 3c ffffffc3 36 6d 6c 26 26 1c ffffffc4 1a ffffff96 ffffff86 7b 0e 1d ffffffc0 54 ffffff8f 41 ffffffb4 ffffffd7 ffffff92 56 24 07 2a 57 1d ffffffa2 ffffff9c ffffffca 55 31 22 ffffffb5 ffffffac 34 ffffffff 52 0a 09 2d 5b 35 ffffffb5 ffffffb9 70 ffffff9d 46 fffffff9 ffffff95 55 ffffffc2 fffffffa ffffff8f 0d ffffffd0 ffffffdc 1e ffffff86 6b ffffffcf 3d 71 4f ffffffd0 ffffff93 ffffffb1 ffffffeb ffffff95 ffffffc4 6f ffffffe1 0b 36 26 64 ffffff9d 56 62 ffffff86 ffffffc0 13 ffffff8b ffffffe5 ffffff9f 3d 78 08 ffffff8a 18 fffffff2 00 ffffffd5 66 ffffffa2 ffffffae ffffffb3 ffffffa1 fffffff1 3f ffffff98 fffffff6 70 68 12 ffffffdf ffffffe1 47 fffffff3 4f 07 54 02 20 61 60 ffffffe1 26 ffffffca f | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04001f20 | unwrapped: 74 ff 6d a8 27 aa 27 54 b5 60 45 97 04 33 d7 77 | unwrapped: cf c4 ac 7d 4a 18 02 ee 2f 5b 70 0f e8 4a d9 ba | unwrapped: 83 16 3b f9 cf bd 75 c6 2c 3f 75 aa 76 0f a0 8f | unwrapped: c6 1f ba e0 ea b8 b6 3c d8 c4 6e a4 78 de 57 df | unwrapped: 7c 77 0f 1e 5d 13 a1 58 ee f8 0c e6 51 92 91 b9 | unwrapped: 12 d9 d6 ad c7 33 31 07 e0 13 ec 17 c2 4b bb 27 | unwrapped: 0b dd 64 62 86 88 78 14 94 b6 a7 3d ef 56 ca d8 | unwrapped: ce 88 82 11 a8 0b 02 ec ec 94 16 35 6d e1 41 4c | unwrapped: 11 0d 3b 20 2d 65 35 20 5d 5c cf 96 c0 d8 0b 1a | unwrapped: 08 b7 28 18 1f 54 7d cc 9d fc 39 1f 2d 12 bc 7d | unwrapped: 8d cb 54 3c ee 06 17 38 8c 31 76 be 7e d7 36 be | unwrapped: 96 97 74 4b 47 c2 30 e7 2b cd a5 82 f0 54 1f c0 | unwrapped: ea 56 1c 33 d7 ce 90 ed 03 8d 64 0a 8f 59 a6 90 | unwrapped: f0 c2 cc 5c 72 a1 c1 33 82 f6 37 0d 06 ac a2 f8 | unwrapped: 47 55 f6 c8 ea cd 0a de e3 44 9b 90 79 2c 95 d5 | unwrapped: 18 c9 e2 fd 76 57 16 f3 f0 36 55 7b 7e bc da a2 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 92 55 ad 91 85 d3 19 b4 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | ee 2d 95 51 3b 31 36 02 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06b0 | result: final-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360e180 | SKEYID_e PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID_e: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06f8 | result: keymat-key@0x556ef360e180 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3601f40, skeyid_a 0x556ef3609090, skeyid_e 0x556ef360c4c0, enc_key 0x556ef360e180 | DH_i: 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | DH_i: 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | DH_i: fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | DH_i: 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | DH_i: 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | DH_i: 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | DH_i: a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | DH_i: f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | DH_i: eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | DH_i: d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | DH_i: f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | DH_i: 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | DH_i: be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | DH_i: 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | DH_i: be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | DH_i: 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | DH_r: 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | DH_r: 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | DH_r: 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | DH_r: b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | DH_r: 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | DH_r: bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | DH_r: 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | DH_r: 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | DH_r: 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | DH_r: e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | DH_r: 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | DH_r: 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | DH_r: bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | DH_r: 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | DH_r: 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | DH_r: 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | new IV hash sha final chunk@0x7f6c04000d60 (length 20) | 06 f1 dd 4a c4 99 50 65 f4 df 93 d0 c7 16 5b ec | a7 1e 4b 4c | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 time elapsed 0.002163 seconds | (#15) spent 2.08 milliseconds in crypto helper computing work-order 19: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 19 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7f6c040012f0 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 19 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #15: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c000017d0: transferring ownership from helper IKEv1 DH+IV to state #15 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 92 55 ad 91 85 d3 19 b4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | ee 2d 95 51 3b 31 36 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | 9d 51 8b e7 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 92 55 ad 91 85 d3 19 b4 | natd_hash: rcookie= ee 2d 95 51 3b 31 36 02 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | natd_hash: hash= 9d 51 8b e7 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 92 55 ad 91 85 d3 19 b4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | ee 2d 95 51 3b 31 36 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | 55 a2 94 75 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 92 55 ad 91 85 d3 19 b4 | natd_hash: rcookie= ee 2d 95 51 3b 31 36 02 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | natd_hash: hash= 55 a2 94 75 | expected NAT-D(me): d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | expected NAT-D(me): 9d 51 8b e7 | expected NAT-D(him): | 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | 55 a2 94 75 | received NAT-D: d7 7b 56 1b 2c 2a 38 8f 61 2d 6b 65 79 03 54 4a | received NAT-D: 9d 51 8b e7 | received NAT-D: 65 41 d6 d9 50 cb 1b 89 91 0b 6a 22 57 54 13 44 | received NAT-D: 55 a2 94 75 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef3628cd0 | hmac PRF sha update data-bytes@0x7f6c00002d20 (length 256) | 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | hmac PRF sha update data-bytes@0x7f6c0c000ea0 (length 256) | 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 92 55 ad 91 85 d3 19 b4 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | ee 2d 95 51 3b 31 36 02 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 07 8c 95 0f f5 c1 3a 92 29 82 c9 e5 a7 13 fd ad | 67 21 b2 57 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 07 8c 95 0f f5 c1 3a 92 29 82 c9 e5 a7 13 fd ad | HASH_I 67 21 b2 57 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 07 8c 95 0f f5 c1 3a 92 29 82 c9 e5 a7 13 fd ad | encrypting: 67 21 b2 57 | IV: 06 f1 dd 4a c4 99 50 65 f4 df 93 d0 c7 16 5b ec | IV: a7 1e 4b 4c | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 98 48 75 ca fb 0c 7e d0 0a 56 3a ad d7 75 ac 5a | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #15: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c00005a90 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 05 10 02 01 00 00 00 00 00 00 00 4c 21 9a f8 95 | cc 6a a4 27 78 38 6a 34 17 2b ea 76 70 f7 cc fb | 2f 2b c3 d7 d6 21 74 64 01 20 01 0b 98 48 75 ca | fb 0c 7e d0 0a 56 3a ad d7 75 ac 5a | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6c00005a90 size 128 | #15 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.27976 "aes128" #15: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.305 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c040012f0 | spent 0.00209 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 05 10 02 01 00 00 00 00 00 00 00 4c 00 ca 4c fe | 29 5e 7b 19 80 ac 79 3f 2f 78 4d ad af 39 b3 a6 | 65 6e 6d 40 6e a2 f2 b2 32 57 6e 19 d7 45 18 16 | 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I3 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #15 is idle | #15 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 98 48 75 ca fb 0c 7e d0 0a 56 3a ad d7 75 ac 5a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | decrypted payload (starts at offset -48): | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 89 cf d7 8f | ee 77 df b2 07 5a 98 45 58 0f 33 d3 23 73 99 e5 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #15: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef357b920 | hmac PRF sha update data-bytes@0x7f6c0c000ea0 (length 256) | 20 53 72 ad 03 d8 84 c2 cf 46 3c 7e ba 56 f0 52 | 39 02 24 81 77 bf 5c e6 b0 1b 5a 9c 03 1c 64 87 | 6a 30 51 f6 52 2e 92 16 f6 73 22 5b 3a d2 4a dc | b4 47 45 04 07 39 56 f7 a4 00 f6 fc b3 e6 07 ea | 7f 2c 75 a3 b7 eb 29 82 16 31 16 fa 78 4d 33 1d | bc 22 81 78 92 be 2f fb cd cc 53 69 e4 ee 70 9b | 7f dd e5 7e 36 ac fa a3 61 a8 7d 51 27 1a 9a c5 | 1b a9 0f 68 91 83 96 ce 04 cc 87 21 92 5f 86 52 | 4f aa 41 5e d5 cb b5 a7 8a d0 a6 38 dd 8d 59 c0 | e6 6b dc 03 0a a0 d1 4b b5 8e 04 19 af 6f 49 78 | 67 65 5a 64 30 10 14 82 74 49 8c b1 ca b1 dd e8 | 96 bb e2 1f 76 2d 8b a9 a0 96 40 2a 7c c1 d1 94 | bd bb bd 84 a4 26 e8 94 70 68 7c 99 85 a1 16 4a | 47 e3 b1 08 0d 7d a5 3a a1 86 6c 7b a5 4b a7 98 | 7f 8f c1 34 50 d0 26 8c 83 d5 3d 5a 68 43 ba 89 | 07 b4 db 2a be cb 44 a8 49 17 41 39 a5 9c c8 23 | hmac PRF sha update data-bytes@0x7f6c00002d20 (length 256) | 8c 3b 06 36 d2 05 1c f0 57 35 0c 2a ca 03 26 6e | 53 a4 fb 3b 97 a6 79 64 74 9a 4a 7b 9e 74 89 28 | fd bb 58 41 7a 01 0a 0b c7 01 a5 bd 4f 27 46 2d | 17 25 08 96 36 49 f9 c0 a7 0a c9 a1 96 06 29 46 | 20 23 fe f8 fe 61 93 8e 96 15 aa 7c 5a 0c be 97 | 4f d4 17 f6 6a e3 fa 67 da d0 a9 6e a3 0b 2d 64 | a5 10 62 12 af 0c f3 ab d3 8e 4c e0 d0 16 ea 6d | f9 cd 64 d9 8f 48 62 c4 79 66 e2 91 6c 85 65 0b | eb 5b 2e 8b 38 26 24 71 51 0a 7b da f0 9a 32 e2 | d0 fd 0f 2e 48 31 31 74 d5 3d ee 61 6a ed f9 e8 | f1 9d 05 02 cd 7b 93 a8 86 1b b9 66 1e 24 de ac | 52 7e 5c 93 4e eb 5d f3 81 5e 88 12 e8 be d9 2b | be 34 82 76 01 e2 13 6b d5 d3 57 08 88 ec 51 f6 | 1e b2 e0 61 93 04 35 85 92 df a3 fd 72 b7 7e a3 | be 27 9c 21 3d c9 5e b6 11 20 a2 88 7c d9 18 1d | 47 d6 ce 62 7d 81 ed 4a d1 4e 6d 2b 26 c9 e0 00 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | ee 2d 95 51 3b 31 36 02 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 92 55 ad 91 85 d3 19 b4 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x7f6bf8003a70 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 89 cf d7 8f ee 77 df b2 07 5a 98 45 58 0f 33 d3 | 23 73 99 e5 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #15: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c00005a90 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2646 seconds for #15 | libevent_malloc: new ptr-libevent@0x7f6c040012f0 size 128 | pstats #15 ikev1.isakmp established "aes128" #15: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #15 | creating state object #16 at 0x556ef361d990 | State DB: adding IKEv1 state #16 in UNDEFINED | pstats #16 ikev1.ipsec started | duplicating state object #15 "aes128" as #16 for IPSEC SA | #16 setting local endpoint to 192.1.2.45:500 from #15.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef360e180 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #15 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #16 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #16: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #16: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#15 msgid:0d499e43 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 20 for state #16 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f6c0c002d00 size 128 | stop processing: state #16 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #15 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | crypto helper 4 resuming | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x7f6c0c007f40} | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 4 starting work-order 20 for state #16 | #15 spent 0.295 milliseconds in process_packet_tail() | crypto helper 4 doing build KE and nonce (quick_outI1 KE); request ID 20 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | NSS: Value of Prime: | spent 0.399 milliseconds in comm_handle_cb() reading and processing packet | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6bf8001160: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6bf8001160 | NSS: Public DH wire value: | 73 06 aa ef c9 ff ce 41 ae 50 cd 18 0d 04 f1 fa | 91 ea 7d ba b2 8d fc 7b 6e 72 69 05 12 96 cc 2b | a2 42 e8 af 9d 58 5d 92 f5 45 04 ed fb 9b 48 3f | f4 1d 32 ab e1 49 9e a9 a9 b4 59 8c 03 1a bd 7a | 97 74 d0 ff 89 d4 85 dc d0 d5 14 d5 24 9e 23 f0 | 4c ab 74 a3 32 a1 37 96 03 90 d1 78 5f d4 cf 65 | 62 89 07 b7 8f 8a 70 10 74 29 3a 33 c1 e4 8f ac | d5 32 38 3f 58 e8 5c 49 3b ad 56 34 dc 4e 67 7e | 53 56 28 f7 5b bc 60 4e 23 0d cb f8 68 86 e7 62 | c1 76 e5 8f 72 24 b3 a0 23 f0 c4 32 be 48 ba 1f | 26 73 64 b2 da 03 69 dc ed d2 5c 7e 60 09 a5 85 | ae 34 ef 12 1d 32 0a 21 f4 a3 9c ec 8d 80 5a bb | 13 68 44 06 cf 7c b2 78 a4 7b b4 a8 73 1c f1 ca | 8a 93 91 8c 9c 7e 97 c7 dc 3b 30 c4 3c 80 4d 75 | e5 86 ff 3d 4c 3d 07 b0 f6 a0 5c af c5 8d 52 56 | e0 fc 9a 10 c5 64 62 d6 16 4c 2b 53 3b 8e 89 f8 | Generated nonce: 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | Generated nonce: 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | crypto helper 4 finished build KE and nonce (quick_outI1 KE); request ID 20 time elapsed 0.000754 seconds | (#16) spent 0.753 milliseconds in crypto helper computing work-order 20: quick_outI1 KE (pcr) | crypto helper 4 sending results from work-order 20 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 20 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #16: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 222928451 (0xd499e43) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x51732cfe for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 51 73 2c fe | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | Ni 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6bf8001160: transferring ownership from helper KE to state #16 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 73 06 aa ef c9 ff ce 41 ae 50 cd 18 0d 04 f1 fa | keyex value 91 ea 7d ba b2 8d fc 7b 6e 72 69 05 12 96 cc 2b | keyex value a2 42 e8 af 9d 58 5d 92 f5 45 04 ed fb 9b 48 3f | keyex value f4 1d 32 ab e1 49 9e a9 a9 b4 59 8c 03 1a bd 7a | keyex value 97 74 d0 ff 89 d4 85 dc d0 d5 14 d5 24 9e 23 f0 | keyex value 4c ab 74 a3 32 a1 37 96 03 90 d1 78 5f d4 cf 65 | keyex value 62 89 07 b7 8f 8a 70 10 74 29 3a 33 c1 e4 8f ac | keyex value d5 32 38 3f 58 e8 5c 49 3b ad 56 34 dc 4e 67 7e | keyex value 53 56 28 f7 5b bc 60 4e 23 0d cb f8 68 86 e7 62 | keyex value c1 76 e5 8f 72 24 b3 a0 23 f0 c4 32 be 48 ba 1f | keyex value 26 73 64 b2 da 03 69 dc ed d2 5c 7e 60 09 a5 85 | keyex value ae 34 ef 12 1d 32 0a 21 f4 a3 9c ec 8d 80 5a bb | keyex value 13 68 44 06 cf 7c b2 78 a4 7b b4 a8 73 1c f1 ca | keyex value 8a 93 91 8c 9c 7e 97 c7 dc 3b 30 c4 3c 80 4d 75 | keyex value e5 86 ff 3d 4c 3d 07 b0 f6 a0 5c af c5 8d 52 56 | keyex value e0 fc 9a 10 c5 64 62 d6 16 4c 2b 53 3b 8e 89 f8 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04000d60 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | 0d 49 9e 43 | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 51 73 2c fe 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 0c d7 5f ee | b7 78 32 94 31 37 45 ea 55 bc 37 3f 63 38 a9 a3 | f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f 05 00 01 04 | 73 06 aa ef c9 ff ce 41 ae 50 cd 18 0d 04 f1 fa | 91 ea 7d ba b2 8d fc 7b 6e 72 69 05 12 96 cc 2b | a2 42 e8 af 9d 58 5d 92 f5 45 04 ed fb 9b 48 3f | f4 1d 32 ab e1 49 9e a9 a9 b4 59 8c 03 1a bd 7a | 97 74 d0 ff 89 d4 85 dc d0 d5 14 d5 24 9e 23 f0 | 4c ab 74 a3 32 a1 37 96 03 90 d1 78 5f d4 cf 65 | 62 89 07 b7 8f 8a 70 10 74 29 3a 33 c1 e4 8f ac | d5 32 38 3f 58 e8 5c 49 3b ad 56 34 dc 4e 67 7e | 53 56 28 f7 5b bc 60 4e 23 0d cb f8 68 86 e7 62 | c1 76 e5 8f 72 24 b3 a0 23 f0 c4 32 be 48 ba 1f | 26 73 64 b2 da 03 69 dc ed d2 5c 7e 60 09 a5 85 | ae 34 ef 12 1d 32 0a 21 f4 a3 9c ec 8d 80 5a bb | 13 68 44 06 cf 7c b2 78 a4 7b b4 a8 73 1c f1 ca | 8a 93 91 8c 9c 7e 97 c7 dc 3b 30 c4 3c 80 4d 75 | e5 86 ff 3d 4c 3d 07 b0 f6 a0 5c af c5 8d 52 56 | e0 fc 9a 10 c5 64 62 d6 16 4c 2b 53 3b 8e 89 f8 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 03 8a 35 77 bc 51 c1 be ce 18 c7 df eb 50 14 ba | cf fb eb d7 | outI1 HASH(1): | 03 8a 35 77 bc 51 c1 be ce 18 c7 df eb 50 14 ba | cf fb eb d7 | last Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | current Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | 0d 49 9e 43 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 70 10 1d 42 70 52 f7 a6 48 4d 20 49 02 ed 40 47 | d7 33 c7 db | encrypting: 01 00 00 18 03 8a 35 77 bc 51 c1 be ce 18 c7 df | encrypting: eb 50 14 ba cf fb eb d7 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 51 73 2c fe | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 0c d7 5f ee b7 78 32 94 31 37 45 ea | encrypting: 55 bc 37 3f 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 | encrypting: 4e cb 09 8f 05 00 01 04 73 06 aa ef c9 ff ce 41 | encrypting: ae 50 cd 18 0d 04 f1 fa 91 ea 7d ba b2 8d fc 7b | encrypting: 6e 72 69 05 12 96 cc 2b a2 42 e8 af 9d 58 5d 92 | encrypting: f5 45 04 ed fb 9b 48 3f f4 1d 32 ab e1 49 9e a9 | encrypting: a9 b4 59 8c 03 1a bd 7a 97 74 d0 ff 89 d4 85 dc | encrypting: d0 d5 14 d5 24 9e 23 f0 4c ab 74 a3 32 a1 37 96 | encrypting: 03 90 d1 78 5f d4 cf 65 62 89 07 b7 8f 8a 70 10 | encrypting: 74 29 3a 33 c1 e4 8f ac d5 32 38 3f 58 e8 5c 49 | encrypting: 3b ad 56 34 dc 4e 67 7e 53 56 28 f7 5b bc 60 4e | encrypting: 23 0d cb f8 68 86 e7 62 c1 76 e5 8f 72 24 b3 a0 | encrypting: 23 f0 c4 32 be 48 ba 1f 26 73 64 b2 da 03 69 dc | encrypting: ed d2 5c 7e 60 09 a5 85 ae 34 ef 12 1d 32 0a 21 | encrypting: f4 a3 9c ec 8d 80 5a bb 13 68 44 06 cf 7c b2 78 | encrypting: a4 7b b4 a8 73 1c f1 ca 8a 93 91 8c 9c 7e 97 c7 | encrypting: dc 3b 30 c4 3c 80 4d 75 e5 86 ff 3d 4c 3d 07 b0 | encrypting: f6 a0 5c af c5 8d 52 56 e0 fc 9a 10 c5 64 62 d6 | encrypting: 16 4c 2b 53 3b 8e 89 f8 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 70 10 1d 42 70 52 f7 a6 48 4d 20 49 02 ed 40 47 | IV: d7 33 c7 db | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 1f d6 a9 9d 62 c5 3c 92 25 d2 9f 44 96 bd f1 67 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 20 01 0d 49 9e 43 00 00 01 bc 4e 9c 3a 72 | 5e 37 ec e3 b8 93 59 97 d1 05 6b 11 c8 e8 81 26 | f8 1a 96 44 24 da 08 1f cf 81 7d c0 e2 10 06 e7 | 26 00 b9 30 3c 94 2d 59 66 75 73 d0 1c 6d 1d 4c | 96 7c 59 67 c0 e3 3e ab d2 29 36 aa e9 66 e5 2e | 28 8b 77 cd cd ab 77 13 e5 55 ee 59 f6 63 d4 90 | 81 97 d2 d2 21 bc 17 ae 45 8a 3a 87 64 62 ee 06 | 67 2f e5 0f ca 66 f4 eb 5b f2 94 02 cb 11 c8 5e | 42 34 4d 8f c6 d5 c2 28 85 62 9a ea 2c 26 e1 c4 | 76 b1 e0 59 9e 46 93 36 a4 00 78 8e da ad b5 b3 | 7c 0e a0 bc a2 92 6c 7f c8 b4 30 7c 62 bd bd 4e | b5 39 6b 30 bb 98 7a 7c 41 5e 51 24 76 8d 4f 7a | 44 63 f7 18 fa 8f 1e ee 61 7f 1f 5e 7f da 61 64 | 27 d6 f8 dc f3 4e ad ef 7e 75 67 e6 bd 75 54 96 | 0f dd 61 ad 09 17 f0 95 11 df 11 fb 7c 0e ca 84 | 46 0a a0 22 80 37 55 d1 54 f3 af b0 49 bb 97 7a | 47 e0 38 27 fa 84 01 12 c6 60 66 c2 5c 83 72 4a | 68 d8 89 05 b6 13 84 75 42 07 1f b5 a6 7f 55 a6 | 82 0f da 3d 72 c9 f1 10 af 31 05 63 cb ed 05 f2 | 91 10 fc ed d6 ad ca e3 6f 15 42 f8 dc fe e1 b4 | 20 33 00 79 c3 27 6d 7c 4e e7 4e 40 e9 49 d3 0d | 47 6b b0 98 e2 84 e4 71 b2 04 47 14 54 1f a9 19 | 1c 81 52 ae 20 c8 2a 26 8d e3 7a 43 6f 38 60 57 | 0b 89 52 af 53 da a5 48 f0 8a 68 71 38 da 10 45 | 6f 5a af c6 18 bb 43 db bf ac 70 ab 8c 11 a3 d9 | fe 9b 5d 51 16 b5 a8 e0 1e b3 6c f9 1f d6 a9 9d | 62 c5 3c 92 25 d2 9f 44 96 bd f1 67 | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d00 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f6c0c002d00 size 128 | #16 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.282411 | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 0.661 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bf8006780 | spent 0.00281 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 20 01 0d 49 9e 43 00 00 01 bc 77 da 7a 2c | bf 30 ae f3 37 9f 73 b8 a4 fe ad 9c 29 22 34 ab | d9 ca 4b 2f 0a 40 55 08 c4 69 4b 24 ae b4 c7 5e | 1f 49 8b 72 3f ed 46 29 6f 4c c4 d8 31 f1 6d d3 | 18 57 7d e0 a9 42 02 de 39 c4 f8 66 ad 54 3e 47 | fe 4e 47 72 85 07 0d 50 f4 03 dc 1a d6 31 51 b2 | 7a a9 3c ea bb 75 78 2e 32 81 f9 82 2a 47 91 de | 75 3f cb d6 72 8f c1 8d 07 00 9b 94 45 88 87 38 | 1a 28 f4 7c 32 f6 2a b9 6f 03 41 ce 2e 7a 5a ba | 33 3e 36 74 90 a0 5c 18 21 15 74 f0 fc 1b 0e 51 | a0 7d 88 fd 68 1d 08 d8 0a 9f 86 a4 60 19 a0 a6 | ae 41 1d 25 24 2a b3 f2 e6 00 7c 83 28 f8 c4 9e | 92 c6 42 c5 03 5a 76 5d 86 4e bc d9 76 93 21 18 | 22 06 13 29 38 d7 1c 78 5e cb 3e 36 58 3d ab 4d | 43 43 fd 28 11 92 09 30 06 de 91 50 a9 4b 9a 03 | 83 08 57 08 06 7a 8b 60 a1 c3 cb e4 36 44 21 65 | 9c bb cf bc 72 58 d0 fe a0 a4 62 3f 34 e8 c5 fc | 87 f4 ac 48 d8 7b 24 21 dd e6 0d 42 4d 89 d6 3b | 5c 01 0c b9 91 0f 21 d0 3d 80 f4 92 36 c3 bb 38 | 74 fb 17 4d 93 92 7e 21 af 98 5c 1f df c6 b6 5e | 63 fd 39 f1 d5 53 ad 05 49 ed 79 fb 4e 7b 94 cf | b9 b1 c0 52 7f f0 e5 82 48 62 35 cb b3 2c 86 52 | 40 b2 de 44 71 0c 38 0f f3 c0 e0 6b ef b0 f2 43 | 58 75 e0 95 95 97 db 25 65 10 4a fc 2d 9a 89 ca | 62 77 6a 0f da 8f 7d 5f 4a 3e 86 ce 59 80 d0 dc | 81 c5 c0 69 21 81 e1 9a c3 17 30 45 bc 98 cc f0 | e5 35 e6 59 c5 5e 45 a0 11 d2 10 25 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 222928451 (0xd499e43) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #16 in QUICK_I1 (find_state_ikev1) | start processing: state #16 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1609) | #16 is idle | #16 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 1f d6 a9 9d 62 c5 3c 92 25 d2 9f 44 96 bd f1 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: bc 98 cc f0 e5 35 e6 59 c5 5e 45 a0 11 d2 10 25 | decrypted payload (starts at offset -416): | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 20 01 0d 49 9e 43 00 00 01 bc 01 00 00 18 | ee 71 24 49 35 e7 a9 46 be 38 5d 26 48 e1 da 9c | c2 e6 1d 09 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 d8 28 4c a4 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | 05 00 01 04 a7 55 58 27 ee c9 ae b4 6e bd 81 3a | 23 43 25 e4 82 03 eb ce dd 1b 42 9b 0e 84 2d 4e | 00 4c f2 57 9d 2a ac 7f 2e 28 6a f7 c7 81 f2 51 | 68 a3 d5 8d 45 70 a3 09 8d 02 a9 96 c7 ff 62 e6 | 68 84 2b 54 cb fd 8b 08 f6 a3 ba 53 2f 92 2d 07 | 74 f4 c7 aa 47 38 13 6d d7 fb b0 ec f8 30 83 09 | 8c 99 0b 31 2f 72 45 6f ae 3d 20 98 82 59 1f 71 | 7c 74 63 12 f2 4f 56 f1 63 8e 59 02 0e ea 67 18 | ad c5 d0 16 ef 58 c2 39 41 53 ac d5 e0 9e c0 14 | ce 1b c8 dc 14 28 22 64 8b 1d bf 8d 22 58 2f 36 | 40 2d 7b 37 ad 09 bc e6 fd f0 a0 20 2a 62 86 f0 | 52 07 b0 17 30 44 57 c4 c3 68 20 a0 67 71 dc 2f | bb fe fd f0 ed b8 fb 01 5d 8d e9 f3 06 b2 2b 33 | 6e b3 99 68 54 b8 d6 96 02 cf e7 b8 4d 56 d9 87 | 3f a9 f8 d3 18 dd 15 ae d7 8e 58 23 30 22 5d e9 | 5b 4c 4d 91 c4 28 8c c6 09 d2 4e 2e 4d eb ae 1d | 95 84 1a e8 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04000d60 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | 0d 49 9e 43 | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | HASH(1) PRF sha update payload-bytes@0x556ef3622b94 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 d8 28 4c a4 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 d7 d8 e6 ab | d3 62 9b 36 83 b6 22 2a f4 97 77 95 c9 22 19 ab | 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 05 00 01 04 | a7 55 58 27 ee c9 ae b4 6e bd 81 3a 23 43 25 e4 | 82 03 eb ce dd 1b 42 9b 0e 84 2d 4e 00 4c f2 57 | 9d 2a ac 7f 2e 28 6a f7 c7 81 f2 51 68 a3 d5 8d | 45 70 a3 09 8d 02 a9 96 c7 ff 62 e6 68 84 2b 54 | cb fd 8b 08 f6 a3 ba 53 2f 92 2d 07 74 f4 c7 aa | 47 38 13 6d d7 fb b0 ec f8 30 83 09 8c 99 0b 31 | 2f 72 45 6f ae 3d 20 98 82 59 1f 71 7c 74 63 12 | f2 4f 56 f1 63 8e 59 02 0e ea 67 18 ad c5 d0 16 | ef 58 c2 39 41 53 ac d5 e0 9e c0 14 ce 1b c8 dc | 14 28 22 64 8b 1d bf 8d 22 58 2f 36 40 2d 7b 37 | ad 09 bc e6 fd f0 a0 20 2a 62 86 f0 52 07 b0 17 | 30 44 57 c4 c3 68 20 a0 67 71 dc 2f bb fe fd f0 | ed b8 fb 01 5d 8d e9 f3 06 b2 2b 33 6e b3 99 68 | 54 b8 d6 96 02 cf e7 b8 4d 56 d9 87 3f a9 f8 d3 | 18 dd 15 ae d7 8e 58 23 30 22 5d e9 5b 4c 4d 91 | c4 28 8c c6 09 d2 4e 2e 4d eb ae 1d 95 84 1a e8 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | ee 71 24 49 35 e7 a9 46 be 38 5d 26 48 e1 da 9c | c2 e6 1d 09 | quick_inR1_outI2 HASH(2): | ee 71 24 49 35 e7 a9 46 be 38 5d 26 48 e1 da 9c | c2 e6 1d 09 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI d8 28 4c a4 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | a7 55 58 27 ee c9 ae b4 6e bd 81 3a 23 43 25 e4 | 82 03 eb ce dd 1b 42 9b 0e 84 2d 4e 00 4c f2 57 | 9d 2a ac 7f 2e 28 6a f7 c7 81 f2 51 68 a3 d5 8d | 45 70 a3 09 8d 02 a9 96 c7 ff 62 e6 68 84 2b 54 | cb fd 8b 08 f6 a3 ba 53 2f 92 2d 07 74 f4 c7 aa | 47 38 13 6d d7 fb b0 ec f8 30 83 09 8c 99 0b 31 | 2f 72 45 6f ae 3d 20 98 82 59 1f 71 7c 74 63 12 | f2 4f 56 f1 63 8e 59 02 0e ea 67 18 ad c5 d0 16 | ef 58 c2 39 41 53 ac d5 e0 9e c0 14 ce 1b c8 dc | 14 28 22 64 8b 1d bf 8d 22 58 2f 36 40 2d 7b 37 | ad 09 bc e6 fd f0 a0 20 2a 62 86 f0 52 07 b0 17 | 30 44 57 c4 c3 68 20 a0 67 71 dc 2f bb fe fd f0 | ed b8 fb 01 5d 8d e9 f3 06 b2 2b 33 6e b3 99 68 | 54 b8 d6 96 02 cf e7 b8 4d 56 d9 87 3f a9 f8 d3 | 18 dd 15 ae d7 8e 58 23 30 22 5d e9 5b 4c 4d 91 | c4 28 8c c6 09 d2 4e 2e 4d eb ae 1d 95 84 1a e8 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6bf8001160: transferring ownership from state #16 to helper IKEv1 DH | adding quick outI2 DH work-order 21 for state #16 | state #16 requesting EVENT_RETRANSMIT to be deleted | #16 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c0c002d00 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f6c0c002d00 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #16 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | crypto helper 5 resuming | crypto helper 5 starting work-order 21 for state #16 | suspending state #16 and saving MD | crypto helper 5 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 | #16 is busy; has a suspended MD | peer's g: a7 55 58 27 ee c9 ae b4 6e bd 81 3a 23 43 25 e4 | peer's g: 82 03 eb ce dd 1b 42 9b 0e 84 2d 4e 00 4c f2 57 | peer's g: 9d 2a ac 7f 2e 28 6a f7 c7 81 f2 51 68 a3 d5 8d | peer's g: 45 70 a3 09 8d 02 a9 96 c7 ff 62 e6 68 84 2b 54 | peer's g: cb fd 8b 08 f6 a3 ba 53 2f 92 2d 07 74 f4 c7 aa | #16 spent 0.243 milliseconds in process_packet_tail() | peer's g: 47 38 13 6d d7 fb b0 ec f8 30 83 09 8c 99 0b 31 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: 2f 72 45 6f ae 3d 20 98 82 59 1f 71 7c 74 63 12 | stop processing: state #16 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | peer's g: f2 4f 56 f1 63 8e 59 02 0e ea 67 18 ad c5 d0 16 | peer's g: ef 58 c2 39 41 53 ac d5 e0 9e c0 14 ce 1b c8 dc | peer's g: 14 28 22 64 8b 1d bf 8d 22 58 2f 36 40 2d 7b 37 | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: ad 09 bc e6 fd f0 a0 20 2a 62 86 f0 52 07 b0 17 | spent 0.649 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 30 44 57 c4 c3 68 20 a0 67 71 dc 2f bb fe fd f0 | peer's g: ed b8 fb 01 5d 8d e9 f3 06 b2 2b 33 6e b3 99 68 | peer's g: 54 b8 d6 96 02 cf e7 b8 4d 56 d9 87 3f a9 f8 d3 | peer's g: 18 dd 15 ae d7 8e 58 23 30 22 5d e9 5b 4c 4d 91 | peer's g: c4 28 8c c6 09 d2 4e 2e 4d eb ae 1d 95 84 1a e8 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6bf8001160: computed shared DH secret key@0x7f6c10006900 | dh-shared : g^ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 5 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 time elapsed 0.000667 seconds | (#16) spent 0.657 milliseconds in crypto helper computing work-order 21: quick outI2 DH (pcr) | crypto helper 5 sending results from work-order 21 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 21 | calling continuation function 0x556ef2b25630 | quick_inR1_outI2_continue for #16: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 222928451 (0xd499e43) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f6bf8001160: transferring ownership from helper IKEv1 DH to state #16 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e658 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef3628cd0 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e73c (length 4) | 0d 49 9e 43 | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | HASH(1) PRF sha update Nr_b-bytes@0x7f6c04006510 (length 32) | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | ec 5f 48 b0 05 9d 36 1b 8a 34 d2 2d 06 1d 2d 74 | b1 32 f7 ac | quick_inR1_outI2 HASH(3): | ec 5f 48 b0 05 9d 36 1b 8a 34 d2 2d 06 1d 2d 74 | b1 32 f7 ac | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef357b900 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef36236e0 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: 78 fffffff1 ffffffcc ffffffcf ffffff85 ffffffe5 ffffff94 58 fffffffd 2d ffffffa4 59 41 ffffffdd ffffffea 63 ffffffef 09 ffffffd7 ffffff9b 54 ffffffb5 3e 28 ffffffd3 5c 4a 2f 4f ffffffd9 fffffff7 6e fffffffc ffffffac 05 ffffffd3 5c 3f ffffffd3 5e ffffff82 1e ffffffbc 6a ffffffcf 71 45 ffffffeb fffffff2 fffffff8 ffffffb3 7d 02 ffffffda fffffff6 7b 2c ffffffea ffffff98 ffffffd4 6d 76 ffffff99 ffffffce 7b ffffff8b ffffffa8 27 74 01 ffffffea ffffffdd 30 ffffff92 2b 46 07 1b 4c ffffff97 ffffffa0 0f fffffff0 35 3c 3a 61 ffffffe1 ffffff87 ffffffb4 56 1d fffffff4 ffffffef 7c fffffff6 12 ffffffc4 ffffffad ffffffbc 54 72 ffffffc1 ffffffbf ffffffe0 ffffffcf ffffff82 5c 33 70 24 ffffffcf 72 ffffffc9 ffffffb9 ffffff99 ffffffdf 66 69 ffffffca 15 02 ffffffdd 78 74 3e 1a 66 ffffffb4 63 ffffffb4 fffffff3 1c ffffff9f 4f fffffff8 33 39 ffffffbd 60 ffffffa8 3b ffffffe3 61 1b ffffffdc 18 ffffff97 ffffffeb 0e ffffffaf 66 71 ffffffaa ffffffd0 ffffffd2 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 35 b6 d8 bf 79 0f 1f 42 18 8c c9 a3 21 6e da 40 | unwrapped: ef 77 c4 f1 f6 a7 cb e6 a2 18 a9 74 24 c3 ea 2c | unwrapped: a7 36 f1 b5 f3 26 63 8a 5a 50 4a 0b a9 9a 2d c9 | unwrapped: 11 78 fd 7d dc ce f8 41 f0 62 55 a1 d4 18 b0 6c | unwrapped: 4d 82 1e 4f 0e b3 12 0a fc 18 f3 c1 a6 56 a0 03 | unwrapped: 5d 41 ac 08 cb 6c d2 30 5e 69 b3 3d cc ec bc 97 | unwrapped: b7 54 30 74 ff c8 92 8e 1c ed 62 26 91 23 a1 33 | unwrapped: 80 12 6f d4 46 7e 23 77 57 48 33 4d 86 75 24 38 | unwrapped: 8a 85 86 d4 a6 ea f6 07 41 0b 54 bc 4d 9f 0f e7 | unwrapped: 92 54 9a 8b d9 61 d9 38 b8 14 2f 32 f4 a7 3b de | unwrapped: d2 c1 2e c3 a7 8f f9 ab 06 6a 41 9b 08 e6 52 4a | unwrapped: 80 8e 8c af 14 46 33 94 36 9f e2 b6 70 99 f5 97 | unwrapped: 51 23 ae f6 fb ed 1a b8 74 ec 1c d0 01 b7 af 9d | unwrapped: c3 55 4b a3 a0 dd 80 03 7c 1c c8 bb 4a 68 58 70 | unwrapped: 7d 02 c8 10 2d da 8d 52 85 53 d4 53 15 2d a8 dd | unwrapped: 99 37 c6 1d fd 21 1f f0 3b e3 9a da 42 47 f7 9a | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: 78 fffffff1 ffffffcc ffffffcf ffffff85 ffffffe5 ffffff94 58 fffffffd 2d ffffffa4 59 41 ffffffdd ffffffea 63 ffffffef 09 ffffffd7 ffffff9b 54 ffffffb5 3e 28 ffffffd3 5c 4a 2f 4f ffffffd9 fffffff7 6e fffffffc ffffffac 05 ffffffd3 5c 3f ffffffd3 5e ffffff82 1e ffffffbc 6a ffffffcf 71 45 ffffffeb fffffff2 fffffff8 ffffffb3 7d 02 ffffffda fffffff6 7b 2c ffffffea ffffff98 ffffffd4 6d 76 ffffff99 ffffffce 7b ffffff8b ffffffa8 27 74 01 ffffffea ffffffdd 30 ffffff92 2b 46 07 1b 4c ffffff97 ffffffa0 0f fffffff0 35 3c 3a 61 ffffffe1 ffffff87 ffffffb4 56 1d fffffff4 ffffffef 7c fffffff6 12 ffffffc4 ffffffad ffffffbc 54 72 ffffffc1 ffffffbf ffffffe0 ffffffcf ffffff82 5c 33 70 24 ffffffcf 72 ffffffc9 ffffffb9 ffffff99 ffffffdf 66 69 ffffffca 15 02 ffffffdd 78 74 3e 1a 66 ffffffb4 63 ffffffb4 fffffff3 1c ffffff9f 4f fffffff8 33 39 ffffffbd 60 ffffffa8 3b ffffffe3 61 1b ffffffdc 18 ffffff97 ffffffeb 0e ffffffaf 66 71 ffffffaa ffffffd0 ffffffd2 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 35 b6 d8 bf 79 0f 1f 42 18 8c c9 a3 21 6e da 40 | unwrapped: ef 77 c4 f1 f6 a7 cb e6 a2 18 a9 74 24 c3 ea 2c | unwrapped: a7 36 f1 b5 f3 26 63 8a 5a 50 4a 0b a9 9a 2d c9 | unwrapped: 11 78 fd 7d dc ce f8 41 f0 62 55 a1 d4 18 b0 6c | unwrapped: 4d 82 1e 4f 0e b3 12 0a fc 18 f3 c1 a6 56 a0 03 | unwrapped: 5d 41 ac 08 cb 6c d2 30 5e 69 b3 3d cc ec bc 97 | unwrapped: b7 54 30 74 ff c8 92 8e 1c ed 62 26 91 23 a1 33 | unwrapped: 80 12 6f d4 46 7e 23 77 57 48 33 4d 86 75 24 38 | unwrapped: 8a 85 86 d4 a6 ea f6 07 41 0b 54 bc 4d 9f 0f e7 | unwrapped: 92 54 9a 8b d9 61 d9 38 b8 14 2f 32 f4 a7 3b de | unwrapped: d2 c1 2e c3 a7 8f f9 ab 06 6a 41 9b 08 e6 52 4a | unwrapped: 80 8e 8c af 14 46 33 94 36 9f e2 b6 70 99 f5 97 | unwrapped: 51 23 ae f6 fb ed 1a b8 74 ec 1c d0 01 b7 af 9d | unwrapped: c3 55 4b a3 a0 dd 80 03 7c 1c c8 bb 4a 68 58 70 | unwrapped: 7d 02 c8 10 2d da 8d 52 85 53 d4 53 15 2d a8 dd | unwrapped: 99 37 c6 1d fd 21 1f f0 3b e3 9a da 42 47 f7 9a | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 51 73 2c fe | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | d8 28 4c a4 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | hmac PRF sha update data-bytes@0x7f6c04006510 (length 32) | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | hmac PRF sha update data-bytes@0x7f6c04006510 (length 32) | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | hmac PRF sha final-bytes@0x556ef3628d10 (length 20) | 98 0c fb 82 a2 22 46 a7 09 8b a3 be 25 dd dd 02 | 7a da d5 1f | hmac PRF sha final-bytes@0x7f6bfc002af0 (length 20) | 56 7d 82 1a 2f 66 65 6c 2c 6d 53 03 bf b6 1d ed | 40 df 76 05 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef357b900 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef3625cd0 | hmac PRF sha update data-bytes@0x556ef3628d10 (length 20) | 98 0c fb 82 a2 22 46 a7 09 8b a3 be 25 dd dd 02 | 7a da d5 1f | hmac PRF sha update data-bytes@0x7f6bfc002af0 (length 20) | 56 7d 82 1a 2f 66 65 6c 2c 6d 53 03 bf b6 1d ed | 40 df 76 05 | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: 78 fffffff1 ffffffcc ffffffcf ffffff85 ffffffe5 ffffff94 58 fffffffd 2d ffffffa4 59 41 ffffffdd ffffffea 63 ffffffef 09 ffffffd7 ffffff9b 54 ffffffb5 3e 28 ffffffd3 5c 4a 2f 4f ffffffd9 fffffff7 6e fffffffc ffffffac 05 ffffffd3 5c 3f ffffffd3 5e ffffff82 1e ffffffbc 6a ffffffcf 71 45 ffffffeb fffffff2 fffffff8 ffffffb3 7d 02 ffffffda fffffff6 7b 2c ffffffea ffffff98 ffffffd4 6d 76 ffffff99 ffffffce 7b ffffff8b ffffffa8 27 74 01 ffffffea ffffffdd 30 ffffff92 2b 46 07 1b 4c ffffff97 ffffffa0 0f fffffff0 35 3c 3a 61 ffffffe1 ffffff87 ffffffb4 56 1d fffffff4 ffffffef 7c fffffff6 12 ffffffc4 ffffffad ffffffbc 54 72 ffffffc1 ffffffbf ffffffe0 ffffffcf ffffff82 5c 33 70 24 ffffffcf 72 ffffffc9 ffffffb9 ffffff99 ffffffdf 66 69 ffffffca 15 02 ffffffdd 78 74 3e 1a 66 ffffffb4 63 ffffffb4 fffffff3 1c ffffff9f 4f fffffff8 33 39 ffffffbd 60 ffffffa8 3b ffffffe3 61 1b ffffffdc 18 ffffff97 ffffffeb 0e ffffffaf 66 71 ffffffaa ffffffd0 ffffffd2 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 35 b6 d8 bf 79 0f 1f 42 18 8c c9 a3 21 6e da 40 | unwrapped: ef 77 c4 f1 f6 a7 cb e6 a2 18 a9 74 24 c3 ea 2c | unwrapped: a7 36 f1 b5 f3 26 63 8a 5a 50 4a 0b a9 9a 2d c9 | unwrapped: 11 78 fd 7d dc ce f8 41 f0 62 55 a1 d4 18 b0 6c | unwrapped: 4d 82 1e 4f 0e b3 12 0a fc 18 f3 c1 a6 56 a0 03 | unwrapped: 5d 41 ac 08 cb 6c d2 30 5e 69 b3 3d cc ec bc 97 | unwrapped: b7 54 30 74 ff c8 92 8e 1c ed 62 26 91 23 a1 33 | unwrapped: 80 12 6f d4 46 7e 23 77 57 48 33 4d 86 75 24 38 | unwrapped: 8a 85 86 d4 a6 ea f6 07 41 0b 54 bc 4d 9f 0f e7 | unwrapped: 92 54 9a 8b d9 61 d9 38 b8 14 2f 32 f4 a7 3b de | unwrapped: d2 c1 2e c3 a7 8f f9 ab 06 6a 41 9b 08 e6 52 4a | unwrapped: 80 8e 8c af 14 46 33 94 36 9f e2 b6 70 99 f5 97 | unwrapped: 51 23 ae f6 fb ed 1a b8 74 ec 1c d0 01 b7 af 9d | unwrapped: c3 55 4b a3 a0 dd 80 03 7c 1c c8 bb 4a 68 58 70 | unwrapped: 7d 02 c8 10 2d da 8d 52 85 53 d4 53 15 2d a8 dd | unwrapped: 99 37 c6 1d fd 21 1f f0 3b e3 9a da 42 47 f7 9a | hmac PRF sha update g^xy-key@0x7f6c10006900 (size 256) | hmac: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: 78 fffffff1 ffffffcc ffffffcf ffffff85 ffffffe5 ffffff94 58 fffffffd 2d ffffffa4 59 41 ffffffdd ffffffea 63 ffffffef 09 ffffffd7 ffffff9b 54 ffffffb5 3e 28 ffffffd3 5c 4a 2f 4f ffffffd9 fffffff7 6e fffffffc ffffffac 05 ffffffd3 5c 3f ffffffd3 5e ffffff82 1e ffffffbc 6a ffffffcf 71 45 ffffffeb fffffff2 fffffff8 ffffffb3 7d 02 ffffffda fffffff6 7b 2c ffffffea ffffff98 ffffffd4 6d 76 ffffff99 ffffffce 7b ffffff8b ffffffa8 27 74 01 ffffffea ffffffdd 30 ffffff92 2b 46 07 1b 4c ffffff97 ffffffa0 0f fffffff0 35 3c 3a 61 ffffffe1 ffffff87 ffffffb4 56 1d fffffff4 ffffffef 7c fffffff6 12 ffffffc4 ffffffad ffffffbc 54 72 ffffffc1 ffffffbf ffffffe0 ffffffcf ffffff82 5c 33 70 24 ffffffcf 72 ffffffc9 ffffffb9 ffffff99 ffffffdf 66 69 ffffffca 15 02 ffffffdd 78 74 3e 1a 66 ffffffb4 63 ffffffb4 fffffff3 1c ffffff9f 4f fffffff8 33 39 ffffffbd 60 ffffffa8 3b ffffffe3 61 1b ffffffdc 18 ffffff97 ffffffeb 0e ffffffaf 66 71 ffffffaa ffffffd0 ffffffd2 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 35 b6 d8 bf 79 0f 1f 42 18 8c c9 a3 21 6e da 40 | unwrapped: ef 77 c4 f1 f6 a7 cb e6 a2 18 a9 74 24 c3 ea 2c | unwrapped: a7 36 f1 b5 f3 26 63 8a 5a 50 4a 0b a9 9a 2d c9 | unwrapped: 11 78 fd 7d dc ce f8 41 f0 62 55 a1 d4 18 b0 6c | unwrapped: 4d 82 1e 4f 0e b3 12 0a fc 18 f3 c1 a6 56 a0 03 | unwrapped: 5d 41 ac 08 cb 6c d2 30 5e 69 b3 3d cc ec bc 97 | unwrapped: b7 54 30 74 ff c8 92 8e 1c ed 62 26 91 23 a1 33 | unwrapped: 80 12 6f d4 46 7e 23 77 57 48 33 4d 86 75 24 38 | unwrapped: 8a 85 86 d4 a6 ea f6 07 41 0b 54 bc 4d 9f 0f e7 | unwrapped: 92 54 9a 8b d9 61 d9 38 b8 14 2f 32 f4 a7 3b de | unwrapped: d2 c1 2e c3 a7 8f f9 ab 06 6a 41 9b 08 e6 52 4a | unwrapped: 80 8e 8c af 14 46 33 94 36 9f e2 b6 70 99 f5 97 | unwrapped: 51 23 ae f6 fb ed 1a b8 74 ec 1c d0 01 b7 af 9d | unwrapped: c3 55 4b a3 a0 dd 80 03 7c 1c c8 bb 4a 68 58 70 | unwrapped: 7d 02 c8 10 2d da 8d 52 85 53 d4 53 15 2d a8 dd | unwrapped: 99 37 c6 1d fd 21 1f f0 3b e3 9a da 42 47 f7 9a | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 51 73 2c fe | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | d8 28 4c a4 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | 0c d7 5f ee b7 78 32 94 31 37 45 ea 55 bc 37 3f | 63 38 a9 a3 f3 e6 ee 33 79 e6 6c 80 4e cb 09 8f | hmac PRF sha update data-bytes@0x7f6c04006510 (length 32) | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | hmac PRF sha update data-bytes@0x7f6c04006510 (length 32) | d7 d8 e6 ab d3 62 9b 36 83 b6 22 2a f4 97 77 95 | c9 22 19 ab 5e 96 28 c2 db 4e d5 3d 2b 55 f0 47 | hmac PRF sha final-bytes@0x556ef3628d24 (length 20) | 5a 20 b0 f2 bf bd 49 bc 09 ac 66 fa 8f ae 6e 9c | 36 6b c9 83 | hmac PRF sha final-bytes@0x7f6bfc002b04 (length 20) | 0d 4d 63 8f 44 52 dd 2a 47 1f 3a b6 67 c1 2a 77 | e2 30 35 9a | install_ipsec_sa() for #16: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.d8284ca4@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.51732cfe@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #16: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #16 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xd8284ca4 SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0xd8284ca4 SPI_OUT=0x51732cfe ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xd8284ca | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0xd8284ca4 SPI_OUT=0x51732cfe ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xd8284ca4 SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xd8284ca4 SPI_OUT=0x51732cfe ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x556ef3620bc0,sr=0x556ef3620bc0} to #16 (was #0) (newest_ipsec_sa=#0) | #15 spent 0.868 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 ec 5f 48 b0 05 9d 36 1b 8a 34 d2 2d | encrypting: 06 1d 2d 74 b1 32 f7 ac | IV: bc 98 cc f0 e5 35 e6 59 c5 5e 45 a0 11 d2 10 25 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 7f ce e9 a1 7d db af 1d 49 30 f8 a5 de db ff 81 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #16 (was #0) (spd.eroute=#16) cloned from #15 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #16 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #16 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #16: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d00 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 20 01 0d 49 9e 43 00 00 00 3c 0d 7b 4c db | 52 bd e2 31 7e 89 2c 2b 38 96 6b 25 7f ce e9 a1 | 7d db af 1d 49 30 f8 a5 de db ff 81 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6bfc002b20 | inserting event EVENT_SA_REPLACE, timeout in 28111 seconds for #16 | libevent_malloc: new ptr-libevent@0x7f6c0c002d00 size 128 | pstats #16 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #16: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xd8284ca4 <0x51732cfe xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 1.98 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bfc002030 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0043 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00324 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0029 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.51732cfe@192.1.2.45 | get_sa_info esp.d8284ca4@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0951 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #16 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #16 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #16 ikev1.ipsec deleted completed | [RE]START processing: state #16 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #16: deleting state (STATE_QUICK_I2) aged 0.105s and sending notification | child state #16: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.d8284ca4@192.1.2.23 | get_sa_info esp.51732cfe@192.1.2.45 "aes128" #16: ESP traffic information: in=84B out=84B | #16 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1859917810 (0x6edc17f2) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 51 73 2c fe | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x556ef357b920 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 6e dc 17 f2 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 51 73 2c fe | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 3a 7e 17 ca 14 3d e0 c5 1d 85 06 44 5d 50 12 ec | 6d cb 62 07 | send delete HASH(1): | 3a 7e 17 ca 14 3d e0 c5 1d 85 06 44 5d 50 12 ec | 6d cb 62 07 | last Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | current Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 6e dc 17 f2 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 89 be b4 f2 5d 0f 24 19 e7 20 d5 b1 6a 87 7c 97 | 21 89 17 3f | encrypting: 0c 00 00 18 3a 7e 17 ca 14 3d e0 c5 1d 85 06 44 | encrypting: 5d 50 12 ec 6d cb 62 07 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 51 73 2c fe | IV: 89 be b4 f2 5d 0f 24 19 e7 20 d5 b1 6a 87 7c 97 | IV: 21 89 17 3f | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 28 ae 65 da a5 8e 4c 79 2e 0c 88 42 49 a8 b8 d6 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 05 01 6e dc 17 f2 00 00 00 4c 5a 03 8e 5b | 02 76 04 4b 92 be 1e 92 00 34 dd 05 a5 3e 5f 8d | 7b 37 81 95 e1 8c 36 b3 0b 09 b5 f4 28 ae 65 da | a5 8e 4c 79 2e 0c 88 42 49 a8 b8 d6 | state #16 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d00 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6bfc002b20 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050311' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xd8284ca | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050311' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0xd8284ca4 SPI_OUT=0x51732cfe ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.d8284ca4@192.1.2.23 | netlink response for Del SA esp.d8284ca4@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.51732cfe@192.1.2.45 | netlink response for Del SA esp.51732cfe@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #16 in QUICK_I2 | child state #16: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6bf8001160: destroyed | stop processing: state #16 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x7f6c10006900 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #15 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #15 | start processing: state #15 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #15 ikev1.isakmp deleted completed | [RE]START processing: state #15 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #15: deleting state (STATE_MAIN_I4) aged 0.123s and sending notification | parent state #15: MAIN_I4(established IKE SA) => delete | #15 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2081615634 (0x7c12ef12) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 92 55 ad 91 85 d3 19 b4 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI ee 2d 95 51 3b 31 36 02 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c04000d60 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 7c 12 ef 12 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 92 55 ad 91 | 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 0f 52 0b 67 1d 09 08 62 9d 1b 6e d8 d7 2e 53 07 | 98 87 62 31 | send delete HASH(1): | 0f 52 0b 67 1d 09 08 62 9d 1b 6e d8 d7 2e 53 07 | 98 87 62 31 | last Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | current Phase 1 IV: d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | d7 45 18 16 9f b1 35 a5 99 1f b8 52 fc 1f 2c 23 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 7c 12 ef 12 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | e0 f4 d2 11 ac ec 55 48 2e aa 88 56 92 c0 f3 78 | 96 16 4c 63 | encrypting: 0c 00 00 18 0f 52 0b 67 1d 09 08 62 9d 1b 6e d8 | encrypting: d7 2e 53 07 98 87 62 31 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 | encrypting: 3b 31 36 02 | IV: e0 f4 d2 11 ac ec 55 48 2e aa 88 56 92 c0 f3 78 | IV: 96 16 4c 63 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 52 bc fd b9 eb 74 c6 7a 58 86 56 85 63 ea f4 9e | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 05 01 7c 12 ef 12 00 00 00 5c 4b 35 4b b2 | b0 8c 51 5b a2 f6 28 e6 f9 27 ce f9 69 9b 17 a1 | 66 f6 be 2a 01 b8 79 57 61 2b b9 c3 59 95 c6 f0 | 4f 6e 71 ed d3 95 b0 bd ce ad 75 26 52 bc fd b9 | eb 74 c6 7a 58 86 56 85 63 ea f4 9e | state #15 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c040012f0 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #15 in MAIN_I4 | parent state #15: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c000017d0: destroyed | stop processing: state #15 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef36037c0 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef360e180 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.28 milliseconds in whack | spent 0.00168 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 05 01 d1 56 fb 28 00 00 00 4c 4a f2 ca 3b | 08 58 df f4 37 85 c5 3c 89 f3 9e 40 78 b8 e1 c6 | 74 5c 24 ef d7 f0 e7 7b a4 64 fc 95 6a 97 73 fb | 49 92 dc ba 83 a6 17 e6 68 6c 09 1f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3512138536 (0xd156fb28) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xd156fb28 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 92 55 ad 91 85 d3 19 b4 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | ee 2d 95 51 3b 31 36 02 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0692 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00446 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00336 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 92 55 ad 91 85 d3 19 b4 ee 2d 95 51 3b 31 36 02 | 08 10 05 01 61 d6 85 e5 00 00 00 5c 8e 39 e7 ae | a9 ee 8d 16 82 bf 12 a8 0a 25 ce 78 6f a8 31 28 | 79 f2 5c 92 ab 17 31 5d 86 a5 f4 b5 76 35 5a 6e | a7 b8 2d 3e e1 e4 42 25 75 94 c8 f2 6c 57 fa 75 | f6 eb 60 dd fc 25 10 f6 bf 31 f8 8e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 92 55 ad 91 85 d3 19 b4 | responder cookie: | ee 2d 95 51 3b 31 36 02 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1641448933 (0x61d685e5) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x61d685e5 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 92 55 ad 91 85 d3 19 b4 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | ee 2d 95 51 3b 31 36 02 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.079 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x556ef362a7b0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.745 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00497 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0638 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0469 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0398 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0517 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.145 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #17 at 0x556ef3625160 | State DB: adding IKEv1 state #17 in UNDEFINED | pstats #17 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #17: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #17 "aes128" "aes128" #17: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x556ef3623680 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 49 59 68 fc af 7e f4 fe 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #17 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.953602 | #17 spent 0.766 milliseconds in main_outI1() | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.821 milliseconds in whack | spent 0.00188 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #17 in MAIN_I1 (find_state_ikev1_init) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #17 is idle | #17 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 22 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.139 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.258 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 22 for state #17 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 22 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c10000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c10000d60 | NSS: Public DH wire value: | 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | Generated nonce: 39 8b cf d6 ba 73 a3 9d 49 c5 97 36 a3 8a 11 8c | Generated nonce: 93 9a 9a e2 96 2d 1d 97 3a bc 51 5b de a9 5d ad | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 22 time elapsed 0.000996 seconds | (#17) spent 0.997 milliseconds in crypto helper computing work-order 22: outI2 KE (pcr) | crypto helper 0 sending results from work-order 22 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f6c10001a20 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 22 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #17: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c10000d60: transferring ownership from helper KE to state #17 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | keyex value 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | keyex value 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | keyex value f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | keyex value e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | keyex value 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | keyex value 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | keyex value c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | keyex value 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | keyex value 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | keyex value e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | keyex value f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | keyex value ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | keyex value ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | keyex value 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | keyex value 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 39 8b cf d6 ba 73 a3 9d 49 c5 97 36 a3 8a 11 8c | Ni 93 9a 9a e2 96 2d 1d 97 3a bc 51 5b de a9 5d ad | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 49 59 68 fc af 7e f4 fe | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | fb 54 76 c8 c2 07 41 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | 37 90 c9 f8 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 49 59 68 fc af 7e f4 fe | natd_hash: rcookie= fb 54 76 c8 c2 07 41 02 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | natd_hash: hash= 37 90 c9 f8 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | NAT-D 37 90 c9 f8 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 49 59 68 fc af 7e f4 fe | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | fb 54 76 c8 c2 07 41 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | e4 40 09 73 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 49 59 68 fc af 7e f4 fe | natd_hash: rcookie= fb 54 76 c8 c2 07 41 02 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | natd_hash: hash= e4 40 09 73 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | NAT-D e4 40 09 73 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #17 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #17: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | 14 00 00 24 39 8b cf d6 ba 73 a3 9d 49 c5 97 36 | a3 8a 11 8c 93 9a 9a e2 96 2d 1d 97 3a bc 51 5b | de a9 5d ad 14 00 00 18 d5 08 11 58 2a ef f9 29 | 28 d0 62 51 2e fb aa 3d 37 90 c9 f8 00 00 00 18 | 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | e4 40 09 73 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #17 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.955891 "aes128" #17: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.344 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c10001a20 | spent 0.0025 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | 14 00 00 24 b5 8e bb 4a c9 e6 7b 51 fd b5 4f 6a | 9b fc 07 8f ac 1c 32 53 e6 88 45 44 0c 3c 1a 5d | b6 b5 85 1a 14 00 00 18 31 5b 62 05 6b d7 22 13 | 06 db 02 f7 0b 20 1d 0c e4 40 09 73 00 00 00 18 | d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | 37 90 c9 f8 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I2 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #17 is idle | #17 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c10000d60: transferring ownership from state #17 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 23 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6c10001a20 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.0925 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.237 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 23 for state #17 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 | peer's g: fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | peer's g: 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | peer's g: 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | peer's g: 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | peer's g: 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | peer's g: 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | peer's g: 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | peer's g: 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | peer's g: cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | peer's g: bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | peer's g: c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | peer's g: 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | peer's g: c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | peer's g: 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | peer's g: ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | peer's g: b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c10000d60: computed shared DH secret key@0x556ef360e180 | dh-shared : g^ir-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: psk-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: psk-key@0x556ef360c4c0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3609090 | SKEYID psk prf: created sha context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk prf: begin sha with context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk: release clone-key@0x556ef360c4c0 | SKEYID psk PRF sha crypt-prf@0x7f6c08001250 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | 39 8b cf d6 ba 73 a3 9d 49 c5 97 36 a3 8a 11 8c | 93 9a 9a e2 96 2d 1d 97 3a bc 51 5b de a9 5d ad | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | b5 8e bb 4a c9 e6 7b 51 fd b5 4f 6a 9b fc 07 8f | ac 1c 32 53 e6 88 45 44 0c 3c 1a 5d b6 b5 85 1a | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID psk PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID psk: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6b8 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d: release clone-key@0x556ef3609090 | SKEYID_d PRF sha crypt-prf@0x7f6c080084b0 | SKEYID_d PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_d: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312960: ffffff88 fffffff8 20 30 ffffffdc ffffffc9 6f ffffffd0 ffffff81 ffffffc1 53 5e 16 71 62 2f 4c ffffff95 ffffffa1 ffffffc5 2a 5e fffffff5 ffffffee 4d ffffffe3 7e ffffff99 49 7a fffffff5 7d 48 ffffffc8 fffffffc 67 ffffff8f 7e 34 44 77 ffffff82 1e 77 ffffffd1 ffffffbb ffffff8d fffffffd 30 ffffff85 ffffffdb 35 fffffffc 1a 62 5d 24 21 0e ffffffdc 66 6f 4d 53 ffffffbb ffffffc2 5a ffffff92 ffffffad 38 ffffffe6 ffffffd0 ffffffc0 ffffffcd 40 19 56 0a 09 ffffffc6 7c ffffff9f ffffff9a 2e 33 3a 7f 1e fffffff6 fffffff6 55 54 ffffffb1 5f ffffff9a ffffff8d 62 ffffff86 ffffff80 43 65 fffffff8 ffffffe9 34 ffffffbe fffffff4 31 ffffffb0 5c ffffffc3 09 0d 52 ffffff94 ffffffa0 ffffffee ffffff9b ffffffab 24 ffffff8b ffffffe4 51 ffffff9f ffffff9f ffffffa1 fffffff3 65 70 ffffffcb 7f ffffffce 54 fffffff1 ffffffcd ffffffac 6f 77 24 5e ffffffce fffffffa ffffffa8 ffffffd7 ffffff8f 7c 5b 0e fffffff7 fffffff3 ffffffb2 fffffff1 ffffffbb fffffffa 69 ffffffc3 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08008d20 | unwrapped: b2 da dc 03 04 32 a2 61 5c 02 ea 1e 7e e8 c1 07 | unwrapped: 0e 21 46 7f 9a c5 76 eb c1 43 67 67 81 39 a3 17 | unwrapped: 48 6a ac 34 7e 75 7d 3a 1b 41 d8 19 8e fb 71 85 | unwrapped: 86 83 f9 17 e1 ac 47 ea 0f 89 b7 b6 36 34 f9 b6 | unwrapped: d1 fe f4 fd f9 2b e5 cb 06 4b 42 ec 1c 89 3d 37 | unwrapped: 4b 63 52 68 5f c8 51 be 04 f7 0d ca 52 47 67 d2 | unwrapped: c1 67 35 77 57 b7 b3 6e 3b cb 6f 59 ce a7 aa 61 | unwrapped: 12 48 a0 a0 e2 52 f6 4b ac 26 90 46 43 d1 1f 41 | unwrapped: 96 7c ad e8 f0 32 26 50 5a 8e fd 28 90 22 4c 39 | unwrapped: 13 97 10 a0 a1 83 18 75 0b 3d c5 62 21 32 5c 18 | unwrapped: 3b d9 66 6b 7a 64 e8 f7 8f c1 42 e9 ff 9e 12 33 | unwrapped: 30 f4 58 81 49 d9 bf aa 66 60 6b 2a ac a1 1f 45 | unwrapped: 4b 23 7b ee cb 94 30 a8 b0 8c a1 5f d1 31 6d 74 | unwrapped: 4f 25 d7 4c d4 6d 12 f3 78 1f 4e 94 d6 94 a7 57 | unwrapped: dd 77 32 29 04 01 c7 c3 27 b5 33 f2 e8 84 a0 fd | unwrapped: dd 47 b6 3c 6c 54 6c 36 1d 40 4d 4a b5 50 96 81 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 49 59 68 fc af 7e f4 fe | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | fb 54 76 c8 c2 07 41 02 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID_d PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_d: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a: release clone-key@0x556ef3601f40 | SKEYID_a PRF sha crypt-prf@0x7f6c08008ad0 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3609090 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312928: ffffff90 7b ffffffa2 5b ffffffdb ffffff82 09 ffffffea 58 ffffffb8 7b ffffffc0 48 35 ffffffe6 ffffffbb ffffffa7 ffffff89 67 3e 35 ffffffb6 ffffff87 fffffff7 13 ffffffbe ffffff82 22 0d ffffff9a ffffffce ffffffe9 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c080030d0 | unwrapped: 1b 03 2d 27 e5 64 c9 ef 74 2e 2a 6f cd 2f fd d9 | unwrapped: 58 79 99 30 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_a: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312928: ffffff88 fffffff8 20 30 ffffffdc ffffffc9 6f ffffffd0 ffffff81 ffffffc1 53 5e 16 71 62 2f 4c ffffff95 ffffffa1 ffffffc5 2a 5e fffffff5 ffffffee 4d ffffffe3 7e ffffff99 49 7a fffffff5 7d 48 ffffffc8 fffffffc 67 ffffff8f 7e 34 44 77 ffffff82 1e 77 ffffffd1 ffffffbb ffffff8d fffffffd 30 ffffff85 ffffffdb 35 fffffffc 1a 62 5d 24 21 0e ffffffdc 66 6f 4d 53 ffffffbb ffffffc2 5a ffffff92 ffffffad 38 ffffffe6 ffffffd0 ffffffc0 ffffffcd 40 19 56 0a 09 ffffffc6 7c ffffff9f ffffff9a 2e 33 3a 7f 1e fffffff6 fffffff6 55 54 ffffffb1 5f ffffff9a ffffff8d 62 ffffff86 ffffff80 43 65 fffffff8 ffffffe9 34 ffffffbe fffffff4 31 ffffffb0 5c ffffffc3 09 0d 52 ffffff94 ffffffa0 ffffffee ffffff9b ffffffab 24 ffffff8b ffffffe4 51 ffffff9f ffffff9f ffffffa1 fffffff3 65 70 ffffffcb 7f ffffffce 54 fffffff1 ffffffcd ffffffac 6f 77 24 5e ffffffce fffffffa ffffffa8 ffffffd7 ffffff8f 7c 5b 0e fffffff7 fffffff3 ffffffb2 fffffff1 ffffffbb fffffffa 69 ffffffc3 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08008c10 | unwrapped: b2 da dc 03 04 32 a2 61 5c 02 ea 1e 7e e8 c1 07 | unwrapped: 0e 21 46 7f 9a c5 76 eb c1 43 67 67 81 39 a3 17 | unwrapped: 48 6a ac 34 7e 75 7d 3a 1b 41 d8 19 8e fb 71 85 | unwrapped: 86 83 f9 17 e1 ac 47 ea 0f 89 b7 b6 36 34 f9 b6 | unwrapped: d1 fe f4 fd f9 2b e5 cb 06 4b 42 ec 1c 89 3d 37 | unwrapped: 4b 63 52 68 5f c8 51 be 04 f7 0d ca 52 47 67 d2 | unwrapped: c1 67 35 77 57 b7 b3 6e 3b cb 6f 59 ce a7 aa 61 | unwrapped: 12 48 a0 a0 e2 52 f6 4b ac 26 90 46 43 d1 1f 41 | unwrapped: 96 7c ad e8 f0 32 26 50 5a 8e fd 28 90 22 4c 39 | unwrapped: 13 97 10 a0 a1 83 18 75 0b 3d c5 62 21 32 5c 18 | unwrapped: 3b d9 66 6b 7a 64 e8 f7 8f c1 42 e9 ff 9e 12 33 | unwrapped: 30 f4 58 81 49 d9 bf aa 66 60 6b 2a ac a1 1f 45 | unwrapped: 4b 23 7b ee cb 94 30 a8 b0 8c a1 5f d1 31 6d 74 | unwrapped: 4f 25 d7 4c d4 6d 12 f3 78 1f 4e 94 d6 94 a7 57 | unwrapped: dd 77 32 29 04 01 c7 c3 27 b5 33 f2 e8 84 a0 fd | unwrapped: dd 47 b6 3c 6c 54 6c 36 1d 40 4d 4a b5 50 96 81 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 49 59 68 fc af 7e f4 fe | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | fb 54 76 c8 c2 07 41 02 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: final-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360fae0 | SKEYID_a PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_a: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: clone-key@0x556ef360fae0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e: release clone-key@0x556ef360fae0 | SKEYID_e PRF sha crypt-prf@0x7f6c08002090 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3601f40 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312944: ffffffcc 6b 69 3e 50 ffffff8e ffffffde ffffffe4 ffffffcb ffffffe6 0d ffffff98 ffffffba ffffffda ffffffab 30 fffffffa 24 ffffff92 ffffffc2 ffffffe3 ffffff8e 1d fffffffe 06 40 62 ffffff82 ffffffb5 fffffffc 13 fffffffc | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08009030 | unwrapped: ae d1 32 49 91 4a 99 4e e1 a4 0f 08 5c ce ff cc | unwrapped: cb e4 6d 96 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef360e180 (size 256) | SKEYID_e: g^xy-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312944: ffffff88 fffffff8 20 30 ffffffdc ffffffc9 6f ffffffd0 ffffff81 ffffffc1 53 5e 16 71 62 2f 4c ffffff95 ffffffa1 ffffffc5 2a 5e fffffff5 ffffffee 4d ffffffe3 7e ffffff99 49 7a fffffff5 7d 48 ffffffc8 fffffffc 67 ffffff8f 7e 34 44 77 ffffff82 1e 77 ffffffd1 ffffffbb ffffff8d fffffffd 30 ffffff85 ffffffdb 35 fffffffc 1a 62 5d 24 21 0e ffffffdc 66 6f 4d 53 ffffffbb ffffffc2 5a ffffff92 ffffffad 38 ffffffe6 ffffffd0 ffffffc0 ffffffcd 40 19 56 0a 09 ffffffc6 7c ffffff9f ffffff9a 2e 33 3a 7f 1e fffffff6 fffffff6 55 54 ffffffb1 5f ffffff9a ffffff8d 62 ffffff86 ffffff80 43 65 fffffff8 ffffffe9 34 ffffffbe fffffff4 31 ffffffb0 5c ffffffc3 09 0d 52 ffffff94 ffffffa0 ffffffee ffffff9b ffffffab 24 ffffff8b ffffffe4 51 ffffff9f ffffff9f ffffffa1 fffffff3 65 70 ffffffcb 7f ffffffce 54 fffffff1 ffffffcd ffffffac 6f 77 24 5e ffffffce fffffffa ffffffa8 ffffffd7 ffffff8f 7c 5b 0e fffffff7 fffffff3 ffffffb2 fffffff1 ffffffbb fffffffa 69 ffffffc3 ffffff8 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08000b20 | unwrapped: b2 da dc 03 04 32 a2 61 5c 02 ea 1e 7e e8 c1 07 | unwrapped: 0e 21 46 7f 9a c5 76 eb c1 43 67 67 81 39 a3 17 | unwrapped: 48 6a ac 34 7e 75 7d 3a 1b 41 d8 19 8e fb 71 85 | unwrapped: 86 83 f9 17 e1 ac 47 ea 0f 89 b7 b6 36 34 f9 b6 | unwrapped: d1 fe f4 fd f9 2b e5 cb 06 4b 42 ec 1c 89 3d 37 | unwrapped: 4b 63 52 68 5f c8 51 be 04 f7 0d ca 52 47 67 d2 | unwrapped: c1 67 35 77 57 b7 b3 6e 3b cb 6f 59 ce a7 aa 61 | unwrapped: 12 48 a0 a0 e2 52 f6 4b ac 26 90 46 43 d1 1f 41 | unwrapped: 96 7c ad e8 f0 32 26 50 5a 8e fd 28 90 22 4c 39 | unwrapped: 13 97 10 a0 a1 83 18 75 0b 3d c5 62 21 32 5c 18 | unwrapped: 3b d9 66 6b 7a 64 e8 f7 8f c1 42 e9 ff 9e 12 33 | unwrapped: 30 f4 58 81 49 d9 bf aa 66 60 6b 2a ac a1 1f 45 | unwrapped: 4b 23 7b ee cb 94 30 a8 b0 8c a1 5f d1 31 6d 74 | unwrapped: 4f 25 d7 4c d4 6d 12 f3 78 1f 4e 94 d6 94 a7 57 | unwrapped: dd 77 32 29 04 01 c7 c3 27 b5 33 f2 e8 84 a0 fd | unwrapped: dd 47 b6 3c 6c 54 6c 36 1d 40 4d 4a b5 50 96 81 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 49 59 68 fc af 7e f4 fe | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | fb 54 76 c8 c2 07 41 02 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6b0 | result: final-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36037c0 | SKEYID_e PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID_e: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6f8 | result: keymat-key@0x556ef36037c0 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x556ef3609090, skeyid_a 0x556ef3601f40, skeyid_e 0x556ef360fae0, enc_key 0x556ef36037c0 | DH_i: 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | DH_i: 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | DH_i: 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | DH_i: f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | DH_i: e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | DH_i: 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | DH_i: 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | DH_i: c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | DH_i: 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | DH_i: 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | DH_i: e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | DH_i: f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | DH_i: ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | DH_i: ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | DH_i: 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | DH_i: 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | DH_r: fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | DH_r: 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | DH_r: 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | DH_r: 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | DH_r: 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | DH_r: 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | DH_r: 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | DH_r: 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | DH_r: cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | DH_r: bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | DH_r: c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | DH_r: 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | DH_r: c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | DH_r: 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | DH_r: ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | DH_r: b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | new IV hash sha final chunk@0x7f6c08001270 (length 20) | 25 d3 af 99 ae 05 6f 45 3e 32 37 94 98 c0 d4 32 | 77 a8 f0 a8 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 time elapsed 0.002263 seconds | (#17) spent 2.26 milliseconds in crypto helper computing work-order 23: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 23 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 23 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #17: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c10000d60: transferring ownership from helper IKEv1 DH+IV to state #17 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 49 59 68 fc af 7e f4 fe | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | fb 54 76 c8 c2 07 41 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | e4 40 09 73 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 49 59 68 fc af 7e f4 fe | natd_hash: rcookie= fb 54 76 c8 c2 07 41 02 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | natd_hash: hash= e4 40 09 73 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 49 59 68 fc af 7e f4 fe | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | fb 54 76 c8 c2 07 41 02 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | 37 90 c9 f8 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 49 59 68 fc af 7e f4 fe | natd_hash: rcookie= fb 54 76 c8 c2 07 41 02 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | natd_hash: hash= 37 90 c9 f8 | expected NAT-D(me): 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | expected NAT-D(me): e4 40 09 73 | expected NAT-D(him): | d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | 37 90 c9 f8 | received NAT-D: 31 5b 62 05 6b d7 22 13 06 db 02 f7 0b 20 1d 0c | received NAT-D: e4 40 09 73 | received NAT-D: d5 08 11 58 2a ef f9 29 28 d0 62 51 2e fb aa 3d | received NAT-D: 37 90 c9 f8 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef36236c0 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | hmac PRF sha update data-bytes@0x7f6bf8000b20 (length 256) | fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 49 59 68 fc af 7e f4 fe | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | fb 54 76 c8 c2 07 41 02 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 66 11 9b 97 34 d3 23 07 8d 6f 99 af e0 ba dc ba | 20 a7 82 b5 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 66 11 9b 97 34 d3 23 07 8d 6f 99 af e0 ba dc ba | HASH_I 20 a7 82 b5 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 66 11 9b 97 34 d3 23 07 8d 6f 99 af e0 ba dc ba | encrypting: 20 a7 82 b5 | IV: 25 d3 af 99 ae 05 6f 45 3e 32 37 94 98 c0 d4 32 | IV: 77 a8 f0 a8 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 2c 1d 75 4f 6f 6f 5e bb 5a 29 91 7f 1c 7b bd 00 | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #17: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c10001a20 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 05 10 02 01 00 00 00 00 00 00 00 4c fa ef 21 2f | 12 8d 26 bb 93 f4 92 f3 cd fe f0 9e 66 02 db 99 | ce c1 54 a3 85 bf de 8d 97 63 b9 b8 2c 1d 75 4f | 6f 6f 5e bb 5a 29 91 7f 1c 7b bd 00 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6c10001a20 size 128 | #17 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.961636 "aes128" #17: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.476 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c08001090 | spent 0.00188 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 05 10 02 01 00 00 00 00 00 00 00 4c dd 7f ad 04 | a4 cf 0a 3b b1 11 f2 79 99 76 96 9e 4b 32 b9 19 | 5e a5 95 90 d3 10 72 b3 65 ef d2 fd 38 cf 17 d6 | 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I3 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 2c 1d 75 4f 6f 6f 5e bb 5a 29 91 7f 1c 7b bd 00 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | decrypted payload (starts at offset -48): | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 47 2c 95 aa | 8e 17 2d 2b 5b 6f 96 58 35 a6 8d cd e4 17 60 d5 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #17: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c10006900 | hmac: release clone-key@0x7f6c10006900 | hmac PRF sha crypt-prf@0x556ef36236a0 | hmac PRF sha update data-bytes@0x7f6bf8000b20 (length 256) | fc 88 fd 0c b0 0d d0 99 b7 0d 2b 23 e1 9a da b2 | 35 cd de 5d 17 96 3a fe 8d 4b 94 3c 3d 5b 42 89 | 10 c5 06 da dd b5 fb 69 41 09 7c 0c 43 be 46 f9 | 62 93 94 fa 71 90 9d bf 18 ee 25 1c ec 9b ec 9e | 72 0a aa f2 a8 b3 3f d5 74 fd c5 ff 63 4e af 79 | 80 99 7f af ea d2 5e 33 f7 bf 12 86 07 3f 57 66 | 9e 32 42 50 0c bc c5 ba 92 e5 a7 43 2b ce ed 18 | 57 3f 89 4a d1 34 04 c6 7b 05 91 8e 63 55 ab 35 | cb 9d 52 2b 17 57 be e5 f7 19 a6 91 01 38 6a e8 | bf a2 90 a6 95 f3 b1 46 ed ca 56 c6 cd 76 30 02 | c9 75 48 6b 97 17 5d e1 51 6c 44 08 f7 17 39 4e | 00 45 21 d5 03 89 47 95 de 86 fb 11 71 9c ce 69 | c7 4e ba cb d3 10 2b ed 81 fa 2d df 89 1d 8a 84 | 5f be a6 92 f0 76 9a 6f 72 4f 0e 20 fe cc 79 83 | ca c7 20 86 59 9a 5c d6 a6 2f 70 47 3e 65 33 e8 | b0 32 ba 3e 8d dd 21 c8 f9 74 b2 fe b6 46 43 18 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | 04 20 3a 9f 30 3e 49 98 cc 63 00 ca 73 1b 48 82 | 5e 2e 5f e0 92 42 e3 f2 2e d7 2f 54 8d f6 43 83 | 2e a0 38 f9 bb ec f7 c0 a9 d0 18 63 5a e8 30 19 | f1 39 4c 2c cf 82 01 d8 de e9 e5 b9 96 ee 5d 68 | e7 f0 ee 2d fa 58 26 52 c1 b7 cd 06 a7 8f b2 84 | 83 05 86 14 1b 06 da d8 36 09 ed ea eb 95 c7 8f | 69 88 03 00 fd e3 e1 6b 44 42 4d a6 42 7e 01 5b | c7 4b 6e c5 89 bb ea 0c c1 55 e5 e7 81 d6 8e d1 | 18 3b a4 8e 57 da 36 60 36 19 0f ed 70 6f 02 5a | 6f 56 30 5f ff fb d8 ef eb 22 52 75 59 40 65 9e | e4 82 d7 6a 93 4c d5 1c 7b 73 70 69 33 3b 9b cb | f6 67 e1 8c d9 76 55 69 5b ea 2c a8 ef 32 4f 3f | ac 63 75 06 e7 7e d3 42 cb 0b db f7 13 28 22 4c | ca e5 4e d3 5b 33 7f 94 78 1f 11 15 d6 58 8e 1e | 05 50 c2 a0 94 46 ed be 1f 12 b3 70 3b f2 f5 9d | 0d 44 93 2c b9 ec ca a1 7e 4c cd b4 71 07 ad 03 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | fb 54 76 c8 c2 07 41 02 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 49 59 68 fc af 7e f4 fe | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c04002b24 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x7f6c0c007f60 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 47 2c 95 aa 8e 17 2d 2b 5b 6f 96 58 35 a6 8d cd | e4 17 60 d5 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #17: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c10001a20 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2761 seconds for #17 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | pstats #17 ikev1.isakmp established "aes128" #17: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #17 | creating state object #18 at 0x556ef361d990 | State DB: adding IKEv1 state #18 in UNDEFINED | pstats #18 ikev1.ipsec started | duplicating state object #17 "aes128" as #18 for IPSEC SA | #18 setting local endpoint to 192.1.2.45:500 from #17.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x556ef36037c0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #17 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #18 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #18: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #18: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#17 msgid:181ffce3 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 24 for state #18 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #18 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | stop processing: state #18 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #17 connection "aes128" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x7f6bf8006cd0} | close_any(fd@24) (in release_whack() at state.c:654) | #17 spent 0.42 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.572 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 24 for state #18 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 24 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c0c000d60: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c0c000d60 | NSS: Public DH wire value: | 60 52 da 1b b4 68 af 06 67 3f 0e 06 3b a6 93 92 | fe 72 28 bc b2 77 25 67 a1 4f e7 e6 0b 04 b6 d2 | d9 30 c4 d7 f9 f8 d9 32 77 df e9 e5 7c d2 0c 7a | 06 ef 54 9c cb 2f ad 51 73 fe 35 24 f8 e1 ba c6 | c6 f1 48 a8 a4 76 aa 8e 74 05 86 99 62 d7 c3 85 | d0 e0 e9 76 14 d5 a6 c9 a6 98 77 43 91 17 55 52 | b5 5a 02 76 be e2 bc 3a 83 f9 6d 23 40 11 70 5a | 0c c5 9e 67 43 62 d4 3f c8 16 c2 7c cb a2 75 2b | d3 a5 e0 03 89 ab 5a 82 40 65 50 ca 85 a5 6d ea | 2d 2c c6 94 8b b3 3a 6c e1 29 eb 90 5b fe 78 22 | d6 06 64 d0 0a 34 53 ae 70 bf 83 12 f0 da 20 ca | d6 c6 5a af 74 43 fa d3 21 a6 bf 54 dc dc fd 12 | b4 1e ce 29 4d a2 2f 15 24 93 fe 35 93 cb 9e 54 | be 62 2d 76 dc d5 18 4f 76 72 43 7a 86 e3 76 d6 | c9 d6 ce 79 e0 0e 10 f6 14 46 66 34 a1 09 89 2d | b5 5e b8 cf 7e ec 6b 11 bb 6d 06 0d 1c cd 38 d1 | Generated nonce: 5f 9b b7 01 ca ac 6b cd 87 3b f4 b9 f1 f8 a5 b2 | Generated nonce: 44 54 fa eb 3d b8 f4 bb d5 07 cf ec ba e9 9c 63 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 24 time elapsed 0.001068 seconds | (#18) spent 1.07 milliseconds in crypto helper computing work-order 24: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 24 for state #18 to event queue | scheduling resume sending helper answer for #18 | libevent_malloc: new ptr-libevent@0x7f6c0c002d50 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #18 | start processing: state #18 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 24 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #18: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 404749539 (0x181ffce3) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x995da854 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 99 5d a8 54 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #18: IMPAIR: stripping key-length "aes128" #18: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 5f 9b b7 01 ca ac 6b cd 87 3b f4 b9 f1 f8 a5 b2 | Ni 44 54 fa eb 3d b8 f4 bb d5 07 cf ec ba e9 9c 63 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c0c000d60: transferring ownership from helper KE to state #18 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 60 52 da 1b b4 68 af 06 67 3f 0e 06 3b a6 93 92 | keyex value fe 72 28 bc b2 77 25 67 a1 4f e7 e6 0b 04 b6 d2 | keyex value d9 30 c4 d7 f9 f8 d9 32 77 df e9 e5 7c d2 0c 7a | keyex value 06 ef 54 9c cb 2f ad 51 73 fe 35 24 f8 e1 ba c6 | keyex value c6 f1 48 a8 a4 76 aa 8e 74 05 86 99 62 d7 c3 85 | keyex value d0 e0 e9 76 14 d5 a6 c9 a6 98 77 43 91 17 55 52 | keyex value b5 5a 02 76 be e2 bc 3a 83 f9 6d 23 40 11 70 5a | keyex value 0c c5 9e 67 43 62 d4 3f c8 16 c2 7c cb a2 75 2b | keyex value d3 a5 e0 03 89 ab 5a 82 40 65 50 ca 85 a5 6d ea | keyex value 2d 2c c6 94 8b b3 3a 6c e1 29 eb 90 5b fe 78 22 | keyex value d6 06 64 d0 0a 34 53 ae 70 bf 83 12 f0 da 20 ca | keyex value d6 c6 5a af 74 43 fa d3 21 a6 bf 54 dc dc fd 12 | keyex value b4 1e ce 29 4d a2 2f 15 24 93 fe 35 93 cb 9e 54 | keyex value be 62 2d 76 dc d5 18 4f 76 72 43 7a 86 e3 76 d6 | keyex value c9 d6 ce 79 e0 0e 10 f6 14 46 66 34 a1 09 89 2d | keyex value b5 5e b8 cf 7e ec 6b 11 bb 6d 06 0d 1c cd 38 d1 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08001270 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | 18 1f fc e3 | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 99 5d a8 54 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 5f 9b b7 01 ca ac 6b cd | 87 3b f4 b9 f1 f8 a5 b2 44 54 fa eb 3d b8 f4 bb | d5 07 cf ec ba e9 9c 63 05 00 01 04 60 52 da 1b | b4 68 af 06 67 3f 0e 06 3b a6 93 92 fe 72 28 bc | b2 77 25 67 a1 4f e7 e6 0b 04 b6 d2 d9 30 c4 d7 | f9 f8 d9 32 77 df e9 e5 7c d2 0c 7a 06 ef 54 9c | cb 2f ad 51 73 fe 35 24 f8 e1 ba c6 c6 f1 48 a8 | a4 76 aa 8e 74 05 86 99 62 d7 c3 85 d0 e0 e9 76 | 14 d5 a6 c9 a6 98 77 43 91 17 55 52 b5 5a 02 76 | be e2 bc 3a 83 f9 6d 23 40 11 70 5a 0c c5 9e 67 | 43 62 d4 3f c8 16 c2 7c cb a2 75 2b d3 a5 e0 03 | 89 ab 5a 82 40 65 50 ca 85 a5 6d ea 2d 2c c6 94 | 8b b3 3a 6c e1 29 eb 90 5b fe 78 22 d6 06 64 d0 | 0a 34 53 ae 70 bf 83 12 f0 da 20 ca d6 c6 5a af | 74 43 fa d3 21 a6 bf 54 dc dc fd 12 b4 1e ce 29 | 4d a2 2f 15 24 93 fe 35 93 cb 9e 54 be 62 2d 76 | dc d5 18 4f 76 72 43 7a 86 e3 76 d6 c9 d6 ce 79 | e0 0e 10 f6 14 46 66 34 a1 09 89 2d b5 5e b8 cf | 7e ec 6b 11 bb 6d 06 0d 1c cd 38 d1 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | b5 0f 71 fc 6e a1 9e 75 41 fe 9a 22 03 d2 e2 f8 | 8a c8 13 2b | outI1 HASH(1): | b5 0f 71 fc 6e a1 9e 75 41 fe 9a 22 03 d2 e2 f8 | 8a c8 13 2b | last Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | current Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | 18 1f fc e3 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 09 83 02 70 25 63 92 2c 3b ad 04 ec d5 6b c3 07 | 99 27 33 32 | encrypting: 01 00 00 18 b5 0f 71 fc 6e a1 9e 75 41 fe 9a 22 | encrypting: 03 d2 e2 f8 8a c8 13 2b 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 99 5d a8 54 | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 5f 9b b7 01 ca ac 6b cd 87 3b f4 b9 f1 f8 a5 b2 | encrypting: 44 54 fa eb 3d b8 f4 bb d5 07 cf ec ba e9 9c 63 | encrypting: 05 00 01 04 60 52 da 1b b4 68 af 06 67 3f 0e 06 | encrypting: 3b a6 93 92 fe 72 28 bc b2 77 25 67 a1 4f e7 e6 | encrypting: 0b 04 b6 d2 d9 30 c4 d7 f9 f8 d9 32 77 df e9 e5 | encrypting: 7c d2 0c 7a 06 ef 54 9c cb 2f ad 51 73 fe 35 24 | encrypting: f8 e1 ba c6 c6 f1 48 a8 a4 76 aa 8e 74 05 86 99 | encrypting: 62 d7 c3 85 d0 e0 e9 76 14 d5 a6 c9 a6 98 77 43 | encrypting: 91 17 55 52 b5 5a 02 76 be e2 bc 3a 83 f9 6d 23 | encrypting: 40 11 70 5a 0c c5 9e 67 43 62 d4 3f c8 16 c2 7c | encrypting: cb a2 75 2b d3 a5 e0 03 89 ab 5a 82 40 65 50 ca | encrypting: 85 a5 6d ea 2d 2c c6 94 8b b3 3a 6c e1 29 eb 90 | encrypting: 5b fe 78 22 d6 06 64 d0 0a 34 53 ae 70 bf 83 12 | encrypting: f0 da 20 ca d6 c6 5a af 74 43 fa d3 21 a6 bf 54 | encrypting: dc dc fd 12 b4 1e ce 29 4d a2 2f 15 24 93 fe 35 | encrypting: 93 cb 9e 54 be 62 2d 76 dc d5 18 4f 76 72 43 7a | encrypting: 86 e3 76 d6 c9 d6 ce 79 e0 0e 10 f6 14 46 66 34 | encrypting: a1 09 89 2d b5 5e b8 cf 7e ec 6b 11 bb 6d 06 0d | encrypting: 1c cd 38 d1 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 09 83 02 70 25 63 92 2c 3b ad 04 ec d5 6b c3 07 | IV: 99 27 33 32 | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d6 40 5a 8d 63 df df a9 06 50 41 cf 4b d4 72 33 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #18) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 08 10 20 01 18 1f fc e3 00 00 01 bc 80 41 00 73 | af 29 51 f1 87 55 86 99 b1 35 fa 33 d9 ce 4d 35 | 95 d2 63 91 a3 54 a4 62 06 18 99 7c d5 0f 49 e4 | cd 47 10 1f f4 71 86 17 36 cd af 10 63 53 e1 9b | 38 e2 35 27 8d ef ec 8b 3b eb 06 4f b5 27 75 90 | d0 8b e0 28 d2 6d 87 2b 6a 69 d1 13 31 ad e3 96 | ed 77 1f b8 6a 83 b6 b0 33 b1 f9 fb 8b 66 f6 af | 94 12 a7 f7 48 29 83 9a a6 2c 80 f7 36 56 5b dd | 36 cf 50 19 8a 64 b5 e1 83 35 90 bd 36 d2 a0 a0 | 4e 2f f5 dd 73 28 ad 7a c4 96 0b 0a 1a a3 e3 72 | ef 4d d4 b7 6f fe 56 39 5a ce bd 26 12 ee 5b 54 | 44 0c 21 b2 43 a9 76 c0 58 21 37 63 6c 5c 35 19 | 49 45 11 b0 17 c5 06 a4 e7 81 f8 49 90 0a a0 5b | ec 8a a2 db fc 66 87 45 44 b6 e5 01 9c 4c 46 03 | ef 50 2c fd c9 29 fe 2e 45 39 84 2f 59 05 02 12 | ef c4 8a 70 3b 1d 63 41 39 0f a7 bc 76 c0 79 81 | ed 91 d0 1d 95 28 30 72 ee 6f c9 d5 6c a9 5a 7d | f8 02 ee 08 9e 31 2a 82 2b e8 9a c0 5f 7d cb fc | 46 da f7 f2 b4 65 6a 17 55 20 2a f0 07 49 02 2f | 0c cf 19 cf 45 ad 78 69 77 5f ac f7 37 da de 4a | c4 3b b6 24 e4 92 1d 44 32 c1 81 2e 4c f5 e6 83 | c4 2d 4a 7e de 54 9f 24 f6 c6 5c 9e a7 48 02 8c | 16 8c d8 04 6a 6a 20 6f 90 30 ef bb 04 2a e7 83 | 75 d0 84 07 80 b7 80 02 14 c5 b1 e2 c3 34 bb 10 | a6 7b cc 90 fe 9d 81 98 60 1a d6 ca 65 11 16 ac | 61 6d 55 71 9c fd 32 18 cd 41 2a ab d6 40 5a 8d | 63 df df a9 06 50 41 cf 4b d4 72 33 | state #18 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf8006780 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c100015b0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #18 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | #18 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48958.965902 | resume sending helper answer for #18 suppresed complete_v1_state_transition() | #18 spent 0.716 milliseconds in resume sending helper answer | stop processing: state #18 connection "aes128" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c0c002d50 | spent 0.00202 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 08 10 05 01 c5 fd f1 dc 00 00 00 4c a4 88 1c b8 | 3e 24 47 fa dd 17 8a 83 bd 3e 6a c8 93 8b 7a aa | 63 26 c3 9f fb 60 36 f9 14 f3 3c b8 79 35 50 9d | c6 ff 02 29 38 3b 8a ff 65 e8 6b a6 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3321754076 (0xc5fdf1dc) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #18; msgid=00000000 st_msgid=181ffce3 st_msgid_phase15=00000000 | peer and cookies match on #17; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #17 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #17 in MAIN_I4 (find_v1_info_state) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | last Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | current Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54ee1c (length 4) | c5 fd f1 dc | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 3d 0e f7 c0 00 42 be dd 98 0b 53 de 57 b3 b3 6d | fd 95 65 6e | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 3d 0e f7 c0 00 42 be dd 98 0b 53 de 57 b3 b3 6d | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 79 35 50 9d c6 ff 02 29 38 3b 8a ff 65 e8 6b a6 | decrypted payload (starts at offset -48): | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 08 10 05 01 c5 fd f1 dc 00 00 00 4c 0b 00 00 18 | 66 6d 9e 90 c4 0a c9 94 04 eb ff 33 7e b0 d2 6b | ce d8 d7 df 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x7f6c08001270 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | c5 fd f1 dc | HASH(1) PRF sha update payload-bytes@0x7f6c0c007f74 (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | 66 6d 9e 90 c4 0a c9 94 04 eb ff 33 7e b0 d2 6b | ce d8 d7 df | informational HASH(1): | 66 6d 9e 90 c4 0a c9 94 04 eb ff 33 7e b0 d2 6b | ce d8 d7 df | received 'informational' message HASH(1) data ok "aes128" #17: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #17: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #17 spent 0.00805 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.277 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6c100015b0 | handling event EVENT_RETRANSMIT for child state #18 | start processing: state #18 connection "aes128" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #18 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #18 keying attempt 1 of 0; retransmit 1 "aes128" #18: IMPAIR: retransmit so deleting SA | [RE]START processing: state #18 connection "aes128" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #18 ikev1.ipsec failed too-many-retransmits | pstats #18 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #18 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #18: deleting state (STATE_QUICK_I1) aged 0.503s and NOT sending notification | child state #18: QUICK_I1(established CHILD SA) => delete | child state #18: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #18 in CHILDSA_DEL | child state #18: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7f6c0c000d60: destroyed | stop processing: state #18 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f6bf8006780 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c100015b0 | in statetime_stop() and could not find #18 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0504 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #17 connection "aes128" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #17 ikev1.isakmp deleted completed | [RE]START processing: state #17 connection "aes128" from 192.1.2.23:500 (in delete_state() at state.c:879) "aes128" #17: deleting state (STATE_MAIN_I4) aged 0.536s and sending notification | parent state #17: MAIN_I4(established IKE SA) => delete | #17 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2608790413 (0x9b7efb8d) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 49 59 68 fc af 7e f4 fe | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI fb 54 76 c8 c2 07 41 02 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c10006900 | HASH(1): release clone-key@0x7f6c10006900 | HASH(1) PRF sha crypt-prf@0x556ef36236a0 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 9b 7e fb 8d | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 49 59 68 fc | af 7e f4 fe fb 54 76 c8 c2 07 41 02 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | d3 41 cf 86 02 da 63 c2 a6 ae 2f d9 a8 60 64 a3 | de d0 35 76 | send delete HASH(1): | d3 41 cf 86 02 da 63 c2 a6 ae 2f d9 a8 60 64 a3 | de d0 35 76 | last Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | current Phase 1 IV: 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 16) | 38 cf 17 d6 31 2a f6 4b 76 ff 2e dd 06 6f 00 c0 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 9b 7e fb 8d | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 0a 73 cf ae f4 21 5d 65 10 29 17 ca 9e b7 c5 b2 | 29 92 28 1d | encrypting: 0c 00 00 18 d3 41 cf 86 02 da 63 c2 a6 ae 2f d9 | encrypting: a8 60 64 a3 de d0 35 76 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 49 59 68 fc af 7e f4 fe fb 54 76 c8 | encrypting: c2 07 41 02 | IV: 0a 73 cf ae f4 21 5d 65 10 29 17 ca 9e b7 c5 b2 | IV: 29 92 28 1d | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 35 a4 12 e2 3c 49 4a 71 b5 4f 3e 7f 1c d1 88 df | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 08 10 05 01 9b 7e fb 8d 00 00 00 5c fb 0a 4e 32 | 29 8c 1a dd 07 df 9d ca 77 19 94 5f 5a 06 ba 43 | 6c bd 8b ac a1 88 c3 fa 71 6f 17 ee fd f5 1f a9 | b4 7c ce 56 f2 de 62 76 4d 47 a6 9a 35 a4 12 e2 | 3c 49 4a 71 b5 4f 3e 7f 1c d1 88 df | state #17 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c08001090 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #17 in MAIN_I4 | parent state #17: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c10000d60: destroyed | stop processing: state #17 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef360e180 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x556ef36037c0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef361eee0 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.528 milliseconds in whack | spent 0.00239 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 49 59 68 fc af 7e f4 fe fb 54 76 c8 c2 07 41 02 | 08 10 05 01 86 01 77 a3 00 00 00 5c fd 72 07 98 | b1 8e c7 28 f8 e7 af 96 1d 4f 64 b9 b2 ff 33 25 | 6f cc cc c0 cd d7 68 de 0f 36 b6 0a 04 32 df f8 | 0f ff 8d 7c 16 2c 1f 4b a3 58 ab dc 36 10 01 02 | 19 09 ad 32 10 a8 93 ea e3 5e 8c b2 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 49 59 68 fc af 7e f4 fe | responder cookie: | fb 54 76 c8 c2 07 41 02 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2248243107 (0x860177a3) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x860177a3 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 49 59 68 fc af 7e f4 fe | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | fb 54 76 c8 c2 07 41 02 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0721 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0542 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.051 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef362a7b0 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.119 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #19 at 0x556ef3625160 | State DB: adding IKEv1 state #19 in UNDEFINED | pstats #19 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #19 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #19: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #19 "3des" "3des" #19: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x556ef361d2d0 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | f2 69 cc 85 af f2 d9 a8 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c100015b0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | #19 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48960.254915 | #19 spent 0.393 milliseconds in main_outI1() | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.453 milliseconds in whack | spent 0.00161 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #19 in MAIN_I1 (find_state_ikev1_init) | start processing: state #19 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #19 is idle | #19 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 25 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bf8006780 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c100015b0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.138 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.259 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 25 for state #19 | crypto helper 6 doing build KE and nonce (outI2 KE); request ID 25 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c00000f80: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c00000f80 | NSS: Public DH wire value: | 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | Generated nonce: fb fd dc 99 95 d8 c1 1f d9 4a b8 9b 49 de 2a 90 | Generated nonce: bf c3 ab cf 80 b3 95 ca 9b e3 f4 b4 91 72 7c 7e | crypto helper 6 finished build KE and nonce (outI2 KE); request ID 25 time elapsed 0.001035 seconds | (#19) spent 1.04 milliseconds in crypto helper computing work-order 25: outI2 KE (pcr) | crypto helper 6 sending results from work-order 25 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f6c00005670 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 25 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #19: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c00000f80: transferring ownership from helper KE to state #19 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | keyex value ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | keyex value 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | keyex value 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | keyex value 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | keyex value 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | keyex value df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | keyex value 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | keyex value 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | keyex value b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | keyex value 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | keyex value bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | keyex value e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | keyex value 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | keyex value f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | keyex value 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni fb fd dc 99 95 d8 c1 1f d9 4a b8 9b 49 de 2a 90 | Ni bf c3 ab cf 80 b3 95 ca 9b e3 f4 b4 91 72 7c 7e | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | f2 69 cc 85 af f2 d9 a8 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | cd e1 be 8e f8 e9 a0 26 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | 8b 8c b7 aa | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= f2 69 cc 85 af f2 d9 a8 | natd_hash: rcookie= cd e1 be 8e f8 e9 a0 26 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | natd_hash: hash= 8b 8c b7 aa | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | NAT-D 8b 8c b7 aa | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | f2 69 cc 85 af f2 d9 a8 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | cd e1 be 8e f8 e9 a0 26 | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | 3b 02 bd e5 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= f2 69 cc 85 af f2 d9 a8 | natd_hash: rcookie= cd e1 be 8e f8 e9 a0 26 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | natd_hash: hash= 3b 02 bd e5 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | NAT-D 3b 02 bd e5 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #19 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #19: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf8006780 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | 14 00 00 24 fb fd dc 99 95 d8 c1 1f d9 4a b8 9b | 49 de 2a 90 bf c3 ab cf 80 b3 95 ca 9b e3 f4 b4 | 91 72 7c 7e 14 00 00 18 cb e6 7f 41 68 7d 1f 91 | 37 ef d2 56 11 28 0e 96 8b 8c b7 aa 00 00 00 18 | f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | 3b 02 bd e5 | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c100015b0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6bf8006780 size 128 | #19 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48960.260262 "3des" #19: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.374 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c00005670 | spent 0.00189 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | 14 00 00 24 1e ee 9d c7 4d 2e bf 1b c8 86 31 95 | 8e 01 45 4e 57 5e 3b 3c 85 57 31 f8 54 c4 95 37 | 1d 81 19 f4 14 00 00 18 f2 14 73 3c 42 e8 16 3b | 2b fe 28 d7 d3 dd 8f 59 3b 02 bd e5 00 00 00 18 | cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | 8b 8c b7 aa | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I2 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #19 is idle | #19 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c00000f80: transferring ownership from state #19 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 26 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bf8006780 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c100015b0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6c00005670 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.0904 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.227 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 26 for state #19 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 | peer's g: 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | peer's g: 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | peer's g: 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | peer's g: ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | peer's g: e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | peer's g: 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | peer's g: 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | peer's g: f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | peer's g: b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | peer's g: 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | peer's g: 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | peer's g: 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | peer's g: e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | peer's g: 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | peer's g: c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | peer's g: c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c00000f80: computed shared DH secret key@0x556ef36037c0 | dh-shared : g^ir-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: psk-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3601f40 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: psk-key@0x556ef360fae0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3601f40 | SKEYID psk prf: created sha context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk prf: begin sha with context 0x7f6c04003aa0 from psk-key@0x556ef360fae0 | SKEYID psk: release clone-key@0x556ef360fae0 | SKEYID psk PRF sha crypt-prf@0x7f6c04002a80 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | fb fd dc 99 95 d8 c1 1f d9 4a b8 9b 49 de 2a 90 | bf c3 ab cf 80 b3 95 ca 9b e3 f4 b4 91 72 7c 7e | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | 1e ee 9d c7 4d 2e bf 1b c8 86 31 95 8e 01 45 4e | 57 5e 3b 3c 85 57 31 f8 54 c4 95 37 1d 81 19 f4 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID psk PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID psk: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06b8 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3601f40 | SKEYID_d: release clone-key@0x556ef3601f40 | SKEYID_d PRF sha crypt-prf@0x7f6c040013a0 | SKEYID_d PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_d: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705664: ffffffde 4d ffffff97 ffffff88 3c ffffffd9 ffffffff ffffffa9 ffffff8c 33 4f 16 42 ffffff9d ffffffca 18 ffffff92 fffffff1 ffffff80 1d fffffff2 1c 65 ffffff8e ffffffc3 72 16 76 55 4e fffffff8 6c 72 ffffffa5 33 03 1e ffffffb6 ffffffaa ffffffd8 ffffffaa ffffffbb 0e 1d 73 ffffffa8 fffffffe 48 ffffffc8 ffffffc8 ffffffe6 46 ffffff8f ffffffff ffffff8d ffffff8d 02 ffffffc5 22 27 6d ffffffb2 ffffffca 34 ffffffab 76 2e ffffff8b 25 1c ffffff9a 29 33 fffffff8 ffffff8e 5a ffffffde ffffffce ffffffc1 05 ffffff85 75 16 6f 4b 72 04 ffffffff 22 2d ffffffe4 0b ffffffdc ffffffb0 51 ffffffff ffffff84 53 ffffffdf 28 ffffff8d ffffff94 ffffffc5 ffffffc8 1e 63 ffffff94 ffffffde 4f 16 6d ffffffe5 ffffffb8 67 10 1a ffffffd1 2d 2b fffffff5 6e 61 55 ffffff89 ffffffe1 3d ffffffd4 fffffff1 ffffffa7 ffffffc4 ffffffe5 ffffffd7 ffffffd4 ffffffe1 7e 3c ffffff88 ffffffdc 7e ffffff92 5d 0d ffffffa8 ffffff92 60 5a 6f 3e 66 ffffffab ffffffc3 ffffffa0 10 ffffff96 ffffffec 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c040061f0 | unwrapped: 20 f7 89 6f 99 14 1e aa 92 14 d5 e8 63 77 5e b7 | unwrapped: ab 20 09 2c 75 86 de b4 58 ea d9 6c a6 c5 66 f6 | unwrapped: 9c 19 59 17 aa 41 70 ec bd a9 66 8d 3a 15 a2 e7 | unwrapped: 09 b4 51 ad 51 b4 70 23 3b 97 10 2a 08 d6 9f ad | unwrapped: 4d 68 1a a4 f8 aa 7d 80 e4 94 c8 74 f7 7f 6b 30 | unwrapped: 8a 47 67 aa c1 22 6c 09 a5 f8 67 7a 16 5a c6 f1 | unwrapped: 96 b3 b5 95 7a 79 32 33 aa c7 df 4a 77 34 8f a1 | unwrapped: 94 08 c1 c6 60 cd 14 8b b1 c0 51 70 03 bf 54 ed | unwrapped: e1 8b 62 c2 20 08 0b a2 ed 8f df 4c aa da d0 a0 | unwrapped: d8 f5 76 2d 05 42 e6 0d d2 b7 33 fb b0 0e 01 30 | unwrapped: 96 d2 b1 70 98 38 a8 be 25 f9 00 3d 0c 35 8f 38 | unwrapped: 60 3c 33 31 cc 0b 20 2e 69 94 4c 86 c4 f6 90 15 | unwrapped: 5b 4b 1d bd fe 9d 04 db 98 ac a0 1c 4d 0a f6 08 | unwrapped: b0 1c 12 34 df c3 5f 9d dd 48 33 36 61 08 ef 58 | unwrapped: 13 a8 2f 13 22 16 d2 72 5c 62 1f 73 03 1d f6 1b | unwrapped: e8 ec bc 9e ce b0 3d 25 29 b6 36 a7 1b 30 28 b4 | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | f2 69 cc 85 af f2 d9 a8 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | cd e1 be 8e f8 e9 a0 26 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID_d PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_d: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef3609090 | SKEYID_a: release clone-key@0x556ef3609090 | SKEYID_a PRF sha crypt-prf@0x7f6c040013c0 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3601f40 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705632: ffffff93 4e 22 ffffffed ffffff84 7f fffffff4 fffffff4 ffffffa0 ffffffe4 0c 24 fffffffe fffffffc 52 ffffffd8 ffffff9a ffffffa5 50 22 fffffff8 ffffffb4 ffffff83 fffffff9 45 ffffff95 ffffffbc 17 ffffffea ffffffd0 ffffffa6 0d | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04006500 | unwrapped: 47 95 2b 1c 08 8c 13 fd 3b a6 9c 8c 79 7c 47 45 | unwrapped: 4f ef 1f eb 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_a: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705632: ffffffde 4d ffffff97 ffffff88 3c ffffffd9 ffffffff ffffffa9 ffffff8c 33 4f 16 42 ffffff9d ffffffca 18 ffffff92 fffffff1 ffffff80 1d fffffff2 1c 65 ffffff8e ffffffc3 72 16 76 55 4e fffffff8 6c 72 ffffffa5 33 03 1e ffffffb6 ffffffaa ffffffd8 ffffffaa ffffffbb 0e 1d 73 ffffffa8 fffffffe 48 ffffffc8 ffffffc8 ffffffe6 46 ffffff8f ffffffff ffffff8d ffffff8d 02 ffffffc5 22 27 6d ffffffb2 ffffffca 34 ffffffab 76 2e ffffff8b 25 1c ffffff9a 29 33 fffffff8 ffffff8e 5a ffffffde ffffffce ffffffc1 05 ffffff85 75 16 6f 4b 72 04 ffffffff 22 2d ffffffe4 0b ffffffdc ffffffb0 51 ffffffff ffffff84 53 ffffffdf 28 ffffff8d ffffff94 ffffffc5 ffffffc8 1e 63 ffffff94 ffffffde 4f 16 6d ffffffe5 ffffffb8 67 10 1a ffffffd1 2d 2b fffffff5 6e 61 55 ffffff89 ffffffe1 3d ffffffd4 fffffff1 ffffffa7 ffffffc4 ffffffe5 ffffffd7 ffffffd4 ffffffe1 7e 3c ffffff88 ffffffdc 7e ffffff92 5d 0d ffffffa8 ffffff92 60 5a 6f 3e 66 ffffffab ffffffc3 ffffffa0 10 ffffff96 ffffffec 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04001780 | unwrapped: 20 f7 89 6f 99 14 1e aa 92 14 d5 e8 63 77 5e b7 | unwrapped: ab 20 09 2c 75 86 de b4 58 ea d9 6c a6 c5 66 f6 | unwrapped: 9c 19 59 17 aa 41 70 ec bd a9 66 8d 3a 15 a2 e7 | unwrapped: 09 b4 51 ad 51 b4 70 23 3b 97 10 2a 08 d6 9f ad | unwrapped: 4d 68 1a a4 f8 aa 7d 80 e4 94 c8 74 f7 7f 6b 30 | unwrapped: 8a 47 67 aa c1 22 6c 09 a5 f8 67 7a 16 5a c6 f1 | unwrapped: 96 b3 b5 95 7a 79 32 33 aa c7 df 4a 77 34 8f a1 | unwrapped: 94 08 c1 c6 60 cd 14 8b b1 c0 51 70 03 bf 54 ed | unwrapped: e1 8b 62 c2 20 08 0b a2 ed 8f df 4c aa da d0 a0 | unwrapped: d8 f5 76 2d 05 42 e6 0d d2 b7 33 fb b0 0e 01 30 | unwrapped: 96 d2 b1 70 98 38 a8 be 25 f9 00 3d 0c 35 8f 38 | unwrapped: 60 3c 33 31 cc 0b 20 2e 69 94 4c 86 c4 f6 90 15 | unwrapped: 5b 4b 1d bd fe 9d 04 db 98 ac a0 1c 4d 0a f6 08 | unwrapped: b0 1c 12 34 df c3 5f 9d dd 48 33 36 61 08 ef 58 | unwrapped: 13 a8 2f 13 22 16 d2 72 5c 62 1f 73 03 1d f6 1b | unwrapped: e8 ec bc 9e ce b0 3d 25 29 b6 36 a7 1b 30 28 b4 | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | f2 69 cc 85 af f2 d9 a8 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | cd e1 be 8e f8 e9 a0 26 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06a0 | result: final-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0688 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360c4c0 | SKEYID_a PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_a: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360fae0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06a8 | result: clone-key@0x556ef360c4c0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e prf: begin sha with context 0x7f6c04003aa0 from SKEYID-key@0x556ef360c4c0 | SKEYID_e: release clone-key@0x556ef360c4c0 | SKEYID_e PRF sha crypt-prf@0x7f6c04000d60 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3609090 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705648: 32 ffffff86 18 3d ffffffcf ffffffa3 02 ffffffc0 ffffffd7 ffffffae 68 fffffffc ffffffc3 66 ffffffe1 67 ffffffb0 5f ffffffec 11 45 61 ffffff83 ffffffe8 ffffff84 ffffffe3 ffffffd6 3e 50 5f ffffffe8 ffffffa9 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c04004bc0 | unwrapped: 4f f8 6c b3 a1 b6 01 98 33 0c 76 d0 b1 b4 e2 c6 | unwrapped: fc f0 b9 67 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x556ef36037c0 (size 256) | SKEYID_e: g^xy-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)426705648: ffffffde 4d ffffff97 ffffff88 3c ffffffd9 ffffffff ffffffa9 ffffff8c 33 4f 16 42 ffffff9d ffffffca 18 ffffff92 fffffff1 ffffff80 1d fffffff2 1c 65 ffffff8e ffffffc3 72 16 76 55 4e fffffff8 6c 72 ffffffa5 33 03 1e ffffffb6 ffffffaa ffffffd8 ffffffaa ffffffbb 0e 1d 73 ffffffa8 fffffffe 48 ffffffc8 ffffffc8 ffffffe6 46 ffffff8f ffffffff ffffff8d ffffff8d 02 ffffffc5 22 27 6d ffffffb2 ffffffca 34 ffffffab 76 2e ffffff8b 25 1c ffffff9a 29 33 fffffff8 ffffff8e 5a ffffffde ffffffce ffffffc1 05 ffffff85 75 16 6f 4b 72 04 ffffffff 22 2d ffffffe4 0b ffffffdc ffffffb0 51 ffffffff ffffff84 53 ffffffdf 28 ffffff8d ffffff94 ffffffc5 ffffffc8 1e 63 ffffff94 ffffffde 4f 16 6d ffffffe5 ffffffb8 67 10 1a ffffffd1 2d 2b fffffff5 6e 61 55 ffffff89 ffffffe1 3d ffffffd4 fffffff1 ffffffa7 ffffffc4 ffffffe5 ffffffd7 ffffffd4 ffffffe1 7e 3c ffffff88 ffffffdc 7e ffffff92 5d 0d ffffffa8 ffffff92 60 5a 6f 3e 66 ffffffab ffffffc3 ffffffa0 10 ffffff96 ffffffec 1 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c04001890 | unwrapped: 20 f7 89 6f 99 14 1e aa 92 14 d5 e8 63 77 5e b7 | unwrapped: ab 20 09 2c 75 86 de b4 58 ea d9 6c a6 c5 66 f6 | unwrapped: 9c 19 59 17 aa 41 70 ec bd a9 66 8d 3a 15 a2 e7 | unwrapped: 09 b4 51 ad 51 b4 70 23 3b 97 10 2a 08 d6 9f ad | unwrapped: 4d 68 1a a4 f8 aa 7d 80 e4 94 c8 74 f7 7f 6b 30 | unwrapped: 8a 47 67 aa c1 22 6c 09 a5 f8 67 7a 16 5a c6 f1 | unwrapped: 96 b3 b5 95 7a 79 32 33 aa c7 df 4a 77 34 8f a1 | unwrapped: 94 08 c1 c6 60 cd 14 8b b1 c0 51 70 03 bf 54 ed | unwrapped: e1 8b 62 c2 20 08 0b a2 ed 8f df 4c aa da d0 a0 | unwrapped: d8 f5 76 2d 05 42 e6 0d d2 b7 33 fb b0 0e 01 30 | unwrapped: 96 d2 b1 70 98 38 a8 be 25 f9 00 3d 0c 35 8f 38 | unwrapped: 60 3c 33 31 cc 0b 20 2e 69 94 4c 86 c4 f6 90 15 | unwrapped: 5b 4b 1d bd fe 9d 04 db 98 ac a0 1c 4d 0a f6 08 | unwrapped: b0 1c 12 34 df c3 5f 9d dd 48 33 36 61 08 ef 58 | unwrapped: 13 a8 2f 13 22 16 d2 72 5c 62 1f 73 03 1d f6 1b | unwrapped: e8 ec bc 9e ce b0 3d 25 29 b6 36 a7 1b 30 28 b4 | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | f2 69 cc 85 af f2 d9 a8 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | cd e1 be 8e f8 e9 a0 26 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f06b0 | result: final-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360e180 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0698 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360e180 | SKEYID_e PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID_e: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x556ef360c4c0 (size 20) | appendix_b: SKEYID_e-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0678 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f6c04003aa0 from SKEYID_e-key@0x556ef360e180 | appendix_b prf: begin sha with context 0x7f6c04003aa0 from SKEYID_e-key@0x556ef360e180 | appendix_b: release clone-key@0x556ef360e180 | appendix_b PRF sha crypt-prf@0x7f6c040010c0 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f0680 | result: final-key@0x7f6c10006900 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x7f6c10006900 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0668 | result: final-key@0x556ef360e180 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x7f6c10006900 | appendix_b PRF sha final-key@0x556ef360e180 (size 20) | appendix_b: key-key@0x556ef360e180 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x556ef360e180 | Kn PRF sha init SKEYID_e-key@0x556ef360c4c0 (size 20) | Kn: SKEYID_e-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0678 | result: clone-key@0x7f6c10006900 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f6c04003aa0 from SKEYID_e-key@0x7f6c10006900 | Kn prf: begin sha with context 0x7f6c04003aa0 from SKEYID_e-key@0x7f6c10006900 | Kn: release clone-key@0x7f6c10006900 | Kn PRF sha crypt-prf@0x7f6c040013c0 | Kn PRF sha update old_k-key@0x556ef360e180 (size 20) | Kn: old_k-key@0x556ef360e180 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef360e180 | nss hmac digest hack: symkey-key@0x556ef360e180 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)426705600: ffffffff ffffffb1 ffffffa4 ffffffab ffffffc6 17 ffffffd4 ffffff82 ffffffee 2f ffffffa1 ffffff98 40 ffffffed 79 ffffffd2 ffffff90 7c ffffffe3 53 ffffffba ffffff94 45 ffffffb6 ffffff8b 3f 3f 66 70 ffffffa3 7d ffffffdf | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c040013e0 | unwrapped: 78 e9 50 68 7c 7d 32 4f dc 70 be e8 ce 47 2b 04 | unwrapped: 07 a5 d6 2d 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c196f0680 | result: final-key@0x7f6c0c007fa0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x7f6c0c007fa0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f0668 | result: final-key@0x7f6c10006900 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x7f6c0c007fa0 | Kn PRF sha final-key@0x7f6c10006900 (size 20) | Kn: key-key@0x7f6c10006900 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef360e180 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f6c196f06f8 | result: result-key@0x7f6c0c007fa0 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x556ef360e180 | appendix_b_keymat_e: release old_k#N-key@0x556ef360e180 | appendix_b_keymat_e: release old_k#final-key@0x7f6c10006900 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x7f6c0c007fa0 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c196f06f8 | result: cryptkey-key@0x7f6c10006900 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x7f6c0c007fa0 | NSS: pointers skeyid_d 0x556ef3601f40, skeyid_a 0x556ef3609090, skeyid_e 0x556ef360c4c0, enc_key 0x7f6c10006900 | DH_i: 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | DH_i: ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | DH_i: 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | DH_i: 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | DH_i: 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | DH_i: 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | DH_i: df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | DH_i: 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | DH_i: 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | DH_i: b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | DH_i: 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | DH_i: bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | DH_i: e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | DH_i: 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | DH_i: f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | DH_i: 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | DH_r: 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | DH_r: 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | DH_r: 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | DH_r: ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | DH_r: e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | DH_r: 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | DH_r: 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | DH_r: f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | DH_r: b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | DH_r: 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | DH_r: 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | DH_r: 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | DH_r: e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | DH_r: 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | DH_r: c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | DH_r: c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | new IV hash sha final chunk@0x7f6c04003980 (length 20) | 9f d0 0c 1d 1b 24 69 54 61 fb f0 6b 71 01 38 dd | f7 e7 ff 92 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 time elapsed 0.002262 seconds | (#19) spent 2.2 milliseconds in crypto helper computing work-order 26: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 26 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7f6c04001570 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 26 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #19: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c00000f80: transferring ownership from helper IKEv1 DH+IV to state #19 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | f2 69 cc 85 af f2 d9 a8 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | cd e1 be 8e f8 e9 a0 26 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | 3b 02 bd e5 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= f2 69 cc 85 af f2 d9 a8 | natd_hash: rcookie= cd e1 be 8e f8 e9 a0 26 | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | natd_hash: hash= 3b 02 bd e5 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | f2 69 cc 85 af f2 d9 a8 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | cd e1 be 8e f8 e9 a0 26 | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | 8b 8c b7 aa | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= f2 69 cc 85 af f2 d9 a8 | natd_hash: rcookie= cd e1 be 8e f8 e9 a0 26 | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | natd_hash: hash= 8b 8c b7 aa | expected NAT-D(me): f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | expected NAT-D(me): 3b 02 bd e5 | expected NAT-D(him): | cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | 8b 8c b7 aa | received NAT-D: f2 14 73 3c 42 e8 16 3b 2b fe 28 d7 d3 dd 8f 59 | received NAT-D: 3b 02 bd e5 | received NAT-D: cb e6 7f 41 68 7d 1f 91 37 ef d2 56 11 28 0e 96 | received NAT-D: 8b 8c b7 aa | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361d310 | hmac PRF sha update data-bytes@0x7f6c00002d20 (length 256) | 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | hmac PRF sha update data-bytes@0x7f6c0c000ea0 (length 256) | 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | f2 69 cc 85 af f2 d9 a8 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | cd e1 be 8e f8 e9 a0 26 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ecd4 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 04 46 2f b9 d3 d7 a4 22 6b 67 08 c3 85 ae 37 cb | dd 18 03 32 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 04 46 2f b9 d3 d7 a4 22 6b 67 08 c3 85 ae 37 cb | HASH_I dd 18 03 32 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 04 46 2f b9 d3 d7 a4 22 6b 67 08 c3 85 ae 37 cb | encrypting: dd 18 03 32 | IV: 9f d0 0c 1d 1b 24 69 54 61 fb f0 6b 71 01 38 dd | IV: f7 e7 ff 92 | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 3b 81 88 62 04 a0 36 9a | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #19: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c00005670 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6c100015b0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 05 10 02 01 00 00 00 00 00 00 00 44 05 b1 53 0e | d1 43 55 dc 0a e8 71 b4 40 f8 c9 2c e6 e4 8a 3a | 74 1c af 75 38 85 a0 4c 51 cf 58 06 3b 81 88 62 | 04 a0 36 9a | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c100015b0 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6c00005670 size 128 | #19 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48960.269346 "3des" #19: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.468 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c04001570 | spent 0.00188 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 05 10 02 01 00 00 00 00 00 00 00 44 5e 6a fa b2 | 52 34 c1 19 8f d6 91 63 c0 3a b2 ca 2c d9 72 8e | e7 62 f0 d8 f3 5f 45 52 36 aa 71 da e9 d3 a0 51 | 6b 37 1a f7 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I3 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #19 is idle | #19 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 3b 81 88 62 04 a0 36 9a | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: e9 d3 a0 51 6b 37 1a f7 | decrypted payload (starts at offset -40): | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 ef 95 cb 01 | 6e 83 18 e4 ed a5 e4 f6 be 35 6b a4 cb cb 3b 9d | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #19: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360fae0 (size 20) | hmac: symkey-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x7f6c0c007fa0 | hmac: release clone-key@0x7f6c0c007fa0 | hmac PRF sha crypt-prf@0x556ef361d2f0 | hmac PRF sha update data-bytes@0x7f6c0c000ea0 (length 256) | 2d 8c 77 13 77 9a 83 16 07 db b1 06 86 b9 54 20 | 7c 2d 1c 2d 7f 96 4a 1b db 20 03 18 8f 24 f1 d5 | 1a 8a 46 9f ce 58 41 90 36 23 36 af 75 44 62 79 | ca 28 d4 9b 63 73 6c 96 c9 99 41 0f 9f 95 34 3a | e5 a2 c6 22 15 37 bb b3 f3 f0 8f ec b6 01 88 9c | 79 21 82 71 21 2a f1 5f 70 ea fe 4c 6b 4a 54 55 | 0f b1 f6 be d5 4f 17 f3 4d 83 24 84 c6 22 ef 47 | f0 5e 4e 29 a1 24 d7 69 e4 2e 07 be b5 7d 2f 58 | b5 02 b9 fd 15 b9 52 d1 c9 69 20 98 33 1d 81 2c | 7c 30 8e 32 e2 29 4c 5e b7 43 ec 02 34 16 a7 e6 | 1e ad 5e 1e 69 66 aa 98 1f 56 be 4c 22 83 c9 26 | 97 d8 88 09 96 38 2c 5b 8e ee 80 8e 6e 09 ae 13 | e7 f6 de 1a cb be 05 6e fa 35 d0 53 c9 82 39 57 | 36 28 a1 93 2f 82 8c 68 f7 84 dd c6 03 34 29 8a | c1 8d 5f aa 04 d5 9a df cb 37 6c 03 09 de 8d fe | c3 a5 d7 f4 ff 3f 62 3c fc a4 80 f2 b9 a4 7f 68 | hmac PRF sha update data-bytes@0x7f6c00002d20 (length 256) | 87 7c 16 99 af cc 02 63 c4 87 b0 45 c5 f0 8a 86 | ba 74 2c 53 77 3a 1b dc 7e 1c a3 fc 27 95 8b fb | 43 fd 69 a7 8d 8c 1a 68 c5 85 fa ce 0c c9 aa da | 89 1e 5b 09 8d 1c 99 e2 15 83 4a 40 ee 42 eb 9b | 20 34 27 fe 70 68 a2 f6 e5 43 a1 9c 8c d6 ec 3f | 9e 4a 6e 10 1e 40 10 75 79 37 fc 51 75 82 16 8e | df 20 0a 7e cf 73 60 f9 c6 79 dd f3 a0 6d 51 45 | 46 0e c6 46 d7 4a 78 11 31 d9 cd df 6b 28 30 43 | 2d 4a c8 4c 4f 53 9b 36 c0 e6 c7 06 4d 17 32 9e | b7 59 02 4c 41 cf 3a a4 01 a3 4e ef ef 5b 63 74 | 9b 6f 6d 81 be 9e a6 a2 08 c5 e1 2c 29 ef dd 90 | bb 33 77 81 76 07 97 85 f9 ad 51 45 a8 9b 36 1a | e8 e6 77 d0 f4 d2 4e cd 0b d6 fa 81 4c d1 a0 95 | 72 18 b3 9d 22 5e 78 b0 16 17 a0 5d 1b 09 aa e5 | f2 f5 98 5b c7 79 80 54 4e 8b 1e dd cd 53 31 4a | 4a 91 37 86 6b 0f af ad 6e ca 48 10 45 75 71 d0 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | cd e1 be 8e f8 e9 a0 26 | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | f2 69 cc 85 af f2 d9 a8 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x556ef361ecd4 (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x7f6c0c004160 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | ef 95 cb 01 6e 83 18 e4 ed a5 e4 f6 be 35 6b a4 | cb cb 3b 9d | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #19: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c00005670 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c100015b0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6c100015b0 | inserting event EVENT_SA_REPLACE, timeout in 2803 seconds for #19 | libevent_malloc: new ptr-libevent@0x7f6c04001570 size 128 | pstats #19 ikev1.isakmp established "3des" #19: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #19 | creating state object #20 at 0x556ef361d990 | State DB: adding IKEv1 state #20 in UNDEFINED | pstats #20 ikev1.ipsec started | duplicating state object #19 "3des" as #20 for IPSEC SA | #20 setting local endpoint to 192.1.2.45:500 from #19.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x7f6c10006900 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #19 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #20 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #20: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #20: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#19 msgid:fbf8ceb4 proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 27 for state #20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f6c0c002d50 size 128 | stop processing: state #20 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #19 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "3des" | removing pending policy for no connection {0x556ef357bdb0} | close_any(fd@24) (in release_whack() at state.c:654) | #19 spent 0.331 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.457 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 4 resuming | crypto helper 4 starting work-order 27 for state #20 | crypto helper 4 doing build KE and nonce (quick_outI1 KE); request ID 27 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6bf8001ef0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6bf8001ef0 | NSS: Public DH wire value: | 88 b1 a7 11 27 dd 06 fd ee 37 9a 18 3c ea 43 1d | 2f 23 c0 df e6 6c 80 bc 3a 26 d5 89 ea fa 6c ae | 2e 50 ce 61 bf 3a 48 20 5d ae dc 84 10 ef a2 39 | 60 b2 2a 3b 3f 38 fb ca 36 be 0d 4d 6f 8f 2e a4 | 2c 79 e1 20 d2 87 79 07 2f 23 51 a6 db 6f 64 90 | 10 00 8f 81 e7 db 37 34 20 0b b7 1b 09 a2 e2 ce | 8b 99 b7 ed 10 43 52 ee 01 08 7f c6 10 46 b6 48 | a8 4d 7f 87 20 68 d8 14 6d 5c 5b d6 b0 55 3f 67 | dd 68 05 a2 94 59 cf 8d 33 f8 58 4b df 7b c5 cf | 6d 93 e7 b9 19 26 79 cd 21 b0 dd 08 ab a4 f9 36 | fb 0c 70 45 64 d7 a1 1a a3 75 a5 73 ea 8c 3f 84 | 10 2d 15 56 ef 5d bb 8e 49 96 c0 60 92 d5 55 d1 | 36 f8 ec a4 7f 5b 19 f0 3b ef aa eb b8 db 74 bc | 52 89 20 dc e4 3b 7b 62 1f 20 af 3c 14 b9 fa 0b | e4 5d ee 8c ba 7c 12 6f 05 6d f6 40 a2 44 07 3a | 72 18 ff de 3d 7c 46 74 d1 5d e3 cb 3c ec d4 53 | Generated nonce: 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | Generated nonce: ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | crypto helper 4 finished build KE and nonce (quick_outI1 KE); request ID 27 time elapsed 0.00103 seconds | (#20) spent 1.03 milliseconds in crypto helper computing work-order 27: quick_outI1 KE (pcr) | crypto helper 4 sending results from work-order 27 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f6bf80068d0 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 27 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #20: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4227387060 (0xfbf8ceb4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x8825b29 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 08 82 5b 29 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | Ni ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6bf8001ef0: transferring ownership from helper KE to state #20 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 88 b1 a7 11 27 dd 06 fd ee 37 9a 18 3c ea 43 1d | keyex value 2f 23 c0 df e6 6c 80 bc 3a 26 d5 89 ea fa 6c ae | keyex value 2e 50 ce 61 bf 3a 48 20 5d ae dc 84 10 ef a2 39 | keyex value 60 b2 2a 3b 3f 38 fb ca 36 be 0d 4d 6f 8f 2e a4 | keyex value 2c 79 e1 20 d2 87 79 07 2f 23 51 a6 db 6f 64 90 | keyex value 10 00 8f 81 e7 db 37 34 20 0b b7 1b 09 a2 e2 ce | keyex value 8b 99 b7 ed 10 43 52 ee 01 08 7f c6 10 46 b6 48 | keyex value a8 4d 7f 87 20 68 d8 14 6d 5c 5b d6 b0 55 3f 67 | keyex value dd 68 05 a2 94 59 cf 8d 33 f8 58 4b df 7b c5 cf | keyex value 6d 93 e7 b9 19 26 79 cd 21 b0 dd 08 ab a4 f9 36 | keyex value fb 0c 70 45 64 d7 a1 1a a3 75 a5 73 ea 8c 3f 84 | keyex value 10 2d 15 56 ef 5d bb 8e 49 96 c0 60 92 d5 55 d1 | keyex value 36 f8 ec a4 7f 5b 19 f0 3b ef aa eb b8 db 74 bc | keyex value 52 89 20 dc e4 3b 7b 62 1f 20 af 3c 14 b9 fa 0b | keyex value e4 5d ee 8c ba 7c 12 6f 05 6d f6 40 a2 44 07 3a | keyex value 72 18 ff de 3d 7c 46 74 d1 5d e3 cb 3c ec d4 53 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x7f6c04003980 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | fb f8 ce b4 | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 08 82 5b 29 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 37 40 af a7 8e 9d bf ef | 72 ca 7f a4 8a 87 92 b4 ff 68 b3 30 c7 98 f2 a4 | 16 1f 78 a8 84 ed 6c f9 05 00 01 04 88 b1 a7 11 | 27 dd 06 fd ee 37 9a 18 3c ea 43 1d 2f 23 c0 df | e6 6c 80 bc 3a 26 d5 89 ea fa 6c ae 2e 50 ce 61 | bf 3a 48 20 5d ae dc 84 10 ef a2 39 60 b2 2a 3b | 3f 38 fb ca 36 be 0d 4d 6f 8f 2e a4 2c 79 e1 20 | d2 87 79 07 2f 23 51 a6 db 6f 64 90 10 00 8f 81 | e7 db 37 34 20 0b b7 1b 09 a2 e2 ce 8b 99 b7 ed | 10 43 52 ee 01 08 7f c6 10 46 b6 48 a8 4d 7f 87 | 20 68 d8 14 6d 5c 5b d6 b0 55 3f 67 dd 68 05 a2 | 94 59 cf 8d 33 f8 58 4b df 7b c5 cf 6d 93 e7 b9 | 19 26 79 cd 21 b0 dd 08 ab a4 f9 36 fb 0c 70 45 | 64 d7 a1 1a a3 75 a5 73 ea 8c 3f 84 10 2d 15 56 | ef 5d bb 8e 49 96 c0 60 92 d5 55 d1 36 f8 ec a4 | 7f 5b 19 f0 3b ef aa eb b8 db 74 bc 52 89 20 dc | e4 3b 7b 62 1f 20 af 3c 14 b9 fa 0b e4 5d ee 8c | ba 7c 12 6f 05 6d f6 40 a2 44 07 3a 72 18 ff de | 3d 7c 46 74 d1 5d e3 cb 3c ec d4 53 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | a9 0e ac d2 b2 03 60 54 8d ee f7 99 e0 3b fe ba | ba ae 0e 6e | outI1 HASH(1): | a9 0e ac d2 b2 03 60 54 8d ee f7 99 e0 3b fe ba | ba ae 0e 6e | last Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | current Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | fb f8 ce b4 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 04 ff 64 2b 23 9d 4a 85 98 27 af 7c 35 64 71 03 | b5 bd 18 a4 | encrypting: 01 00 00 18 a9 0e ac d2 b2 03 60 54 8d ee f7 99 | encrypting: e0 3b fe ba ba ae 0e 6e 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 08 82 5b 29 | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | encrypting: ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | encrypting: 05 00 01 04 88 b1 a7 11 27 dd 06 fd ee 37 9a 18 | encrypting: 3c ea 43 1d 2f 23 c0 df e6 6c 80 bc 3a 26 d5 89 | encrypting: ea fa 6c ae 2e 50 ce 61 bf 3a 48 20 5d ae dc 84 | encrypting: 10 ef a2 39 60 b2 2a 3b 3f 38 fb ca 36 be 0d 4d | encrypting: 6f 8f 2e a4 2c 79 e1 20 d2 87 79 07 2f 23 51 a6 | encrypting: db 6f 64 90 10 00 8f 81 e7 db 37 34 20 0b b7 1b | encrypting: 09 a2 e2 ce 8b 99 b7 ed 10 43 52 ee 01 08 7f c6 | encrypting: 10 46 b6 48 a8 4d 7f 87 20 68 d8 14 6d 5c 5b d6 | encrypting: b0 55 3f 67 dd 68 05 a2 94 59 cf 8d 33 f8 58 4b | encrypting: df 7b c5 cf 6d 93 e7 b9 19 26 79 cd 21 b0 dd 08 | encrypting: ab a4 f9 36 fb 0c 70 45 64 d7 a1 1a a3 75 a5 73 | encrypting: ea 8c 3f 84 10 2d 15 56 ef 5d bb 8e 49 96 c0 60 | encrypting: 92 d5 55 d1 36 f8 ec a4 7f 5b 19 f0 3b ef aa eb | encrypting: b8 db 74 bc 52 89 20 dc e4 3b 7b 62 1f 20 af 3c | encrypting: 14 b9 fa 0b e4 5d ee 8c ba 7c 12 6f 05 6d f6 40 | encrypting: a2 44 07 3a 72 18 ff de 3d 7c 46 74 d1 5d e3 cb | encrypting: 3c ec d4 53 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 04 ff 64 2b 23 9d 4a 85 98 27 af 7c 35 64 71 03 | IV: b5 bd 18 a4 | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 65 c2 e6 36 ef fa 3c a6 | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 20 01 fb f8 ce b4 00 00 01 b4 63 f8 06 2f | 88 db cf 85 72 a2 98 07 ec f7 d9 fc 1b a0 a6 a1 | 37 66 86 e9 43 16 ad 52 8c 4b 68 7c f1 3f 4b 3a | 06 f6 10 3f 31 34 22 03 72 97 c9 7e be 8c ec 7d | f0 8e eb 0a a5 6e 72 79 d1 91 6f d5 06 22 0a c0 | 68 48 3e 04 3c d7 8d 87 ee e2 68 f6 51 97 e7 fc | 20 a7 38 ea d1 10 54 a6 87 87 4d 96 16 40 73 91 | ab fe 48 4e 37 2c 55 1a f4 04 12 9f 1c 5f c1 c3 | d8 a0 ae 4f 11 d1 d4 e4 d2 c7 55 1a 85 f4 d9 78 | 85 6b 8e c7 bf b7 91 aa 38 49 2e 34 7c 94 2c 63 | 2a e8 38 5c fd 4e ee 0d 21 ea 13 28 85 30 36 02 | 0b bb 90 f7 b2 df bf 75 17 ea 7d 49 4f e8 50 e2 | 93 71 a7 94 58 23 75 4e ec ba 4e 6d f9 aa e5 56 | ac 58 d5 dd fd a8 6d 0c 74 b1 42 6c e9 fc 76 11 | ce 0e 78 1a 8e 33 fd cf 33 fa b8 b5 7a a6 29 a2 | 7a a1 a1 e6 61 1f 5d 7e c1 78 c4 7a 0d f6 09 e2 | e2 d9 d6 ca 97 92 29 4a b1 81 c6 d3 74 eb 5f 02 | 52 59 ba 83 5b 26 23 43 2a 95 4b 44 51 e4 35 b2 | c9 14 73 29 66 42 a0 84 cf a4 ad eb 4b 98 fb 62 | 0a eb 8d 89 cf 22 50 3c 62 f1 8e b3 b6 5d ad be | 19 42 99 0e f7 43 27 90 fc 34 49 f3 66 7c fa ad | ea 11 ac 20 22 2c 38 e1 ec 8c b2 77 20 e0 79 22 | 29 01 18 9e 1a 5f aa 34 f8 33 e8 76 d5 f3 26 6f | a4 fc 8d 84 fe 6e bd 6e a2 70 92 a2 7d bc 24 71 | e5 a2 2d a7 bc 96 fc a5 0d 65 68 3f bd 24 63 46 | 28 c8 82 c0 4a d2 9b 7c d9 43 eb f8 65 c2 e6 36 | ef fa 3c a6 | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d50 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 "3des" #20: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f6c0c002d50 size 128 | #20 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48960.272337 | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 0.626 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bf80068d0 | spent 0.00326 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 20 01 fb f8 ce b4 00 00 01 b4 bf 09 42 14 | b5 e9 03 53 05 68 ac 25 74 f4 a4 34 4b fc 00 0d | f4 c9 8b 3d 69 19 41 49 bd 77 9c 91 ee bc 10 fd | 75 3a 7e 3b 6a f2 16 29 93 4e 2a 14 f8 b4 74 e9 | e6 d7 06 d5 a4 25 4a e9 5c 87 5c 58 b0 2d 6f 13 | f2 90 44 02 eb 17 10 36 4a 07 20 c0 38 c5 46 5a | e4 77 80 81 d5 43 8f 54 1d f2 52 d9 e8 04 89 16 | 6e 69 b1 44 7d 27 0c 9f f7 1b d6 4c 44 a9 93 53 | cf 29 1f 08 ac 39 ac 8e 83 7e c8 35 35 cc 66 f7 | 10 30 fd 5d 4b cc 93 50 66 5e a3 58 e1 b4 6d 7e | 75 5b 92 8f d6 1e 62 40 a5 7d 12 db db b6 2c 37 | 1e f9 74 b0 88 0f 80 c9 44 79 ce 66 b4 c1 59 20 | ca eb c0 c6 53 dc 27 cb d3 26 aa 54 9c 33 57 aa | de 7e 3d 1a 10 32 b1 0f 25 43 d2 af 43 b5 12 30 | cd 49 ee 11 fc fc b5 84 51 41 ef 80 2c 3f 08 17 | 6b ec ea 70 3e b7 18 af 7f 98 b6 8b 90 5e b1 da | ff 4b eb 1b 23 4a b0 29 44 6a c9 cf f3 d4 db 92 | a3 74 c6 b7 07 69 bb a9 e4 ab 28 36 8f 0e 5f 42 | 97 5a ab df 11 01 8f e4 9e 97 0b 98 3d cf a5 20 | 95 5a 59 34 ad a6 ea 16 2a dd b8 e1 4e 18 fc d4 | 09 99 d2 d0 cb 0c e7 20 04 b9 5c 3d 18 1d 27 17 | 65 5b 93 ee a0 98 5e 7d 5f b7 4d 10 48 11 d1 11 | 5f ac 0d 43 95 b9 a5 eb 5a be 05 e6 1b 2b 65 ee | 71 9d 57 41 98 8f 05 34 df a5 27 8d a9 75 4e 02 | 87 bc 2e d4 56 8b 04 34 45 72 8b 5d 7d 11 cd c0 | a2 ac 38 bb 40 9a 7a d1 6d 8b 9b 81 8b 10 3e 86 | 10 9b 9a 91 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4227387060 (0xfbf8ceb4) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #20 in QUICK_I1 (find_state_ikev1) | start processing: state #20 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1609) | #20 is idle | #20 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 65 c2 e6 36 ef fa 3c a6 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 8b 10 3e 86 10 9b 9a 91 | decrypted payload (starts at offset -408): | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 20 01 fb f8 ce b4 00 00 01 b4 01 00 00 18 | bb 65 11 76 b5 7d c7 9d fc 40 3f 66 fa 81 7b 8f | 69 97 91 44 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 2b db 1c de 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 d5 68 8a e0 | fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 3f 73 a6 db | 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 05 00 01 04 | 65 bd d6 be d8 a7 1d 9b 2a 74 eb 92 29 fc c7 cc | 58 aa a9 69 f2 62 1a 90 38 29 d6 06 fc c9 c6 55 | 38 bd ea 16 1b 14 e5 35 75 48 a6 0c 31 57 bf bf | 60 90 74 82 a5 5a f5 5d f1 cb a8 bf 52 aa 97 44 | 6c c9 ba c6 db 52 2f 8f 30 8f b2 74 8a 12 c6 f0 | 3d 21 c2 0b b7 f2 12 85 0f 83 ab 97 7f c1 0d dd | 10 cc 6b 62 fc cd e0 17 dc 0d 07 fd 64 43 64 4e | e6 d8 2a d1 82 1a 4f a1 53 29 b0 53 30 ca e2 ee | 2b 6e 27 58 77 50 36 8e 56 c4 e1 b0 40 a2 ca 4a | fb ae d1 8f 2f 84 21 a9 ae c9 3c 1c 04 4e 90 e8 | ec a0 4f a0 6a 91 a0 7b c6 e9 86 a0 dc a7 19 f5 | e3 f1 8e 97 89 0d 33 43 90 62 19 48 fd 73 09 62 | 9a a5 6c 0f 37 0b 26 02 9e 78 23 a9 1c 74 30 0c | d9 f6 74 58 a9 e3 94 75 0b c8 d9 a6 14 e7 9a 3a | 18 b6 db 19 bf 74 d1 e5 7e 8e 9a 71 7b f2 ce 08 | 6a 54 fe 52 42 73 35 c7 20 9e de 30 16 85 ff f7 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x7f6c04003980 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | fb f8 ce b4 | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | HASH(1) PRF sha update payload-bytes@0x556ef36231a4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 2b db 1c de 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 d5 68 8a e0 fa b4 e2 46 | d5 1c 79 92 a6 ca 43 12 3f 73 a6 db 81 03 0b 1e | d0 33 b8 b4 0f f5 68 d5 05 00 01 04 65 bd d6 be | d8 a7 1d 9b 2a 74 eb 92 29 fc c7 cc 58 aa a9 69 | f2 62 1a 90 38 29 d6 06 fc c9 c6 55 38 bd ea 16 | 1b 14 e5 35 75 48 a6 0c 31 57 bf bf 60 90 74 82 | a5 5a f5 5d f1 cb a8 bf 52 aa 97 44 6c c9 ba c6 | db 52 2f 8f 30 8f b2 74 8a 12 c6 f0 3d 21 c2 0b | b7 f2 12 85 0f 83 ab 97 7f c1 0d dd 10 cc 6b 62 | fc cd e0 17 dc 0d 07 fd 64 43 64 4e e6 d8 2a d1 | 82 1a 4f a1 53 29 b0 53 30 ca e2 ee 2b 6e 27 58 | 77 50 36 8e 56 c4 e1 b0 40 a2 ca 4a fb ae d1 8f | 2f 84 21 a9 ae c9 3c 1c 04 4e 90 e8 ec a0 4f a0 | 6a 91 a0 7b c6 e9 86 a0 dc a7 19 f5 e3 f1 8e 97 | 89 0d 33 43 90 62 19 48 fd 73 09 62 9a a5 6c 0f | 37 0b 26 02 9e 78 23 a9 1c 74 30 0c d9 f6 74 58 | a9 e3 94 75 0b c8 d9 a6 14 e7 9a 3a 18 b6 db 19 | bf 74 d1 e5 7e 8e 9a 71 7b f2 ce 08 6a 54 fe 52 | 42 73 35 c7 20 9e de 30 16 85 ff f7 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | bb 65 11 76 b5 7d c7 9d fc 40 3f 66 fa 81 7b 8f | 69 97 91 44 | quick_inR1_outI2 HASH(2): | bb 65 11 76 b5 7d c7 9d fc 40 3f 66 fa 81 7b 8f | 69 97 91 44 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 2b db 1c de | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 65 bd d6 be d8 a7 1d 9b 2a 74 eb 92 29 fc c7 cc | 58 aa a9 69 f2 62 1a 90 38 29 d6 06 fc c9 c6 55 | 38 bd ea 16 1b 14 e5 35 75 48 a6 0c 31 57 bf bf | 60 90 74 82 a5 5a f5 5d f1 cb a8 bf 52 aa 97 44 | 6c c9 ba c6 db 52 2f 8f 30 8f b2 74 8a 12 c6 f0 | 3d 21 c2 0b b7 f2 12 85 0f 83 ab 97 7f c1 0d dd | 10 cc 6b 62 fc cd e0 17 dc 0d 07 fd 64 43 64 4e | e6 d8 2a d1 82 1a 4f a1 53 29 b0 53 30 ca e2 ee | 2b 6e 27 58 77 50 36 8e 56 c4 e1 b0 40 a2 ca 4a | fb ae d1 8f 2f 84 21 a9 ae c9 3c 1c 04 4e 90 e8 | ec a0 4f a0 6a 91 a0 7b c6 e9 86 a0 dc a7 19 f5 | e3 f1 8e 97 89 0d 33 43 90 62 19 48 fd 73 09 62 | 9a a5 6c 0f 37 0b 26 02 9e 78 23 a9 1c 74 30 0c | d9 f6 74 58 a9 e3 94 75 0b c8 d9 a6 14 e7 9a 3a | 18 b6 db 19 bf 74 d1 e5 7e 8e 9a 71 7b f2 ce 08 | 6a 54 fe 52 42 73 35 c7 20 9e de 30 16 85 ff f7 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6bf8001ef0: transferring ownership from state #20 to helper IKEv1 DH | adding quick outI2 DH work-order 28 for state #20 | state #20 requesting EVENT_RETRANSMIT to be deleted | #20 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c0c002d50 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f6c0c002d50 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #20 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #20 and saving MD | #20 is busy; has a suspended MD | #20 spent 0.169 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #20 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.552 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 5 resuming | crypto helper 5 starting work-order 28 for state #20 | crypto helper 5 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 | peer's g: 65 bd d6 be d8 a7 1d 9b 2a 74 eb 92 29 fc c7 cc | peer's g: 58 aa a9 69 f2 62 1a 90 38 29 d6 06 fc c9 c6 55 | peer's g: 38 bd ea 16 1b 14 e5 35 75 48 a6 0c 31 57 bf bf | peer's g: 60 90 74 82 a5 5a f5 5d f1 cb a8 bf 52 aa 97 44 | peer's g: 6c c9 ba c6 db 52 2f 8f 30 8f b2 74 8a 12 c6 f0 | peer's g: 3d 21 c2 0b b7 f2 12 85 0f 83 ab 97 7f c1 0d dd | peer's g: 10 cc 6b 62 fc cd e0 17 dc 0d 07 fd 64 43 64 4e | peer's g: e6 d8 2a d1 82 1a 4f a1 53 29 b0 53 30 ca e2 ee | peer's g: 2b 6e 27 58 77 50 36 8e 56 c4 e1 b0 40 a2 ca 4a | peer's g: fb ae d1 8f 2f 84 21 a9 ae c9 3c 1c 04 4e 90 e8 | peer's g: ec a0 4f a0 6a 91 a0 7b c6 e9 86 a0 dc a7 19 f5 | peer's g: e3 f1 8e 97 89 0d 33 43 90 62 19 48 fd 73 09 62 | peer's g: 9a a5 6c 0f 37 0b 26 02 9e 78 23 a9 1c 74 30 0c | peer's g: d9 f6 74 58 a9 e3 94 75 0b c8 d9 a6 14 e7 9a 3a | peer's g: 18 b6 db 19 bf 74 d1 e5 7e 8e 9a 71 7b f2 ce 08 | peer's g: 6a 54 fe 52 42 73 35 c7 20 9e de 30 16 85 ff f7 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6bf8001ef0: computed shared DH secret key@0x7f6c0c007fa0 | dh-shared : g^ir-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 5 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 time elapsed 0.000981 seconds | (#20) spent 0.982 milliseconds in crypto helper computing work-order 28: quick outI2 DH (pcr) | crypto helper 5 sending results from work-order 28 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 28 | calling continuation function 0x556ef2b25630 | quick_inR1_outI2_continue for #20: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4227387060 (0xfbf8ceb4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f6bf8001ef0: transferring ownership from helper IKEv1 DH to state #20 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e658 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x556ef360e180 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x556ef360e180 | HASH(1): release clone-key@0x556ef360e180 | HASH(1) PRF sha crypt-prf@0x556ef361d310 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e73c (length 4) | fb f8 ce b4 | HASH(1) PRF sha update Ni_b-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | HASH(1) PRF sha update Nr_b-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 74 e8 71 92 9f 31 91 cb 33 4e 0b 60 85 3e ec 13 | b7 fd 9d 1d | quick_inR1_outI2 HASH(3): | 74 e8 71 92 9f 31 91 cb 33 4e 0b 60 85 3e ec 13 | b7 fd 9d 1d | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d2d0 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef3628c30 | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 08 82 5b 29 | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | 2b db 1c de | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha final-bytes@0x7f6c0c004140 (length 20) | 49 41 ad 11 85 a8 25 2d a5 23 34 bc c5 e2 39 49 | 81 1c 1f 30 | hmac PRF sha final-bytes@0x7f6bf8006530 (length 20) | fa 1b 69 6d 1d 5f 1e 97 0b 8e 3d 57 ed a0 52 06 | fa 89 8a ec | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef361d330 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d310 | hmac PRF sha update data-bytes@0x7f6c0c004140 (length 20) | 49 41 ad 11 85 a8 25 2d a5 23 34 bc c5 e2 39 49 | 81 1c 1f 30 | hmac PRF sha update data-bytes@0x7f6bf8006530 (length 20) | fa 1b 69 6d 1d 5f 1e 97 0b 8e 3d 57 ed a0 52 06 | fa 89 8a ec | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 08 82 5b 29 | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | 2b db 1c de | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha final-bytes@0x7f6c0c004154 (length 20) | ba a0 9b 98 ee 58 fa 36 84 4f b7 47 f3 86 07 2a | 12 ce a5 ab | hmac PRF sha final-bytes@0x7f6bf8006544 (length 20) | 3d 19 2c ba e4 79 d7 7c aa 7a 7f b1 89 16 ce 99 | e9 f7 b9 28 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d2d0 | hmac PRF sha init symkey-key@0x556ef3601f40 (size 20) | hmac: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef3628c30 | hmac PRF sha update data-bytes@0x7f6c0c004154 (length 20) | ba a0 9b 98 ee 58 fa 36 84 4f b7 47 f3 86 07 2a | 12 ce a5 ab | hmac PRF sha update data-bytes@0x7f6bf8006544 (length 20) | 3d 19 2c ba e4 79 d7 7c aa 7a 7f b1 89 16 ce 99 | e9 f7 b9 28 | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update g^xy-key@0x7f6c0c007fa0 (size 256) | hmac: g^xy-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c0c007fa0 | nss hmac digest hack: symkey-key@0x7f6c0c007fa0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffff91 ffffffd2 ffffffb5 76 ffffff91 ffffffc2 ffffffed 7d 7b ffffffad 15 fffffff8 18 54 16 ffffff96 ffffffb1 fffffff7 07 75 71 23 ffffffc7 19 2c 0b ffffff89 ffffffae ffffffa5 ffffffba ffffffd7 ffffff80 ffffffaa 66 ffffffc4 37 ffffffd3 2d ffffffe3 1e ffffffdd ffffffc7 ffffff9f ffffffe2 28 ffffffd5 ffffff83 ffffff88 66 33 3d ffffffca ffffff8f ffffff9d 30 4c 5c ffffff9c ffffff9d 5f ffffff9b ffffffd1 01 55 ffffffd9 fffffff7 38 ffffffb9 ffffff89 ffffff8b 13 ffffffec ffffffe6 ffffffe6 78 ffffffd9 ffffffd1 60 ffffff93 51 53 ffffffbd 0f ffffff9a 32 7a 29 69 63 52 6e 1d 1c ffffff9a 16 fffffff2 74 ffffffdf ffffffe8 ffffffc8 ffffffa5 ffffffd9 21 fffffff6 4d ffffffa3 ffffff8e ffffffad ffffffa5 57 13 ffffff9c 24 38 6c ffffffa7 66 3a ffffffa8 7c ffffffda 3b 6f 30 51 ffffff8d 5b ffffff95 50 2f 46 ffffffc4 58 47 48 11 ffffff84 5b 7a 2a ffffffd2 61 08 64 ffffff8c ffffffb0 ffffffc0 ffffff89 77 39 ffffff85 33 37 74 10 ffffff87 ffffffc9 7f 32 ffff | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 00 06 a6 58 9a dd 45 af 70 72 c0 a8 36 58 b8 bb | unwrapped: 6d 7b 54 42 10 5f ad e8 97 47 86 85 b4 5b a9 2f | unwrapped: d4 24 ab 16 00 8c a5 5e 3a 7c 02 95 f2 3a 8c 5a | unwrapped: ac e2 3e cc 36 40 8c 51 d7 72 28 90 e4 3a 7d 1e | unwrapped: 21 37 c2 5d d1 31 45 a5 d3 32 aa d0 27 37 74 bd | unwrapped: 57 1b 62 0e b7 37 9e 7a ff 59 98 fd 5f 01 d8 02 | unwrapped: b8 a1 32 88 29 9d e7 0c 23 e2 27 f7 b3 86 3d 42 | unwrapped: fe d6 37 55 40 b7 91 f1 64 3a c9 93 e1 83 cb cd | unwrapped: e6 d9 88 04 b2 b3 72 78 d0 03 cc 7e 54 41 ee b5 | unwrapped: 00 44 6e 4b d3 b5 fb 66 32 fb 45 7a d0 ea 02 9d | unwrapped: 17 b7 ee 9c 5c 05 8b 5f dc ed d6 a7 58 e6 9e c5 | unwrapped: 53 0d 59 1f c6 a0 08 2c 7f 40 18 34 d7 99 2c 9c | unwrapped: 75 09 a3 7e 67 4c 4d 59 24 84 d4 e8 52 ca bc a6 | unwrapped: 8d 81 81 2e 33 66 18 16 29 94 17 ed fe 2a f6 a9 | unwrapped: 96 1b 0e c3 19 33 4e c3 a4 7d 1e 5f be 76 bb 63 | unwrapped: 13 8d 09 af de 03 41 23 ab df 8e 5e 98 18 7e c6 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 08 82 5b 29 | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | 2b db 1c de | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf8000c30 (length 32) | 37 40 af a7 8e 9d bf ef 72 ca 7f a4 8a 87 92 b4 | ff 68 b3 30 c7 98 f2 a4 16 1f 78 a8 84 ed 6c f9 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha update data-bytes@0x7f6bf80030a0 (length 32) | d5 68 8a e0 fa b4 e2 46 d5 1c 79 92 a6 ca 43 12 | 3f 73 a6 db 81 03 0b 1e d0 33 b8 b4 0f f5 68 d5 | hmac PRF sha final-bytes@0x7f6c0c004168 (length 20) | 50 2a 75 0c 7a b8 99 0d 85 e0 d3 86 3a 35 5a 77 | ca 78 dd 4c | hmac PRF sha final-bytes@0x7f6bf8006558 (length 20) | 17 41 19 f6 8a ef f4 b8 82 58 56 82 cc fb 98 a1 | 70 95 c9 c8 | install_ipsec_sa() for #20: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2bdb1cde@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.8825b29@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #20: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #20 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2bdb1cde SPI_OUT=0x | popen cmd is 1022 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1642: | cmd( 320):4' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0x2bdb1cde SPI_OUT=0x8825b29 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2bdb1cde | popen cmd is 1027 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x2bdb1cde SPI_OUT=0x8825b29 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2bdb1cde SPI_ | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x2bdb1cde SPI_OUT=0x8825b29 ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x556ef3620bc0,sr=0x556ef3620bc0} to #20 (was #0) (newest_ipsec_sa=#0) | #19 spent 0.85 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 74 e8 71 92 9f 31 91 cb 33 4e 0b 60 | encrypting: 85 3e ec 13 b7 fd 9d 1d | IV: 8b 10 3e 86 10 9b 9a 91 | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 66 5d 32 c5 3e f0 a3 e9 | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #20 (was #0) (spd.eroute=#20) cloned from #19 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #20 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #20 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #20: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d50 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 20 01 fb f8 ce b4 00 00 00 34 24 3d c5 7f | 7e 8b 48 76 bf 3f 17 a9 be e3 b6 71 66 5d 32 c5 | 3e f0 a3 e9 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6c10002b20 | inserting event EVENT_SA_REPLACE, timeout in 27921 seconds for #20 | libevent_malloc: new ptr-libevent@0x7f6c0c002d50 size 128 | pstats #20 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #20: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x2bdb1cde <0x08825b29 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 2.26 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6bfc002030 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00452 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00258 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00269 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.8825b29@192.1.2.45 | get_sa_info esp.2bdb1cde@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.089 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #20 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #20 connection "3des" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #20 ikev1.ipsec deleted completed | [RE]START processing: state #20 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #20: deleting state (STATE_QUICK_I2) aged 0.280s and sending notification | child state #20: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.2bdb1cde@192.1.2.23 | get_sa_info esp.8825b29@192.1.2.45 "3des" #20: ESP traffic information: in=84B out=84B | #20 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2678929835 (0x9fad39ab) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 08 82 5b 29 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1) prf: begin sha with context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1): release clone-key@0x556ef36233f0 | HASH(1) PRF sha crypt-prf@0x556ef361d2f0 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 9f ad 39 ab | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 08 82 5b 29 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | a4 9d 52 e7 74 03 41 c8 8f d9 94 55 bf ff d5 40 | 98 8c b4 e3 | send delete HASH(1): | a4 9d 52 e7 74 03 41 c8 8f d9 94 55 bf ff d5 40 | 98 8c b4 e3 | last Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | current Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 9f ad 39 ab | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 50 c8 76 ea 2f 42 15 18 0c 7d 36 78 0c 25 01 04 | 26 24 b3 5a | encrypting: 0c 00 00 18 a4 9d 52 e7 74 03 41 c8 8f d9 94 55 | encrypting: bf ff d5 40 98 8c b4 e3 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 08 82 5b 29 | IV: 50 c8 76 ea 2f 42 15 18 0c 7d 36 78 0c 25 01 04 | IV: 26 24 b3 5a | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 6d 9e 72 91 7c 49 9b 02 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 05 01 9f ad 39 ab 00 00 00 44 42 52 2f e9 | 39 63 dc a8 37 55 32 93 c9 fe 5d d6 ec 3f 7d cc | 16 c7 ec 1b 25 23 67 8f 10 f2 af c4 6d 9e 72 91 | 7c 49 9b 02 | state #20 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c0c002d50 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6c10002b20 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050313' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x2bdb1cde | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1569050313' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x2bdb1cde SPI_OUT=0x8825b29 ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.2bdb1cde@192.1.2.23 | netlink response for Del SA esp.2bdb1cde@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.8825b29@192.1.2.45 | netlink response for Del SA esp.8825b29@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #20 in QUICK_I2 | child state #20: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6bf8001ef0: destroyed | stop processing: state #20 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x7f6c0c007fa0 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x7f6c10006900 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #19 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #19 | start processing: state #19 connection "3des" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #19 ikev1.isakmp deleted completed | [RE]START processing: state #19 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #19: deleting state (STATE_MAIN_I4) aged 0.337s and sending notification | parent state #19: MAIN_I4(established IKE SA) => delete | #19 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 468138308 (0x1be73944) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI f2 69 cc 85 af f2 d9 a8 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI cd e1 be 8e f8 e9 a0 26 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3609090 (size 20) | HASH(1): SKEYID_a-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36050a0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1) prf: begin sha with context 0x556ef36050a0 from SKEYID_a-key@0x7f6c0c007fa0 | HASH(1): release clone-key@0x7f6c0c007fa0 | HASH(1) PRF sha crypt-prf@0x7f6c04003980 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 1b e7 39 44 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 f2 69 cc 85 | af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | 05 09 b9 7b a3 51 31 86 4d 97 e3 02 9f c0 66 b5 | 63 d9 f0 56 | send delete HASH(1): | 05 09 b9 7b a3 51 31 86 4d 97 e3 02 9f c0 66 b5 | 63 d9 f0 56 | last Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | current Phase 1 IV: e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | e9 d3 a0 51 6b 37 1a f7 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 1b e7 39 44 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 6c 43 2c b2 6f 1a fe 6b c5 62 d4 59 0e 6c 49 c9 | 5b 8e f2 91 | encrypting: 0c 00 00 18 05 09 b9 7b a3 51 31 86 4d 97 e3 02 | encrypting: 9f c0 66 b5 63 d9 f0 56 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 f2 69 cc 85 af f2 d9 a8 cd e1 be 8e | encrypting: f8 e9 a0 26 | IV: 6c 43 2c b2 6f 1a fe 6b c5 62 d4 59 0e 6c 49 c9 | IV: 5b 8e f2 91 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: b0 97 97 db f7 25 b3 b7 | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 05 01 1b e7 39 44 00 00 00 54 30 3e fb 73 | 93 c1 23 a5 be dd 68 63 8b da b5 83 63 f3 f4 74 | c9 b4 7c 86 3f 1a 44 9c a4 5e c8 32 8d d3 9f 71 | 7a 80 50 a0 cc 8d 6a e8 18 61 d0 b1 b0 97 97 db | f7 25 b3 b7 | state #19 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c04001570 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6c100015b0 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #19 in MAIN_I4 | parent state #19: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c00000f80: destroyed | stop processing: state #19 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef36037c0 | delete_state: release st->st_skeyid_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_d_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ai_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x7f6c10006900 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.32 milliseconds in whack | spent 0.00167 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 05 01 b1 5d 98 65 00 00 00 44 d3 c9 9c 0e | 70 1e 42 03 8d f1 47 bf 7b 94 2f da 35 e9 3c 03 | b1 b7 48 b9 e3 47 e8 e1 a7 e9 3b 60 2a ed 57 2d | fe 0a 72 15 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2975701093 (0xb15d9865) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xb15d9865 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f2 69 cc 85 af f2 d9 a8 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | cd e1 be 8e f8 e9 a0 26 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0683 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00397 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00277 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | f2 69 cc 85 af f2 d9 a8 cd e1 be 8e f8 e9 a0 26 | 08 10 05 01 63 14 e4 0c 00 00 00 54 27 a0 72 b6 | 88 89 64 66 fd f5 ac 90 ff 89 b9 b6 e6 a1 9e e1 | e1 01 ca 0d 7f bc 1a 91 da 6e e6 5d 98 c0 8b 5d | f4 a7 e0 72 26 90 db 2b 63 29 c3 40 9b 4b 06 bd | 4c da 21 59 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | f2 69 cc 85 af f2 d9 a8 | responder cookie: | cd e1 be 8e f8 e9 a0 26 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1662313484 (0x6314e40c) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x6314e40c | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | f2 69 cc 85 af f2 d9 a8 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | cd e1 be 8e f8 e9 a0 26 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0779 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x556ef362a7b0 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.543 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0044 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0601 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.045 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0512 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.111 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #21 at 0x556ef3625160 | State DB: adding IKEv1 state #21 in UNDEFINED | pstats #21 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #21 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #21: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #21 "3des" "3des" #21: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 80 45 41 6f 90 69 f9 ca | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x556ef357b900 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #21: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #21) | 80 45 41 6f 90 69 f9 ca 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6c100015b0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #21 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #21 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48961.393642 | #21 spent 0.437 milliseconds in main_outI1() | stop processing: state #21 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.5 milliseconds in whack | spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 80 45 41 6f 90 69 f9 ca a2 24 fd 6f f2 df 15 01 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 80 45 41 6f 90 69 f9 ca | responder cookie: | a2 24 fd 6f f2 df 15 01 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #21 in MAIN_I1 (find_state_ikev1_init) | start processing: state #21 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #21 is idle | #21 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #21: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #21: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #21 spent 0.0102 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #21 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.122 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7f6c100015b0 | handling event EVENT_RETRANSMIT for parent state #21 | start processing: state #21 connection "3des" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #21 connection "3des" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "3des" #21 keying attempt 1 of 0; retransmit 1 "3des" #21: IMPAIR: retransmit so deleting SA | [RE]START processing: state #21 connection "3des" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:124) | pstats #21 ikev1.isakmp failed too-many-retransmits | pstats #21 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #21 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #21: deleting state (STATE_MAIN_I1) aged 0.501s and NOT sending notification | parent state #21: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection 3des | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "3des" {0x556ef357bdb0} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #21 "3des" #21: deleting IKE SA for connection '3des' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection '3des' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection 3des | State DB: deleting IKEv1 state #21 in MAIN_I1 | parent state #21: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #21 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6c100015b0 | in statetime_stop() and could not find #21 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection 3des which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #22 at 0x556ef3625160 | State DB: adding IKEv1 state #22 in UNDEFINED | pstats #22 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #22 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #22: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #22 "3des" "3des" #22: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 6c 95 b1 f9 bc 4d e9 9a | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x556ef3580890 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #22: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #22) | 6c 95 b1 f9 bc 4d e9 9a 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #22 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #22 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48961.895076 | #22 spent 0.391 milliseconds in main_outI1() | stop processing: state #22 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | spent 0.413 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.0019 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6c 95 b1 f9 bc 4d e9 9a 9e 68 32 5a 5b 45 c7 e1 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6c 95 b1 f9 bc 4d e9 9a | responder cookie: | 9e 68 32 5a 5b 45 c7 e1 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #22 in MAIN_I1 (find_state_ikev1_init) | start processing: state #22 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1455) | #22 is idle | #22 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #22: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #22: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #22 spent 0.0082 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #22 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.113 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0419 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | removing pending policy for no connection {0x556ef357bdb0} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #22 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #22 connection "3des" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #22 ikev1.isakmp deleted other | [RE]START processing: state #22 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #22: deleting state (STATE_MAIN_I1) aged 0.039s and NOT sending notification | parent state #22: MAIN_I1(half-open IKE SA) => delete | state #22 requesting EVENT_RETRANSMIT to be deleted | #22 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #22 in MAIN_I1 | parent state #22: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #22 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x556ef361eee0 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.243 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0759 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0488 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:192 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0451 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x556ef361eee0 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.117 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #23 at 0x556ef3625160 | State DB: adding IKEv1 state #23 in UNDEFINED | pstats #23 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #23 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118) | parent state #23: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #23 "3des" "3des" #23: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x556ef357c480 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #23: IMPAIR: sending key-length attribute value 192 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | 6e 97 6f f3 68 24 bd 42 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #23 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48962.594987 | #23 spent 0.392 milliseconds in main_outI1() | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.468 milliseconds in whack | spent 0.00171 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #23 in MAIN_I1 (find_state_ikev1_init) | start processing: state #23 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #23 is idle | #23 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 29 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #23 and saving MD | #23 is busy; has a suspended MD | #23 spent 0.15 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.273 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 29 for state #23 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 29 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c100017a0: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c100017a0 | NSS: Public DH wire value: | ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | Generated nonce: 7e e7 95 9b ec de b9 3d 02 6b d1 09 5c 67 2d 55 | Generated nonce: 52 e2 dc 5d 1c dc be 45 c3 c0 05 f4 39 79 46 70 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 29 time elapsed 0.00099 seconds | (#23) spent 0.992 milliseconds in crypto helper computing work-order 29: outI2 KE (pcr) | crypto helper 0 sending results from work-order 29 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f6c10001500 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 29 | calling continuation function 0x556ef2b25630 | main_inR1_outI2_continue for #23: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c100017a0: transferring ownership from helper KE to state #23 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | keyex value 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | keyex value 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | keyex value 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | keyex value 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | keyex value e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | keyex value eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | keyex value f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | keyex value ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | keyex value 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | keyex value 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | keyex value 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | keyex value c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | keyex value be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | keyex value 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | keyex value 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 7e e7 95 9b ec de b9 3d 02 6b d1 09 5c 67 2d 55 | Ni 52 e2 dc 5d 1c dc be 45 c3 c0 05 f4 39 79 46 70 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 6e 97 6f f3 68 24 bd 42 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | a5 e3 14 70 21 93 bd 9a | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | 10 de 39 59 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6e 97 6f f3 68 24 bd 42 | natd_hash: rcookie= a5 e3 14 70 21 93 bd 9a | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | natd_hash: hash= 10 de 39 59 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | NAT-D 10 de 39 59 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7fff8d54e8c0 (length 8) | 6e 97 6f f3 68 24 bd 42 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7fff8d54e8c8 (length 8) | a5 e3 14 70 21 93 bd 9a | NATD hash sha digest IP addr-bytes@0x7fff8d54e844 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e836 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e910 (length 20) | c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | f9 aa 16 93 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6e 97 6f f3 68 24 bd 42 | natd_hash: rcookie= a5 e3 14 70 21 93 bd 9a | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | natd_hash: hash= f9 aa 16 93 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | NAT-D f9 aa 16 93 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #23 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #23: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | 14 00 00 24 7e e7 95 9b ec de b9 3d 02 6b d1 09 | 5c 67 2d 55 52 e2 dc 5d 1c dc be 45 c3 c0 05 f4 | 39 79 46 70 14 00 00 18 89 32 3c e1 97 8c 73 e5 | c4 52 68 b1 8f bd 34 90 10 de 39 59 00 00 00 18 | c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | f9 aa 16 93 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6bfc002030 size 128 | #23 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48962.597346 "3des" #23: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.346 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c10001500 | spent 0.00266 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | 14 00 00 24 2d 9d 67 e6 20 6d 48 e5 42 af 76 06 | e1 37 7c ac 3a 43 95 c1 d6 6d 58 6e a2 7f fc c0 | d7 3e bd 40 14 00 00 18 c4 42 a7 57 7c 4e 57 66 | a1 f5 b9 7f 21 b5 6e f9 f9 aa 16 93 00 00 00 18 | 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | 10 de 39 59 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I2 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #23 is idle | #23 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c100017a0: transferring ownership from state #23 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 30 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bfc002030 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6c10001500 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | suspending state #23 and saving MD | #23 is busy; has a suspended MD | #23 spent 0.0867 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.224 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 2 resuming | crypto helper 2 starting work-order 30 for state #23 | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 | peer's g: f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | peer's g: f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | peer's g: f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | peer's g: b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | peer's g: 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | peer's g: e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | peer's g: b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | peer's g: 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | peer's g: af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | peer's g: ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | peer's g: 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | peer's g: a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | peer's g: 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | peer's g: e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | peer's g: cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | peer's g: d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | Started DH shared-secret computation in NSS: | new : g_ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c100017a0: computed shared DH secret key@0x7f6c10006900 | dh-shared : g^ir-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x556ef361da00 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: psk-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x556ef3609090 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: psk-key@0x556ef360c4c0 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x556ef3609090 | SKEYID psk prf: created sha context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk prf: begin sha with context 0x7f6c08002d60 from psk-key@0x556ef360c4c0 | SKEYID psk: release clone-key@0x556ef360c4c0 | SKEYID psk PRF sha crypt-prf@0x7f6c08008ad0 | SKEYID psk PRF sha update Ni-bytes@0x556ef361da24 (length 32) | 7e e7 95 9b ec de b9 3d 02 6b d1 09 5c 67 2d 55 | 52 e2 dc 5d 1c dc be 45 c3 c0 05 f4 39 79 46 70 | SKEYID psk PRF sha update Nr-bytes@0x556ef361da44 (length 32) | 2d 9d 67 e6 20 6d 48 e5 42 af 76 06 e1 37 7c ac | 3a 43 95 c1 d6 6d 58 6e a2 7f fc c0 d7 3e bd 40 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3609090 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3609090 | SKEYID psk PRF sha final-key@0x556ef360c4c0 (size 20) | SKEYID psk: key-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_d: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6b8 | result: clone-key@0x556ef3609090 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3609090 | SKEYID_d: release clone-key@0x556ef3609090 | SKEYID_d PRF sha crypt-prf@0x7f6c08001fc0 | SKEYID_d PRF sha update g^xy-key@0x7f6c10006900 (size 256) | SKEYID_d: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312960: fffffff0 ffffff8d 78 ffffffcd ffffff9e 00 1d ffffff9b ffffffb1 70 04 ffffffce ffffffcd ffffffe0 51 75 0f 0b 02 20 21 fffffff3 ffffffdf 62 66 ffffff9f ffffffda 2b 27 18 ffffffe0 ffffffce ffffffd3 ffffffd8 06 ffffffa7 ffffff97 60 ffffffcb 7d 12 60 ffffff95 ffffffe0 74 78 48 ffffffeb 0c 75 ffffffd3 3b 4b 14 ffffffe9 3d 45 5f 78 7b ffffffeb 53 ffffffd8 23 1c 61 ffffffd0 5b ffffff9f ffffffae 40 ffffffd2 ffffff80 7f ffffffab ffffffac 70 fffffffc ffffffe4 22 fffffff9 6d ffffffa2 ffffff91 ffffff95 ffffffc0 ffffffcd ffffffda 74 5d 5b 50 ffffffb7 72 ffffffd8 59 ffffffb3 63 ffffff95 0c 3f ffffffe0 ffffffb7 ffffffe5 fffffffa ffffffbc 6b 01 24 ffffff8c ffffffb5 ffffffa3 03 7b fffffff1 16 14 53 5f ffffff80 3f 44 ffffffc9 fffffff4 ffffffdc 01 64 2a ffffff88 fffffffb ffffffab ffffffcf 29 ffffffca 52 ffffffd2 ffffff82 46 ffffffdc ffffffe1 ffffffea 08 ffffff9b ffffffee 52 fffffff0 ffffff85 69 5d 10 ffffff9a ffffff81 fffffff0 ffffff9e ffffff94 ffffffb | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08004db0 | unwrapped: 40 8e 10 97 b6 89 5e 02 22 33 25 ca b1 af c5 81 | unwrapped: a5 14 a3 9e 9e f4 87 be bf 39 3d c8 69 c0 aa e5 | unwrapped: 2f 60 bf bb 1d 1d a8 6e fa b1 30 d1 c6 92 21 dd | unwrapped: f7 28 95 0c c3 bd ed 9a 28 a2 ee b7 04 4d c1 8a | unwrapped: 7e 1d 1c c4 4f ff 59 6c bc 0f 11 14 e8 26 ec 32 | unwrapped: 9f ad 98 91 60 51 59 8e 4a 40 d2 49 c4 48 fb a7 | unwrapped: fd 14 23 8f 35 a8 d8 dd 44 71 8c 07 3e 0c 6f bf | unwrapped: cb 3d 1f 65 63 5c e0 e1 c7 90 ec 18 18 bf c9 71 | unwrapped: c9 c9 99 89 77 96 4e 60 42 c3 60 cc 2d 0e c2 15 | unwrapped: 27 e6 3a f4 3e 84 8d 92 dd a9 7e ce 91 0e fe 39 | unwrapped: f6 f1 37 0e 1f 73 48 a6 0a c0 e4 6f 51 69 e2 3a | unwrapped: a2 4f 3a 15 70 59 a2 90 f2 c2 60 f8 4d da 8f db | unwrapped: 3e 45 2a cf d5 e6 65 2a 24 70 c2 22 5d 0c 51 33 | unwrapped: 36 87 d2 53 19 21 c0 12 e0 f2 da 58 b7 b4 a8 b0 | unwrapped: 12 6e 5e d2 0c b1 eb d4 f0 bd 3b e1 3a 52 cb b8 | unwrapped: 19 77 22 b1 03 f4 79 4b b2 aa 46 ac eb b6 cb eb | SKEYID_d PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 6e 97 6f f3 68 24 bd 42 | SKEYID_d PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | a5 e3 14 70 21 93 bd 9a | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6c0 | result: final-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef3601f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: final-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef3601f40 | SKEYID_d PRF sha final-key@0x556ef3609090 (size 20) | SKEYID_d: key-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_a: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: clone-key@0x556ef3601f40 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef3601f40 | SKEYID_a: release clone-key@0x556ef3601f40 | SKEYID_a PRF sha crypt-prf@0x7f6c08001250 | SKEYID_a PRF sha update SKEYID_d-key@0x556ef3609090 (size 20) | SKEYID_a: SKEYID_d-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3609090 | nss hmac digest hack: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312928: ffffffcb 1d ffffffd9 02 fffffffd ffffff9c 1b ffffffc5 ffffffd3 ffffff89 ffffffa8 ffffffd1 43 ffffffa7 ffffffc8 0f 10 36 30 ffffffd6 ffffffb9 6e 0b ffffffbe 37 ffffffc4 ffffffbf 6a 50 0e ffffff97 7d | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08009030 | unwrapped: ba d9 0d c2 e6 08 f7 e2 19 a4 f2 3e 72 79 15 4d | unwrapped: 82 b1 fc 60 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x7f6c10006900 (size 256) | SKEYID_a: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312928: fffffff0 ffffff8d 78 ffffffcd ffffff9e 00 1d ffffff9b ffffffb1 70 04 ffffffce ffffffcd ffffffe0 51 75 0f 0b 02 20 21 fffffff3 ffffffdf 62 66 ffffff9f ffffffda 2b 27 18 ffffffe0 ffffffce ffffffd3 ffffffd8 06 ffffffa7 ffffff97 60 ffffffcb 7d 12 60 ffffff95 ffffffe0 74 78 48 ffffffeb 0c 75 ffffffd3 3b 4b 14 ffffffe9 3d 45 5f 78 7b ffffffeb 53 ffffffd8 23 1c 61 ffffffd0 5b ffffff9f ffffffae 40 ffffffd2 ffffff80 7f ffffffab ffffffac 70 fffffffc ffffffe4 22 fffffff9 6d ffffffa2 ffffff91 ffffff95 ffffffc0 ffffffcd ffffffda 74 5d 5b 50 ffffffb7 72 ffffffd8 59 ffffffb3 63 ffffff95 0c 3f ffffffe0 ffffffb7 ffffffe5 fffffffa ffffffbc 6b 01 24 ffffff8c ffffffb5 ffffffa3 03 7b fffffff1 16 14 53 5f ffffff80 3f 44 ffffffc9 fffffff4 ffffffdc 01 64 2a ffffff88 fffffffb ffffffab ffffffcf 29 ffffffca 52 ffffffd2 ffffff82 46 ffffffdc ffffffe1 ffffffea 08 ffffff9b ffffffee 52 fffffff0 ffffff85 69 5d 10 ffffff9a ffffff81 fffffff0 ffffff9e ffffff94 ffffffb | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003ce0 | unwrapped: 40 8e 10 97 b6 89 5e 02 22 33 25 ca b1 af c5 81 | unwrapped: a5 14 a3 9e 9e f4 87 be bf 39 3d c8 69 c0 aa e5 | unwrapped: 2f 60 bf bb 1d 1d a8 6e fa b1 30 d1 c6 92 21 dd | unwrapped: f7 28 95 0c c3 bd ed 9a 28 a2 ee b7 04 4d c1 8a | unwrapped: 7e 1d 1c c4 4f ff 59 6c bc 0f 11 14 e8 26 ec 32 | unwrapped: 9f ad 98 91 60 51 59 8e 4a 40 d2 49 c4 48 fb a7 | unwrapped: fd 14 23 8f 35 a8 d8 dd 44 71 8c 07 3e 0c 6f bf | unwrapped: cb 3d 1f 65 63 5c e0 e1 c7 90 ec 18 18 bf c9 71 | unwrapped: c9 c9 99 89 77 96 4e 60 42 c3 60 cc 2d 0e c2 15 | unwrapped: 27 e6 3a f4 3e 84 8d 92 dd a9 7e ce 91 0e fe 39 | unwrapped: f6 f1 37 0e 1f 73 48 a6 0a c0 e4 6f 51 69 e2 3a | unwrapped: a2 4f 3a 15 70 59 a2 90 f2 c2 60 f8 4d da 8f db | unwrapped: 3e 45 2a cf d5 e6 65 2a 24 70 c2 22 5d 0c 51 33 | unwrapped: 36 87 d2 53 19 21 c0 12 e0 f2 da 58 b7 b4 a8 b0 | unwrapped: 12 6e 5e d2 0c b1 eb d4 f0 bd 3b e1 3a 52 cb b8 | unwrapped: 19 77 22 b1 03 f4 79 4b b2 aa 46 ac eb b6 cb eb | SKEYID_a PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 6e 97 6f f3 68 24 bd 42 | SKEYID_a PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | a5 e3 14 70 21 93 bd 9a | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6a0 | result: final-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef360fae0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef688 | result: final-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef360fae0 | SKEYID_a PRF sha final-key@0x556ef3601f40 (size 20) | SKEYID_a: key-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x556ef360c4c0 (size 20) | SKEYID_e: SKEYID-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6a8 | result: clone-key@0x556ef360fae0 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e prf: begin sha with context 0x7f6c08002d60 from SKEYID-key@0x556ef360fae0 | SKEYID_e: release clone-key@0x556ef360fae0 | SKEYID_e PRF sha crypt-prf@0x7f6c08001270 | SKEYID_e PRF sha update SKEYID_a-key@0x556ef3601f40 (size 20) | SKEYID_e: SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef3601f40 | nss hmac digest hack: symkey-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312944: ffffff83 3b ffffffbd 46 0c 61 ffffff84 35 ffffffdc 6c 4f ffffff9d 10 ffffff88 ffffffce ffffffea 2c 58 ffffffba ffffff91 39 ffffffa1 6b 1f ffffffc3 17 ffffffea 71 62 ffffffaa 7d 49 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08009060 | unwrapped: 0c b2 86 9f 8b b4 93 6b c0 c0 1b 5c ad 26 5d ce | unwrapped: 73 16 e6 fa 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x7f6c10006900 (size 256) | SKEYID_e: g^xy-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x7f6c10006900 | nss hmac digest hack: symkey-key@0x7f6c10006900 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)418312944: fffffff0 ffffff8d 78 ffffffcd ffffff9e 00 1d ffffff9b ffffffb1 70 04 ffffffce ffffffcd ffffffe0 51 75 0f 0b 02 20 21 fffffff3 ffffffdf 62 66 ffffff9f ffffffda 2b 27 18 ffffffe0 ffffffce ffffffd3 ffffffd8 06 ffffffa7 ffffff97 60 ffffffcb 7d 12 60 ffffff95 ffffffe0 74 78 48 ffffffeb 0c 75 ffffffd3 3b 4b 14 ffffffe9 3d 45 5f 78 7b ffffffeb 53 ffffffd8 23 1c 61 ffffffd0 5b ffffff9f ffffffae 40 ffffffd2 ffffff80 7f ffffffab ffffffac 70 fffffffc ffffffe4 22 fffffff9 6d ffffffa2 ffffff91 ffffff95 ffffffc0 ffffffcd ffffffda 74 5d 5b 50 ffffffb7 72 ffffffd8 59 ffffffb3 63 ffffff95 0c 3f ffffffe0 ffffffb7 ffffffe5 fffffffa ffffffbc 6b 01 24 ffffff8c ffffffb5 ffffffa3 03 7b fffffff1 16 14 53 5f ffffff80 3f 44 ffffffc9 fffffff4 ffffffdc 01 64 2a ffffff88 fffffffb ffffffab ffffffcf 29 ffffffca 52 ffffffd2 ffffff82 46 ffffffdc ffffffe1 ffffffea 08 ffffff9b ffffffee 52 fffffff0 ffffff85 69 5d 10 ffffff9a ffffff81 fffffff0 ffffff9e ffffff94 ffffffb | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x7f6c08003bd0 | unwrapped: 40 8e 10 97 b6 89 5e 02 22 33 25 ca b1 af c5 81 | unwrapped: a5 14 a3 9e 9e f4 87 be bf 39 3d c8 69 c0 aa e5 | unwrapped: 2f 60 bf bb 1d 1d a8 6e fa b1 30 d1 c6 92 21 dd | unwrapped: f7 28 95 0c c3 bd ed 9a 28 a2 ee b7 04 4d c1 8a | unwrapped: 7e 1d 1c c4 4f ff 59 6c bc 0f 11 14 e8 26 ec 32 | unwrapped: 9f ad 98 91 60 51 59 8e 4a 40 d2 49 c4 48 fb a7 | unwrapped: fd 14 23 8f 35 a8 d8 dd 44 71 8c 07 3e 0c 6f bf | unwrapped: cb 3d 1f 65 63 5c e0 e1 c7 90 ec 18 18 bf c9 71 | unwrapped: c9 c9 99 89 77 96 4e 60 42 c3 60 cc 2d 0e c2 15 | unwrapped: 27 e6 3a f4 3e 84 8d 92 dd a9 7e ce 91 0e fe 39 | unwrapped: f6 f1 37 0e 1f 73 48 a6 0a c0 e4 6f 51 69 e2 3a | unwrapped: a2 4f 3a 15 70 59 a2 90 f2 c2 60 f8 4d da 8f db | unwrapped: 3e 45 2a cf d5 e6 65 2a 24 70 c2 22 5d 0c 51 33 | unwrapped: 36 87 d2 53 19 21 c0 12 e0 f2 da 58 b7 b4 a8 b0 | unwrapped: 12 6e 5e d2 0c b1 eb d4 f0 bd 3b e1 3a 52 cb b8 | unwrapped: 19 77 22 b1 03 f4 79 4b b2 aa 46 ac eb b6 cb eb | SKEYID_e PRF sha update CKI_i-bytes@0x556ef361dc64 (length 8) | 6e 97 6f f3 68 24 bd 42 | SKEYID_e PRF sha update CKI_r-bytes@0x556ef361dc6c (length 8) | a5 e3 14 70 21 93 bd 9a | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef6b0 | result: final-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36037c0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef698 | result: final-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36037c0 | SKEYID_e PRF sha final-key@0x556ef360fae0 (size 20) | SKEYID_e: key-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x556ef360fae0 (size 20) | appendix_b: SKEYID_e-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef678 | result: clone-key@0x556ef36037c0 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7f6c08002d60 from SKEYID_e-key@0x556ef36037c0 | appendix_b prf: begin sha with context 0x7f6c08002d60 from SKEYID_e-key@0x556ef36037c0 | appendix_b: release clone-key@0x556ef36037c0 | appendix_b PRF sha crypt-prf@0x7f6c08001ef0 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef680 | result: final-key@0x7f6c0c007fa0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x7f6c0c007fa0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef668 | result: final-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x7f6c0c007fa0 | appendix_b PRF sha final-key@0x556ef36037c0 (size 20) | appendix_b: key-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x556ef36037c0 | Kn PRF sha init SKEYID_e-key@0x556ef360fae0 (size 20) | Kn: SKEYID_e-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360fae0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef678 | result: clone-key@0x7f6c0c007fa0 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7f6c08002d60 from SKEYID_e-key@0x7f6c0c007fa0 | Kn prf: begin sha with context 0x7f6c08002d60 from SKEYID_e-key@0x7f6c0c007fa0 | Kn: release clone-key@0x7f6c0c007fa0 | Kn PRF sha crypt-prf@0x7f6c08001250 | Kn PRF sha update old_k-key@0x556ef36037c0 (size 20) | Kn: old_k-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x556ef36037c0 | nss hmac digest hack: symkey-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)418312896: 1f 78 4e fffffffd 43 ffffffdd 57 ffffffdc ffffffa0 1f ffffff9b ffffff96 ffffffff fffffff4 38 7a 5c 7f ffffffbf 60 5f ffffff91 fffffff3 1e 5c 67 ffffffa1 18 ffffffb2 1f ffffffeb ffffffeb | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 32 bytes at 0x7f6c08009090 | unwrapped: 23 42 95 d0 b6 3c dd 68 9a 07 72 23 16 2d 29 aa | unwrapped: 44 e7 60 cb 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7f6c18eef680 | result: final-key@0x556ef36233f0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x556ef36233f0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef668 | result: final-key@0x7f6c0c007fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x556ef36233f0 | Kn PRF sha final-key@0x7f6c0c007fa0 (size 20) | Kn: key-key@0x7f6c0c007fa0 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x556ef36037c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7f6c18eef6f8 | result: result-key@0x556ef36233f0 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x556ef36037c0 | appendix_b_keymat_e: release old_k#N-key@0x556ef36037c0 | appendix_b_keymat_e: release old_k#final-key@0x7f6c0c007fa0 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x556ef36233f0 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7f6c18eef6f8 | result: cryptkey-key@0x7f6c0c007fa0 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x556ef36233f0 | NSS: pointers skeyid_d 0x556ef3609090, skeyid_a 0x556ef3601f40, skeyid_e 0x556ef360fae0, enc_key 0x7f6c0c007fa0 | DH_i: ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | DH_i: 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | DH_i: 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | DH_i: 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | DH_i: 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | DH_i: e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | DH_i: eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | DH_i: f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | DH_i: ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | DH_i: 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | DH_i: 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | DH_i: 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | DH_i: c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | DH_i: be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | DH_i: 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | DH_i: 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | DH_r: f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | DH_r: f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | DH_r: f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | DH_r: b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | DH_r: 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | DH_r: e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | DH_r: b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | DH_r: 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | DH_r: af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | DH_r: ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | DH_r: 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | DH_r: a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | DH_r: 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | DH_r: e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | DH_r: cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | DH_r: d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | new IV hash sha init | new IV hash sha digest GI-bytes@0x556ef361da64 (length 256) | ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | new IV hash sha digest GR-bytes@0x556ef361db64 (length 256) | f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | new IV hash sha final chunk@0x7f6c08001230 (length 20) | fa 40 97 f1 f9 83 54 19 3a b1 44 fe 21 cf 9b 3b | 56 57 55 22 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 time elapsed 0.002247 seconds | (#23) spent 2.25 milliseconds in crypto helper computing work-order 30: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 30 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 30 | calling continuation function 0x556ef2b25630 | main_inR2_outI3_cryptotail for #23: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7f6c100017a0: transferring ownership from helper IKEv1 DH+IV to state #23 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 6e 97 6f f3 68 24 bd 42 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | a5 e3 14 70 21 93 bd 9a | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e330 (length 20) | c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | f9 aa 16 93 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6e 97 6f f3 68 24 bd 42 | natd_hash: rcookie= a5 e3 14 70 21 93 bd 9a | natd_hash: ip= c0 01 02 2d | natd_hash: port= 01 f4 | natd_hash: hash= c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | natd_hash: hash= f9 aa 16 93 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x556ef36256f8 (length 8) | 6e 97 6f f3 68 24 bd 42 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x556ef3625700 (length 8) | a5 e3 14 70 21 93 bd 9a | NATD hash sha digest IP addr-bytes@0x7fff8d54e294 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7fff8d54e286 (length 2) | 01 f4 | NATD hash sha final bytes@0x7fff8d54e370 (length 20) | 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | 10 de 39 59 | natd_hash: hasher=0x556ef2bfb7a0(20) | natd_hash: icookie= 6e 97 6f f3 68 24 bd 42 | natd_hash: rcookie= a5 e3 14 70 21 93 bd 9a | natd_hash: ip= c0 01 02 17 | natd_hash: port= 01 f4 | natd_hash: hash= 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | natd_hash: hash= 10 de 39 59 | expected NAT-D(me): c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | expected NAT-D(me): f9 aa 16 93 | expected NAT-D(him): | 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | 10 de 39 59 | received NAT-D: c4 42 a7 57 7c 4e 57 66 a1 f5 b9 7f 21 b5 6e f9 | received NAT-D: f9 aa 16 93 | received NAT-D: 89 32 3c e1 97 8c 73 e5 c4 52 68 b1 8f bd 34 90 | received NAT-D: 10 de 39 59 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e288 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef361d2d0 | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | hmac PRF sha update data-bytes@0x7f6bf8000b20 (length 256) | f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 6e 97 6f f3 68 24 bd 42 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | a5 e3 14 70 21 93 bd 9a | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c100015b4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x556ef2c24960 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7fff8d54e590 (length 20) | 5f c0 96 04 94 be ca 12 07 35 cd a9 8b e1 c0 bb | 00 14 eb 0e | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 5f c0 96 04 94 be ca 12 07 35 cd a9 8b e1 c0 bb | HASH_I 00 14 eb 0e | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 5f c0 96 04 94 be ca 12 07 35 cd a9 8b e1 c0 bb | encrypting: 00 14 eb 0e | IV: fa 40 97 f1 f9 83 54 19 3a b1 44 fe 21 cf 9b 3b | IV: 56 57 55 22 | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 74 d9 3b a8 00 70 57 f9 | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #23: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6c10001500 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x556ef361ecd0 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 05 10 02 01 00 00 00 00 00 00 00 44 fb 79 98 bd | 26 ce 00 44 8b dc 8b 82 0d e2 16 05 95 d9 fd 4d | d6 b6 f0 5a 99 c5 0f 90 f7 30 6b 9f 74 d9 3b a8 | 00 70 57 f9 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x556ef361ecd0 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6c10001500 size 128 | #23 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48962.618662 "3des" #23: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.482 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c08001090 | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 05 10 02 01 00 00 00 00 00 00 00 44 66 13 63 99 | c6 d9 75 13 d7 21 b3 29 b3 5b f1 c6 b9 76 81 7b | 3b c1 37 6f e5 31 c8 e7 61 62 fd 4d 6a f8 38 6e | cb 14 12 33 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I3 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435) | #23 is idle | #23 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 74 d9 3b a8 00 70 57 f9 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 6a f8 38 6e cb 14 12 33 | decrypted payload (starts at offset -40): | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 89 19 93 e5 | 77 1a df 7f 8f 2b 73 a9 be 12 09 be 32 ff cd 38 | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #23: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x556ef360c4c0 (size 20) | hmac: symkey-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef360c4c0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb28 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36233f0 | hmac: release clone-key@0x556ef36233f0 | hmac PRF sha crypt-prf@0x556ef357c4a0 | hmac PRF sha update data-bytes@0x7f6bf8000b20 (length 256) | f2 b9 d1 e9 5b d4 07 a4 df d8 26 2f 2c 0d aa 8e | f9 01 5e 49 22 48 ed 1a d5 f4 31 b9 ca db a4 f5 | f2 bc 0c e2 f6 af 51 f5 7f 43 ab a1 95 c8 28 70 | b2 ba 92 be 4f 98 78 08 c3 63 00 01 a3 cd 56 70 | 82 34 4c 7b 98 36 3b a2 d6 f2 85 52 ba 05 32 4e | e5 fa 10 a5 25 c4 28 ae b1 7e eb 05 79 9f 98 4d | b0 cb 9f b9 f8 74 7f 88 a9 3d 55 23 4e db bf e7 | 0a 45 9d 54 82 b2 97 f8 e3 32 e3 86 cc fd d1 b3 | af d4 11 03 24 c3 e6 94 19 23 1b 31 96 ea 9c a5 | ea 49 73 9e 86 3a 05 b4 ae c0 80 a5 5a dd a5 69 | 5a 4c 18 62 f9 b2 60 81 b0 fa 31 85 e9 40 d3 24 | a4 f6 84 7e 1e 88 33 5d e5 2f 66 5f 54 31 b7 8c | 1d 22 92 25 e0 f5 58 7f ae 09 df e2 da 9a 07 70 | e2 8d e1 ab d8 95 15 ac b6 50 c4 89 e5 78 da b0 | cc d7 02 35 05 19 b2 fd 7e 18 b6 38 61 96 52 23 | d4 b1 9e 33 b0 0c 90 e4 44 c2 18 54 2d 35 11 3a | hmac PRF sha update data-bytes@0x7f6c10000b20 (length 256) | ee 18 c7 2b 4c 4d a8 83 cd 2b 7d b8 06 ba f6 fd | 92 08 cf 9e 20 48 e9 a7 f4 ff a0 d9 4f e3 a8 2f | 6b f3 cd 8d ca 4f d0 a4 67 b4 1c 24 fe 1e a1 65 | 8a 69 cd 72 3a 89 85 ee 37 10 d4 c7 ed d9 75 89 | 27 9d 33 9d 78 6a c9 44 0f a7 68 02 fe 8f a3 4e | e1 c0 42 04 f8 c8 31 61 1f 17 af 00 45 4e 00 47 | eb 9f 8e 63 99 37 3c f9 f0 61 32 c3 61 51 d0 7f | f2 9c 58 cb 07 46 2d f7 5f f1 13 b9 4d f0 d6 b0 | ed 84 5b e5 59 80 77 00 4f c5 ac 5a 96 62 64 19 | 88 a6 1e b1 19 03 fd c4 8e 94 bc bf 94 b7 25 8b | 84 42 d4 e8 46 c1 65 a7 43 f6 40 d8 ed 57 2d d5 | 98 cb 75 5f e7 4a 60 cb d1 77 7f 3e ae a7 a2 29 | c7 71 14 29 ff 08 fa 8b 88 9c 80 89 4d 63 cd e4 | be ab 3e 0f fb 12 e6 cb 60 4b 11 86 8b 41 9e 46 | 1e 2f fb 88 c4 af 32 e4 ec 9a 80 a3 10 3c cd d4 | 83 da 6f 35 84 bd 13 9f c3 ac 88 63 bf 53 88 d2 | hmac PRF sha update data-bytes@0x556ef3625700 (length 8) | a5 e3 14 70 21 93 bd 9a | hmac PRF sha update data-bytes@0x556ef36256f8 (length 8) | 6e 97 6f f3 68 24 bd 42 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x7f6c100015b4 (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x7f6bf8006ca0 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7fff8d54ecb0 (length 20) | 89 19 93 e5 77 1a df 7f 8f 2b 73 a9 be 12 09 be | 32 ff cd 38 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #23: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6c10001500 | free_event_entry: release EVENT_RETRANSMIT-pe@0x556ef361ecd0 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x556ef361ecd0 | inserting event EVENT_SA_REPLACE, timeout in 2864 seconds for #23 | libevent_malloc: new ptr-libevent@0x7f6c08001090 size 128 | pstats #23 ikev1.isakmp established "3des" #23: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #23 | creating state object #24 at 0x556ef361d990 | State DB: adding IKEv1 state #24 in UNDEFINED | pstats #24 ikev1.ipsec started | duplicating state object #23 "3des" as #24 for IPSEC SA | #24 setting local endpoint to 192.1.2.45:500 from #23.st_localport (in duplicate_state() at state.c:1481) | duplicate_state: reference st_skeyid_nss-key@0x556ef360c4c0 | duplicate_state: reference st_skey_d_nss-key@0x556ef3609090 | duplicate_state: reference st_skey_ai_nss-key@0x556ef3601f40 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x556ef360fae0 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x7f6c0c007fa0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #23 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | start processing: state #24 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:683) | child state #24: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #24: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#23 msgid:eaa2148e proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 31 for state #24 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f6bf80068d0 size 128 | stop processing: state #24 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | resume processing: state #23 connection "3des" from 192.1.2.23:500 (in quick_outI1() at ikev1_quick.c:762) | unqueuing pending Quick Mode with 192.1.2.23 "3des" | removing pending policy for no connection {0x556ef357bdb0} | close_any(fd@24) (in release_whack() at state.c:654) | #23 spent 0.359 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.485 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 31 for state #24 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 31 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7f6c0c002760: created | NSS: Local DH MODP2048 secret (pointer): 0x7f6c0c002760 | NSS: Public DH wire value: | 66 50 4f 23 0b 04 c3 51 78 31 fc 75 ee 89 f5 c7 | 8b 13 85 22 b2 ee 71 6c d9 7b 68 ac 26 8e 31 42 | 3e 03 19 cd c3 0f 46 62 ea 46 54 39 34 03 77 b3 | aa 8c 28 f5 9f c5 b0 2d e2 21 31 ad 26 76 46 f0 | a1 58 d4 cd 45 cb 29 5a e6 b4 25 4e 3d 36 13 0b | 05 2e ba b0 c7 62 32 79 52 7b 4e d3 54 be 3c 8d | 20 58 60 e5 53 40 47 f4 85 49 69 00 4a 64 09 a7 | 30 c0 62 ca 23 5d ef 7f 20 ac 96 08 89 5e 96 53 | 5e 3f bf 1a 6a 9e 51 a3 f6 6d 10 01 53 78 a4 f3 | 6e 46 02 df 95 c1 66 96 d2 59 f6 45 35 da 95 80 | 25 5a 3f f6 aa 94 ba 10 ff e4 1f 1c f6 84 7f 8b | b1 28 1d 2c ce b1 4f 05 fa 5d f3 e6 76 59 57 5f | e7 af 75 59 82 c7 35 65 ca 89 19 66 b1 79 f8 37 | fd d4 85 79 b7 71 3e a3 23 ca 2e 45 51 a0 cf 3a | dc af c9 19 e2 c8 99 d3 a4 5a 46 9b fd 6e 04 0b | 25 91 56 0d 38 2f 45 62 e1 fd 71 8d aa bf 2b 08 | Generated nonce: 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | Generated nonce: 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 31 time elapsed 0.001022 seconds | (#24) spent 1.02 milliseconds in crypto helper computing work-order 31: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 31 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f6c0c002cb0 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 31 | calling continuation function 0x556ef2b25630 | quick_outI1_continue for #24: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3936490638 (0xeaa2148e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x763422bd for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 76 34 22 bd | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | Ni 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7f6c0c002760: transferring ownership from helper KE to state #24 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 66 50 4f 23 0b 04 c3 51 78 31 fc 75 ee 89 f5 c7 | keyex value 8b 13 85 22 b2 ee 71 6c d9 7b 68 ac 26 8e 31 42 | keyex value 3e 03 19 cd c3 0f 46 62 ea 46 54 39 34 03 77 b3 | keyex value aa 8c 28 f5 9f c5 b0 2d e2 21 31 ad 26 76 46 f0 | keyex value a1 58 d4 cd 45 cb 29 5a e6 b4 25 4e 3d 36 13 0b | keyex value 05 2e ba b0 c7 62 32 79 52 7b 4e d3 54 be 3c 8d | keyex value 20 58 60 e5 53 40 47 f4 85 49 69 00 4a 64 09 a7 | keyex value 30 c0 62 ca 23 5d ef 7f 20 ac 96 08 89 5e 96 53 | keyex value 5e 3f bf 1a 6a 9e 51 a3 f6 6d 10 01 53 78 a4 f3 | keyex value 6e 46 02 df 95 c1 66 96 d2 59 f6 45 35 da 95 80 | keyex value 25 5a 3f f6 aa 94 ba 10 ff e4 1f 1c f6 84 7f 8b | keyex value b1 28 1d 2c ce b1 4f 05 fa 5d f3 e6 76 59 57 5f | keyex value e7 af 75 59 82 c7 35 65 ca 89 19 66 b1 79 f8 37 | keyex value fd d4 85 79 b7 71 3e a3 23 ca 2e 45 51 a0 cf 3a | keyex value dc af c9 19 e2 c8 99 d3 a4 5a 46 9b fd 6e 04 0b | keyex value 25 91 56 0d 38 2f 45 62 e1 fd 71 8d aa bf 2b 08 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e888 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1) prf: begin sha with context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1): release clone-key@0x556ef36233f0 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e96c (length 4) | ea a2 14 8e | HASH(1) PRF sha update payload-bytes@0x556ef2c24974 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 76 34 22 bd 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 10 31 86 a6 3b ab 50 99 | c4 8c 97 f4 74 5b a5 ee 13 5c ee b3 67 57 46 fe | 75 bc 1f b2 32 c0 dc 0d 05 00 01 04 66 50 4f 23 | 0b 04 c3 51 78 31 fc 75 ee 89 f5 c7 8b 13 85 22 | b2 ee 71 6c d9 7b 68 ac 26 8e 31 42 3e 03 19 cd | c3 0f 46 62 ea 46 54 39 34 03 77 b3 aa 8c 28 f5 | 9f c5 b0 2d e2 21 31 ad 26 76 46 f0 a1 58 d4 cd | 45 cb 29 5a e6 b4 25 4e 3d 36 13 0b 05 2e ba b0 | c7 62 32 79 52 7b 4e d3 54 be 3c 8d 20 58 60 e5 | 53 40 47 f4 85 49 69 00 4a 64 09 a7 30 c0 62 ca | 23 5d ef 7f 20 ac 96 08 89 5e 96 53 5e 3f bf 1a | 6a 9e 51 a3 f6 6d 10 01 53 78 a4 f3 6e 46 02 df | 95 c1 66 96 d2 59 f6 45 35 da 95 80 25 5a 3f f6 | aa 94 ba 10 ff e4 1f 1c f6 84 7f 8b b1 28 1d 2c | ce b1 4f 05 fa 5d f3 e6 76 59 57 5f e7 af 75 59 | 82 c7 35 65 ca 89 19 66 b1 79 f8 37 fd d4 85 79 | b7 71 3e a3 23 ca 2e 45 51 a0 cf 3a dc af c9 19 | e2 c8 99 d3 a4 5a 46 9b fd 6e 04 0b 25 91 56 0d | 38 2f 45 62 e1 fd 71 8d aa bf 2b 08 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 6d 82 54 de c6 a8 a8 57 2d fe e8 d8 09 fc c6 5c | c7 ca cc 02 | outI1 HASH(1): | 6d 82 54 de c6 a8 a8 57 2d fe e8 d8 09 fc c6 5c | c7 ca cc 02 | last Phase 1 IV: 6a f8 38 6e cb 14 12 33 | current Phase 1 IV: 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54e97c (length 4) | ea a2 14 8e | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 99 a3 d4 12 43 52 f0 a7 99 e5 6c 30 54 68 81 da | b8 0a 8f 53 | encrypting: 01 00 00 18 6d 82 54 de c6 a8 a8 57 2d fe e8 d8 | encrypting: 09 fc c6 5c c7 ca cc 02 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 76 34 22 bd | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | encrypting: 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | encrypting: 05 00 01 04 66 50 4f 23 0b 04 c3 51 78 31 fc 75 | encrypting: ee 89 f5 c7 8b 13 85 22 b2 ee 71 6c d9 7b 68 ac | encrypting: 26 8e 31 42 3e 03 19 cd c3 0f 46 62 ea 46 54 39 | encrypting: 34 03 77 b3 aa 8c 28 f5 9f c5 b0 2d e2 21 31 ad | encrypting: 26 76 46 f0 a1 58 d4 cd 45 cb 29 5a e6 b4 25 4e | encrypting: 3d 36 13 0b 05 2e ba b0 c7 62 32 79 52 7b 4e d3 | encrypting: 54 be 3c 8d 20 58 60 e5 53 40 47 f4 85 49 69 00 | encrypting: 4a 64 09 a7 30 c0 62 ca 23 5d ef 7f 20 ac 96 08 | encrypting: 89 5e 96 53 5e 3f bf 1a 6a 9e 51 a3 f6 6d 10 01 | encrypting: 53 78 a4 f3 6e 46 02 df 95 c1 66 96 d2 59 f6 45 | encrypting: 35 da 95 80 25 5a 3f f6 aa 94 ba 10 ff e4 1f 1c | encrypting: f6 84 7f 8b b1 28 1d 2c ce b1 4f 05 fa 5d f3 e6 | encrypting: 76 59 57 5f e7 af 75 59 82 c7 35 65 ca 89 19 66 | encrypting: b1 79 f8 37 fd d4 85 79 b7 71 3e a3 23 ca 2e 45 | encrypting: 51 a0 cf 3a dc af c9 19 e2 c8 99 d3 a4 5a 46 9b | encrypting: fd 6e 04 0b 25 91 56 0d 38 2f 45 62 e1 fd 71 8d | encrypting: aa bf 2b 08 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 99 a3 d4 12 43 52 f0 a7 99 e5 6c 30 54 68 81 da | IV: b8 0a 8f 53 | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 1e 83 35 2e d3 47 43 ea | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 20 01 ea a2 14 8e 00 00 01 b4 6c 29 bc 1d | 56 ab 8d 64 36 47 fb 90 49 7f 1e b4 e3 75 58 ab | 49 85 db 6a 48 c0 61 fd 90 a0 56 4d 52 85 ba a4 | d8 2f 5c 88 c8 db a8 90 b6 d0 81 bc da 15 c2 11 | 80 df 69 ab eb 6d d7 bd 79 72 1d 27 43 f5 d4 8d | fd fd a5 fd 76 c4 02 ec 42 5b f2 6c 81 7d 37 8b | bb 58 6d 2c f8 28 a0 e4 5a 07 fe b8 9c 01 7e 85 | 50 d3 a9 80 19 d7 ba 85 75 88 f6 e4 45 6f 9d dd | 77 05 26 7f 16 ba 39 f3 aa 7c 26 ae 71 81 95 71 | 4b 3f a6 db da f8 8b 75 1e ed 54 75 17 1a e7 ee | ee 20 4a 65 8d 8b 84 89 99 53 a0 52 a3 8a c3 cd | fa 3e 3c d7 4b 96 91 19 02 3c 54 11 69 26 73 55 | 3c 16 be 54 66 44 1c 10 14 2c fe 0d 07 79 fd dd | 3f e6 48 2c d4 a4 5f fc 2b 71 84 1c f3 5e 3c c2 | 6d 43 d6 c6 3c 35 52 58 50 bb 1f 65 3a d0 d9 de | ab c4 27 91 0f 57 e5 91 b6 e9 48 0f 3a 64 1f 45 | 0c 9c c1 be 44 88 07 3a ca 3d 66 dd c4 20 e3 e3 | d8 34 7b 74 b5 4b be bf 57 a1 b4 05 79 20 68 1b | f1 aa 6d 57 83 2f 0f 74 08 35 fc d3 71 3e 02 c6 | bd 2d ad cb 24 3d 26 de 50 d4 6c 8b 0d 02 2f 5a | 09 1a 10 05 17 84 8a cb 0a 0a 95 9e 62 e7 d7 55 | 96 da db 67 0e 9f b4 42 97 0a fb 0d 15 ae ec 95 | ff 86 f8 9d 7d a8 65 77 0a 2e d9 4d 42 49 31 78 | f2 64 f5 0c e3 6b 42 c5 e8 43 30 a1 cb f0 9b 8e | 53 3f d8 ba 2a 15 77 97 a4 5f ae 91 ea 56 58 f7 | ce 98 42 a1 89 05 a3 7b d1 81 75 a6 1e 83 35 2e | d3 47 43 ea | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf80068d0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f6bf80068d0 size 128 | #24 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 48962.622017 | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 0.585 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c0c002cb0 | spent 0.00299 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 20 01 ea a2 14 8e 00 00 01 b4 d1 0e 01 2f | cc 4d 6e 28 3c 69 de ee e8 37 47 d9 ef 78 e4 e1 | b5 a1 1d ad a1 25 72 0f 12 78 90 71 46 8d e8 a9 | 6e f5 fc 4c a2 19 a9 51 83 29 4d af 71 8a 55 4e | 57 8c 5e 3b 0b c2 2c 27 43 e9 0e d4 8a ce 66 ae | a7 cd 56 93 45 70 d8 e0 83 9c 1c a4 0d f6 82 a8 | 9a d7 7d d0 dd 1c a8 94 7d 9c 2a 1d 49 4f a7 c0 | 06 19 25 73 6b 8a fe c0 7a 2d e9 38 3e ed ea 36 | d2 2e 3f 3d 52 ef 6a f4 32 ea 80 f2 62 ab 36 7c | 40 fc 93 12 c7 d2 96 b3 f7 d4 62 e4 d7 22 46 97 | 70 c6 55 c8 7d 58 f8 9d f9 5d fd 64 8e 48 29 20 | 03 4a bf 5f f9 00 18 0d ae 63 b7 bc 8b 80 53 82 | 88 52 5a ea 0e e3 5d c4 ec 3d 50 db af de 04 f6 | c7 7d 41 ea f0 e7 77 76 af 46 d2 08 fe d2 7c a6 | 7f 2b 3a 69 2e f8 22 38 74 96 c0 2b b5 d4 6f 85 | 8e 90 a0 9c ab 64 b9 ae 95 e3 a4 93 4e f3 e0 c2 | 50 c0 0a e6 a3 3d 2a 27 2c 41 9c 93 aa f3 e9 b7 | 0d 44 7f 87 c2 3d 2a 7e 2f 27 e7 be b9 dd aa 46 | c8 b0 ee 0d b7 23 e7 25 11 3e 66 c6 e9 4e b3 47 | 1f 8e cd 0a 8f 96 43 90 03 8b bf fc 9a b2 f5 8d | ae e2 42 49 30 65 8e ab 51 99 16 c5 a7 b1 ca ac | 27 7c 36 f0 49 99 5f eb 69 90 40 de 77 33 b6 9c | fd b8 7c 7d 4c 9e 40 d6 df 42 ae b5 50 fa cd 2f | c9 b1 41 5d 5c 65 36 98 48 39 da 65 53 73 c1 39 | ef 1a 37 46 9e 9a 32 89 40 d3 d5 a9 48 08 b6 5d | 48 54 72 5a c8 66 26 6a 84 40 11 9f a3 f5 a4 f7 | 52 7d 0c ef | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3936490638 (0xeaa2148e) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #24 in QUICK_I1 (find_state_ikev1) | start processing: state #24 connection "3des" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1609) | #24 is idle | #24 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 1e 83 35 2e d3 47 43 ea | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: a3 f5 a4 f7 52 7d 0c ef | decrypted payload (starts at offset -408): | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 20 01 ea a2 14 8e 00 00 01 b4 01 00 00 18 | ef 54 98 7e c1 aa c0 8b b6 dd 72 27 74 79 ec 37 | e2 48 43 75 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 ad db 20 c0 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 01 74 b9 ae | 29 56 6a 32 40 da e9 d8 0d fb 7c e8 2c 90 a1 b1 | f3 b6 f2 31 fb 81 13 67 ab da d5 20 05 00 01 04 | 21 62 ee 53 46 f1 ca bd ad 77 9e 15 04 b9 4d e0 | a7 32 4d dc 2a aa c9 dd 3b 2f 3c 68 fe 44 83 75 | e9 48 86 a9 f4 8c e4 7f 39 63 2d 85 c0 ca 7f a6 | 80 ea fa 08 a4 4e 9f 4d 52 7d 72 4f 49 2a 0a 9b | 4c da b2 77 d7 87 78 a8 e2 14 a1 67 09 15 4e 08 | d4 d0 a8 ab 5a f2 db d6 68 6c db ce 0e 40 75 2d | 91 01 35 4f 57 9f c1 81 34 b1 f9 dc a4 41 55 24 | a8 03 65 b0 dd 31 8c 90 44 f3 62 a0 63 24 00 bd | cf 43 1b 88 88 a0 d8 c8 57 1b 8c 54 be 92 c4 be | 75 7b 6d 50 90 09 66 cb f9 86 91 b2 3a a2 05 0f | a7 21 6e cd 36 ac 29 b1 e5 6c f1 a9 7a 8b cc e2 | f2 b5 0c ea ef 2e d0 11 17 a3 ea 5a dc a8 cf ec | 5e ba 38 35 39 b5 c5 f2 2b 25 55 5a 96 f6 ef 37 | 70 1a de 2c 64 e3 72 dc 4d c7 9b 01 c2 57 81 84 | 5c 19 e8 58 8d c6 a3 ff 1f f7 b4 2d fd 05 fc 12 | 3c 18 d6 22 71 22 b7 1a d8 e2 2e 9d b6 12 43 b3 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54eb78 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1) prf: begin sha with context 0x556ef36050a0 from SKEYID_a-key@0x556ef36233f0 | HASH(1): release clone-key@0x556ef36233f0 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54ec5c (length 4) | ea a2 14 8e | HASH(1) PRF sha update Ni_b-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | HASH(1) PRF sha update payload-bytes@0x556ef36231a4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 ad db 20 c0 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 01 74 b9 ae 29 56 6a 32 | 40 da e9 d8 0d fb 7c e8 2c 90 a1 b1 f3 b6 f2 31 | fb 81 13 67 ab da d5 20 05 00 01 04 21 62 ee 53 | 46 f1 ca bd ad 77 9e 15 04 b9 4d e0 a7 32 4d dc | 2a aa c9 dd 3b 2f 3c 68 fe 44 83 75 e9 48 86 a9 | f4 8c e4 7f 39 63 2d 85 c0 ca 7f a6 80 ea fa 08 | a4 4e 9f 4d 52 7d 72 4f 49 2a 0a 9b 4c da b2 77 | d7 87 78 a8 e2 14 a1 67 09 15 4e 08 d4 d0 a8 ab | 5a f2 db d6 68 6c db ce 0e 40 75 2d 91 01 35 4f | 57 9f c1 81 34 b1 f9 dc a4 41 55 24 a8 03 65 b0 | dd 31 8c 90 44 f3 62 a0 63 24 00 bd cf 43 1b 88 | 88 a0 d8 c8 57 1b 8c 54 be 92 c4 be 75 7b 6d 50 | 90 09 66 cb f9 86 91 b2 3a a2 05 0f a7 21 6e cd | 36 ac 29 b1 e5 6c f1 a9 7a 8b cc e2 f2 b5 0c ea | ef 2e d0 11 17 a3 ea 5a dc a8 cf ec 5e ba 38 35 | 39 b5 c5 f2 2b 25 55 5a 96 f6 ef 37 70 1a de 2c | 64 e3 72 dc 4d c7 9b 01 c2 57 81 84 5c 19 e8 58 | 8d c6 a3 ff 1f f7 b4 2d fd 05 fc 12 3c 18 d6 22 | 71 22 b7 1a d8 e2 2e 9d b6 12 43 b3 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7fff8d54ece0 (length 20) | ef 54 98 7e c1 aa c0 8b b6 dd 72 27 74 79 ec 37 | e2 48 43 75 | quick_inR1_outI2 HASH(2): | ef 54 98 7e c1 aa c0 8b b6 dd 72 27 74 79 ec 37 | e2 48 43 75 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI ad db 20 c0 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 21 62 ee 53 46 f1 ca bd ad 77 9e 15 04 b9 4d e0 | a7 32 4d dc 2a aa c9 dd 3b 2f 3c 68 fe 44 83 75 | e9 48 86 a9 f4 8c e4 7f 39 63 2d 85 c0 ca 7f a6 | 80 ea fa 08 a4 4e 9f 4d 52 7d 72 4f 49 2a 0a 9b | 4c da b2 77 d7 87 78 a8 e2 14 a1 67 09 15 4e 08 | d4 d0 a8 ab 5a f2 db d6 68 6c db ce 0e 40 75 2d | 91 01 35 4f 57 9f c1 81 34 b1 f9 dc a4 41 55 24 | a8 03 65 b0 dd 31 8c 90 44 f3 62 a0 63 24 00 bd | cf 43 1b 88 88 a0 d8 c8 57 1b 8c 54 be 92 c4 be | 75 7b 6d 50 90 09 66 cb f9 86 91 b2 3a a2 05 0f | a7 21 6e cd 36 ac 29 b1 e5 6c f1 a9 7a 8b cc e2 | f2 b5 0c ea ef 2e d0 11 17 a3 ea 5a dc a8 cf ec | 5e ba 38 35 39 b5 c5 f2 2b 25 55 5a 96 f6 ef 37 | 70 1a de 2c 64 e3 72 dc 4d c7 9b 01 c2 57 81 84 | 5c 19 e8 58 8d c6 a3 ff 1f f7 b4 2d fd 05 fc 12 | 3c 18 d6 22 71 22 b7 1a d8 e2 2e 9d b6 12 43 b3 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x556ef3612210 (line=1) | concluding with best_match=014 best=0x556ef3612210 (lineno=1) | DH secret MODP2048@0x7f6c0c002760: transferring ownership from state #24 to helper IKEv1 DH | adding quick outI2 DH work-order 32 for state #24 | state #24 requesting EVENT_RETRANSMIT to be deleted | #24 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7f6bf80068d0 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7f6bfc002b20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f6bf80068d0 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 6 resuming | [RE]START processing: state #24 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624) | crypto helper 6 starting work-order 32 for state #24 | suspending state #24 and saving MD | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 | peer's g: 21 62 ee 53 46 f1 ca bd ad 77 9e 15 04 b9 4d e0 | peer's g: a7 32 4d dc 2a aa c9 dd 3b 2f 3c 68 fe 44 83 75 | peer's g: e9 48 86 a9 f4 8c e4 7f 39 63 2d 85 c0 ca 7f a6 | peer's g: 80 ea fa 08 a4 4e 9f 4d 52 7d 72 4f 49 2a 0a 9b | peer's g: 4c da b2 77 d7 87 78 a8 e2 14 a1 67 09 15 4e 08 | peer's g: d4 d0 a8 ab 5a f2 db d6 68 6c db ce 0e 40 75 2d | peer's g: 91 01 35 4f 57 9f c1 81 34 b1 f9 dc a4 41 55 24 | peer's g: a8 03 65 b0 dd 31 8c 90 44 f3 62 a0 63 24 00 bd | peer's g: cf 43 1b 88 88 a0 d8 c8 57 1b 8c 54 be 92 c4 be | peer's g: 75 7b 6d 50 90 09 66 cb f9 86 91 b2 3a a2 05 0f | peer's g: a7 21 6e cd 36 ac 29 b1 e5 6c f1 a9 7a 8b cc e2 | peer's g: f2 b5 0c ea ef 2e d0 11 17 a3 ea 5a dc a8 cf ec | peer's g: 5e ba 38 35 39 b5 c5 f2 2b 25 55 5a 96 f6 ef 37 | peer's g: 70 1a de 2c 64 e3 72 dc 4d c7 9b 01 c2 57 81 84 | peer's g: 5c 19 e8 58 8d c6 a3 ff 1f f7 b4 2d fd 05 fc 12 | peer's g: 3c 18 d6 22 71 22 b7 1a d8 e2 2e 9d b6 12 43 b3 | Started DH shared-secret computation in NSS: | #24 is busy; has a suspended MD | #24 spent 0.222 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #24 connection "3des" from 192.1.2.23:500 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.597 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7f6c0c002760: computed shared DH secret key@0x556ef36233f0 | dh-shared : g^ir-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 time elapsed 0.001018 seconds | (#24) spent 1.02 milliseconds in crypto helper computing work-order 32: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 32 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7f6c000059e0 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 32 | calling continuation function 0x556ef2b25630 | quick_inR1_outI2_continue for #24: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3936490638 (0xeaa2148e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7f6c0c002760: transferring ownership from helper IKEv1 DH to state #24 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e658 | result: clone-key@0x556ef36037c0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36050a0 from SKEYID_a-key@0x556ef36037c0 | HASH(1) prf: begin sha with context 0x556ef36050a0 from SKEYID_a-key@0x556ef36037c0 | HASH(1): release clone-key@0x556ef36037c0 | HASH(1) PRF sha crypt-prf@0x556ef361d2d0 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54e73c (length 4) | ea a2 14 8e | HASH(1) PRF sha update Ni_b-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | HASH(1) PRF sha update Nr_b-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | HASH(1) PRF sha final-bytes@0x556ef2c24960 (length 20) | 33 ee 89 11 a2 70 a3 36 26 1b fe 6b c3 0f 1b b5 | 54 de 5d 52 | quick_inR1_outI2 HASH(3): | 33 ee 89 11 a2 70 a3 36 26 1b fe 6b c3 0f 1b b5 | 54 de 5d 52 | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36037c0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac: release clone-key@0x556ef36037c0 | hmac PRF sha crypt-prf@0x556ef357c480 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d330 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 76 34 22 bd | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | ad db 20 c0 | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha final-bytes@0x7f6bf8006c80 (length 20) | f4 3f 41 50 3b c9 29 b9 48 b8 0b 54 c6 1e cb 17 | 20 57 d9 ff | hmac PRF sha final-bytes@0x7f6bf80067d0 (length 20) | d3 56 88 03 4d b0 56 22 23 98 6a 4f c4 5c 68 bc | 59 f2 fd 22 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d2f0 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36037c0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac: release clone-key@0x556ef36037c0 | hmac PRF sha crypt-prf@0x556ef361d2d0 | hmac PRF sha update data-bytes@0x7f6bf8006c80 (length 20) | f4 3f 41 50 3b c9 29 b9 48 b8 0b 54 c6 1e cb 17 | 20 57 d9 ff | hmac PRF sha update data-bytes@0x7f6bf80067d0 (length 20) | d3 56 88 03 4d b0 56 22 23 98 6a 4f c4 5c 68 bc | 59 f2 fd 22 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a930 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a600 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 76 34 22 bd | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | ad db 20 c0 | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha final-bytes@0x7f6bf8006c94 (length 20) | ac e8 57 9c 5e ec 43 3d 22 5b cc 48 ea 1d c3 cf | 02 b8 47 0b | hmac PRF sha final-bytes@0x7f6bf80067e4 (length 20) | 04 09 55 38 1b 04 9d fe 8c f8 b2 35 f5 c3 ec 8d | 20 58 ec 45 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef36037c0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac prf: begin sha with context 0x556ef36050a0 from symkey-key@0x556ef36037c0 | hmac: release clone-key@0x556ef36037c0 | hmac PRF sha crypt-prf@0x556ef357c480 | hmac PRF sha init symkey-key@0x556ef3609090 (size 20) | hmac: symkey-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3609090 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d54e5d8 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac prf: begin sha with context 0x556ef36051f0 from symkey-key@0x556ef360e180 | hmac: release clone-key@0x556ef360e180 | hmac PRF sha crypt-prf@0x556ef361d330 | hmac PRF sha update data-bytes@0x7f6bf8006c94 (length 20) | ac e8 57 9c 5e ec 43 3d 22 5b cc 48 ea 1d c3 cf | 02 b8 47 0b | hmac PRF sha update data-bytes@0x7f6bf80067e4 (length 20) | 04 09 55 38 1b 04 9d fe 8c f8 b2 35 f5 c3 ec 8d | 20 58 ec 45 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef362a4f0 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update g^xy-key@0x556ef36233f0 (size 256) | hmac: g^xy-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x556ef36233f0 | nss hmac digest hack: symkey-key@0x556ef36233f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x556ef3582080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x556ef3605c90 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-1923816880: ffffffeb 45 ffffff8a 62 6d ffffffcc 32 79 5c 2b 3b 08 69 ffffff95 38 1a 12 19 26 ffffff86 ffffffad ffffffd4 ffffffdc 77 ffffffd7 23 0e ffffffc3 ffffffd4 ffffffc4 18 1e ffffff9e 57 ffffff9f 1e ffffffc9 fffffff3 72 ffffffb3 fffffff1 ffffffa2 27 ffffffac ffffff92 ffffffac ffffffa4 ffffffbe 0e 3a ffffffe5 ffffff9b 20 ffffffec ffffffee 3a ffffffc2 ffffff86 7f 18 01 ffffff8c ffffffcc ffffffc4 fffffff9 37 ffffffc7 23 fffffff2 59 4e ffffffb0 fffffff8 5e ffffffae 4a ffffffa4 26 ffffff87 12 ffffffb2 16 5a fffffff9 ffffffc1 fffffff3 00 ffffffd5 50 7f 2b ffffffdf 7e 62 fffffff8 ffffffda ffffffc0 57 ffffffdc 15 ffffffd2 ffffffb4 ffffffc8 ffffffc6 0a 04 64 ffffffff 19 19 05 36 7c 27 4f ffffffec 47 48 ffffffa8 ffffff98 ffffffb7 fffffffd 39 38 ffffffe1 33 45 ffffff95 ffffffee 4b ffffffa8 ffffffe7 52 ffffffe9 5d ffffffd2 27 0b ffffffc3 33 7c 1f ffffffcc 69 67 ffffffdf 30 ffffffbd fffffff3 3c fffffff8 ffffffe1 fffffffd ffffff90 fffffff3 ffffff9b 5 | nss hmac digest hack: release slot-key-key@0x556ef3605c90 | nss hmac digest hack extracted len 256 bytes at 0x556ef3628d40 | unwrapped: 67 6e 7e aa 77 51 27 2d 2f 79 fd 38 f4 dc f3 92 | unwrapped: be 13 51 48 0b cf 19 da b9 d5 5d 9b 2c 8d 9e cc | unwrapped: a1 8e 3b 2e 3a 45 93 2d 44 ef 98 41 09 20 cc cb | unwrapped: 45 8d 4c 06 17 d8 57 f2 07 71 58 bd 1e ac f6 72 | unwrapped: 28 4c 52 12 f5 36 ce 17 cf 09 39 ab c9 2f a1 e7 | unwrapped: 5a 33 b6 6b 89 a5 80 05 81 ed 36 9c 9c 63 19 31 | unwrapped: b5 23 35 0b 52 51 e1 ce b3 08 ec 6f 29 2c 9d f3 | unwrapped: 9b eb a2 a1 b3 77 68 78 7e 79 91 21 6f 53 3c 2f | unwrapped: 94 e8 aa 3f 21 50 98 bb b2 bf b4 84 fd 78 1f dc | unwrapped: 91 1f 29 14 e9 a9 81 df 4f ac 7a db 88 bc db 5c | unwrapped: bb 49 01 78 89 a8 c6 62 61 c2 c2 3d 67 56 fd d1 | unwrapped: 9b c5 0c 94 5a 7b 61 aa f5 38 dd ce 54 eb f9 b8 | unwrapped: 52 f4 a3 e6 92 45 a7 ed f2 3b 67 ac fd 17 0b 03 | unwrapped: d1 a0 27 a8 5b 02 f0 78 70 12 cd 4d af a1 3f 23 | unwrapped: 78 f9 f0 1e 7f 4b 82 48 91 da 9c d8 d9 03 c0 a7 | unwrapped: 89 bb 06 d1 26 1f 18 4e d6 59 51 a2 98 71 0b 04 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x7fff8d54e70c (length 1) | 03 | hmac PRF sha update data-bytes@0x556ef361db98 (length 4) | 76 34 22 bd | hmac PRF sha update data-bytes@0x556ef361db78 (length 4) | ad db 20 c0 | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c50 (length 32) | 10 31 86 a6 3b ab 50 99 c4 8c 97 f4 74 5b a5 ee | 13 5c ee b3 67 57 46 fe 75 bc 1f b2 32 c0 dc 0d | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha update data-bytes@0x7f6c0c002c80 (length 32) | 01 74 b9 ae 29 56 6a 32 40 da e9 d8 0d fb 7c e8 | 2c 90 a1 b1 f3 b6 f2 31 fb 81 13 67 ab da d5 20 | hmac PRF sha final-bytes@0x7f6bf8006ca8 (length 20) | 34 0e 59 34 c2 7c f7 4e cd 60 f7 14 59 c9 87 7a | f0 9e e0 64 | hmac PRF sha final-bytes@0x7f6bf80067f8 (length 20) | be 48 d7 98 c4 08 cc e1 df 0c 00 02 75 3d c2 ca | 63 ad f5 87 | install_ipsec_sa() for #24: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.addb20c0@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.763422bd@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #24: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #24 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xaddb20c0 SPI_OUT=0x | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1643: | cmd( 320):2' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0xaddb20c0 SPI_OUT=0x763422bd ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xaddb20c0 | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xaddb20c0 SPI_OUT=0x763422bd ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xaddb20c0 SPI_ | popen cmd is 1026 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0xaddb20c0 SPI_OUT=0x763422bd ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x556ef3620bc0,sr=0x556ef3620bc0} to #24 (was #0) (newest_ipsec_sa=#0) | #23 spent 0.828 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 33 ee 89 11 a2 70 a3 36 26 1b fe 6b | encrypting: c3 0f 1b b5 54 de 5d 52 | IV: a3 f5 a4 f7 52 7d 0c ef | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: dc 5f e3 9e 48 49 17 4f | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #24 (was #0) (spd.eroute=#24) cloned from #23 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #24 connection "3des" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649) | #24 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #24: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7f6bf80068d0 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7f6bfc002b20 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 20 01 ea a2 14 8e 00 00 00 34 10 dc 83 52 | 5e a2 2e 24 c4 e1 b7 9a e0 0f 1a b4 dc 5f e3 9e | 48 49 17 4f | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7f6c10002b20 | inserting event EVENT_SA_REPLACE, timeout in 27983 seconds for #24 | libevent_malloc: new ptr-libevent@0x7f6bf80068d0 size 128 | pstats #24 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #24: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xaddb20c0 <0x763422bd xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 2.25 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7f6c000059e0 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00435 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00289 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00275 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.763422bd@192.1.2.45 | get_sa_info esp.addb20c0@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0784 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #24 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #24 connection "3des" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #24 ikev1.ipsec deleted completed | [RE]START processing: state #24 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #24: deleting state (STATE_QUICK_I2) aged 0.321s and sending notification | child state #24: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.addb20c0@192.1.2.23 | get_sa_info esp.763422bd@192.1.2.45 "3des" #24: ESP traffic information: in=84B out=84B | #24 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1359533591 (0x5108d617) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 76 34 22 bd | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x556ef360e180 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x556ef360e180 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x556ef360e180 | HASH(1): release clone-key@0x556ef360e180 | HASH(1) PRF sha crypt-prf@0x556ef357c4a0 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 51 08 d6 17 | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 76 34 22 bd | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | f8 48 c2 e1 f1 0f ba 06 6b 6b b4 68 38 bf 72 da | ea 59 88 08 | send delete HASH(1): | f8 48 c2 e1 f1 0f ba 06 6b 6b b4 68 38 bf 72 da | ea 59 88 08 | last Phase 1 IV: 6a f8 38 6e cb 14 12 33 | current Phase 1 IV: 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 51 08 d6 17 | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | 1c 9c 19 7b 03 87 88 3c a9 f9 5f f0 f6 4e 6a 7d | 37 3b 93 19 | encrypting: 0c 00 00 18 f8 48 c2 e1 f1 0f ba 06 6b 6b b4 68 | encrypting: 38 bf 72 da ea 59 88 08 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 76 34 22 bd | IV: 1c 9c 19 7b 03 87 88 3c a9 f9 5f f0 f6 4e 6a 7d | IV: 37 3b 93 19 | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: e8 23 94 b1 ef 33 cf d6 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 05 01 51 08 d6 17 00 00 00 44 91 ce 61 3b | 0d 16 c6 bf 91 37 e4 81 8a fa 86 9f 48 92 34 8d | 43 27 1f 52 ce a3 d6 83 57 04 b4 75 e8 23 94 b1 | ef 33 cf d6 | state #24 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6bf80068d0 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7f6c10002b20 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1569050316' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xaddb20c0 | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1569050316' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0xaddb20c0 SPI_OUT=0x763422bd ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.addb20c0@192.1.2.23 | netlink response for Del SA esp.addb20c0@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.763422bd@192.1.2.45 | netlink response for Del SA esp.763422bd@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4037) | start processing: connection NULL (in update_state_connection() at connections.c:4038) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #24 in QUICK_I2 | child state #24: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c0c002760: destroyed | stop processing: state #24 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x556ef36233f0 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x7f6c0c007fa0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #23 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #23 | start processing: state #23 connection "3des" from 192.1.2.23:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #23 ikev1.isakmp deleted completed | [RE]START processing: state #23 connection "3des" from 192.1.2.23:500 (in delete_state() at state.c:879) "3des" #23: deleting state (STATE_MAIN_I4) aged 0.375s and sending notification | parent state #23: MAIN_I4(established IKE SA) => delete | #23 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1161923886 (0x45418d2e) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 6e 97 6f f3 68 24 bd 42 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI a5 e3 14 70 21 93 bd 9a | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x556ef3601f40 (size 20) | HASH(1): SKEYID_a-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x556ef3601f40 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fff8d549428 | result: clone-key@0x556ef36233f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x556ef36051f0 from SKEYID_a-key@0x556ef36233f0 | HASH(1) prf: begin sha with context 0x556ef36051f0 from SKEYID_a-key@0x556ef36233f0 | HASH(1): release clone-key@0x556ef36233f0 | HASH(1) PRF sha crypt-prf@0x7f6c08001230 | HASH(1) PRF sha update M-ID-bytes@0x7fff8d54950c (length 4) | 45 41 8d 2e | HASH(1) PRF sha update payload-bytes@0x7fff8d5498b4 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 6e 97 6f f3 | 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | HASH(1) PRF sha final-bytes@0x7fff8d5498a0 (length 20) | a9 eb ba c6 73 73 28 5c b8 52 f0 6b a1 20 f6 a2 | 5f 53 b9 47 | send delete HASH(1): | a9 eb ba c6 73 73 28 5c b8 52 f0 6b a1 20 f6 a2 | 5f 53 b9 47 | last Phase 1 IV: 6a f8 38 6e cb 14 12 33 | current Phase 1 IV: 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x556ef36255f0 (length 8) | 6a f8 38 6e cb 14 12 33 | Phase 2 IV hash sha digest MSGID-bytes@0x7fff8d54951c (length 4) | 45 41 8d 2e | Phase 2 IV hash sha final bytes@0x556ef3625570 (length 20) | cc 60 de 16 86 ab f2 61 0d f2 fd ab c0 4e b8 4d | a5 94 c9 29 | encrypting: 0c 00 00 18 a9 eb ba c6 73 73 28 5c b8 52 f0 6b | encrypting: a1 20 f6 a2 5f 53 b9 47 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 | encrypting: 21 93 bd 9a | IV: cc 60 de 16 86 ab f2 61 0d f2 fd ab c0 4e b8 4d | IV: a5 94 c9 29 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 84 c5 0f 08 89 c5 fa 80 | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 05 01 45 41 8d 2e 00 00 00 54 45 ab 7a f4 | be 47 2b b5 b2 76 eb 76 f4 d6 a9 5b 9c 5e b5 d3 | 3d 72 b0 a8 1a de a1 d0 b4 e9 a3 26 15 66 66 09 | 81 bd 33 73 ed f8 6e 7e 4d ff e7 a2 84 c5 0f 08 | 89 c5 fa 80 | state #23 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7f6c08001090 | free_event_entry: release EVENT_SA_REPLACE-pe@0x556ef361ecd0 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #23 in MAIN_I4 | parent state #23: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7f6c100017a0: destroyed | stop processing: state #23 from 192.1.2.23:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x7f6c10006900 | delete_state: release st->st_skeyid_nss-key@0x556ef360c4c0 | delete_state: release st->st_skey_d_nss-key@0x556ef3609090 | delete_state: release st->st_skey_ai_nss-key@0x556ef3601f40 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x556ef360fae0 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x7f6c0c007fa0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.22 milliseconds in whack | spent 0.00159 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 05 01 61 57 16 cf 00 00 00 44 d9 c7 19 93 | e1 90 3e 95 2c 8f 90 48 f1 33 39 2a 08 8f ca 30 | 9f 38 b6 f7 45 12 23 81 4e ef b3 38 97 e9 7a 08 | bd 0b d1 65 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1633097423 (0x615716cf) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x615716cf | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 6e 97 6f f3 68 24 bd 42 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | a5 e3 14 70 21 93 bd 9a | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0728 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0047 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00217 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 6e 97 6f f3 68 24 bd 42 a5 e3 14 70 21 93 bd 9a | 08 10 05 01 c7 0f 46 68 00 00 00 54 8b 8c fa f2 | c5 2e a9 de 74 d2 99 bc 56 4e 30 47 e2 32 d2 53 | b2 6d 3b 65 61 3c 80 45 f8 39 75 d5 77 de f7 0a | d8 d3 4d 56 70 23 ab fb 2d f2 0c 77 e5 42 4e 78 | 9c 45 5f 66 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 6e 97 6f f3 68 24 bd 42 | responder cookie: | a5 e3 14 70 21 93 bd 9a | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3339667048 (0xc70f4668) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xc70f4668 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 6e 97 6f f3 68 24 bd 42 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | a5 e3 14 70 21 93 bd 9a | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0823 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 192.0.1.0/24:0 --0->- 192.0.2.0/24:0 | netlink_shunt_eroute for proto 0, and source 192.0.1.0/24:0 dest 192.0.2.0/24:0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x556ef361eee0 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.974 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0044 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0447 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.259 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) | pluto_sd: executing action action: stopping(6), status 0 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.1.254:4500 shutting down interface eth0/eth0 192.0.1.254:500 shutting down interface eth1/eth1 192.1.2.45:4500 shutting down interface eth1/eth1 192.1.2.45:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x556ef361cc90 | free_event_entry: release EVENT_NULL-pe@0x556ef361cc50 | libevent_free: release ptr-libevent@0x556ef361cd80 | free_event_entry: release EVENT_NULL-pe@0x556ef361cd40 | libevent_free: release ptr-libevent@0x556ef361ce70 | free_event_entry: release EVENT_NULL-pe@0x556ef361ce30 | libevent_free: release ptr-libevent@0x556ef361cf60 | free_event_entry: release EVENT_NULL-pe@0x556ef361cf20 | libevent_free: release ptr-libevent@0x556ef361d050 | free_event_entry: release EVENT_NULL-pe@0x556ef361d010 | libevent_free: release ptr-libevent@0x556ef361d140 | free_event_entry: release EVENT_NULL-pe@0x556ef361d100 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x556ef361c570 | free_event_entry: release EVENT_NULL-pe@0x556ef36051b0 | libevent_free: release ptr-libevent@0x556ef36120c0 | free_event_entry: release EVENT_NULL-pe@0x556ef36002e0 | libevent_free: release ptr-libevent@0x556ef3612030 | free_event_entry: release EVENT_NULL-pe@0x556ef36052a0 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x556ef361c640 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x556ef361c720 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x556ef361c7e0 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x556ef36112c0 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x556ef361c8a0 | libevent_free: release ptr-libevent@0x556ef35f1dd0 | libevent_free: release ptr-libevent@0x556ef36005f0 | libevent_free: release ptr-libevent@0x556ef3621560 | libevent_free: release ptr-libevent@0x556ef3600610 | libevent_free: release ptr-libevent@0x556ef361c600 | libevent_free: release ptr-libevent@0x556ef361c6e0 | libevent_free: release ptr-libevent@0x556ef36006a0 | libevent_free: release ptr-libevent@0x556ef36008d0 | libevent_free: release ptr-libevent@0x556ef3605330 | libevent_free: release ptr-libevent@0x556ef361d1d0 | libevent_free: release ptr-libevent@0x556ef361d0e0 | libevent_free: release ptr-libevent@0x556ef361cff0 | libevent_free: release ptr-libevent@0x556ef361cf00 | libevent_free: release ptr-libevent@0x556ef361ce10 | libevent_free: release ptr-libevent@0x556ef361cd20 | libevent_free: release ptr-libevent@0x556ef3582370 | libevent_free: release ptr-libevent@0x556ef361c7c0 | libevent_free: release ptr-libevent@0x556ef361c700 | libevent_free: release ptr-libevent@0x556ef361c620 | libevent_free: release ptr-libevent@0x556ef361c880 | libevent_free: release ptr-libevent@0x556ef35805b0 | libevent_free: release ptr-libevent@0x556ef3600630 | libevent_free: release ptr-libevent@0x556ef3600660 | libevent_free: release ptr-libevent@0x556ef3600350 | releasing global libevent data | libevent_free: release ptr-libevent@0x556ef35ff000 | libevent_free: release ptr-libevent@0x556ef35ff030 | libevent_free: release ptr-libevent@0x556ef3600320