
| 192.0.2.0/24===192.1.2.23<192.1.2.23>[C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org]...192.1.2.45<192.1.2.45>[%fromcert]===192.0.1.0/24
| ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
| close_any(fd@17) (in whack_process() at rcv_whack.c:680)
| *received 780 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  00 00 00 00  00 00 00 00
|   21 20 22 08  00 00 00 00  00 00 03 0c  22 00 01 84
|   02 00 00 54  01 01 00 09  03 00 00 0c  01 00 00 14
|   80 0e 01 00  03 00 00 08  02 00 00 07  03 00 00 08
|   02 00 00 05  03 00 00 08  02 00 00 02  03 00 00 08
|   04 00 00 0e  03 00 00 08  04 00 00 0f  03 00 00 08
|   04 00 00 10  03 00 00 08  04 00 00 12  00 00 00 08
|   04 00 00 13  02 00 00 54  02 01 00 09  03 00 00 0c
|   01 00 00 14  80 0e 00 80  03 00 00 08  02 00 00 07
|   03 00 00 08  02 00 00 05  03 00 00 08  02 00 00 02
|   03 00 00 08  04 00 00 0e  03 00 00 08  04 00 00 0f
|   03 00 00 08  04 00 00 10  03 00 00 08  04 00 00 12
|   00 00 00 08  04 00 00 13  02 00 00 6c  03 01 00 0c
|   03 00 00 0c  01 00 00 0c  80 0e 01 00  03 00 00 08
|   02 00 00 07  03 00 00 08  02 00 00 05  03 00 00 08
|   02 00 00 02  03 00 00 08  03 00 00 0e  03 00 00 08
|   03 00 00 0c  03 00 00 08  03 00 00 02  03 00 00 08
|   04 00 00 0e  03 00 00 08  04 00 00 0f  03 00 00 08
|   04 00 00 10  03 00 00 08  04 00 00 12  00 00 00 08
|   04 00 00 13  00 00 00 6c  04 01 00 0c  03 00 00 0c
|   01 00 00 0c  80 0e 00 80  03 00 00 08  02 00 00 07
|   03 00 00 08  02 00 00 05  03 00 00 08  02 00 00 02
|   03 00 00 08  03 00 00 0e  03 00 00 08  03 00 00 0c
|   03 00 00 08  03 00 00 02  03 00 00 08  04 00 00 0e
|   03 00 00 08  04 00 00 0f  03 00 00 08  04 00 00 10
|   03 00 00 08  04 00 00 12  00 00 00 08  04 00 00 13
|   28 00 01 08  00 0e 00 00  a3 3b f9 9c  5a 97 81 5c
|   ee b9 2f d3  30 62 80 f8  86 04 a0 1c  94 ac c2 8b
|   b3 8e e7 5f  7b e6 0d 11  17 6a 08 63  1a d7 74 24
|   8a 8a a7 de  28 65 01 d7  95 7f 3c 43  32 cf 16 50
|   f3 72 03 95  85 ae cf e0  39 91 08 ea  5f f5 82 ee
|   0f 1f de 18  69 d8 84 6a  e5 66 57 c8  ae 98 10 7b
|   16 6e 86 b2  62 c2 ec 85  4e ac 92 32  7a 19 06 f1
|   2f b8 01 92  59 d3 2d 73  2c 80 db bd  78 9e b3 ad
|   f2 90 9e c3  e2 f5 4e 88  97 6a 1e 6a  58 ad 45 8f
|   14 af 63 16  3b 05 b4 79  66 29 42 0c  8a 2b d7 e5
|   5b 06 4d 06  2b 16 20 08  01 09 14 fe  5c d2 f7 c6
|   52 3a b3 2b  e3 1c b5 e3  21 bf e7 f3  b4 c9 23 48
|   7d 4e 7f 1c  9c 79 e6 2e  ac 29 2c 0d  86 59 e7 bb
|   71 8f c1 1b  97 80 98 19  cf 65 ea 3c  41 83 fd cb
|   13 8a 74 b3  ff 67 ef 2f  12 94 0c d4  fd 1c 80 35
|   d9 6c e0 64  56 b8 6f 8e  67 cd b1 4f  79 fb 20 ff
|   63 95 3b ee  c6 36 66 8e  29 00 00 24  17 37 2a 37
|   99 9a e1 1f  66 a0 22 50  3f fc cc 9c  9a 2d 83 d9
|   64 ec 33 e4  08 83 36 b5  f0 e9 8e cf  29 00 00 08
|   00 00 40 2e  29 00 00 1c  00 00 40 04  b3 42 6b 48
|   93 4e 6b 88  7d 26 2c 17  cf ac 69 df  8a 7c 1d 8c
|   00 00 00 1c  00 00 40 05  1d ee 3b 86  21 c4 de 1a
|   f4 66 dd ea  95 61 99 7d  4a d0 3e 12
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   00 00 00 00  00 00 00 00
|    next payload type: ISAKMP_NEXT_v2SA (0x21)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_SA_INIT (0x22)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 0 (0x0)
|    length: 780 (0x30c)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_SA_INIT
| I am the IKE SA Original Responder
| IKE SPIi table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d to 8344890373005126860 slot 0x55c77e373420
| v2 IKE SA by SPi not found
| #null state always idle
| #0 in state PARENT_R0: processing SA_INIT request
| Unpacking clear payload for svm: Respond to IKE_SA_INIT
| Now let's proceed with payload (ISAKMP_NEXT_v2SA)
| ***parse IKEv2 Security Association Payload:
|    next payload type: ISAKMP_NEXT_v2KE (0x22)
|    flags: none (0x0)
|    length: 388 (0x184)
| processing payload: ISAKMP_NEXT_v2SA (len=384)
| Now let's proceed with payload (ISAKMP_NEXT_v2KE)
| ***parse IKEv2 Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_v2Ni (0x28)
|    flags: none (0x0)
|    length: 264 (0x108)
|    DH group: OAKLEY_GROUP_MODP2048 (0xe)
| processing payload: ISAKMP_NEXT_v2KE (len=256)
| Now let's proceed with payload (ISAKMP_NEXT_v2Ni)
| ***parse IKEv2 Nonce Payload:
|    next payload type: ISAKMP_NEXT_v2N (0x29)
|    flags: none (0x0)
|    length: 36 (0x24)
| processing payload: ISAKMP_NEXT_v2Ni (len=32)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2N (0x29)
|    flags: none (0x0)
|    length: 8 (0x8)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
| processing payload: ISAKMP_NEXT_v2N (len=0)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2N (0x29)
|    flags: none (0x0)
|    length: 28 (0x1c)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
| processing payload: ISAKMP_NEXT_v2N (len=20)
| Now let's proceed with payload (ISAKMP_NEXT_v2N)
| ***parse IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 28 (0x1c)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
| processing payload: ISAKMP_NEXT_v2N (len=20)
| selected state microcode Respond to IKE_SA_INIT
| anti-DDoS cookies not required (and no cookie received)
| Now let's proceed with state specific processing
| calling processor Respond to IKE_SA_INIT
| find_host_connection me=192.1.2.23:500 him=192.1.2.45:500 policy=ECDSA+IKEV2_ALLOW
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
| find_next_host_connection policy=ECDSA+IKEV2_ALLOW
| found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (ikev2-westnet-eastnet-x509-cr)
| find_next_host_connection returns empty
| find_host_connection me=192.1.2.23:500 him=%any:500 policy=ECDSA+IKEV2_ALLOW
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
| find_next_host_connection policy=ECDSA+IKEV2_ALLOW
| find_next_host_connection returns empty
| initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy ECDSA+IKEV2_ALLOW
| find_host_connection me=192.1.2.23:500 him=192.1.2.45:500 policy=RSASIG+IKEV2_ALLOW
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
| find_next_host_connection policy=RSASIG+IKEV2_ALLOW
| found policy = RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (ikev2-westnet-eastnet-x509-cr)
| find_next_host_connection returns ikev2-westnet-eastnet-x509-cr
| found connection: ikev2-westnet-eastnet-x509-cr with policy RSASIG+IKEV2_ALLOW
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
| creating state object #1 at 0x55c7807fe9e8
| parent state #1: UNDEFINED(ignore) => PARENT_R0(half-open IKE SA)
| IKE Responder SPI hash sha2_256 init
| NSS: PK11_PubDerive
| IKE Responder SPI sha2_256 hasher: context 0x55c7806bea00
| NSS: PK11_DigestBegin
| IKE Responder SPI hash sha2_256 digest addr-bytes@0x55c7807caca8 (length 28)
| NSS: PK11_DigestOp
| IKE Responder SPI hash sha2_256 digest sod-bytes@0x55c77e377da0 (length 32)
| NSS: PK11_DigestOp
| IKE Responder SPI hash sha2_256 digest counter-bytes@0x55c77e377d80 (length 4)
| NSS: PK11_DigestOp
| IKE Responder SPI hash sha2_256 final bytes@0x7ffc830ebc90 (length 32)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| IKE Responder SPI  1d c6 2d a1  c4 09 35 20  1b 87 42 d9  96 e0 b6 a3
| IKE Responder SPI  43 00 fa 8e  15 96 b4 82  65 46 2c 36  8b c0 c5 fc
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45 (in initialize_new_state() at ipsec_doi.c:474)
| inserting state object #1
| serialno list: inserting object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1b8 into list 0x55c77e37e860 (older 0x55c77e37e860 newer 0x55c77e37e860)
| serialno list: inserted  object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1b8 (older 0x55c77e37e860 newer 0x55c77e37e860)
| serialno list: list entry 0x55c77e37e860 is HEAD (older 0x55c7807ff1b8 newer 0x55c7807ff1b8)
| serialno table: inserting object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1d8 into list 0x55c77e373c40 (older 0x55c77e373c40 newer 0x55c77e373c40)
| serialno table: inserted  object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1d8 (older 0x55c77e373c40 newer 0x55c77e373c40)
| serialno table: list entry 0x55c77e373c40 is HEAD (older 0x55c7807ff1d8 newer 0x55c7807ff1d8)
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45 (in initialize_new_state() at ipsec_doi.c:492)
| selecting default constructed local IKE proposals for connection ikev2-westnet-eastnet-x509-cr (IKE SA responder matching remote proposals)
| constructed local IKE proposals for ikev2-westnet-eastnet-x509-cr (IKE SA responder matching remote proposals): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 (default)
| Comparing remote proposals against IKE responder 4 local proposals
| local proposal 1 type ENCR has 1 transforms
| local proposal 1 type PRF has 3 transforms
| local proposal 1 type INTEG has 1 transforms
| local proposal 1 type DH has 5 transforms
| local proposal 1 type ESN has 0 transforms
| local proposal 1 transforms: required: ENCR+PRF+DH; optional: INTEG
| local proposal 2 type ENCR has 1 transforms
| local proposal 2 type PRF has 3 transforms
| local proposal 2 type INTEG has 1 transforms
| local proposal 2 type DH has 5 transforms
| local proposal 2 type ESN has 0 transforms
| local proposal 2 transforms: required: ENCR+PRF+DH; optional: INTEG
| local proposal 3 type ENCR has 1 transforms
| local proposal 3 type PRF has 3 transforms
| local proposal 3 type INTEG has 3 transforms
| local proposal 3 type DH has 5 transforms
| local proposal 3 type ESN has 0 transforms
| local proposal 3 transforms: required: ENCR+PRF+INTEG+DH; optional: none
| local proposal 4 type ENCR has 1 transforms
| local proposal 4 type PRF has 3 transforms
| local proposal 4 type INTEG has 3 transforms
| local proposal 4 type DH has 5 transforms
| local proposal 4 type ESN has 0 transforms
| local proposal 4 transforms: required: ENCR+PRF+INTEG+DH; optional: none
| ****parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 84 (0x54)
|    prop #: 1 (0x1)
|    proto ID: IKEv2_SEC_PROTO_IKE (0x1)
|    spi size: 0 (0x0)
|    # transforms: 9 (0x9)
| Comparing remote proposal 1 containing 9 transforms against local proposal [1..4] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| ******parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 1 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 2 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 3 type 2 (PRF) transform 0
| remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 4 type 2 (PRF) transform 0
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| remote proposal 1 transform 4 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
| remote proposal 1 transform 4 (DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
| remote proposal 1 transform 4 (DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
| remote proposal 1 transform 4 (DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| remote proposal 1 proposed transforms: ENCR+PRF+DH; matched: ENCR+PRF+DH; unmatched: none
| comparing remote proposal 1 containing ENCR+PRF+DH transforms to local proposal 1; required: ENCR+PRF+DH; optional: INTEG; matched: ENCR+PRF+DH
| remote proposal 1 matches local proposal 1
| ****parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 84 (0x54)
|    prop #: 2 (0x2)
|    proto ID: IKEv2_SEC_PROTO_IKE (0x1)
|    spi size: 0 (0x0)
|    # transforms: 9 (0x9)
| Comparing remote proposal 2 containing 9 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| ******parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| remote proposal 2 proposed transforms: ENCR+PRF+DH; matched: none; unmatched: ENCR+PRF+DH
| remote proposal 2 does not match; unmatched remote transforms: ENCR+PRF+DH
| ****parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 108 (0x6c)
|    prop #: 3 (0x3)
|    proto ID: IKEv2_SEC_PROTO_IKE (0x1)
|    spi size: 0 (0x0)
|    # transforms: 12 (0xc)
| Comparing remote proposal 3 containing 12 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_CBC (0xc)
| ******parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| remote proposal 3 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH
| remote proposal 3 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH
| ****parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_LAST (0x0)
|    length: 108 (0x6c)
|    prop #: 4 (0x4)
|    proto ID: IKEv2_SEC_PROTO_IKE (0x1)
|    spi size: 0 (0x0)
|    # transforms: 12 (0xc)
| Comparing remote proposal 4 containing 12 transforms against local proposal [1..0] of 4 local proposals
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_CBC (0xc)
| ******parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
| *****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
| remote proposal 4 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH
| remote proposal 4 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH
"ikev2-westnet-eastnet-x509-cr" #1: proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;PRF=HMAC_SHA1;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;PRF=HMAC_SHA1;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;PRF=HMAC_SHA1;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA1_96;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;PRF=HMAC_SHA1;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA1_96;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256
| accepted IKE proposal ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048
| converting proposal to internal trans attrs
| encryption ike_alg_lookup_by_id id: AES_GCM_C=20, found AES_GCM_16 
| PRF ike_alg_lookup_by_id id: HMAC_SHA2_512=7, found HMAC_SHA2_512 
| integrity ike_alg_lookup_by_id id: NONE=0, found NONE 
| DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 
| DH public value received:
|   a3 3b f9 9c  5a 97 81 5c  ee b9 2f d3  30 62 80 f8
|   86 04 a0 1c  94 ac c2 8b  b3 8e e7 5f  7b e6 0d 11
|   17 6a 08 63  1a d7 74 24  8a 8a a7 de  28 65 01 d7
|   95 7f 3c 43  32 cf 16 50  f3 72 03 95  85 ae cf e0
|   39 91 08 ea  5f f5 82 ee  0f 1f de 18  69 d8 84 6a
|   e5 66 57 c8  ae 98 10 7b  16 6e 86 b2  62 c2 ec 85
|   4e ac 92 32  7a 19 06 f1  2f b8 01 92  59 d3 2d 73
|   2c 80 db bd  78 9e b3 ad  f2 90 9e c3  e2 f5 4e 88
|   97 6a 1e 6a  58 ad 45 8f  14 af 63 16  3b 05 b4 79
|   66 29 42 0c  8a 2b d7 e5  5b 06 4d 06  2b 16 20 08
|   01 09 14 fe  5c d2 f7 c6  52 3a b3 2b  e3 1c b5 e3
|   21 bf e7 f3  b4 c9 23 48  7d 4e 7f 1c  9c 79 e6 2e
|   ac 29 2c 0d  86 59 e7 bb  71 8f c1 1b  97 80 98 19
|   cf 65 ea 3c  41 83 fd cb  13 8a 74 b3  ff 67 ef 2f
|   12 94 0c d4  fd 1c 80 35  d9 6c e0 64  56 b8 6f 8e
|   67 cd b1 4f  79 fb 20 ff  63 95 3b ee  c6 36 66 8e
| natd_hash: rcookie is zero
| NATD hash sha init
| NSS: PK11_PubDerive
| NATD sha hasher: context 0x55c7806bea00
| NSS: PK11_DigestBegin
| NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffc830ebc30 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffc830ebc38 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest IP addr-bytes@0x55c7806bd798 (length 4)
| NSS: PK11_DigestOp
| NATD hash sha digest PORT-bytes@0x7ffc830ebbd6 (length 2)
| NSS: PK11_DigestOp
| NATD hash sha final bytes@0x7ffc830ebc90 (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| NATD  1d ee 3b 86  21 c4 de 1a  f4 66 dd ea  95 61 99 7d
| NATD  4a d0 3e 12
| natd_hash: hasher=0x55c77e35f820(20)
| natd_hash: icookie=  84 ef af 3b  c7 ff b0 7d
| natd_hash: rcookie=  00 00 00 00  00 00 00 00
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  1d ee 3b 86  21 c4 de 1a  f4 66 dd ea  95 61 99 7d
| natd_hash: hash=  4a d0 3e 12
| natd_hash: rcookie is zero
| NATD hash sha init
| NSS: PK11_PubDerive
| NATD sha hasher: context 0x55c7806bea00
| NSS: PK11_DigestBegin
| NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffc830ebc30 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffc830ebc38 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest IP addr-bytes@0x55c7807cacac (length 4)
| NSS: PK11_DigestOp
| NATD hash sha digest PORT-bytes@0x7ffc830ebbd6 (length 2)
| NSS: PK11_DigestOp
| NATD hash sha final bytes@0x7ffc830ebcb0 (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| NATD  b3 42 6b 48  93 4e 6b 88  7d 26 2c 17  cf ac 69 df
| NATD  8a 7c 1d 8c
| natd_hash: hasher=0x55c77e35f820(20)
| natd_hash: icookie=  84 ef af 3b  c7 ff b0 7d
| natd_hash: rcookie=  00 00 00 00  00 00 00 00
| natd_hash: ip=  c0 01 02 2d
| natd_hash: port=500
| natd_hash: hash=  b3 42 6b 48  93 4e 6b 88  7d 26 2c 17  cf ac 69 df
| natd_hash: hash=  8a 7c 1d 8c
| NAT_TRAVERSAL encaps using auto-detect
| NAT_TRAVERSAL this end is NOT behind NAT
| NAT_TRAVERSAL that end is NOT behind NAT
| NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45
| adding ikev2_inI1outR1 KE work-order 1 for state #1
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c7806bea28
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60.000 seconds for #1
| backlog: inserting object 0x55c7807fa968 (work-order 1 state #1) entry 0x55c7807fa970 into list 0x55c77e37f7e0 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: inserted  object 0x55c7807fa968 (work-order 1 state #1) entry 0x55c7807fa970 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: list entry 0x55c77e37f7e0 is HEAD (older 0x55c7807fa970 newer 0x55c7807fa970)
| crypto helper 0 resuming
| backlog: removing  object 0x55c7807fa968 (work-order 1 state #1) entry 0x55c7807fa970 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: empty
| crypto helper 0 starting work-order 1 for state #1
| crypto helper 0 doing build KE and nonce; request ID 1
| NSS: Value of Prime:
|   ff ff ff ff  ff ff ff ff  c9 0f da a2  21 68 c2 34
|   c4 c6 62 8b  80 dc 1c d1  29 02 4e 08  8a 67 cc 74
|   02 0b be a6  3b 13 9b 22  51 4a 08 79  8e 34 04 dd
|   ef 95 19 b3  cd 3a 43 1b  30 2b 0a 6d  f2 5f 14 37
|   4f e1 35 6d  6d 51 c2 45  e4 85 b5 76  62 5e 7e c6
|   f4 4c 42 e9  a6 37 ed 6b  0b ff 5c b6  f4 06 b7 ed
|   ee 38 6b fb  5a 89 9f a5  ae 9f 24 11  7c 4b 1f e6
|   49 28 66 51  ec e4 5b 3d  c2 00 7c b8  a1 63 bf 05
|   98 da 48 36  1c 55 d3 9a  69 16 3f a8  fd 24 cf 5f
|   83 65 5d 23  dc a3 ad 96  1c 62 f3 56  20 85 52 bb
|   9e d5 29 07  70 96 96 6d  67 0c 35 4e  4a bc 98 04
|   f1 74 6c 08  ca 18 21 7c  32 90 5e 46  2e 36 ce 3b
|   e3 9e 77 2c  18 0e 86 03  9b 27 83 a2  ec 07 a2 8f
|   b5 c5 5d f0  6f 4c 52 c9  de 2b cb f6  95 58 17 18
|   39 95 49 7c  ea 95 6a e5  15 d2 26 18  98 fa 05 10
|   15 72 8e 5a  8a ac aa 68  ff ff ff ff  ff ff ff ff
| NSS: Value of base:  02
| DH secret MODP2048@0x7fbf90003a28: created
| NSS: Local DH MODP2048 secret (pointer): 0x7fbf90003a28
| NSS: Public DH wire value:
|   ae b6 50 4c  06 2d 56 7a  7c e8 f5 33  af fa 1a 73
|   6d 28 78 23  c9 7a e2 01  21 22 a6 cd  3c 6e 9d 61
|   cf 04 c8 c0  17 4c ee 74  e6 4a e1 00  ef 2b 8b f7
|   e4 01 c2 47  52 53 e0 f3  7a 41 5b e5  87 17 8a 54
|   4d 87 5d 87  af 16 e1 e8  7b 05 f1 13  07 10 b2 09
|   57 f3 75 c2  59 0d 89 e8  a3 cf 75 0a  7d 5e 85 9b
|   ba 71 8b 79  cf 05 30 e7  14 62 85 79  3f ab 86 05
|   e4 50 f4 d0  57 73 21 4c  e3 70 01 74  91 88 2f e9
|   9b c0 a2 bc  a9 7d 34 71  69 57 91 d7  fb 9f 1a 14
|   3e 5e 41 1c  59 bf 6b c9  6d c6 61 b3  5d 0c 10 56
|   df 2d 68 72  9f c6 cc a1  17 78 15 4c  63 5c f5 bf
|   c1 fb 9a cb  30 8a d0 ac  f0 5d 57 fa  2f ac 5d 1a
|   40 2c 3d 0b  62 0f e1 88  30 18 41 36  e9 49 18 b1
|   ed 23 a1 b1  10 03 1d dd  be 74 95 99  c5 09 c6 05
|   43 02 26 19  22 0e bc 31  72 0b 17 85  c0 0d a7 fc
|   b9 ce 61 f7  92 cf 96 79  1a f1 7c 2e  fe 49 ef c2
| Generated nonce:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| Generated nonce:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| crypto helper 0 finished build KE and nonce; request ID 1 time elapsed 0.002 seconds
| crypto helper 0 sending results from work-order 1 for state #1 to event queue
| scheduling now-event sending helper answer for #1
| crypto helper 0 waiting (nothing to do)
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| #1 complete v2 state transition from PARENT_R0 to PARENT_R1 with status STF_SUSPEND
| suspending state #1 and saving MD
| #1 is busy; has a suspended MD
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:2901)
| "ikev2-westnet-eastnet-x509-cr" #1 complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3067
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: STOP connection NULL (in process_md() at demux.c:442)
| executing now-event sending helper answer for 1
| serialno table: hash serialno #1 to head 0x55c77e373c40
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in schedule_event_now_cb() at server.c:546)
| crypto helper 0 replies to request ID 1
| calling continuation function 0x55c77e079c90
| ikev2_parent_inI1outR1_continue for #1: calculated ke+nonce, sending R1
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_SA_INIT (0x22)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| Emitting ikev2_proposal ...
| ***emit IKEv2 Security Association Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA)
| next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet'
| ****emit IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_LAST (0x0)
|    prop #: 1 (0x1)
|    proto ID: IKEv2_SEC_PROTO_IKE (0x1)
|    spi size: 0 (0x0)
|    # transforms: 3 (0x3)
| last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal'
| *****emit IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| ******emit IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of IKEv2 Transform Substructure Payload: 12
| *****emit IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    IKEv2 transform type: TRANS_TYPE_PRF (0x2)
|    IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| emitting length of IKEv2 Transform Substructure Payload: 8
| *****emit IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    IKEv2 transform type: TRANS_TYPE_DH (0x4)
|    IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| emitting length of IKEv2 Transform Substructure Payload: 8
| emitting length of IKEv2 Proposal Substructure Payload: 36
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0
| emitting length of IKEv2 Security Association Payload: 40
| last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0
| wire (crypto helper) group MODP2048 and state group MODP2048 match
| DH secret MODP2048@0x7fbf90003a28: transferring ownership from helper KE to state #1
| ***emit IKEv2 Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    DH group: OAKLEY_GROUP_MODP2048 (0xe)
| next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE)
| next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet'
| emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload
| ikev2 g^x  ae b6 50 4c  06 2d 56 7a  7c e8 f5 33  af fa 1a 73
| ikev2 g^x  6d 28 78 23  c9 7a e2 01  21 22 a6 cd  3c 6e 9d 61
| ikev2 g^x  cf 04 c8 c0  17 4c ee 74  e6 4a e1 00  ef 2b 8b f7
| ikev2 g^x  e4 01 c2 47  52 53 e0 f3  7a 41 5b e5  87 17 8a 54
| ikev2 g^x  4d 87 5d 87  af 16 e1 e8  7b 05 f1 13  07 10 b2 09
| ikev2 g^x  57 f3 75 c2  59 0d 89 e8  a3 cf 75 0a  7d 5e 85 9b
| ikev2 g^x  ba 71 8b 79  cf 05 30 e7  14 62 85 79  3f ab 86 05
| ikev2 g^x  e4 50 f4 d0  57 73 21 4c  e3 70 01 74  91 88 2f e9
| ikev2 g^x  9b c0 a2 bc  a9 7d 34 71  69 57 91 d7  fb 9f 1a 14
| ikev2 g^x  3e 5e 41 1c  59 bf 6b c9  6d c6 61 b3  5d 0c 10 56
| ikev2 g^x  df 2d 68 72  9f c6 cc a1  17 78 15 4c  63 5c f5 bf
| ikev2 g^x  c1 fb 9a cb  30 8a d0 ac  f0 5d 57 fa  2f ac 5d 1a
| ikev2 g^x  40 2c 3d 0b  62 0f e1 88  30 18 41 36  e9 49 18 b1
| ikev2 g^x  ed 23 a1 b1  10 03 1d dd  be 74 95 99  c5 09 c6 05
| ikev2 g^x  43 02 26 19  22 0e bc 31  72 0b 17 85  c0 0d a7 fc
| ikev2 g^x  b9 ce 61 f7  92 cf 96 79  1a f1 7c 2e  fe 49 ef c2
| emitting length of IKEv2 Key Exchange Payload: 264
| ***emit IKEv2 Nonce Payload:
|    next payload type: ISAKMP_NEXT_v2N (0x29)
|    flags: none (0x0)
| next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N
| next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni)
| next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload
| IKEv2 nonce  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| IKEv2 nonce  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| emitting length of IKEv2 Nonce Payload: 36
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
| next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting length of IKEv2 Notify Payload: 8
|  NAT-Traversal support  [enabled] add v2N payloads.
| NATD hash sha init
| NSS: PK11_PubDerive
| NATD sha hasher: context 0x55c780831fa0
| NSS: PK11_DigestBegin
| NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffc830ec220 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffc830ec228 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest IP addr-bytes@0x55c7807fecf4 (length 4)
| NSS: PK11_DigestOp
| NATD hash sha digest PORT-bytes@0x7ffc830ec136 (length 2)
| NSS: PK11_DigestOp
| NATD hash sha final bytes@0x7ffc830ec1b0 (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| NATD  84 bd 1c 68  90 18 ca ef  65 66 1c c4  1d a9 fd 0f
| NATD  43 4a 20 f1
| natd_hash: hasher=0x55c77e35f820(20)
| natd_hash: icookie=  84 ef af 3b  c7 ff b0 7d
| natd_hash: rcookie=  1d c6 2d a1  c4 09 35 20
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  84 bd 1c 68  90 18 ca ef  65 66 1c c4  1d a9 fd 0f
| natd_hash: hash=  43 4a 20 f1
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
| Notify data  84 bd 1c 68  90 18 ca ef  65 66 1c c4  1d a9 fd 0f
| Notify data  43 4a 20 f1
| emitting length of IKEv2 Notify Payload: 28
| NATD hash sha init
| NSS: PK11_PubDerive
| NATD sha hasher: context 0x55c780831fa0
| NSS: PK11_DigestBegin
| NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffc830ec220 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffc830ec228 (length 8)
| NSS: PK11_DigestOp
| NATD hash sha digest IP addr-bytes@0x55c7807feccc (length 4)
| NSS: PK11_DigestOp
| NATD hash sha digest PORT-bytes@0x7ffc830ec136 (length 2)
| NSS: PK11_DigestOp
| NATD hash sha final bytes@0x7ffc830ec1b0 (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| NATD  f7 b3 b1 51  54 a5 60 9c  b2 be 11 87  e2 0f df d0
| NATD  8a a3 54 35
| natd_hash: hasher=0x55c77e35f820(20)
| natd_hash: icookie=  84 ef af 3b  c7 ff b0 7d
| natd_hash: rcookie=  1d c6 2d a1  c4 09 35 20
| natd_hash: ip=  c0 01 02 2d
| natd_hash: port=500
| natd_hash: hash=  f7 b3 b1 51  54 a5 60 9c  b2 be 11 87  e2 0f df d0
| natd_hash: hash=  8a a3 54 35
| Adding a v2N Payload
| ***emit IKEv2 Notify Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    Protocol ID: PROTO_v2_RESERVED (0x0)
|    SPI size: 0 (0x0)
|    Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
| next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
| emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
| Notify data  f7 b3 b1 51  54 a5 60 9c  b2 be 11 87  e2 0f df d0
| Notify data  8a a3 54 35
| emitting length of IKEv2 Notify Payload: 28
| going to send a certreq
| connection->kind is CK_PERMANENT so send CERTREQ
| NSS: CERT_GetDefaultCertDB
| ***emit IKEv2 Certificate Request Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
| next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ)
| next payload chain: saving location 'IKEv2 Certificate Request Payload'.'next payload type' in 'reply packet'
| emitting length of IKEv2 Certificate Request Payload: 5
| emitting length of ISAKMP Message: 437
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| #1 complete v2 state transition from PARENT_R0 to PARENT_R1 with status STF_OK
| IKEv2: transition from state STATE_PARENT_R0 to state STATE_PARENT_R1
| parent state #1: PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA)
| Message ID: updating counters for #1 after switching state
| Message ID: 'ikev2-westnet-eastnet-x509-cr' IKE #1 PARENT_R1; message-request msgid=0; initiator { lastack=4294967295 nextuse=0 } responder { lastrecv=0 lastreplied=0 }
"ikev2-westnet-eastnet-x509-cr" #1: STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
| sending V2 reply packet to 192.1.2.45:500 (from port 500)
| sending 437 bytes for STATE_PARENT_R0 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   21 20 22 20  00 00 00 00  00 00 01 b5  22 00 00 28
|   00 00 00 24  01 01 00 03  03 00 00 0c  01 00 00 14
|   80 0e 01 00  03 00 00 08  02 00 00 07  00 00 00 08
|   04 00 00 0e  28 00 01 08  00 0e 00 00  ae b6 50 4c
|   06 2d 56 7a  7c e8 f5 33  af fa 1a 73  6d 28 78 23
|   c9 7a e2 01  21 22 a6 cd  3c 6e 9d 61  cf 04 c8 c0
|   17 4c ee 74  e6 4a e1 00  ef 2b 8b f7  e4 01 c2 47
|   52 53 e0 f3  7a 41 5b e5  87 17 8a 54  4d 87 5d 87
|   af 16 e1 e8  7b 05 f1 13  07 10 b2 09  57 f3 75 c2
|   59 0d 89 e8  a3 cf 75 0a  7d 5e 85 9b  ba 71 8b 79
|   cf 05 30 e7  14 62 85 79  3f ab 86 05  e4 50 f4 d0
|   57 73 21 4c  e3 70 01 74  91 88 2f e9  9b c0 a2 bc
|   a9 7d 34 71  69 57 91 d7  fb 9f 1a 14  3e 5e 41 1c
|   59 bf 6b c9  6d c6 61 b3  5d 0c 10 56  df 2d 68 72
|   9f c6 cc a1  17 78 15 4c  63 5c f5 bf  c1 fb 9a cb
|   30 8a d0 ac  f0 5d 57 fa  2f ac 5d 1a  40 2c 3d 0b
|   62 0f e1 88  30 18 41 36  e9 49 18 b1  ed 23 a1 b1
|   10 03 1d dd  be 74 95 99  c5 09 c6 05  43 02 26 19
|   22 0e bc 31  72 0b 17 85  c0 0d a7 fc  b9 ce 61 f7
|   92 cf 96 79  1a f1 7c 2e  fe 49 ef c2  29 00 00 24
|   64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|   64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
|   29 00 00 08  00 00 40 2e  29 00 00 1c  00 00 40 04
|   84 bd 1c 68  90 18 ca ef  65 66 1c c4  1d a9 fd 0f
|   43 4a 20 f1  26 00 00 1c  00 00 40 05  f7 b3 b1 51
|   54 a5 60 9c  b2 be 11 87  e2 0f df d0  8a a3 54 35
|   00 00 00 05  04
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c7806bea28
| event_schedule: new EVENT_SO_DISCARD-pe@0x55c7806bea28
| inserting event EVENT_SO_DISCARD, timeout in 200.000 seconds for #1
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in schedule_event_now_cb() at server.c:549)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| *received 539 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  23 00 01 ff
|   00 01 00 05  3f ff 5f 1c  96 9e 64 00  37 17 cd eb
|   e5 10 ee cc  e0 b3 3c 83  15 37 74 47  3e 06 65 12
|   ed 99 8c 46  f8 16 66 3a  60 44 f4 86  9c 0d 79 9b
|   d7 f3 60 71  55 3b b8 20  78 3a 66 1a  ec cf ef b1
|   6e 23 55 9c  4f af b1 eb  b7 8a 35 d8  26 30 c4 cb
|   79 63 ae e9  fb 59 01 91  6e aa 4f c8  9e e4 64 58
|   fe b6 73 77  f1 57 76 dd  41 6e 54 c7  ca 16 68 8b
|   2f c0 ec 8b  75 c9 5e 42  db 1f 2d 57  90 8d ea 8c
|   9a 1e 83 b4  42 2e ec be  e6 a7 14 56  53 93 b8 76
|   86 be 38 21  1b 57 46 60  59 06 34 bc  48 c6 ba fd
|   6c a8 62 bf  32 fd 3b cb  f2 0f 16 fb  1e 4e 12 a9
|   1d f3 89 c3  ba b1 31 25  15 f6 84 36  37 4b 09 37
|   af 5e 3f b3  6b ed 75 27  5f b1 c1 bd  6e 1a 8a fb
|   29 5f 57 1f  4c e2 45 f6  8a 61 57 4f  c0 55 4a 5e
|   c4 bc 86 04  a6 62 48 bf  d6 06 10 31  f0 ca d2 1d
|   42 1b 8a 54  8f 67 72 5f  76 a7 79 64  67 5c 0f 66
|   c9 73 74 ae  e6 8a ae 20  b5 89 9f 90  f6 22 f6 73
|   02 ed 49 23  b9 68 6c 1a  fd 5d f0 92  e5 72 95 94
|   6b 7a df 78  05 0c 9f a9  f5 0b db 91  fc b3 db 67
|   49 b7 8e 9f  e8 6a 43 79  e7 40 7a 2b  12 2e 3f c9
|   8b 07 9d 67  1d 2c 94 5d  cf 75 6c fa  61 db 7c 83
|   94 f7 c6 09  8d e1 89 68  d3 eb 47 2c  09 6b 66 e5
|   04 f1 cb f6  b2 3a ee 3b  e7 e2 8c b9  b7 f1 b9 79
|   08 a3 32 94  2b 06 1a 8b  dc 40 ab 90  c3 1d d6 8b
|   bd 3c e0 f2  8e b1 4f de  3b 5f 71 37  fc 08 1e 8e
|   cd ee 30 33  b9 14 b3 28  ff fd d5 3c  0c d5 0c 53
|   cd 09 92 3d  7a 6e c8 a4  a1 c4 73 ab  27 a1 4a 26
|   db ae 82 97  7d 39 0d 6b  30 93 15 ba  59 9a fa 0f
|   49 a3 3c 62  f4 cb 85 7e  bd 6d ed ad  98 31 cc 31
|   2d ea f4 57  89 9f 70 27  f9 36 6b b5  3b d4 7b eb
|   a7 94 44 ed  af 51 45 68  21 a1 20 81  8a a5 71 e2
|   df 8c d5 2d  44 fa 34 4b  bd 1c c5
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SKF (0x35)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 1 (0x1)
|    length: 539 (0x21b)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_AUTH
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R1
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 in state PARENT_R1: received v2I1, sent v2R1
| Unpacking clear payload for svm: Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2IDi (0x23)
|    flags: none (0x0)
|    length: 511 (0x1ff)
|    fragment number: 1 (0x1)
|    total fragments: 5 (0x5)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| received IKE encrypted fragment number '1', total number '5', next payload '35'
|  updated IKE fragment state to respond using fragments without waiting for re-transmits
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| *received 539 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 02 00 05  7c 3c 14 cd  51 c1 be 60  2d 95 b1 8c
|   41 68 da 88  e4 ac c7 3b  f3 a7 b1 85  a3 8b af ba
|   e1 e4 d2 58  b6 6d d7 b4  f8 ee a7 bd  f6 6d 38 26
|   7d 9b 16 38  6b e5 c9 33  b5 86 34 e7  bf 43 1a 9f
|   9a be ff 4b  7c 1c c0 d0  58 ba 03 38  f2 c9 3b fa
|   ba 1b 06 b4  ad 16 19 39  57 e1 50 9a  c8 4c c4 e7
|   37 62 1a 7d  aa 56 ad 14  89 d5 39 35  0f 41 6f 3a
|   1e 8f 17 0d  d4 f3 b7 a9  55 c1 d3 24  e4 f2 80 4c
|   75 1b 0a cc  94 21 70 c1  80 2b 71 aa  73 83 38 a2
|   86 61 8d 08  d0 b9 07 98  94 07 87 1c  53 02 e4 36
|   49 98 d1 cc  51 77 bd 1c  aa c9 a6 47  6a d0 e2 a2
|   87 09 64 be  3e 61 c1 85  45 21 0a cc  c7 c9 67 b2
|   92 a3 e6 3d  86 2b 63 1c  d0 fc 38 b3  ce f4 cb 70
|   c9 b6 be a3  0f 64 e8 5f  72 ab 4c 79  c1 1a c0 97
|   2f c9 ff e4  18 6b 10 a5  09 c1 51 d3  44 e9 cc 6e
|   22 be b1 7d  fb b1 83 5b  e2 17 f8 ad  73 0c c2 29
|   66 9e 84 5c  f1 09 8a 8f  de 6b ca 07  79 1c 22 25
|   3a 82 44 6b  43 47 aa b1  aa f9 32 cd  a5 81 b8 4c
|   0a 80 a7 1d  cb a7 2a 2e  be a8 05 45  2e 25 80 1e
|   5d c6 39 3e  fa 2f 57 5c  84 4d b9 13  57 3d 32 dc
|   27 26 aa ba  8a 33 6f d1  00 34 f4 09  1f 48 74 ad
|   50 11 b4 4e  36 92 4e 82  8a df 65 99  dc 78 5a 29
|   13 1c dc 7b  51 f5 11 bd  c9 f2 7a a1  f2 ca 21 5a
|   74 2e c0 ea  95 16 69 c8  e3 66 0a 62  1a 17 4b e9
|   ef 6b cd bf  03 d9 6d ff  02 71 b7 d0  39 6f 4e d6
|   c1 9e 23 5e  c2 fe d9 c3  c3 3a 40 d0  76 db 01 6d
|   b4 95 b4 82  45 d9 9a c9  1b c9 b5 4a  53 63 b8 51
|   ba 32 a1 2b  de 47 f7 82  af ea 2a 0a  1c 50 6b 90
|   5a 49 d2 81  12 c9 1c 19  ca 6e 52 cd  22 66 8a 02
|   0c 64 2b 48  12 5f 85 77  69 a6 c2 a9  d3 6a 2a fc
|   7d 0a f0 da  57 3d 8d c3  8d 53 93 64  9a 92 ad b7
|   e7 38 5c 4f  25 38 25 ab  57 fc d9
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SKF (0x35)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 1 (0x1)
|    length: 539 (0x21b)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_AUTH
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R1
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 in state PARENT_R1: received v2I1, sent v2R1
| Unpacking clear payload for svm: Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 511 (0x1ff)
|    fragment number: 2 (0x2)
|    total fragments: 5 (0x5)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| received IKE encrypted fragment number '2', total number '5', next payload '0'
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| *received 539 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 03 00 05  ec d1 bd 85  a2 8e ff 4e  59 f1 36 37
|   34 b1 df 09  4e c9 47 c4  53 fb 0d 36  d6 63 d9 4a
|   21 25 ab e7  42 43 66 42  51 5b 55 90  73 a1 c1 3c
|   50 0a 56 ed  93 d0 7a fa  a7 ff 35 8a  a2 bc b6 c4
|   92 36 0a 3e  9a c2 c6 53  f1 e3 69 35  7c 3c 67 e5
|   78 70 b6 1b  7c ad 92 0e  b5 de 4e 56  e1 1b e2 3f
|   3c 42 94 a1  12 4c c6 93  77 ae 02 0c  f3 3d a8 6a
|   84 b0 a1 55  47 32 89 ab  bd 56 c6 ca  a0 9a 44 12
|   13 91 f0 07  b1 b0 c8 0a  b8 55 aa 6d  72 11 8a 8d
|   26 ff e8 3c  e9 76 1e 18  78 4f 0e d0  ff 89 1b cf
|   f8 17 dc 70  b1 06 eb cb  33 ca c7 b2  3e 2b fe 1b
|   fd d5 ea 6a  c6 66 c6 93  c5 27 a2 a4  db b3 c7 d3
|   e9 fc 1f 92  92 5a 6d 6d  a1 a4 de 46  c1 e5 89 a7
|   78 79 30 d1  70 5a 7f 0d  5e 6b 3a 9b  d1 32 e9 a4
|   f9 e6 d7 ae  f3 57 77 84  24 5f b0 6c  1f 2a 47 22
|   9b e3 b3 8f  f7 c1 13 71  30 f9 5c 24  4d 11 d7 10
|   f6 53 31 07  bd 7f 70 57  6f 51 65 69  dd 1e 85 83
|   66 e8 40 77  21 6d 42 1d  2d 85 0a 6b  52 fa d8 82
|   a3 10 7b 48  68 8e a1 fc  58 9b 95 fc  c8 cd c0 9b
|   41 b1 e8 03  7f c6 be 5f  b4 60 5f f8  9f ee db 34
|   c6 ae 84 a9  8b 04 78 ee  43 6f f6 cb  6e 97 91 22
|   f9 a2 35 ea  e1 99 be 8d  50 16 05 f5  4a 58 90 20
|   b8 e4 e4 2c  9d aa 7e ca  5d 22 39 7c  92 c7 2e ba
|   3d fb 3d c3  2b cd 15 c1  e1 e7 a3 2c  0c 81 23 ad
|   00 8a d0 c1  8e a4 2b a0  d9 98 b2 39  5d 63 5d bd
|   4a ee 5d 91  26 8f 5f f5  43 16 5f 84  50 d7 81 6c
|   37 1e 6c c9  2f 05 f0 55  c8 30 55 ee  4e 1d c2 da
|   94 dd 03 4e  af 2d 19 60  8c cd 77 f7  a8 9f b2 79
|   44 f0 31 dc  e6 87 81 6b  ec d8 98 7e  c4 6c cf 3d
|   24 ec 1c 21  c2 f4 90 d1  d1 45 7a 41  81 76 6a 53
|   32 98 7f e0  81 f9 8f 46  ee d4 6c 91  b5 3d 2a 81
|   f3 37 a0 15  e3 c3 54 00  f2 ce 3f
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SKF (0x35)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 1 (0x1)
|    length: 539 (0x21b)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_AUTH
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R1
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 in state PARENT_R1: received v2I1, sent v2R1
| Unpacking clear payload for svm: Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 511 (0x1ff)
|    fragment number: 3 (0x3)
|    total fragments: 5 (0x5)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| received IKE encrypted fragment number '3', total number '5', next payload '0'
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| *received 539 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 04 00 05  60 7e db 77  bb 60 f3 f6  ad c0 27 87
|   85 71 a5 e1  aa f6 ff dd  70 92 94 75  7d 75 44 14
|   59 21 5e 54  7b 7c 46 33  1c 2b 9a b8  cf e9 ae 0e
|   26 a8 5d bc  1b 8b cf 02  5d 0b 33 7f  9e 91 4e 77
|   cb 42 39 13  e5 77 62 94  7e 18 fa 1e  b3 dd 54 d6
|   d8 29 30 73  ca 4e e9 c6  43 83 e4 5a  eb 35 49 12
|   7d bb 22 38  3b b2 6e 32  ea e1 02 37  2c 1d bf 06
|   ce 1c c7 e8  e7 0c df ce  61 e8 75 9b  c3 e9 ab 65
|   0c 2f fc 8f  16 a5 d9 2a  a9 cb 71 80  b7 6e 44 fb
|   2c c3 ad bf  1a dd 31 bf  0a c0 01 99  4f 93 75 bd
|   44 0d c0 6d  2f 93 30 19  48 40 f8 b9  9a 34 da 69
|   84 83 73 bc  2c 33 ad 97  90 8f 9c 9a  e0 64 d8 a6
|   91 5c bd 38  58 7f 89 e5  59 fe b6 51  08 c8 12 c1
|   90 0d 72 75  fa 98 f6 a8  72 7d 60 9e  e9 5f 14 63
|   66 d2 06 9c  b4 42 85 74  4b 08 b1 26  3c 04 52 74
|   e3 ce e6 8e  74 f2 8e 27  14 66 7e 96  f7 96 39 0a
|   08 24 d3 d1  a9 e2 a4 af  2d 0e c5 70  f6 5a e3 ea
|   0b 6e 2c 7d  fb be c1 e8  c8 fe e7 6e  17 89 77 f6
|   3d 25 6f be  a2 65 39 48  91 86 0c b7  e0 87 c2 a4
|   93 63 f4 e6  53 56 0d 63  53 8b 5f 6a  40 c1 da 2b
|   57 7b ff 62  a8 bf f8 2e  7a 4d 2a b5  89 e5 23 c7
|   00 3a 41 ac  ab a8 c9 e8  b8 26 6f ae  a9 7b f1 ed
|   46 66 fc f9  af 21 d5 ca  00 84 03 25  e8 d6 ab dd
|   12 ae ac 1f  ba ca 14 ef  ac 29 a9 7e  ba d6 2e 39
|   0a c1 c5 87  82 f9 74 0c  51 9b a1 19  a7 b1 cb c1
|   ef bc 28 c6  dc 21 e8 36  d9 19 ea 69  63 e9 68 9d
|   18 bb dc a7  32 a3 f9 a1  cf 33 98 3f  69 a9 42 2f
|   0d ed 89 93  6d 97 2c 31  ab 0a df b6  c1 61 b4 bc
|   2e fc fc 91  5c 5b 62 d8  db 23 32 1d  67 98 1f 7d
|   21 b5 b2 d5  c1 fe dc de  49 0b c2 69  18 3b 12 ff
|   9a 3b 76 3c  96 9a c0 75  61 1a 03 53  e8 3e c5 02
|   85 71 ce 7f  6a 2b a5 f5  4b 06 9c
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SKF (0x35)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 1 (0x1)
|    length: 539 (0x21b)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_AUTH
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R1
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 in state PARENT_R1: received v2I1, sent v2R1
| Unpacking clear payload for svm: Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 511 (0x1ff)
|    fragment number: 4 (0x4)
|    total fragments: 5 (0x5)
| processing payload: ISAKMP_NEXT_v2SKF (len=503)
| received IKE encrypted fragment number '4', total number '5', next payload '0'
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| *received 216 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 00 d8  00 00 00 bc
|   00 05 00 05  79 4e 6b aa  60 52 f5 05  2d ba 96 fc
|   4b 3d 77 0a  a6 25 31 d9  6b 0f 95 95  c7 6c 62 f5
|   00 01 f1 e9  13 d9 bf 43  7c 53 42 a9  0c e2 f2 6f
|   41 3e c6 1e  8a 1f 74 13  cb 1b 93 29  83 2d 42 4e
|   2e 0b ab 14  59 99 c5 2f  e2 dc c3 b7  77 d5 2b 82
|   7b 8d 27 d5  d3 62 33 95  bd 1e 85 e4  d8 55 c0 cd
|   97 f0 22 a4  6c a5 fe 99  e8 b8 8e 30  ff 41 a0 56
|   4e 0f c0 3b  19 55 bf 5b  43 aa 03 01  96 25 c4 57
|   bf 0a 94 4d  2d 9f 1a a8  be d2 7a 4a  ab d6 01 c8
|   af be 33 d3  cc f8 f6 59  b3 7d f2 86  d9 44 dd 68
|   9b 90 86 09  bf 82 1c 03  d3 52 9c c0  44 84 68 8c
|   47 b4 43 8a  bf fa 73 6b
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SKF (0x35)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 1 (0x1)
|    length: 216 (0xd8)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35)
| I am receiving an IKEv2 Request ISAKMP_v2_IKE_AUTH
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R1
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 in state PARENT_R1: received v2I1, sent v2R1
| Unpacking clear payload for svm: Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with payload (ISAKMP_NEXT_v2SKF)
| ***parse IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 188 (0xbc)
|    fragment number: 5 (0x5)
|    total fragments: 5 (0x5)
| processing payload: ISAKMP_NEXT_v2SKF (len=180)
| received IKE encrypted fragment number '5', total number '5', next payload '0'
| selected state microcode Responder: process IKE_AUTH request (no SKEYSEED)
| Now let's proceed with state specific processing
| calling processor Responder: process IKE_AUTH request (no SKEYSEED)
| ikev2 parent inI2outR2: calculating g^{xy} in order to decrypt I2
| offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_512 integ=NONE cipherkey=AES_GCM_16
| start_dh_v2: reference skey_d_old-key@NULL
| DH secret MODP2048@0x7fbf90003a28: transferring ownership from state #1 to helper IKEv2 DH
| adding ikev2_inI2outR2 KE work-order 2 for state #1
| state #1 requesting EVENT_SO_DISCARD to be deleted
| free_event_entry: release EVENT_SO_DISCARD-pe@0x55c7806bea28
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c7806bea28
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60.000 seconds for #1
| backlog: inserting object 0x55c7807fa968 (work-order 2 state #1) entry 0x55c7807fa970 into list 0x55c77e37f7e0 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: inserted  object 0x55c7807fa968 (work-order 2 state #1) entry 0x55c7807fa970 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: list entry 0x55c77e37f7e0 is HEAD (older 0x55c7807fa970 newer 0x55c7807fa970)
| crypto helper 1 resuming
| backlog: removing  object 0x55c7807fa968 (work-order 2 state #1) entry 0x55c7807fa970 (older 0x55c77e37f7e0 newer 0x55c77e37f7e0)
| backlog: empty
| crypto helper 1 starting work-order 2 for state #1
| crypto helper 1 doing compute dh (V2); request ID 2
| peer's g:   a3 3b f9 9c  5a 97 81 5c  ee b9 2f d3  30 62 80 f8
| peer's g:   86 04 a0 1c  94 ac c2 8b  b3 8e e7 5f  7b e6 0d 11
| peer's g:   17 6a 08 63  1a d7 74 24  8a 8a a7 de  28 65 01 d7
| peer's g:   95 7f 3c 43  32 cf 16 50  f3 72 03 95  85 ae cf e0
| peer's g:   39 91 08 ea  5f f5 82 ee  0f 1f de 18  69 d8 84 6a
| peer's g:   e5 66 57 c8  ae 98 10 7b  16 6e 86 b2  62 c2 ec 85
| peer's g:   4e ac 92 32  7a 19 06 f1  2f b8 01 92  59 d3 2d 73
| peer's g:   2c 80 db bd  78 9e b3 ad  f2 90 9e c3  e2 f5 4e 88
| peer's g:   97 6a 1e 6a  58 ad 45 8f  14 af 63 16  3b 05 b4 79
| peer's g:   66 29 42 0c  8a 2b d7 e5  5b 06 4d 06  2b 16 20 08
| peer's g:   01 09 14 fe  5c d2 f7 c6  52 3a b3 2b  e3 1c b5 e3
| peer's g:   21 bf e7 f3  b4 c9 23 48  7d 4e 7f 1c  9c 79 e6 2e
| peer's g:   ac 29 2c 0d  86 59 e7 bb  71 8f c1 1b  97 80 98 19
| peer's g:   cf 65 ea 3c  41 83 fd cb  13 8a 74 b3  ff 67 ef 2f
| peer's g:   12 94 0c d4  fd 1c 80 35  d9 6c e0 64  56 b8 6f 8e
| peer's g:   67 cd b1 4f  79 fb 20 ff  63 95 3b ee  c6 36 66 8e
| Started DH shared-secret computation in NSS:
| NSS: PK11_PubDerive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     new g_ir-key@0x55c7806ae420, size: 256 bytes, type/mechanism: CONCATENATE_DATA_AND_BASE
| DH secret MODP2048@0x7fbf90003a28: computed shared DH secret key@0x55c7806ae420
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| dh-shared g^ir-key@0x55c7806ae420, size: 256 bytes, type/mechanism: CONCATENATE_DATA_AND_BASE
| NSS: Started key computation
| calculating skeyseed using prf=sha2_512 integ=none cipherkey-size=32 salt-size=4
| SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 init Ni | Nr-chunk@0x7fbf88001f18 (length 64)
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf88001f18 (64 bytes)
|       17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
|       9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
|       64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|       64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: Ni | Nr-key@0x55c7806b6e40, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b6e40, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: Ni | Nr-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: SHA512_HMAC
| Ni | Nr: release tmp-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| SKEYSEED = prf(Ni | Nr, g^ir) prf: created sha2_512 context 0x7fbf88002050 from Ni | Nr-key@0x55c7806b55c0
| SKEYSEED = prf(Ni | Nr, g^ir) prf: begin sha2_512 with context 0x7fbf88002050 from Ni | Nr-key@0x55c7806b55c0
| SKEYSEED = prf(Ni | Nr, g^ir): release clone-key@0x55c7806b55c0
| NSS: PK11_FreeSymKey
| SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 crypt-prf@0x7fbf88003c48
| NSS: PK11_GetKeyLength
| SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 update g^ir-key@0x55c7806ae420 (size 256)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 256 bytes of key@0x55c7806ae420
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806ae420, size: 256 bytes, type/mechanism: CONCATENATE_DATA_AND_BASE
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 256 bytes, type/mechanism: CONCATENATE_DATA_AND_BASE
| sizeof bytes 256
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)943153973: 14 8c 82 88  7d f3 51 68  8d 44 56 b3  4f 8d 5d ff  81 ee 9f ba  e0 e8 bd a2  93 f4 b4 5c  5f a0 98 32  c6 89 13 21  5d 22 d2 83  a0 26 fc 26  bf 13 fc 6d  08 cf d6 4f  1b ce 97 60  85 1a 4b 3a  69 06 d8 bd  c3 01 8c 5e  a1 e6 14 75  8a 66 a3 6b  8a 14 d2 bc  08 61 c6 51  cd 7a 2f 2e  67 b3 e1 37  fd d9 2a 60  b5 60 ad 12  a3 44 c6 2e  64 97 de b9  0b 18 8d 5a  a4 2d a0 25  94 89 32 f6  2a ee 87 39  d5 e8 8b 81  ae ec df 81  50 9c 56 cd  2e fe 62 1a  e8 1d 73 a3  fc 54 3a 95  2e 2d 97 41  e8 4e a0 61  4e 68 70 b0  97 5e 46 33  92 45 bc 26  87 a2 7c 57  50 5f c6 74  b3 c9 60 62  50 e8 81 5d  81 3a 32 14  92 36 35 97  97 f8 c0 0b  d1 5c f8 61  9a a3 8c 56  74 f0 16 4b  e8 30 2a ec  93 dd 23 51  c0 7e e9 6e  26 11 27 42  7b 09 c8 ff  5a d4 96 4a  c0 df ad ad  f1 8b ee 92  42 21 19 80  d8 33 0f cc  d4 fd 69 71  13 e5 4d 84
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 256 bytes at 0x7fbf88006318
| unwrapped:  33 fb 6f 2b  30 3f 90 a7  18 d0 b2 21  eb 35 c1 75
| unwrapped:  0a 78 58 be  0b 5d 43 9a  47 13 35 8c  be 14 6e 65
| unwrapped:  d2 be ad 92  a5 a3 fa 95  17 91 de 63  2f 2f 6a f9
| unwrapped:  7a 02 cc 60  86 ee 2f e0  4b 55 47 f2  3c 39 b9 23
| unwrapped:  aa 77 61 17  1e 1a 03 5c  b2 90 73 2e  28 db e8 75
| unwrapped:  9a 13 40 9d  fb ab 97 70  17 1e 0d 7d  6f d4 dd e9
| unwrapped:  b5 34 51 4a  79 87 02 65  5b 47 37 42  8b a0 60 ea
| unwrapped:  75 94 15 66  b8 d7 71 cf  cb d0 1f 74  63 4b 20 83
| unwrapped:  77 b8 8f fa  c8 93 4d b8  2b dc 38 13  87 05 07 92
| unwrapped:  1f c3 6e 28  42 bc 2b 5f  69 17 e7 58  e6 e8 ac 62
| unwrapped:  72 7c a2 ab  ca 89 1b d5  fb e8 58 00  1d 8b 8f e1
| unwrapped:  64 94 c3 6c  93 a7 04 26  9c c6 39 f2  4b ef ce bc
| unwrapped:  e1 06 b7 05  f5 9d 46 a6  94 45 91 24  45 4d 01 bf
| unwrapped:  64 38 6d 6d  e6 af c8 1a  38 d0 84 26  25 89 df 9f
| unwrapped:  dc 7b 1e 74  0d ca b6 7f  1f 2c a3 22  fe 9a 2e b9
| unwrapped:  57 52 de 85  79 49 95 bb  5c 89 30 d3  4c 97 11 c0
| SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf88001f18 (64 bytes)
|       97 b6 48 b5  f6 69 34 f2  b3 2f 46 5d  9e 25 02 cf
|       e4 c3 0a 0e  10 24 39 60  fe 1c e1 b4  b6 18 f8 6e
|       71 d1 34 82  42 9c 9d ff  eb 45 75 5d  6c 2b 24 50
|       a6 19 0f 27  84 dd 0a cd  a9 0c 5b 6d  ad 19 80 30
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b6e40, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b6e40, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 final-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x55c7807fa9c0 (32 bytes)
|       17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
|       9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: data-key@0x55c7806afc00, size: 48 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806afc00, size: 48 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 32
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: data-key@0x55c7806b6e40, size: 32 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| data: release tmp-key@0x55c7806afc00
| NSS: PK11_FreeSymKey
| NSS: PK11_GetMechanism
| CONCATENATE_BASE_AND_DATA:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806b6e40, size: 32 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     data-bytes@0x55c7807fa9e0 (32 bytes)
|       64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|       64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806afc00, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_bytes: release lhs-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetMechanism
| CONCATENATE_BASE_AND_DATA:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806afc00, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     data-bytes@0x55c7807fb440 (8 bytes)
|       84 ef af 3b  c7 ff b0 7d
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806b6e40, size: 72 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_bytes: release lhs-key@0x55c7806afc00
| NSS: PK11_FreeSymKey
| NSS: PK11_GetMechanism
| CONCATENATE_BASE_AND_DATA:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806b6e40, size: 72 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     data-bytes@0x55c7807fb448 (8 bytes)
|       1d c6 2d a1  c4 09 35 20
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_bytes: release lhs-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+0 prf: created sha2_512 context 0x7fbf88001ef0 from key-key@0x55c7806b6e40
| prf+0 prf: begin sha2_512 with context 0x7fbf88001ef0 from key-key@0x55c7806b6e40
| prf+0: release clone-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| prf+0 PRF sha2_512 crypt-prf@0x7fbf88003c48
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 update seed-key@0x55c7806afc00 (size 80)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 80 bytes of key@0x55c7806afc00
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 80
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a  ba 46 e0 49  7d c2 0b 02  9e 31 e1 19  c1 aa 2b 36
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 80 bytes at 0x7fbf88009898
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| unwrapped:  84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
| prf+0 PRF sha2_512 update 1++-byte@0x1 (1)
| prf+0 PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf88002078 (64 bytes)
|       43 a3 5a 82  12 7f 90 65  d5 30 39 00  25 1b 8a cc
|       a7 46 ee 56  ee 73 0c 28  14 05 6e d5  b9 a7 e1 06
|       d0 0a 62 4e  a4 a6 4f 9e  f9 6c 79 24  ea d5 af 0d
|       2e 25 62 2c  26 e1 dd 3a  96 a9 b2 ca  7f 1d 94 88
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b7180, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b7180, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 final-key@0x55c7806b6e40 (size 64)
| ikev2_prfplus: reference old_t[1]-key@0x55c7806b6e40
| NSS: PK11_ReferenceSymKey
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c7806b7180, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+N prf: created sha2_512 context 0x7fbf88002050 from key-key@0x55c7806b7180
| prf+N prf: begin sha2_512 with context 0x7fbf88002050 from key-key@0x55c7806b7180
| prf+N: release clone-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| prf+N PRF sha2_512 crypt-prf@0x7fbf88001898
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update old_t-key@0x55c7806b6e40 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806b6e40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 6b b9 f9 64  87 e3 27 cc  11 f6 97 c0  dc 1d 7f d6  a2 14 87 ad  42 d0 57 7f  2b 57 99 e0  e5 88 70 bf  ce b7 c9 75  78 64 e6 52  c5 78 0e ab  c1 fe 04 d2  99 93 a0 80  c7 49 e7 df  44 71 d8 16  13 ab 4f 0b
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x7fbf8800b4a8
| unwrapped:  43 a3 5a 82  12 7f 90 65  d5 30 39 00  25 1b 8a cc
| unwrapped:  a7 46 ee 56  ee 73 0c 28  14 05 6e d5  b9 a7 e1 06
| unwrapped:  d0 0a 62 4e  a4 a6 4f 9e  f9 6c 79 24  ea d5 af 0d
| unwrapped:  2e 25 62 2c  26 e1 dd 3a  96 a9 b2 ca  7f 1d 94 88
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update seed-key@0x55c7806afc00 (size 80)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 80 bytes of key@0x55c7806afc00
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 80
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a  ba 46 e0 49  7d c2 0b 02  9e 31 e1 19  c1 aa 2b 36
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 80 bytes at 0x7fbf88009618
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| unwrapped:  84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
| prf+N PRF sha2_512 update N++-byte@0x2 (2)
| prf+N PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf8800b4a8 (64 bytes)
|       ad 8e fa 21  d2 b9 5d 41  01 de f5 7b  35 17 5e 78
|       98 ed e2 5f  df b9 38 33  4d 84 18 b9  27 89 66 9a
|       74 55 c3 07  3a 9d 80 ea  ff 89 9e 47  85 b0 43 39
|       2e 35 14 e6  7d 22 23 d4  5e 43 eb 4d  9d 24 29 a7
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x7fbf880098f0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf880098f0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 final-key@0x55c7806b7180 (size 64)
| NSS: PK11_GetMechanism
| NSS: PK11_GetSymKeyHandle
| CONCATENATE_BASE_AND_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x7fbf880098f0, size: 128 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_symkey: release lhs-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| ikev2_prfplus: release old_t[N]-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+N prf: created sha2_512 context 0x7fbf8800b480 from key-key@0x55c7806b6e40
| prf+N prf: begin sha2_512 with context 0x7fbf8800b480 from key-key@0x55c7806b6e40
| prf+N: release clone-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| prf+N PRF sha2_512 crypt-prf@0x7fbf88001898
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update old_t-key@0x55c7806b7180 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806b7180
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 80 f1 87 c8  2e 74 7c 5d  be 20 82 2b  34 8f a1 44  7f b0 5e 3b  14 03 90 fb  30 3f 1d f9  ba dc cf 7b  8c 77 22 4d  54 3f 65 b9  a3 29 f6 0d  a9 a4 b2 b3  f2 32 69 55  19 d2 f8 4a  91 1d 70 46  a1 6b b4 70
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x7fbf88001f18
| unwrapped:  ad 8e fa 21  d2 b9 5d 41  01 de f5 7b  35 17 5e 78
| unwrapped:  98 ed e2 5f  df b9 38 33  4d 84 18 b9  27 89 66 9a
| unwrapped:  74 55 c3 07  3a 9d 80 ea  ff 89 9e 47  85 b0 43 39
| unwrapped:  2e 35 14 e6  7d 22 23 d4  5e 43 eb 4d  9d 24 29 a7
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update seed-key@0x55c7806afc00 (size 80)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 80 bytes of key@0x55c7806afc00
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 80
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a  ba 46 e0 49  7d c2 0b 02  9e 31 e1 19  c1 aa 2b 36
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 80 bytes at 0x7fbf88009898
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| unwrapped:  84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
| prf+N PRF sha2_512 update N++-byte@0x3 (3)
| prf+N PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf88001f18 (64 bytes)
|       d8 d4 6f e3  47 5e 93 0d  35 35 27 b6  92 82 57 15
|       ea 16 07 85  7e 42 76 38  29 ee 2a 98  e0 da a4 4f
|       27 15 eb 7d  12 48 ec 74  4f 8b 60 44  c7 49 3b b0
|       71 42 77 bb  09 77 0a 16  00 58 ff 6a  fc 70 52 16
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x7fbf8800b280, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 final-key@0x55c7806b6e40 (size 64)
| NSS: PK11_GetMechanism
| NSS: PK11_GetSymKeyHandle
| CONCATENATE_BASE_AND_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x7fbf880098f0, size: 128 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x7fbf8800b280, size: 192 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_symkey: release lhs-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| ikev2_prfplus: release old_t[N]-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| #1 complete v2 state transition from PARENT_R1 to PARENT_R1 with status STF_SUSPEND
| suspending state #1 and saving MD
| #1 is busy; has a suspended MD
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:2901)
| "ikev2-westnet-eastnet-x509-cr" #1 complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3067
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c7806b7180, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+N prf: created sha2_512 context 0x7fbf88001ef0 from key-key@0x55c7806b7180
| prf+N prf: begin sha2_512 with context 0x7fbf88001ef0 from key-key@0x55c7806b7180
| prf+N: release clone-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| prf+N PRF sha2_512 crypt-prf@0x7fbf88001898
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update old_t-key@0x55c7806b6e40 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806b6e40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: be 4d 1e 88  3f b4 6b 5c  bd bd b0 14  f8 8d 4e 7b  d3 7d 0f 55  a5 8b 44 81  e1 0f 79 a7  34 ef 18 24  49 e5 7e e9  71 b1 49 23  a1 3b 89 51  87 28 8e 79  c9 4b 76 e7  1a a2 09 d5  9a ae 3d 24  fb a3 e6 65
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x7fbf88002078
| unwrapped:  d8 d4 6f e3  47 5e 93 0d  35 35 27 b6  92 82 57 15
| unwrapped:  ea 16 07 85  7e 42 76 38  29 ee 2a 98  e0 da a4 4f
| unwrapped:  27 15 eb 7d  12 48 ec 74  4f 8b 60 44  c7 49 3b b0
| unwrapped:  71 42 77 bb  09 77 0a 16  00 58 ff 6a  fc 70 52 16
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update seed-key@0x55c7806afc00 (size 80)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 80 bytes of key@0x55c7806afc00
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 80
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a  ba 46 e0 49  7d c2 0b 02  9e 31 e1 19  c1 aa 2b 36
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 80 bytes at 0x7fbf88009618
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| unwrapped:  84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
| prf+N PRF sha2_512 update N++-byte@0x4 (4)
| prf+N PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf88002078 (64 bytes)
|       86 55 3e 69  a8 77 28 e4  b2 3b 0c 45  ee f9 38 11
|       8b 1a 4a 94  41 9c ea 58  55 f3 03 06  70 0d 83 72
|       cc 9e 67 85  ee 46 5c 90  db 50 f8 a5  22 ac ba 77
|       11 b8 ab ab  84 6a 3d a6  a1 cd 55 79  79 00 ca 59
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x7fbf880098f0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf880098f0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 final-key@0x55c7806b7180 (size 64)
| NSS: PK11_GetMechanism
| NSS: PK11_GetSymKeyHandle
| CONCATENATE_BASE_AND_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x7fbf8800b280, size: 192 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x7fbf880098f0, size: 256 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_symkey: release lhs-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| ikev2_prfplus: release old_t[N]-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+N prf: created sha2_512 context 0x7fbf88002050 from key-key@0x55c7806b6e40
| prf+N prf: begin sha2_512 with context 0x7fbf88002050 from key-key@0x55c7806b6e40
| prf+N: release clone-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| prf+N PRF sha2_512 crypt-prf@0x7fbf88001898
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update old_t-key@0x55c7806b7180 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806b7180
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 9e a0 0f 80  6d 8c 88 c6  c5 8c ca 9b  a0 8c 4b 7b  bf db 3e f8  12 2f 68 21  51 1e 28 c1  c9 cf b6 41  53 43 98 a9  99 69 bd 72  48 0f 5d 5e  31 de d8 a3  32 ff 1b 62  36 c9 cb b4  cd 9d f8 40  a3 d9 c7 f6
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x7fbf8800b4a8
| unwrapped:  86 55 3e 69  a8 77 28 e4  b2 3b 0c 45  ee f9 38 11
| unwrapped:  8b 1a 4a 94  41 9c ea 58  55 f3 03 06  70 0d 83 72
| unwrapped:  cc 9e 67 85  ee 46 5c 90  db 50 f8 a5  22 ac ba 77
| unwrapped:  11 b8 ab ab  84 6a 3d a6  a1 cd 55 79  79 00 ca 59
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update seed-key@0x55c7806afc00 (size 80)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 80 bytes of key@0x55c7806afc00
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806afc00, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 80
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a  ba 46 e0 49  7d c2 0b 02  9e 31 e1 19  c1 aa 2b 36
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 80 bytes at 0x7fbf88009898
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| unwrapped:  84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
| prf+N PRF sha2_512 update N++-byte@0x5 (5)
| prf+N PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x7fbf8800b4a8 (64 bytes)
|       d9 8a df 2a  fb c8 49 a5  85 42 b8 eb  8e 5c e9 e7
|       33 df ae 15  75 da d2 51  82 c8 28 20  94 3c 2f 52
|       0e ff 9a da  e2 cb 01 86  cd ec 04 bd  fa 72 4c de
|       6c 5a 71 41  3c 3d b7 2a  5d be 9e df  97 70 3a bf
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x7fbf8800b280, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 final-key@0x55c7806b6e40 (size 64)
| NSS: PK11_GetMechanism
| NSS: PK11_GetSymKeyHandle
| CONCATENATE_BASE_AND_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x7fbf880098f0, size: 256 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b6e40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_symkey: release lhs-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| ikev2_prfplus: release old_t[N]-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| ikev2_prfplus: release old_t[final]-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| ikev2_ike_sa_keymat: release data-key@0x55c7806afc00
| NSS: PK11_FreeSymKey
| calc_skeyseed_v2: release skeyseed_k-key@0x55c7806b55c0
| NSS: PK11_FreeSymKey
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 64, key-size: 0
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
|     result: : result-key@NULL
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 64, key-size: 0
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
|     result: : result-key@NULL
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 64, key-size: 32
|     -> flags: ENCRYPT+DECRYPT target: AES_GCM
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: SK_ei_k-key@0x55c7806afc00, size: 32 bytes, type/mechanism: AES_GCM
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 96, key-size: 4
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806b6e40, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| initiator salt extracting all 4 bytes of key@0x55c7806b6e40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| initiator saltsymkey-key@0x55c7806b6e40, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| initiator saltnew slot-key@0x55c7806b2210, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 16
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: cb 2e 23 a2  51 ce f0 fd  c5 26 d9 1e  ff 18 ff cc
| NSS: PK11_Decrypt
| initiator salt: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| initiator salt extracted len 16 bytes at 0x7fbf88007d58
| unwrapped:  74 55 c3 07  00 00 00 00  00 00 00 00  00 00 00 00
| calc_skeyseed_v2: release initiator-salt-key-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 100, key-size: 32
|     -> flags: ENCRYPT+DECRYPT target: AES_GCM
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: SK_er_k-key@0x55c7806b6e40, size: 32 bytes, type/mechanism: AES_GCM
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 132, key-size: 4
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806b7180, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| responder salt extracting all 4 bytes of key@0x55c7806b7180
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| responder saltsymkey-key@0x55c7806b7180, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| responder saltnew slot-key@0x55c7806b2210, size: 4 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 16
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: be 53 b4 58  b6 c0 a0 1a  ed 77 60 a6  61 dd ed ae
| NSS: PK11_Decrypt
| responder salt: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| responder salt extracted len 16 bytes at 0x7fbf88001268
| unwrapped:  47 5e 93 0d  00 00 00 00  00 00 00 00  00 00 00 00
| calc_skeyseed_v2: release responder-salt-key-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 136, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| chunk_SK_pi extracting all 64 bytes of key@0x55c7806b7180
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| chunk_SK_pisymkey-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| chunk_SK_pinew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: 8e a7 96 c0  ae ec c6 0e  db 04 27 a7  72 e9 1a 00  6b 0f 2b b0  3e c9 81 36  86 71 2c 82  c4 b5 21 36  ef 37 9d 57  71 fb d5 2c  21 7a aa 32  97 0c ae fc  54 7a b2 5d  59 88 04 57  f1 98 03 29  87 a6 94 bc
| NSS: PK11_Decrypt
| chunk_SK_pi: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| chunk_SK_pi extracted len 64 bytes at 0x7fbf88002078
| unwrapped:  35 35 27 b6  92 82 57 15  ea 16 07 85  7e 42 76 38
| unwrapped:  29 ee 2a 98  e0 da a4 4f  27 15 eb 7d  12 48 ec 74
| unwrapped:  4f 8b 60 44  c7 49 3b b0  71 42 77 bb  09 77 0a 16
| unwrapped:  00 58 ff 6a  fc 70 52 16  86 55 3e 69  a8 77 28 e4
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf8800b280, size: 320 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 200, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x7fbf880098f0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| chunk_SK_pr extracting all 64 bytes of key@0x7fbf880098f0
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| chunk_SK_prsymkey-key@0x7fbf880098f0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| chunk_SK_prnew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: 67 a9 aa 0e  c8 df 2c 39  5b 1a 36 84  95 28 2f 11  4d 41 b1 fe  70 0a fe f9  bf e5 8a 10  7d 70 d4 18  ca 8e b7 cc  0e 20 f0 ea  68 1b 21 6d  74 1e 60 91  ec bf 34 8e  d0 b0 10 8d  1a af df 77  87 d3 2c 6c
| NSS: PK11_Decrypt
| chunk_SK_pr: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| chunk_SK_pr extracted len 64 bytes at 0x7fbf88001f18
| unwrapped:  b2 3b 0c 45  ee f9 38 11  8b 1a 4a 94  41 9c ea 58
| unwrapped:  55 f3 03 06  70 0d 83 72  cc 9e 67 85  ee 46 5c 90
| unwrapped:  db 50 f8 a5  22 ac ba 77  11 b8 ab ab  84 6a 3d a6
| unwrapped:  a1 cd 55 79  79 00 ca 59  d9 8a df 2a  fb c8 49 a5
| NSS ikev2: finished computing individual keys for IKEv2 SA
| calc_skeyseed_v2: release finalkey-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| calc_skeyseed_v2 pointers: shared-key@0x55c7806ae420, SK_d-key@0x55c7806b55c0, SK_ai-key@(nil), SK_ar-key@(nil), SK_ei-key@0x55c7806afc00, SK_er-key@0x55c7806b6e40, SK_pi-key@0x55c7806b7180, SK_pr-key@0x7fbf880098f0
| calc_skeyseed_v2 initiator salt
|   74 55 c3 07
| calc_skeyseed_v2 responder salt
|   47 5e 93 0d
| calc_skeyseed_v2 SK_pi
|   35 35 27 b6  92 82 57 15  ea 16 07 85  7e 42 76 38
|   29 ee 2a 98  e0 da a4 4f  27 15 eb 7d  12 48 ec 74
|   4f 8b 60 44  c7 49 3b b0  71 42 77 bb  09 77 0a 16
|   00 58 ff 6a  fc 70 52 16  86 55 3e 69  a8 77 28 e4
| calc_skeyseed_v2 SK_pr
|   b2 3b 0c 45  ee f9 38 11  8b 1a 4a 94  41 9c ea 58
|   55 f3 03 06  70 0d 83 72  cc 9e 67 85  ee 46 5c 90
|   db 50 f8 a5  22 ac ba 77  11 b8 ab ab  84 6a 3d a6
|   a1 cd 55 79  79 00 ca 59  d9 8a df 2a  fb c8 49 a5
| crypto helper 1 finished compute dh (V2); request ID 2 time elapsed 0.049 seconds
| crypto helper 1 sending results from work-order 2 for state #1 to event queue
| scheduling now-event sending helper answer for #1
| executing now-event sending helper answer for 1
| serialno table: hash serialno #1 to head 0x55c77e373c40
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in schedule_event_now_cb() at server.c:546)
| crypto helper 1 replies to request ID 2
| calling continuation function 0x55c77e078530
| ikev2_parent_inI2outR2_continue for #1: calculating g^{xy}, sending R2
| DH secret MODP2048@0x7fbf90003a28: transferring ownership from helper IKEv2 DH to state #1
| finish_dh_v2: release st_shared_nss-key@NULL
| #1 in state PARENT_R1: received v2I1, sent v2R1
| already have all fragments, skipping fragment collection
| already have all fragments, skipping fragment collection
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   3f ff 5f 1c  96 9e 64 00
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  23 00 01 ff
|   00 01 00 05
| data before authenticated decryption:
|   37 17 cd eb  e5 10 ee cc  e0 b3 3c 83  15 37 74 47
|   3e 06 65 12  ed 99 8c 46  f8 16 66 3a  60 44 f4 86
|   9c 0d 79 9b  d7 f3 60 71  55 3b b8 20  78 3a 66 1a
|   ec cf ef b1  6e 23 55 9c  4f af b1 eb  b7 8a 35 d8
|   26 30 c4 cb  79 63 ae e9  fb 59 01 91  6e aa 4f c8
|   9e e4 64 58  fe b6 73 77  f1 57 76 dd  41 6e 54 c7
|   ca 16 68 8b  2f c0 ec 8b  75 c9 5e 42  db 1f 2d 57
|   90 8d ea 8c  9a 1e 83 b4  42 2e ec be  e6 a7 14 56
|   53 93 b8 76  86 be 38 21  1b 57 46 60  59 06 34 bc
|   48 c6 ba fd  6c a8 62 bf  32 fd 3b cb  f2 0f 16 fb
|   1e 4e 12 a9  1d f3 89 c3  ba b1 31 25  15 f6 84 36
|   37 4b 09 37  af 5e 3f b3  6b ed 75 27  5f b1 c1 bd
|   6e 1a 8a fb  29 5f 57 1f  4c e2 45 f6  8a 61 57 4f
|   c0 55 4a 5e  c4 bc 86 04  a6 62 48 bf  d6 06 10 31
|   f0 ca d2 1d  42 1b 8a 54  8f 67 72 5f  76 a7 79 64
|   67 5c 0f 66  c9 73 74 ae  e6 8a ae 20  b5 89 9f 90
|   f6 22 f6 73  02 ed 49 23  b9 68 6c 1a  fd 5d f0 92
|   e5 72 95 94  6b 7a df 78  05 0c 9f a9  f5 0b db 91
|   fc b3 db 67  49 b7 8e 9f  e8 6a 43 79  e7 40 7a 2b
|   12 2e 3f c9  8b 07 9d 67  1d 2c 94 5d  cf 75 6c fa
|   61 db 7c 83  94 f7 c6 09  8d e1 89 68  d3 eb 47 2c
|   09 6b 66 e5  04 f1 cb f6  b2 3a ee 3b  e7 e2 8c b9
|   b7 f1 b9 79  08 a3 32 94  2b 06 1a 8b  dc 40 ab 90
|   c3 1d d6 8b  bd 3c e0 f2  8e b1 4f de  3b 5f 71 37
|   fc 08 1e 8e  cd ee 30 33  b9 14 b3 28  ff fd d5 3c
|   0c d5 0c 53  cd 09 92 3d  7a 6e c8 a4  a1 c4 73 ab
|   27 a1 4a 26  db ae 82 97  7d 39 0d 6b  30 93 15 ba
|   59 9a fa 0f  49 a3 3c 62  f4 cb 85 7e  bd 6d ed ad
|   98 31 cc 31  2d ea f4 57  89 9f 70 27  f9 36 6b b5
|   3b d4 7b eb  a7 94 44 ed  af 51 45 68  21 a1 20
| integ before authenticated decryption:
|   81 8a a5 71  e2 df 8c d5  2d 44 fa 34  4b bd 1c c5
| data after authenticated decryption:
|   25 00 00 bf  09 00 00 00  30 81 b4 31  0b 30 09 06
|   03 55 04 06  13 02 43 41  31 10 30 0e  06 03 55 04
|   08 0c 07 4f  6e 74 61 72  69 6f 31 10  30 0e 06 03
|   55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
|   06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
|   31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
|   44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
|   55 04 03 0c  1a 77 65 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
|   2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
|   75 73 65 72  2d 77 65 73  74 40 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 27
|   00 04 d0 04  30 82 04 c7  30 82 04 30  a0 03 02 01
|   02 02 01 04  30 0d 06 09  2a 86 48 86  f7 0d 01 01
|   0b 05 00 30  81 ac 31 0b  30 09 06 03  55 04 06 13
|   02 43 41 31  10 30 0e 06  03 55 04 08  0c 07 4f 6e
|   74 61 72 69  6f 31 10 30  0e 06 03 55  04 07 0c 07
|   54 6f 72 6f  6e 74 6f 31  12 30 10 06  03 55 04 0a
|   0c 09 4c 69  62 72 65 73  77 61 6e 31  18 30 16 06
|   03 55 04 0b  0c 0f 54 65  73 74 20 44  65 70 61 72
|   74 6d 65 6e  74 31 25 30  23 06 03 55  04 03 0c 1c
|   4c 69 62 72  65 73 77 61  6e 20 74 65  73 74 20 43
|   41 20 66 6f  72 20 6d 61  69 6e 63 61  31 24 30 22
|   06 09 2a 86  48 86 f7 0d  01 09 01 16  15 74 65 73
|   74 69 6e 67  40 6c 69 62  72 65 73 77  61 6e 2e 6f
|   72 67 30 22  18 0f 32 30  31 38 31 32  31 38 31 39
|   35 36 31 33  5a 18 0f 32  30 32 31 31  32 31 37 31
|   39 35 36 31  33 5a 30 81  b4 31 0b 30  09 06 03 55
|   04 06 13 02  43 41 31 10  30 0e 06 03  55 04 08 0c
|   07 4f 6e 74  61 72 69 6f  31 10 30 0e  06 03 00 81
|   8a a5 71 e2  df 8c d5 2d  44 fa 34 4b  bd 1c c5
| stripping 1 octets as pad
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   7c 3c 14 cd  51 c1 be 60
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 02 00 05
| data before authenticated decryption:
|   2d 95 b1 8c  41 68 da 88  e4 ac c7 3b  f3 a7 b1 85
|   a3 8b af ba  e1 e4 d2 58  b6 6d d7 b4  f8 ee a7 bd
|   f6 6d 38 26  7d 9b 16 38  6b e5 c9 33  b5 86 34 e7
|   bf 43 1a 9f  9a be ff 4b  7c 1c c0 d0  58 ba 03 38
|   f2 c9 3b fa  ba 1b 06 b4  ad 16 19 39  57 e1 50 9a
|   c8 4c c4 e7  37 62 1a 7d  aa 56 ad 14  89 d5 39 35
|   0f 41 6f 3a  1e 8f 17 0d  d4 f3 b7 a9  55 c1 d3 24
|   e4 f2 80 4c  75 1b 0a cc  94 21 70 c1  80 2b 71 aa
|   73 83 38 a2  86 61 8d 08  d0 b9 07 98  94 07 87 1c
|   53 02 e4 36  49 98 d1 cc  51 77 bd 1c  aa c9 a6 47
|   6a d0 e2 a2  87 09 64 be  3e 61 c1 85  45 21 0a cc
|   c7 c9 67 b2  92 a3 e6 3d  86 2b 63 1c  d0 fc 38 b3
|   ce f4 cb 70  c9 b6 be a3  0f 64 e8 5f  72 ab 4c 79
|   c1 1a c0 97  2f c9 ff e4  18 6b 10 a5  09 c1 51 d3
|   44 e9 cc 6e  22 be b1 7d  fb b1 83 5b  e2 17 f8 ad
|   73 0c c2 29  66 9e 84 5c  f1 09 8a 8f  de 6b ca 07
|   79 1c 22 25  3a 82 44 6b  43 47 aa b1  aa f9 32 cd
|   a5 81 b8 4c  0a 80 a7 1d  cb a7 2a 2e  be a8 05 45
|   2e 25 80 1e  5d c6 39 3e  fa 2f 57 5c  84 4d b9 13
|   57 3d 32 dc  27 26 aa ba  8a 33 6f d1  00 34 f4 09
|   1f 48 74 ad  50 11 b4 4e  36 92 4e 82  8a df 65 99
|   dc 78 5a 29  13 1c dc 7b  51 f5 11 bd  c9 f2 7a a1
|   f2 ca 21 5a  74 2e c0 ea  95 16 69 c8  e3 66 0a 62
|   1a 17 4b e9  ef 6b cd bf  03 d9 6d ff  02 71 b7 d0
|   39 6f 4e d6  c1 9e 23 5e  c2 fe d9 c3  c3 3a 40 d0
|   76 db 01 6d  b4 95 b4 82  45 d9 9a c9  1b c9 b5 4a
|   53 63 b8 51  ba 32 a1 2b  de 47 f7 82  af ea 2a 0a
|   1c 50 6b 90  5a 49 d2 81  12 c9 1c 19  ca 6e 52 cd
|   22 66 8a 02  0c 64 2b 48  12 5f 85 77  69 a6 c2 a9
|   d3 6a 2a fc  7d 0a f0 da  57 3d 8d c3  8d 53 93
| integ before authenticated decryption:
|   64 9a 92 ad  b7 e7 38 5c  4f 25 38 25  ab 57 fc d9
| data after authenticated decryption:
|   55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
|   06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
|   31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
|   44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
|   55 04 03 0c  1a 77 65 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
|   2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
|   75 73 65 72  2d 77 65 73  74 40 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 30
|   82 01 a2 30  0d 06 09 2a  86 48 86 f7  0d 01 01 01
|   05 00 03 82  01 8f 00 30  82 01 8a 02  82 01 81 00
|   b9 c8 1e 7d  d9 ba f5 5e  b2 61 22 34  58 73 e1 02
|   39 24 01 26  65 c5 e3 94  59 a5 94 b5  28 61 05 54
|   95 4d 49 08  2c 2f a0 6a  a5 5e fd 31  4d 85 cd 92
|   48 e0 cd 68  37 34 6f 2d  e2 e3 77 ed  79 ff 4b 09
|   fb f3 51 d9  d3 9e 9f 33  8c fd b4 1d  da dc 42 c6
|   9d 69 48 81  e6 55 6d c4  c5 b7 b1 6d  1b 2c a5 c8
|   fa c7 15 18  77 4b dd 3c  aa 67 f7 4c  6b 52 83 0e
|   f2 4d 4b 32  77 2e 71 47  ff a8 f7 78  f5 1e e6 e7
|   28 2e 1b c0  ea c0 a0 aa  04 d3 15 80  e0 d4 8e 30
|   d4 1f 70 3a  90 31 b7 c7  37 95 af f1  ea 87 dd a4
|   d4 07 b6 44  be bc 36 7a  fc 5d 88 06  52 c4 61 08
|   dc 2c 23 49  38 b9 a8 1c  c3 2a 02 36  47 cb 32 cd
|   87 af d8 74  4b 21 7c 07  9a f8 0e d4  2c 5f 56 e3
|   1c 81 3c 67  94 32 e4 e9  59 70 c2 3b  6b d2 64 5c
|   83 42 f8 44  8c ad 97 d3  49 23 07 00  a5 dd 46 43
|   d0 8b 64 b3  93 22 a2 19  c7 e8 a1 95  05 1a e0 10
|   9b b7 32 50  7f 2e d0 77  bf 74 b5 29  94 61 1a 85
|   9e 35 e6 02  71 12 3d da  17 12 b2 29  56 ec a3 86
|   53 4f 1e 33  2d 86 0f 79  67 3b 86 af  cc 5c 00 64
|   9a 92 ad b7  e7 38 5c 4f  25 38 25 ab  57 fc d9
| stripping 1 octets as pad
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   ec d1 bd 85  a2 8e ff 4e
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 03 00 05
| data before authenticated decryption:
|   59 f1 36 37  34 b1 df 09  4e c9 47 c4  53 fb 0d 36
|   d6 63 d9 4a  21 25 ab e7  42 43 66 42  51 5b 55 90
|   73 a1 c1 3c  50 0a 56 ed  93 d0 7a fa  a7 ff 35 8a
|   a2 bc b6 c4  92 36 0a 3e  9a c2 c6 53  f1 e3 69 35
|   7c 3c 67 e5  78 70 b6 1b  7c ad 92 0e  b5 de 4e 56
|   e1 1b e2 3f  3c 42 94 a1  12 4c c6 93  77 ae 02 0c
|   f3 3d a8 6a  84 b0 a1 55  47 32 89 ab  bd 56 c6 ca
|   a0 9a 44 12  13 91 f0 07  b1 b0 c8 0a  b8 55 aa 6d
|   72 11 8a 8d  26 ff e8 3c  e9 76 1e 18  78 4f 0e d0
|   ff 89 1b cf  f8 17 dc 70  b1 06 eb cb  33 ca c7 b2
|   3e 2b fe 1b  fd d5 ea 6a  c6 66 c6 93  c5 27 a2 a4
|   db b3 c7 d3  e9 fc 1f 92  92 5a 6d 6d  a1 a4 de 46
|   c1 e5 89 a7  78 79 30 d1  70 5a 7f 0d  5e 6b 3a 9b
|   d1 32 e9 a4  f9 e6 d7 ae  f3 57 77 84  24 5f b0 6c
|   1f 2a 47 22  9b e3 b3 8f  f7 c1 13 71  30 f9 5c 24
|   4d 11 d7 10  f6 53 31 07  bd 7f 70 57  6f 51 65 69
|   dd 1e 85 83  66 e8 40 77  21 6d 42 1d  2d 85 0a 6b
|   52 fa d8 82  a3 10 7b 48  68 8e a1 fc  58 9b 95 fc
|   c8 cd c0 9b  41 b1 e8 03  7f c6 be 5f  b4 60 5f f8
|   9f ee db 34  c6 ae 84 a9  8b 04 78 ee  43 6f f6 cb
|   6e 97 91 22  f9 a2 35 ea  e1 99 be 8d  50 16 05 f5
|   4a 58 90 20  b8 e4 e4 2c  9d aa 7e ca  5d 22 39 7c
|   92 c7 2e ba  3d fb 3d c3  2b cd 15 c1  e1 e7 a3 2c
|   0c 81 23 ad  00 8a d0 c1  8e a4 2b a0  d9 98 b2 39
|   5d 63 5d bd  4a ee 5d 91  26 8f 5f f5  43 16 5f 84
|   50 d7 81 6c  37 1e 6c c9  2f 05 f0 55  c8 30 55 ee
|   4e 1d c2 da  94 dd 03 4e  af 2d 19 60  8c cd 77 f7
|   a8 9f b2 79  44 f0 31 dc  e6 87 81 6b  ec d8 98 7e
|   c4 6c cf 3d  24 ec 1c 21  c2 f4 90 d1  d1 45 7a 41
|   81 76 6a 53  32 98 7f e0  81 f9 8f 46  ee d4 6c
| integ before authenticated decryption:
|   91 b5 3d 2a  81 f3 37 a0  15 e3 c3 54  00 f2 ce 3f
| data after authenticated decryption:
|   e3 46 1f 3a  49 73 d7 e5  bc ab a8 a3  c4 f7 6f ce
|   72 29 da e2  87 7d 6f d4  88 1f c1 39  aa d7 1a 04
|   f1 65 a1 b0  24 ad 64 c7  8f 2f 07 65  9b df bf 18
|   06 0f 9f aa  7e ca 98 fe  a7 da e2 1d  70 87 52 72
|   47 b7 0b f1  55 3d 55 c2  b0 a2 da f8  32 90 9d 93
|   92 4b 02 03  01 00 01 a3  81 e6 30 81  e3 30 09 06
|   03 55 1d 13  04 02 30 00  30 47 06 03  55 1d 11 04
|   40 30 3e 82  1a 77 65 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 81
|   1a 77 65 73  74 40 74 65  73 74 69 6e  67 2e 6c 69
|   62 72 65 73  77 61 6e 2e  6f 72 67 87  04 c0 01 02
|   2d 30 0b 06  03 55 1d 0f  04 04 03 02  07 80 30 41
|   06 08 2b 06  01 05 05 07  01 01 04 35  30 33 30 31
|   06 08 2b 06  01 05 05 07  30 01 86 25  68 74 74 70
|   3a 2f 2f 6e  69 63 2e 74  65 73 74 69  6e 67 2e 6c
|   69 62 72 65  73 77 61 6e  2e 6f 72 67  3a 32 35 36
|   30 30 3d 06  03 55 1d 1f  04 36 30 34  30 32 a0 30
|   a0 2e 86 2c  68 74 74 70  3a 2f 2f 6e  69 63 2e 74
|   65 73 74 69  6e 67 2e 6c  69 62 72 65  73 77 61 6e
|   2e 6f 72 67  2f 72 65 76  6f 6b 65 64  2e 63 72 6c
|   30 0d 06 09  2a 86 48 86  f7 0d 01 01  0b 05 00 03
|   81 81 00 99  c7 bb c9 fe  29 b7 3b 8a  57 7f f6 b5
|   7c ac e6 65  95 1a 01 8f  64 a4 f3 53  13 16 dc 66
|   21 b4 82 15  d1 28 91 72  05 6b 0e 14  e6 9a 63 83
|   4d bb 2a 70  a1 63 a7 01  c6 94 43 37  a9 3d e2 74
|   56 9e fa 36  d0 aa 03 96  f6 99 33 6d  ef 3b e3 38
|   18 66 c3 b4  79 50 36 93  3d 51 22 a1  c9 0d ba c5
|   57 84 55 f3  fd d0 40 3b  c8 8a af b2  1e 2f c6 99
|   3e 8c 0d 8d  0e 6b 9b e1  5a 9e e0 67  c4 59 8f 2d
|   1b 60 46 21  00 01 88 01  00 00 00 af  dd 8a 00 91
|   b5 3d 2a 81  f3 37 a0 15  e3 c3 54 00  f2 ce 3f
| stripping 1 octets as pad
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   60 7e db 77  bb 60 f3 f6
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 04 00 05
| data before authenticated decryption:
|   ad c0 27 87  85 71 a5 e1  aa f6 ff dd  70 92 94 75
|   7d 75 44 14  59 21 5e 54  7b 7c 46 33  1c 2b 9a b8
|   cf e9 ae 0e  26 a8 5d bc  1b 8b cf 02  5d 0b 33 7f
|   9e 91 4e 77  cb 42 39 13  e5 77 62 94  7e 18 fa 1e
|   b3 dd 54 d6  d8 29 30 73  ca 4e e9 c6  43 83 e4 5a
|   eb 35 49 12  7d bb 22 38  3b b2 6e 32  ea e1 02 37
|   2c 1d bf 06  ce 1c c7 e8  e7 0c df ce  61 e8 75 9b
|   c3 e9 ab 65  0c 2f fc 8f  16 a5 d9 2a  a9 cb 71 80
|   b7 6e 44 fb  2c c3 ad bf  1a dd 31 bf  0a c0 01 99
|   4f 93 75 bd  44 0d c0 6d  2f 93 30 19  48 40 f8 b9
|   9a 34 da 69  84 83 73 bc  2c 33 ad 97  90 8f 9c 9a
|   e0 64 d8 a6  91 5c bd 38  58 7f 89 e5  59 fe b6 51
|   08 c8 12 c1  90 0d 72 75  fa 98 f6 a8  72 7d 60 9e
|   e9 5f 14 63  66 d2 06 9c  b4 42 85 74  4b 08 b1 26
|   3c 04 52 74  e3 ce e6 8e  74 f2 8e 27  14 66 7e 96
|   f7 96 39 0a  08 24 d3 d1  a9 e2 a4 af  2d 0e c5 70
|   f6 5a e3 ea  0b 6e 2c 7d  fb be c1 e8  c8 fe e7 6e
|   17 89 77 f6  3d 25 6f be  a2 65 39 48  91 86 0c b7
|   e0 87 c2 a4  93 63 f4 e6  53 56 0d 63  53 8b 5f 6a
|   40 c1 da 2b  57 7b ff 62  a8 bf f8 2e  7a 4d 2a b5
|   89 e5 23 c7  00 3a 41 ac  ab a8 c9 e8  b8 26 6f ae
|   a9 7b f1 ed  46 66 fc f9  af 21 d5 ca  00 84 03 25
|   e8 d6 ab dd  12 ae ac 1f  ba ca 14 ef  ac 29 a9 7e
|   ba d6 2e 39  0a c1 c5 87  82 f9 74 0c  51 9b a1 19
|   a7 b1 cb c1  ef bc 28 c6  dc 21 e8 36  d9 19 ea 69
|   63 e9 68 9d  18 bb dc a7  32 a3 f9 a1  cf 33 98 3f
|   69 a9 42 2f  0d ed 89 93  6d 97 2c 31  ab 0a df b6
|   c1 61 b4 bc  2e fc fc 91  5c 5b 62 d8  db 23 32 1d
|   67 98 1f 7d  21 b5 b2 d5  c1 fe dc de  49 0b c2 69
|   18 3b 12 ff  9a 3b 76 3c  96 9a c0 75  61 1a 03
| integ before authenticated decryption:
|   53 e8 3e c5  02 85 71 ce  7f 6a 2b a5  f5 4b 06 9c
| data after authenticated decryption:
|   b4 a5 1e 55  47 24 df 80  ab d0 79 07  4c 10 91 bd
|   e5 16 d2 a1  76 43 0a 35  3a 27 04 ac  4e 7a 6e d9
|   49 2a 2a 35  d8 6f e4 90  94 14 5f 67  f7 c5 99 90
|   64 ee ff d3  a6 b8 30 9d  c6 32 a6 fe  ec f2 e8 a6
|   6b f6 c0 52  e9 85 bf f9  1a ea 4e f4  60 94 f3 b7
|   c0 b1 e6 85  40 ee e3 b1  2c 4d c0 cc  73 4a 57 1f
|   b5 9d e7 b3  6e fc fa 91  c6 7d 21 24  db 2a 76 0c
|   5c 1c 5c 25  fa 8f df c9  99 b7 8f 09  6c ce b5 db
|   32 33 5b 7c  88 1b a0 1e  93 13 65 60  82 7a e7 ab
|   e4 1f 9e f7  dc 58 d0 9a  76 9c a9 5c  b0 e6 54 79
|   b4 e1 7b f8  89 55 29 85  22 2a 7c 54  4a fd fe e1
|   36 72 23 5b  3d a6 b7 70  08 26 36 e0  76 14 17 31
|   34 9d d4 b2  12 a1 03 98  48 61 fe 90  33 1e 3c 1e
|   8d 4c 02 65  da 71 e5 c4  7c 33 f0 88  35 2e 8c d7
|   a5 8f 0d 5c  fb 85 5f f6  1f 5c 55 1e  8f ef 30 46
|   20 e3 e8 ed  d7 a2 2b 25  4f 04 2c c1  ea bf b3 bb
|   42 62 ec 7a  a8 b5 03 37  8c 44 89 30  54 5f df ae
|   c5 91 48 d4  90 f4 34 e6  74 eb e6 87  35 29 53 21
|   d8 57 f6 fa  6e 7d e8 fa  9d 04 6f db  7c 5f c3 73
|   0b 65 91 4d  52 92 c2 bf  23 62 50 44  0d ce cc 84
|   35 af 04 65  64 86 74 b1  12 fb 50 5d  8c d6 8b 74
|   1b 46 7e 47  a7 7f 75 dc  f7 1d 39 81  1f 44 05 8a
|   14 4f 41 51  72 37 59 55  c8 0f 2f 46  77 07 0a eb
|   24 a4 bf 66  b1 0e 2a d6  fb b3 66 51  f1 2c 00 00
|   cc 02 00 00  20 01 03 04  02 90 d0 46  d4 03 00 00
|   0c 01 00 00  14 80 0e 01  00 00 00 00  08 05 00 00
|   00 02 00 00  20 02 03 04  02 90 d0 46  d4 03 00 00
|   0c 01 00 00  14 80 0e 00  80 00 00 00  08 05 00 00
|   00 02 00 00  30 03 03 04  04 90 d0 46  d4 03 00 00
|   0c 01 00 00  0c 80 0e 01  00 03 00 00  08 03 00 53
|   e8 3e c5 02  85 71 ce 7f  6a 2b a5 f5  4b 06 9c
| stripping 1 octets as pad
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   79 4e 6b aa  60 52 f5 05
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 08  00 00 00 01  00 00 00 d8  00 00 00 bc
|   00 05 00 05
| data before authenticated decryption:
|   2d ba 96 fc  4b 3d 77 0a  a6 25 31 d9  6b 0f 95 95
|   c7 6c 62 f5  00 01 f1 e9  13 d9 bf 43  7c 53 42 a9
|   0c e2 f2 6f  41 3e c6 1e  8a 1f 74 13  cb 1b 93 29
|   83 2d 42 4e  2e 0b ab 14  59 99 c5 2f  e2 dc c3 b7
|   77 d5 2b 82  7b 8d 27 d5  d3 62 33 95  bd 1e 85 e4
|   d8 55 c0 cd  97 f0 22 a4  6c a5 fe 99  e8 b8 8e 30
|   ff 41 a0 56  4e 0f c0 3b  19 55 bf 5b  43 aa 03 01
|   96 25 c4 57  bf 0a 94 4d  2d 9f 1a a8  be d2 7a 4a
|   ab d6 01 c8  af be 33 d3  cc f8 f6 59  b3 7d f2 86
|   d9 44 dd 68  9b 90 86 09  bf 82 1c 03
| integ before authenticated decryption:
|   d3 52 9c c0  44 84 68 8c  47 b4 43 8a  bf fa 73 6b
| data after authenticated decryption:
|   00 00 0e 03  00 00 08 03  00 00 0c 00  00 00 08 05
|   00 00 00 02  00 00 30 04  03 04 04 90  d0 46 d4 03
|   00 00 0c 01  00 00 0c 80  0e 00 80 03  00 00 08 03
|   00 00 0e 03  00 00 08 03  00 00 0c 00  00 00 08 05
|   00 00 00 00  00 00 28 05  03 04 03 90  d0 46 d4 03
|   00 00 0c 01  00 00 0c 80  0e 00 80 03  00 00 08 03
|   00 00 02 00  00 00 08 05  00 00 00 2d  00 00 18 01
|   00 00 00 07  00 00 10 00  00 ff ff c0  00 01 00 c0
|   00 01 ff 00  00 00 18 01  00 00 00 07  00 00 10 00
|   00 ff ff c0  00 02 00 c0  00 02 ff 00  d3 52 9c c0
|   44 84 68 8c  47 b4 43 8a  bf fa 73 6b
| stripping 1 octets as pad
| #1 ikev2 ISAKMP_v2_IKE_AUTH decrypt success
| Now let's proceed with payload (ISAKMP_NEXT_v2IDi)
| **parse IKEv2 Identification - Initiator - Payload:
|    next payload type: ISAKMP_NEXT_v2CERT (0x25)
|    flags: none (0x0)
|    length: 191 (0xbf)
|    ID type: ID_DER_ASN1_DN (0x9)
| processing payload: ISAKMP_NEXT_v2IDi (len=183)
| Now let's proceed with payload (ISAKMP_NEXT_v2CERT)
| **parse IKEv2 Certificate Payload:
|    next payload type: ISAKMP_NEXT_v2AUTH (0x27)
|    flags: none (0x0)
|    length: 1232 (0x4d0)
|    ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
| processing payload: ISAKMP_NEXT_v2CERT (len=1227)
| Now let's proceed with payload (ISAKMP_NEXT_v2AUTH)
| **parse IKEv2 Authentication Payload:
|    next payload type: ISAKMP_NEXT_v2SA (0x21)
|    flags: none (0x0)
|    length: 392 (0x188)
|    auth method: IKEv2_AUTH_RSA (0x1)
| processing payload: ISAKMP_NEXT_v2AUTH (len=384)
| Now let's proceed with payload (ISAKMP_NEXT_v2SA)
| **parse IKEv2 Security Association Payload:
|    next payload type: ISAKMP_NEXT_v2TSi (0x2c)
|    flags: none (0x0)
|    length: 204 (0xcc)
| processing payload: ISAKMP_NEXT_v2SA (len=200)
| Now let's proceed with payload (ISAKMP_NEXT_v2TSi)
| **parse IKEv2 Traffic Selector - Initiator - Payload:
|    next payload type: ISAKMP_NEXT_v2TSr (0x2d)
|    flags: none (0x0)
|    length: 24 (0x18)
|    number of TS: 1 (0x1)
| processing payload: ISAKMP_NEXT_v2TSi (len=16)
| Now let's proceed with payload (ISAKMP_NEXT_v2TSr)
| **parse IKEv2 Traffic Selector - Responder - Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 24 (0x18)
|    number of TS: 1 (0x1)
| processing payload: ISAKMP_NEXT_v2TSr (len=16)
| selected state microcode Responder: process IKE_AUTH request
| Now let's proceed with state specific processing
| calling processor Responder: process IKE_AUTH request
| DER ASN1 DN:  30 81 b4 31  0b 30 09 06  03 55 04 06  13 02 43 41
| DER ASN1 DN:  31 10 30 0e  06 03 55 04  08 0c 07 4f  6e 74 61 72
| DER ASN1 DN:  69 6f 31 10  30 0e 06 03  55 04 07 0c  07 54 6f 72
| DER ASN1 DN:  6f 6e 74 6f  31 12 30 10  06 03 55 04  0a 0c 09 4c
| DER ASN1 DN:  69 62 72 65  73 77 61 6e  31 18 30 16  06 03 55 04
| DER ASN1 DN:  0b 0c 0f 54  65 73 74 20  44 65 70 61  72 74 6d 65
| DER ASN1 DN:  6e 74 31 23  30 21 06 03  55 04 03 0c  1a 77 65 73
| DER ASN1 DN:  74 2e 74 65  73 74 69 6e  67 2e 6c 69  62 72 65 73
| DER ASN1 DN:  77 61 6e 2e  6f 72 67 31  2e 30 2c 06  09 2a 86 48
| DER ASN1 DN:  86 f7 0d 01  09 01 16 1f  75 73 65 72  2d 77 65 73
| DER ASN1 DN:  74 40 74 65  73 74 69 6e  67 2e 6c 69  62 72 65 73
| DER ASN1 DN:  77 61 6e 2e  6f 72 67
| checking for known CERT payloads
| saving certificate of type 'X509_SIGNATURE' in 0
| CERT payloads found: 1; calling pluto_process_certs()
| NSS: PK11_GetInternalKeySlot
| NSS: CERT_IsRootDERCert
| NSS: CERT_ImportCerts
| decoded E=user-west@testing.libreswan.org,CN=west.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| cert_issuer_has_current_crl: looking for a CRL issued by E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| NSS: SEC_LookupCrls
| releasing crl list in cert_issuer_has_current_crl with result false
| missing or expired CRL
| NSS: PK11_GetInternalKeySlot
| NSS: PK11_NeedLogin
| NSS: PK11_ListCertsInSlot
| crypto helper 1 waiting (nothing to do)
| NSS: CERT_NewCertList
| NSS: CERT_NewCertList
| NSS: CERT_NewCertList
| NSS: CERT_DupCertificate
| NSS: CERT_AddCertToListTail
| NSS: CERT_NewCertList
| NSS: CERT_NewCertList
| NSS: CERT_NewCertList
| NSS: CERT_NewCertList
| NSS: CERT_DupCertificate
| NSS: CERT_AddCertToListTail
| NSS: CERT_NewCertList
| NSS: CERT_DestroyCertList
| crl_strict: 0, ocsp: 0, ocsp_strict: 0, ocsp_post: 0
| NSS: CERT_PKIXVerifyCert
| certificate is valid
| NSS: CERT_DestroyCertList
"ikev2-westnet-eastnet-x509-cr" #1: certificate verified OK: E=user-west@testing.libreswan.org,CN=west.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| NSS: CERT_GetCertificateNames
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c78082da78
| NSS: CERT_GetNextGeneralName
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c78082d958
| NSS: CERT_GetNextGeneralName
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c78082d858
| NSS: CERT_GetNextGeneralName
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c78082d738
| NSS: CERT_GetNextGeneralName
| get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c780830608
| NSS: CERT_GetNextGeneralName
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_GetPublicKeyType
| NSS: SECKEY_DestroyPrivateKey
| NSS: SECKEY_ExtractPublicKey
| NSS: SECKEY_DestroyPublicKey
| NSS: CERT_GetCertTimes
| unreference key: 0x55c780831578 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org cnt 1--
| Verifying configured ID matches certificate
| ID_DER_ASN1_DN '%fromcert' does not need further ID verification
| SAN ID matched, updating that.cert
| Peer public key SubjectAltName matches peer ID for this connection
| X509: CERT and ID matches current connection
| refine_host_connection for IKEv2: starting with "ikev2-westnet-eastnet-x509-cr"
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
|    match_id a=C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org
|             b=C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org
|    results  matched
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| refine_host_connection: checking "ikev2-westnet-eastnet-x509-cr" against "ikev2-westnet-eastnet-x509-cr", best=(none) with match=1(id=1/ca=1/reqca=1)
| Warning: not switching back to template of current instance
| No IDr payload received from peer
| refine_host_connection: checked ikev2-westnet-eastnet-x509-cr against ikev2-westnet-eastnet-x509-cr, now for see if best
| started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org of kind PKK_RSA
| finding secret using public key (certificate): east
| NSS: PK11_GetLowLevelKeyIDForCert
| secret PKK_RSA:AwEAAaSWO matches
| RSA key AwEAAaSWO found
| refine_host_connection: picking new best "ikev2-westnet-eastnet-x509-cr" (wild=0, peer_pathlen=7/our=0)
| refine going into 2nd loop allowing instantiated conns as well
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
| returning since no better match than original best_found
| offered CA: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
"ikev2-westnet-eastnet-x509-cr" #1: IKEv2 mode peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org'
| NSS: PK11_GetKeyLength
| hmac PRF sha2_512 init symkey-key@0x55c7806b7180 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b7180, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: SHA512_HMAC
| hmac prf: created sha2_512 context 0x55c780831690 from symkey-key@0x7fbf8800b280
| hmac prf: begin sha2_512 with context 0x55c780831690 from symkey-key@0x7fbf8800b280
| hmac: release clone-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| hmac PRF sha2_512 crypt-prf@0x55c7801a0bc8
| idhash verify I2  09 00 00 00  30 81 b4 31  0b 30 09 06  03 55 04 06
| idhash verify I2  13 02 43 41  31 10 30 0e  06 03 55 04  08 0c 07 4f
| idhash verify I2  6e 74 61 72  69 6f 31 10  30 0e 06 03  55 04 07 0c
| idhash verify I2  07 54 6f 72  6f 6e 74 6f  31 12 30 10  06 03 55 04
| idhash verify I2  0a 0c 09 4c  69 62 72 65  73 77 61 6e  31 18 30 16
| idhash verify I2  06 03 55 04  0b 0c 0f 54  65 73 74 20  44 65 70 61
| idhash verify I2  72 74 6d 65  6e 74 31 23  30 21 06 03  55 04 03 0c
| idhash verify I2  1a 77 65 73  74 2e 74 65  73 74 69 6e  67 2e 6c 69
| idhash verify I2  62 72 65 73  77 61 6e 2e  6f 72 67 31  2e 30 2c 06
| idhash verify I2  09 2a 86 48  86 f7 0d 01  09 01 16 1f  75 73 65 72
| idhash verify I2  2d 77 65 73  74 40 74 65  73 74 69 6e  67 2e 6c 69
| idhash verify I2  62 72 65 73  77 61 6e 2e  6f 72 67
| hmac PRF sha2_512 update data-bytes@0x55c7806cea5c (length 187)
| hmac PRF sha2_512 final-bytes ...
| hmac PRF sha2_512 final-bytes@0x7ffc830eb8c0 (length 64)
| inputs to hash1 (first packet)
|   84 ef af 3b  c7 ff b0 7d  00 00 00 00  00 00 00 00
|   21 20 22 08  00 00 00 00  00 00 03 0c  22 00 01 84
|   02 00 00 54  01 01 00 09  03 00 00 0c  01 00 00 14
|   80 0e 01 00  03 00 00 08  02 00 00 07  03 00 00 08
|   02 00 00 05  03 00 00 08  02 00 00 02  03 00 00 08
|   04 00 00 0e  03 00 00 08  04 00 00 0f  03 00 00 08
|   04 00 00 10  03 00 00 08  04 00 00 12  00 00 00 08
|   04 00 00 13  02 00 00 54  02 01 00 09  03 00 00 0c
|   01 00 00 14  80 0e 00 80  03 00 00 08  02 00 00 07
|   03 00 00 08  02 00 00 05  03 00 00 08  02 00 00 02
|   03 00 00 08  04 00 00 0e  03 00 00 08  04 00 00 0f
|   03 00 00 08  04 00 00 10  03 00 00 08  04 00 00 12
|   00 00 00 08  04 00 00 13  02 00 00 6c  03 01 00 0c
|   03 00 00 0c  01 00 00 0c  80 0e 01 00  03 00 00 08
|   02 00 00 07  03 00 00 08  02 00 00 05  03 00 00 08
|   02 00 00 02  03 00 00 08  03 00 00 0e  03 00 00 08
|   03 00 00 0c  03 00 00 08  03 00 00 02  03 00 00 08
|   04 00 00 0e  03 00 00 08  04 00 00 0f  03 00 00 08
|   04 00 00 10  03 00 00 08  04 00 00 12  00 00 00 08
|   04 00 00 13  00 00 00 6c  04 01 00 0c  03 00 00 0c
|   01 00 00 0c  80 0e 00 80  03 00 00 08  02 00 00 07
|   03 00 00 08  02 00 00 05  03 00 00 08  02 00 00 02
|   03 00 00 08  03 00 00 0e  03 00 00 08  03 00 00 0c
|   03 00 00 08  03 00 00 02  03 00 00 08  04 00 00 0e
|   03 00 00 08  04 00 00 0f  03 00 00 08  04 00 00 10
|   03 00 00 08  04 00 00 12  00 00 00 08  04 00 00 13
|   28 00 01 08  00 0e 00 00  a3 3b f9 9c  5a 97 81 5c
|   ee b9 2f d3  30 62 80 f8  86 04 a0 1c  94 ac c2 8b
|   b3 8e e7 5f  7b e6 0d 11  17 6a 08 63  1a d7 74 24
|   8a 8a a7 de  28 65 01 d7  95 7f 3c 43  32 cf 16 50
|   f3 72 03 95  85 ae cf e0  39 91 08 ea  5f f5 82 ee
|   0f 1f de 18  69 d8 84 6a  e5 66 57 c8  ae 98 10 7b
|   16 6e 86 b2  62 c2 ec 85  4e ac 92 32  7a 19 06 f1
|   2f b8 01 92  59 d3 2d 73  2c 80 db bd  78 9e b3 ad
|   f2 90 9e c3  e2 f5 4e 88  97 6a 1e 6a  58 ad 45 8f
|   14 af 63 16  3b 05 b4 79  66 29 42 0c  8a 2b d7 e5
|   5b 06 4d 06  2b 16 20 08  01 09 14 fe  5c d2 f7 c6
|   52 3a b3 2b  e3 1c b5 e3  21 bf e7 f3  b4 c9 23 48
|   7d 4e 7f 1c  9c 79 e6 2e  ac 29 2c 0d  86 59 e7 bb
|   71 8f c1 1b  97 80 98 19  cf 65 ea 3c  41 83 fd cb
|   13 8a 74 b3  ff 67 ef 2f  12 94 0c d4  fd 1c 80 35
|   d9 6c e0 64  56 b8 6f 8e  67 cd b1 4f  79 fb 20 ff
|   63 95 3b ee  c6 36 66 8e  29 00 00 24  17 37 2a 37
|   99 9a e1 1f  66 a0 22 50  3f fc cc 9c  9a 2d 83 d9
|   64 ec 33 e4  08 83 36 b5  f0 e9 8e cf  29 00 00 08
|   00 00 40 2e  29 00 00 1c  00 00 40 04  b3 42 6b 48
|   93 4e 6b 88  7d 26 2c 17  cf ac 69 df  8a 7c 1d 8c
|   00 00 00 1c  00 00 40 05  1d ee 3b 86  21 c4 de 1a
|   f4 66 dd ea  95 61 99 7d  4a d0 3e 12
| inputs to hash2 (responder nonce)
|   64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|   64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| idhash  32 36 62 bb  92 ec 68 ab  fb 20 41 83  1b f7 96 96
| idhash  ee 5b 7b 30  9e 59 2f af  f3 e4 44 1f  7b a0 c4 98
| idhash  6b 31 91 ba  09 45 da df  5f c4 02 19  ec 4a c0 3f
| idhash  bb 2a 02 28  26 88 8c d2  8d 13 ac 28  87 eb 8e 38
| sighash hash sha init
| NSS: PK11_PubDerive
| sighash sha hasher: context 0x55c780831690
| NSS: PK11_DigestBegin
| sighash hash sha digest first packet-chunk@0x55c7807fb528 (length 780)
| NSS: PK11_DigestOp
| sighash hash sha digest nonce-chunk@0x7fbf90001278 (length 32)
| NSS: PK11_DigestOp
| sighash hash sha digest IDHASH-bytes@0x7ffc830eb8c0 (length 64)
| NSS: PK11_DigestOp
| sighash hash sha final bytes@0x55c7801a0bc8 (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| sighash  d5 23 18 2a  53 48 ae 2a  9d f3 3a 74  e4 07 ec 6c
| sighash  0f 71 83 38
| required RSA CA is '%any'
| checking RSA keyid 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' for match with 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org'
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| key issuer CA is 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| NSS: PK11_VerifyRecover
| NSS RSA verify: decrypted sig: siBuffer: 30 21 30 09  06 05 2b 0e  03 02 1a 05  00 04 14 d5  23 18 2a 53  48 ae 2a 9d  f3 3a 74 e4  07 ec 6c 0f  71 83 38
| NSS RSA verify: hash value: 
|   d5 23 18 2a  53 48 ae 2a  9d f3 3a 74  e4 07 ec 6c
|   0f 71 83 38
| NSS: SECKEY_DestroyPublicKey
| RSA Signature verified
| an RSA Sig check passed with *AwEAAbnIH [preloaded key]
"ikev2-westnet-eastnet-x509-cr" #1: Authenticated using RSA
| parent state #1: PARENT_R1(half-open IKE SA) => PARENT_R2(established IKE SA)
| #1 will start re-keying in 3330 seconds with margin of 270 seconds (attempting re-key)
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c7806bea28
| event_schedule: new EVENT_SA_REPLACE-pe@0x55c7806bea28
| inserting event EVENT_SA_REPLACE, timeout in 3330.000 seconds for #1
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| IKEv2 CERT: send a certificate?
| IKEv2 CERT: OK to send a certificate (always)
| ***emit IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
| next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet'
| emitting 8 zero bytes of IV into IKEv2 Encryption Payload
| Initiator child policy is not compress, NOT sending v2N_IPCOMP_SUPPORTED
| NSS: PK11_GetKeyLength
| hmac PRF sha2_512 init symkey-key@0x7fbf880098f0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x7fbf880098f0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: SHA512_HMAC
| hmac prf: created sha2_512 context 0x55c780831690 from symkey-key@0x7fbf8800b280
| hmac prf: begin sha2_512 with context 0x55c780831690 from symkey-key@0x7fbf8800b280
| hmac: release clone-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| hmac PRF sha2_512 crypt-prf@0x55c780192558
| ****emit IKEv2 Identification - Responder - Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    ID type: ID_DER_ASN1_DN (0x9)
| next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr)
| next payload chain: saving location 'IKEv2 Identification - Responder - Payload'.'next payload type' in 'reply packet'
| emitting 183 raw bytes of my identity into IKEv2 Identification - Responder - Payload
| my identity  30 81 b4 31  0b 30 09 06  03 55 04 06  13 02 43 41
| my identity  31 10 30 0e  06 03 55 04  08 0c 07 4f  6e 74 61 72
| my identity  69 6f 31 10  30 0e 06 03  55 04 07 0c  07 54 6f 72
| my identity  6f 6e 74 6f  31 12 30 10  06 03 55 04  0a 0c 09 4c
| my identity  69 62 72 65  73 77 61 6e  31 18 30 16  06 03 55 04
| my identity  0b 0c 0f 54  65 73 74 20  44 65 70 61  72 74 6d 65
| my identity  6e 74 31 23  30 21 06 03  55 04 03 0c  1a 65 61 73
| my identity  74 2e 74 65  73 74 69 6e  67 2e 6c 69  62 72 65 73
| my identity  77 61 6e 2e  6f 72 67 31  2e 30 2c 06  09 2a 86 48
| my identity  86 f7 0d 01  09 01 16 1f  75 73 65 72  2d 65 61 73
| my identity  74 40 74 65  73 74 69 6e  67 2e 6c 69  62 72 65 73
| my identity  77 61 6e 2e  6f 72 67
| emitting length of IKEv2 Identification - Responder - Payload: 191
| idhash calc R2  09 00 00 00  30 81 b4 31  0b 30 09 06  03 55 04 06
| idhash calc R2  13 02 43 41  31 10 30 0e  06 03 55 04  08 0c 07 4f
| idhash calc R2  6e 74 61 72  69 6f 31 10  30 0e 06 03  55 04 07 0c
| idhash calc R2  07 54 6f 72  6f 6e 74 6f  31 12 30 10  06 03 55 04
| idhash calc R2  0a 0c 09 4c  69 62 72 65  73 77 61 6e  31 18 30 16
| idhash calc R2  06 03 55 04  0b 0c 0f 54  65 73 74 20  44 65 70 61
| idhash calc R2  72 74 6d 65  6e 74 31 23  30 21 06 03  55 04 03 0c
| idhash calc R2  1a 65 61 73  74 2e 74 65  73 74 69 6e  67 2e 6c 69
| idhash calc R2  62 72 65 73  77 61 6e 2e  6f 72 67 31  2e 30 2c 06
| idhash calc R2  09 2a 86 48  86 f7 0d 01  09 01 16 1f  75 73 65 72
| idhash calc R2  2d 65 61 73  74 40 74 65  73 74 69 6e  67 2e 6c 69
| idhash calc R2  62 72 65 73  77 61 6e 2e  6f 72 67
| hmac PRF sha2_512 update data-bytes@0x55c77e37f82c (length 187)
| hmac PRF sha2_512 final-bytes ...
| hmac PRF sha2_512 final-bytes@0x7ffc830eb390 (length 64)
| assembled IDr payload
| Sending [CERT] of certificate: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
| ****emit IKEv2 Certificate Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
| next payload chain: setting previous 'IKEv2 Identification - Responder - Payload'.'next payload type' to current IKEv2 Certificate Payload (37:ISAKMP_NEXT_v2CERT)
| next payload chain: saving location 'IKEv2 Certificate Payload'.'next payload type' in 'reply packet'
| emitting 1227 raw bytes of CERT into IKEv2 Certificate Payload
| CERT  30 82 04 c7  30 82 04 30  a0 03 02 01  02 02 01 03
| CERT  30 0d 06 09  2a 86 48 86  f7 0d 01 01  0b 05 00 30
| CERT  81 ac 31 0b  30 09 06 03  55 04 06 13  02 43 41 31
| CERT  10 30 0e 06  03 55 04 08  0c 07 4f 6e  74 61 72 69
| CERT  6f 31 10 30  0e 06 03 55  04 07 0c 07  54 6f 72 6f
| CERT  6e 74 6f 31  12 30 10 06  03 55 04 0a  0c 09 4c 69
| CERT  62 72 65 73  77 61 6e 31  18 30 16 06  03 55 04 0b
| CERT  0c 0f 54 65  73 74 20 44  65 70 61 72  74 6d 65 6e
| CERT  74 31 25 30  23 06 03 55  04 03 0c 1c  4c 69 62 72
| CERT  65 73 77 61  6e 20 74 65  73 74 20 43  41 20 66 6f
| CERT  72 20 6d 61  69 6e 63 61  31 24 30 22  06 09 2a 86
| CERT  48 86 f7 0d  01 09 01 16  15 74 65 73  74 69 6e 67
| CERT  40 6c 69 62  72 65 73 77  61 6e 2e 6f  72 67 30 22
| CERT  18 0f 32 30  31 38 31 32  31 38 31 39  35 36 31 33
| CERT  5a 18 0f 32  30 32 31 31  32 31 37 31  39 35 36 31
| CERT  33 5a 30 81  b4 31 0b 30  09 06 03 55  04 06 13 02
| CERT  43 41 31 10  30 0e 06 03  55 04 08 0c  07 4f 6e 74
| CERT  61 72 69 6f  31 10 30 0e  06 03 55 04  07 0c 07 54
| CERT  6f 72 6f 6e  74 6f 31 12  30 10 06 03  55 04 0a 0c
| CERT  09 4c 69 62  72 65 73 77  61 6e 31 18  30 16 06 03
| CERT  55 04 0b 0c  0f 54 65 73  74 20 44 65  70 61 72 74
| CERT  6d 65 6e 74  31 23 30 21  06 03 55 04  03 0c 1a 65
| CERT  61 73 74 2e  74 65 73 74  69 6e 67 2e  6c 69 62 72
| CERT  65 73 77 61  6e 2e 6f 72  67 31 2e 30  2c 06 09 2a
| CERT  86 48 86 f7  0d 01 09 01  16 1f 75 73  65 72 2d 65
| CERT  61 73 74 40  74 65 73 74  69 6e 67 2e  6c 69 62 72
| CERT  65 73 77 61  6e 2e 6f 72  67 30 82 01  a2 30 0d 06
| CERT  09 2a 86 48  86 f7 0d 01  01 01 05 00  03 82 01 8f
| CERT  00 30 82 01  8a 02 82 01  81 00 a4 96  3b d9 39 ca
| CERT  30 5b d4 2e  f2 c0 5f 02  2e 1e 4f 39  4e 45 58 c9
| CERT  30 32 fa 72  1b 0b 25 32  3d 1c 78 d4  bd a3 fa 93
| CERT  31 74 8e 28  54 32 50 38  5a 58 37 5d  3c 95 35 db
| CERT  69 d0 78 92  9a 59 36 0f  5a d2 4c af  b9 91 b2 c0
| CERT  ee a5 72 4a  5e c4 ed 6b  88 92 79 3d  45 32 f3 84
| CERT  94 4a 59 f8  78 f5 1e 40  33 c7 35 df  17 a7 d7 43
| CERT  61 82 a4 c0  64 d4 19 27  82 29 66 84  45 db f7 db
| CERT  bc 80 b9 2f  f1 dc a5 0c  9e f5 cd 87  19 26 33 c8
| CERT  87 4f d9 b1  58 9d 47 2b  c3 68 e0 ca  08 0d be cd
| CERT  7d df 9a 48  d0 c8 30 8d  e8 a5 c5 5e  3c bb a9 f0
| CERT  d6 f2 9e a1  7e 5e c6 b4  77 e7 2d b9  8c cd bc 58
| CERT  6f f6 ab 1e  fb b1 f3 b3  de 87 5f ac  3e 4f 08 77
| CERT  a5 fa a4 5f  fb 53 a2 43  5e 30 2c 9a  b0 86 28 90
| CERT  65 1e 7a 47  62 e5 d1 0d  7d ae 5b ef  e5 a1 93 8d
| CERT  74 d7 38 7e  55 64 39 9b  43 d9 fb e3  03 b2 d6 d2
| CERT  44 8d 86 77  e8 cb 9f e5  a6 76 d0 bb  5c 44 a7 ca
| CERT  0a 9f ae dc  2e 0d 4d a1  83 48 8d 99  06 33 ef 83
| CERT  6b ab a9 05  0e e6 eb 0a  5e de 14 b4  9f b8 f4 70
| CERT  90 a3 60 de  cc 55 ab 67  20 4b d8 fc  7c 0a 19 75
| CERT  b7 8f e7 11  80 29 0d ae  66 ab d2 10  ba 5e c1 b8
| CERT  ac 95 a2 6a  0e ac 55 1c  39 41 eb 0c  64 75 64 4b
| CERT  94 4c 45 59  4b 19 c8 e1  33 30 47 09  2f 5b bd 78
| CERT  45 9b dd b6  09 37 92 81  05 0f 68 17  d6 c8 20 03
| CERT  a6 a5 0b dd  b8 45 85 6a  b9 3b 02 03  01 00 01 a3
| CERT  81 e6 30 81  e3 30 09 06  03 55 1d 13  04 02 30 00
| CERT  30 47 06 03  55 1d 11 04  40 30 3e 82  1a 65 61 73
| CERT  74 2e 74 65  73 74 69 6e  67 2e 6c 69  62 72 65 73
| CERT  77 61 6e 2e  6f 72 67 81  1a 65 61 73  74 40 74 65
| CERT  73 74 69 6e  67 2e 6c 69  62 72 65 73  77 61 6e 2e
| CERT  6f 72 67 87  04 c0 01 02  17 30 0b 06  03 55 1d 0f
| CERT  04 04 03 02  07 80 30 41  06 08 2b 06  01 05 05 07
| CERT  01 01 04 35  30 33 30 31  06 08 2b 06  01 05 05 07
| CERT  30 01 86 25  68 74 74 70  3a 2f 2f 6e  69 63 2e 74
| CERT  65 73 74 69  6e 67 2e 6c  69 62 72 65  73 77 61 6e
| CERT  2e 6f 72 67  3a 32 35 36  30 30 3d 06  03 55 1d 1f
| CERT  04 36 30 34  30 32 a0 30  a0 2e 86 2c  68 74 74 70
| CERT  3a 2f 2f 6e  69 63 2e 74  65 73 74 69  6e 67 2e 6c
| CERT  69 62 72 65  73 77 61 6e  2e 6f 72 67  2f 72 65 76
| CERT  6f 6b 65 64  2e 63 72 6c  30 0d 06 09  2a 86 48 86
| CERT  f7 0d 01 01  0b 05 00 03  81 81 00 a1  b3 5c d8 0c
| CERT  31 2a e8 80  6b 58 cf f8  4e 42 3e cd  db f3 0a 8f
| CERT  64 a5 fd 01  e3 b0 8c 83  29 46 18 21  63 54 39 ec
| CERT  e0 ef 5a 13  ce 7e 5c e4  93 e7 1b 71  25 85 a5 cd
| CERT  31 4f 8f 98  a1 cc 70 c6  8b ce fa 82  a6 9c fd 5a
| CERT  c6 a2 63 83  17 e8 a1 50  46 07 1a 80  b1 a0 7f df
| CERT  bc 8d 40 78  6d 1b e7 2e  bd 63 1b dc  1c e9 27 7d
| CERT  e8 36 9a 0f  33 26 62 dc  c2 c4 12 7e  90 ac f0 b5
| CERT  85 75 77 4a  78 30 44 c5  c1 34 27
| emitting length of IKEv2 Certificate Payload: 1232
| CHILD SA proposals received
| going to assemble AUTH payload
| ****emit IKEv2 Authentication Payload:
|    next payload type: ISAKMP_NEXT_v2SA (0x21)
|    flags: none (0x0)
|    auth method: IKEv2_AUTH_RSA (0x1)
| next payload chain: ignoring supplied 'IKEv2 Authentication Payload'.'next payload type' value 33:ISAKMP_NEXT_v2SA
| next payload chain: setting previous 'IKEv2 Certificate Payload'.'next payload type' to current IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH)
| next payload chain: saving location 'IKEv2 Authentication Payload'.'next payload type' in 'reply packet'
| started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org of kind PKK_RSA
| finding secret using public key (certificate): east
| NSS: PK11_GetLowLevelKeyIDForCert
| secret PKK_RSA:AwEAAaSWO matches
| RSA key AwEAAaSWO found
| inputs to hash1 (first packet)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   21 20 22 20  00 00 00 00  00 00 01 b5  22 00 00 28
|   00 00 00 24  01 01 00 03  03 00 00 0c  01 00 00 14
|   80 0e 01 00  03 00 00 08  02 00 00 07  00 00 00 08
|   04 00 00 0e  28 00 01 08  00 0e 00 00  ae b6 50 4c
|   06 2d 56 7a  7c e8 f5 33  af fa 1a 73  6d 28 78 23
|   c9 7a e2 01  21 22 a6 cd  3c 6e 9d 61  cf 04 c8 c0
|   17 4c ee 74  e6 4a e1 00  ef 2b 8b f7  e4 01 c2 47
|   52 53 e0 f3  7a 41 5b e5  87 17 8a 54  4d 87 5d 87
|   af 16 e1 e8  7b 05 f1 13  07 10 b2 09  57 f3 75 c2
|   59 0d 89 e8  a3 cf 75 0a  7d 5e 85 9b  ba 71 8b 79
|   cf 05 30 e7  14 62 85 79  3f ab 86 05  e4 50 f4 d0
|   57 73 21 4c  e3 70 01 74  91 88 2f e9  9b c0 a2 bc
|   a9 7d 34 71  69 57 91 d7  fb 9f 1a 14  3e 5e 41 1c
|   59 bf 6b c9  6d c6 61 b3  5d 0c 10 56  df 2d 68 72
|   9f c6 cc a1  17 78 15 4c  63 5c f5 bf  c1 fb 9a cb
|   30 8a d0 ac  f0 5d 57 fa  2f ac 5d 1a  40 2c 3d 0b
|   62 0f e1 88  30 18 41 36  e9 49 18 b1  ed 23 a1 b1
|   10 03 1d dd  be 74 95 99  c5 09 c6 05  43 02 26 19
|   22 0e bc 31  72 0b 17 85  c0 0d a7 fc  b9 ce 61 f7
|   92 cf 96 79  1a f1 7c 2e  fe 49 ef c2  29 00 00 24
|   64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|   64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
|   29 00 00 08  00 00 40 2e  29 00 00 1c  00 00 40 04
|   84 bd 1c 68  90 18 ca ef  65 66 1c c4  1d a9 fd 0f
|   43 4a 20 f1  26 00 00 1c  00 00 40 05  f7 b3 b1 51
|   54 a5 60 9c  b2 be 11 87  e2 0f df d0  8a a3 54 35
|   00 00 00 05  04
| inputs to hash2 (initiator nonce)
|   17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
|   9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| idhash  bc 4b 96 96  5c e1 5b ed  8a a0 fd 51  a3 dc 6d aa
| idhash  6a 2c 88 f9  3b f9 e8 92  3b 1f aa b1  14 63 ee b0
| idhash  4f d0 99 53  eb d8 af 2b  14 e3 2d 06  e7 80 ac 98
| idhash  4e 6e ae 99  94 1a 9d de  ba 12 6d 51  86 67 4a 4b
| sighash hash sha init
| NSS: PK11_PubDerive
| sighash sha hasher: context 0x55c780831690
| NSS: PK11_DigestBegin
| sighash hash sha digest first packet-chunk@0x55c78063b6d8 (length 437)
| NSS: PK11_DigestOp
| sighash hash sha digest nonce-chunk@0x55c7801af408 (length 32)
| NSS: PK11_DigestOp
| sighash hash sha digest IDHASH-bytes@0x7ffc830eb390 (length 64)
| NSS: PK11_DigestOp
| sighash hash sha final bytes@0x7ffc830eabef (length 20)
| NSS: PK11_DigestFinal
| NSS: PK11_DestroyContext
| sighash  54 69 96 40  fb dd 23 d3  ee 57 2d bd  87 b7 ba 7f
| sighash  0b 4a 07 2f
| v2rsa octets  30 21 30 09  06 05 2b 0e  03 02 1a 05  00 04 14 54
| v2rsa octets  69 96 40 fb  dd 23 d3 ee  57 2d bd 87  b7 ba 7f 0b
| v2rsa octets  4a 07 2f
| RSA_sign_hash: Started using NSS
| NSS: PK11_SignatureLen
| NSS: PK11_Sign
| RSA_sign_hash: Ended using NSS
| emitting 384 raw bytes of rsa signature into IKEv2 Authentication Payload
| rsa signature  0e 7e 77 cc  89 02 5c b0  42 20 50 b1  b5 f4 aa 92
| rsa signature  b0 5c 3b 43  9b 58 7c d7  69 65 e2 ac  54 b6 55 57
| rsa signature  93 67 e9 c9  76 e3 17 2e  13 d8 e9 53  4c 96 0f 31
| rsa signature  d0 56 ad 05  3c d3 3c 3d  b9 0c 78 bc  53 90 11 60
| rsa signature  28 b1 6e 23  3d 8d 99 b6  a0 3c f2 a4  35 da c2 3d
| rsa signature  4f 46 b6 e4  0f 1d eb 79  58 7e 6a fd  fb 75 8d 09
| rsa signature  62 71 9d ee  4b 56 a6 42  2a 7d ee d0  d9 5a b8 43
| rsa signature  ed 72 ed 2c  84 82 2a ca  e4 ad fd 19  04 36 1e 3a
| rsa signature  6a 57 3d 6d  df 49 45 5c  b9 6f 83 35  d3 e4 21 89
| rsa signature  df 39 e1 57  85 41 25 9b  0f f3 b0 1e  48 50 59 1e
| rsa signature  2f d7 5c 17  5f e2 f8 e8  fb 3c 3e 62  67 db 4e dd
| rsa signature  c1 42 bf de  c7 de 0a 0e  45 f3 84 96  1d 9b 09 3c
| rsa signature  c9 72 05 81  90 a2 17 7d  47 03 c8 63  8c cf 8f 96
| rsa signature  aa 8f 24 c3  8b 6d 99 88  06 e7 b0 f1  1c b9 56 16
| rsa signature  e5 3f be 59  1e 34 bc 71  e3 02 55 95  fc 55 11 3e
| rsa signature  6b 5c 8d 2b  9f b5 ed 32  9f d3 69 f4  7c 03 92 44
| rsa signature  71 cc 62 69  64 ae ae 6b  d8 36 09 d9  58 71 33 2d
| rsa signature  b3 14 e4 0a  ac 37 7e b9  f2 ad a5 f4  88 c9 44 37
| rsa signature  6b 30 4d fb  e9 b6 e7 55  90 73 dc 61  c8 9c ea ba
| rsa signature  48 59 93 4e  3c 7e 93 be  f2 cd 70 e7  11 27 79 9a
| rsa signature  57 35 c6 71  f4 74 ac d1  d2 b3 42 31  42 4c 30 e5
| rsa signature  dc ae d5 de  96 2b 50 89  d4 2f 74 1f  53 d4 c1 3c
| rsa signature  55 ca 0e 43  3b c2 0b 0c  56 ad c7 ce  5c 6a d4 55
| rsa signature  4d 87 dc 21  a7 f5 b4 68  e8 bd 25 c3  24 3e 9d 91
| emitting length of IKEv2 Authentication Payload: 392
| creating state object #2 at 0x55c780815e38
| duplicating state object #1 "ikev2-westnet-eastnet-x509-cr" as #2 for IPSEC SA
| duplicate_state: reference st_skeyid_nss-key@NULL
| duplicate_state: reference st_skey_d_nss-key@0x55c7806b55c0
| NSS: PK11_ReferenceSymKey
| duplicate_state: reference st_skey_ai_nss-key@NULL
| duplicate_state: reference st_skey_ar_nss-key@NULL
| duplicate_state: reference st_skey_ei_nss-key@0x55c7806afc00
| NSS: PK11_ReferenceSymKey
| duplicate_state: reference st_skey_er_nss-key@0x55c7806b6e40
| NSS: PK11_ReferenceSymKey
| duplicate_state: reference st_skey_pi_nss-key@0x55c7806b7180
| NSS: PK11_ReferenceSymKey
| duplicate_state: reference st_skey_pr_nss-key@0x7fbf880098f0
| NSS: PK11_ReferenceSymKey
| duplicate_state: reference st_enc_key_nss-key@NULL
| duplicate_state: reference st_sk_d_no_ppk-key@NULL
| duplicate_state: reference st_sk_pi_no_ppk-key@NULL
| duplicate_state: reference st_sk_pr_no_ppk-key@NULL
| inserting state object #2
| serialno list: inserting object 0x55c780815e38 (state #2) entry 0x55c780816608 into list 0x55c77e37e860 (older 0x55c7807ff1b8 newer 0x55c7807ff1b8)
| serialno list: inserted  object 0x55c780815e38 (state #2) entry 0x55c780816608 (older 0x55c7807ff1b8 newer 0x55c77e37e860)
| serialno list: list entry 0x55c77e37e860 is HEAD (older 0x55c780816608 newer 0x55c7807ff1b8)
| serialno table: inserting object 0x55c780815e38 (state #2) entry 0x55c780816628 into list 0x55c77e373c60 (older 0x55c77e373c60 newer 0x55c77e373c60)
| serialno table: inserted  object 0x55c780815e38 (state #2) entry 0x55c780816628 (older 0x55c77e373c60 newer 0x55c77e373c60)
| serialno table: list entry 0x55c77e373c60 is HEAD (older 0x55c780816628 newer 0x55c780816628)
| serialno table: hash serialno #1 to head 0x55c77e373c40
| Child SA TS Request has ike->sa == md->st; so using parent connection
| TSi: parsing 1 traffic selectors
| ***parse IKEv2 Traffic Selector:
|    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
|    IP Protocol ID: 0 (0x0)
|    length: 16 (0x10)
|    start port: 0 (0x0)
|    end port: 65535 (0xffff)
| parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
| ipv4 ts low  c0 00 01 00
| parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
| ipv4 ts high  c0 00 01 ff
| TSi: parsed 1 traffic selectors
| TSr: parsing 1 traffic selectors
| ***parse IKEv2 Traffic Selector:
|    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
|    IP Protocol ID: 0 (0x0)
|    length: 16 (0x10)
|    start port: 0 (0x0)
|    end port: 65535 (0xffff)
| parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
| ipv4 ts low  c0 00 02 00
| parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
| ipv4 ts high  c0 00 02 ff
| TSr: parsed 1 traffic selectors
| looking for best SPD in current connection
| evaluating our conn="ikev2-westnet-eastnet-x509-cr" I=192.0.1.0/24:0/0 R=192.0.2.0/24:0/0 to their:
|     TSi[0] .net=192.0.1.0-192.0.1.255 .iporotoid=0 .{start,end}port=0..65535
|         match address end->client=192.0.1.0/24 == TSi[0]net=192.0.1.0-192.0.1.255: YES fitness 32
|         narrow port end=0..65535 == TSi[0]=0..65535: 0
|           TSi[0] port match: YES fitness 65536
|         narrow protocol end=*0 == TSi[0]=*0: 0
|         match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255
|     TSr[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535
|         match address end->client=192.0.2.0/24 == TSr[0]net=192.0.2.0-192.0.2.255: YES fitness 32
|         narrow port end=0..65535 == TSr[0]=0..65535: 0
|           TSr[0] port match: YES fitness 65536
|         narrow protocol end=*0 == TSr[0]=*0: 0
|         match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255
| best fit so far: TSi[0] TSr[0]
|     found better spd route for TSi[0],TSr[0]
| looking for better host pair
| find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500
|   checking hostpair 192.0.2.0/24 -> 192.0.1.0/24 is found
|   investigating connection "ikev2-westnet-eastnet-x509-cr" as a better match
|    match_id a=C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org
|             b=C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org
|    results  matched
| evaluating our conn="ikev2-westnet-eastnet-x509-cr" I=192.0.1.0/24:0/0 R=192.0.2.0/24:0/0 to their:
|     TSi[0] .net=192.0.1.0-192.0.1.255 .iporotoid=0 .{start,end}port=0..65535
|         match address end->client=192.0.1.0/24 == TSi[0]net=192.0.1.0-192.0.1.255: YES fitness 32
|         narrow port end=0..65535 == TSi[0]=0..65535: 0
|           TSi[0] port match: YES fitness 65536
|         narrow protocol end=*0 == TSi[0]=*0: 0
|         match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255
|     TSr[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535
|         match address end->client=192.0.2.0/24 == TSr[0]net=192.0.2.0-192.0.2.255: YES fitness 32
|         narrow port end=0..65535 == TSr[0]=0..65535: 0
|           TSr[0] port match: YES fitness 65536
|         narrow protocol end=*0 == TSr[0]=*0: 0
|         match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255
| best fit so far: TSi[0] TSr[0]
|   did not find a better connection using host pair
| printing contents struct traffic_selector
|   ts_type: IKEv2_TS_IPV4_ADDR_RANGE
|   ipprotoid: 0
|   port range: 0-65535
|   ip range: 192.0.2.0-192.0.2.255
| printing contents struct traffic_selector
|   ts_type: IKEv2_TS_IPV4_ADDR_RANGE
|   ipprotoid: 0
|   port range: 0-65535
|   ip range: 192.0.1.0-192.0.1.255
| serialno table: hash serialno #1 to head 0x55c77e373c40
| selecting default local ESP/AH proposals for ikev2-westnet-eastnet-x509-cr (IKE_AUTH responder matching remote ESP/AH proposals)
| constructed local ESP/AH proposals for ikev2-westnet-eastnet-x509-cr (IKE_AUTH responder matching remote ESP/AH proposals): 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;ESN=DISABLED 2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 5:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED (default)
| Comparing remote proposals against IKE_AUTH responder matching remote ESP/AH proposals 5 local proposals
| local proposal 1 type ENCR has 1 transforms
| local proposal 1 type PRF has 0 transforms
| local proposal 1 type INTEG has 1 transforms
| local proposal 1 type DH has 0 transforms
| local proposal 1 type ESN has 1 transforms
| local proposal 1 transforms: required: ENCR+ESN; optional: INTEG
| local proposal 2 type ENCR has 1 transforms
| local proposal 2 type PRF has 0 transforms
| local proposal 2 type INTEG has 1 transforms
| local proposal 2 type DH has 0 transforms
| local proposal 2 type ESN has 1 transforms
| local proposal 2 transforms: required: ENCR+ESN; optional: INTEG
| local proposal 3 type ENCR has 1 transforms
| local proposal 3 type PRF has 0 transforms
| local proposal 3 type INTEG has 2 transforms
| local proposal 3 type DH has 0 transforms
| local proposal 3 type ESN has 1 transforms
| local proposal 3 transforms: required: ENCR+INTEG+ESN; optional: none
| local proposal 4 type ENCR has 1 transforms
| local proposal 4 type PRF has 0 transforms
| local proposal 4 type INTEG has 2 transforms
| local proposal 4 type DH has 0 transforms
| local proposal 4 type ESN has 1 transforms
| local proposal 4 transforms: required: ENCR+INTEG+ESN; optional: none
| local proposal 5 type ENCR has 1 transforms
| local proposal 5 type PRF has 0 transforms
| local proposal 5 type INTEG has 1 transforms
| local proposal 5 type DH has 0 transforms
| local proposal 5 type ESN has 1 transforms
| local proposal 5 transforms: required: ENCR+INTEG+ESN; optional: none
| ***parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 32 (0x20)
|    prop #: 1 (0x1)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 2 (0x2)
| parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI
| remote SPI  90 d0 46 d4
| Comparing remote proposal 1 containing 2 transforms against local proposal [1..5] of 5 local proposals
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| *****parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0
| remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0
| remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0
| remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0
| remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 5 type 5 (ESN) transform 0
| remote proposal 1 proposed transforms: ENCR+ESN; matched: ENCR+ESN; unmatched: none
| comparing remote proposal 1 containing ENCR+ESN transforms to local proposal 1; required: ENCR+ESN; optional: INTEG; matched: ENCR+ESN
| remote proposal 1 matches local proposal 1
| ***parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 32 (0x20)
|    prop #: 2 (0x2)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 2 (0x2)
| parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI
| remote SPI  90 d0 46 d4
| Comparing remote proposal 2 containing 2 transforms against local proposal [1..0] of 5 local proposals
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| *****parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| remote proposal 2 proposed transforms: ENCR+ESN; matched: none; unmatched: ENCR+ESN
| remote proposal 2 does not match; unmatched remote transforms: ENCR+ESN
| ***parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 48 (0x30)
|    prop #: 3 (0x3)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 4 (0x4)
| parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI
| remote SPI  90 d0 46 d4
| Comparing remote proposal 3 containing 4 transforms against local proposal [1..0] of 5 local proposals
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_CBC (0xc)
| *****parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| remote proposal 3 proposed transforms: ENCR+INTEG+ESN; matched: none; unmatched: ENCR+INTEG+ESN
| remote proposal 3 does not match; unmatched remote transforms: ENCR+INTEG+ESN
| ***parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_NON_LAST (0x2)
|    length: 48 (0x30)
|    prop #: 4 (0x4)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 4 (0x4)
| parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI
| remote SPI  90 d0 46 d4
| Comparing remote proposal 4 containing 4 transforms against local proposal [1..0] of 5 local proposals
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_CBC (0xc)
| *****parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| remote proposal 4 proposed transforms: ENCR+INTEG+ESN; matched: none; unmatched: ENCR+INTEG+ESN
| remote proposal 4 does not match; unmatched remote transforms: ENCR+INTEG+ESN
| ***parse IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_LAST (0x0)
|    length: 40 (0x28)
|    prop #: 5 (0x5)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 3 (0x3)
| parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI
| remote SPI  90 d0 46 d4
| Comparing remote proposal 5 containing 3 transforms against local proposal [1..0] of 5 local proposals
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 12 (0xc)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_CBC (0xc)
| *****parse IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
|    IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
| ****parse IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    length: 8 (0x8)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| remote proposal 5 proposed transforms: ENCR+INTEG+ESN; matched: none; unmatched: ENCR+INTEG+ESN
| remote proposal 5 does not match; unmatched remote transforms: ENCR+INTEG+ESN
"ikev2-westnet-eastnet-x509-cr" #1: proposal 1:ESP:SPI=90d046d4;ENCR=AES_GCM_C_256;ESN=DISABLED chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_256;ESN=DISABLED[first-match] 2:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED 5:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED
| IKE_AUTH responder matching remote ESP/AH proposals ikev2_proposal: 1:ESP:SPI=90d046d4;ENCR=AES_GCM_C_256;ESN=DISABLED
| converting proposal to internal trans attrs
| encryption ike_alg_lookup_by_id id: AES_GCM_C=20, found AES_GCM_16 
| integrity ike_alg_lookup_by_id id: NONE=0, found NONE 
| netlink_get_spi: allocated 0x48ff48ca for esp.0@192.1.2.23
| Emitting ikev2_proposal ...
| ****emit IKEv2 Security Association Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
| next payload chain: setting previous 'IKEv2 Authentication Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA)
| next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet'
| *****emit IKEv2 Proposal Substructure Payload:
|    last proposal: v2_PROPOSAL_LAST (0x0)
|    prop #: 1 (0x1)
|    proto ID: IKEv2_SEC_PROTO_ESP (0x3)
|    spi size: 4 (0x4)
|    # transforms: 2 (0x2)
| last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal'
| emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
| our spi  48 ff 48 ca
| ******emit IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_NON_LAST (0x3)
|    IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
|    IKEv2 transform ID: AES_GCM_C (0x14)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| *******emit IKEv2 Attribute Substructure Payload:
|    af+type: AF+IKEv2_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of IKEv2 Transform Substructure Payload: 12
| ******emit IKEv2 Transform Substructure Payload:
|    last transform: v2_TRANSFORM_LAST (0x0)
|    IKEv2 transform type: TRANS_TYPE_ESN (0x5)
|    IKEv2 transform ID: ESN_DISABLED (0x0)
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
| last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform'
| emitting length of IKEv2 Transform Substructure Payload: 8
| emitting length of IKEv2 Proposal Substructure Payload: 32
| last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0
| emitting length of IKEv2 Security Association Payload: 36
| last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0
| ****emit IKEv2 Traffic Selector - Initiator - Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    number of TS: 1 (0x1)
| next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi)
| next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet'
| *****emit IKEv2 Traffic Selector:
|    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
|    IP Protocol ID: 0 (0x0)
|    start port: 0 (0x0)
|    end port: 65535 (0xffff)
| emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector
| ipv4 start  c0 00 01 00
| emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector
| ipv4 end  c0 00 01 ff
| emitting length of IKEv2 Traffic Selector: 16
| emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24
| ****emit IKEv2 Traffic Selector - Responder - Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    number of TS: 1 (0x1)
| next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr)
| next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet'
| *****emit IKEv2 Traffic Selector:
|    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
|    IP Protocol ID: 0 (0x0)
|    start port: 0 (0x0)
|    end port: 65535 (0xffff)
| emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector
| ipv4 start  c0 00 02 00
| emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector
| ipv4 end  c0 00 02 ff
| emitting length of IKEv2 Traffic Selector: 16
| emitting length of IKEv2 Traffic Selector - Responder - Payload: 24
| Not sending v2N_IPCOMP_SUPPORTED
| integ=none: .key_size=0 encrypt=aes_gcm_16: .key_size=32 .salt_size=4 keymat_len=36
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x55c7804bab98 (32 bytes)
|       17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
|       9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: data-key@0x55c7806bef40, size: 48 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806bef40, size: 48 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 32
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: data-key@0x7fbf8800b280, size: 32 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| data: release tmp-key@0x55c7806bef40
| NSS: PK11_FreeSymKey
| NSS: PK11_GetMechanism
| CONCATENATE_BASE_AND_DATA:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x7fbf8800b280, size: 32 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     data-bytes@0x55c780192558 (32 bytes)
|       64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
|       64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806bef40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_bytes: release lhs-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+0 prf: created sha2_512 context 0x55c780831690 from key-key@0x7fbf8800b280
| prf+0 prf: begin sha2_512 with context 0x55c780831690 from key-key@0x7fbf8800b280
| prf+0: release clone-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| prf+0 PRF sha2_512 crypt-prf@0x55c780830768
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 update seed-key@0x55c7806bef40 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806bef40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806bef40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x55c780831fc8
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| prf+0 PRF sha2_512 update 1++-byte@0x1 (1)
| prf+0 PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x55c780831fc8 (64 bytes)
|       0b 7a 78 2a  94 96 77 e4  48 95 47 65  e3 3c a8 be
|       07 d8 3f 41  37 40 5e 17  91 31 1f b1  e8 7a 1f 9f
|       fd 0a 35 14  bf 68 3b 7a  a6 cf c1 8d  74 a3 8d ac
|       9c f8 3c 44  10 93 d7 e2  fd 30 1d 3d  cd f5 37 3f
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c780800aa0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c780800aa0, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x55c780800aa0
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+0 PRF sha2_512 final-key@0x7fbf8800b280 (size 64)
| ikev2_prfplus: reference old_t[1]-key@0x7fbf8800b280
| NSS: PK11_ReferenceSymKey
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 init key-key@0x55c7806b55c0 (size 64)
| NSS: PK11_GetKeyLength
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7806b55c0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags: SIGN target: SHA512_HMAC
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: clone-key@0x55c780800aa0, size: 64 bytes, type/mechanism: SHA512_HMAC
| prf+N prf: created sha2_512 context 0x55c780831fa0 from key-key@0x55c780800aa0
| prf+N prf: begin sha2_512 with context 0x55c780831fa0 from key-key@0x55c780800aa0
| prf+N: release clone-key@0x55c780800aa0
| NSS: PK11_FreeSymKey
| prf+N PRF sha2_512 crypt-prf@0x55c7801ae2d8
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update old_t-key@0x7fbf8800b280 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x7fbf8800b280
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: b6 94 8a 74  81 24 51 69  18 cf c8 8d  93 10 ed 67  75 60 a2 d1  cc 0b 57 4b  16 69 5c de  13 b9 b0 10  5f 4a 7a f4  00 cf ac 03  24 06 3c a8  a1 57 1f 1f  c7 d2 88 74  5d 3a d4 15  12 df c0 d1  23 41 83 fa
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x55c7807fb918
| unwrapped:  0b 7a 78 2a  94 96 77 e4  48 95 47 65  e3 3c a8 be
| unwrapped:  07 d8 3f 41  37 40 5e 17  91 31 1f b1  e8 7a 1f 9f
| unwrapped:  fd 0a 35 14  bf 68 3b 7a  a6 cf c1 8d  74 a3 8d ac
| unwrapped:  9c f8 3c 44  10 93 d7 e2  fd 30 1d 3d  cd f5 37 3f
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 update seed-key@0x55c7806bef40 (size 64)
| NSS: PK11_GetKeyLength
| nss hmac digest hack extracting all 64 bytes of key@0x55c7806bef40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacksymkey-key@0x55c7806bef40, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| nss hmac digest hacknew slot-key@0x55c7806b2210, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 64
| NSS: PK11_WrapSymKey
| wrapper: (SECItemType)538976380: 40 59 7b 53  58 52 e2 d1  a7 c9 ea 2d  90 ed 71 f2  56 f6 69 86  08 31 66 88  05 70 fe e7  0c 0f 7a ff  e0 ab 4a e1  22 3c 7f 90  46 7c f7 5c  92 76 66 a1  e4 85 96 a2  58 a7 2e 17  57 f5 3b 95  35 35 0f 8a
| NSS: PK11_Decrypt
| nss hmac digest hack: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| nss hmac digest hack extracted len 64 bytes at 0x55c7808316b8
| unwrapped:  17 37 2a 37  99 9a e1 1f  66 a0 22 50  3f fc cc 9c
| unwrapped:  9a 2d 83 d9  64 ec 33 e4  08 83 36 b5  f0 e9 8e cf
| unwrapped:  64 50 42 6a  16 f4 24 bc  46 ac 70 dc  d7 09 9c f3
| unwrapped:  64 df c7 91  54 91 5e 35  0d 6f de bf  80 90 c2 93
| prf+N PRF sha2_512 update N++-byte@0x2 (2)
| prf+N PRF sha2_512 final-key ...
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| CONCATENATE_DATA_AND_BASE:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
|     data-bytes@0x55c7808316b8 (64 bytes)
|       78 31 b5 d3  6b 59 96 3f  04 23 13 6f  7d f3 c0 e0
|       fb da e3 2a  c9 85 e5 f5  09 39 16 fb  f9 d4 f2 a9
|       51 8d 5f 9c  cd eb d8 bc  b5 41 47 79  93 2f 08 c8
|       5c 9c ea 2a  7b e7 4b 76  b7 f4 fa b9  0c 8a 55 1d
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c7807ff890, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7807ff890, size: 80 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 64
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: final-key@0x55c780800aa0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| final: release tmp-key@0x55c7807ff890
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| prf+N PRF sha2_512 final-key@0x55c780800aa0 (size 64)
| NSS: PK11_GetMechanism
| NSS: PK11_GetSymKeyHandle
| CONCATENATE_BASE_AND_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     base-key@0x7fbf8800b280, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c780800aa0, size: 64 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     -> target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_Derive
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7807ff890, size: 128 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| append_symkey_symkey: release lhs-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| ikev2_prfplus: release old_t[N]-key@0x7fbf8800b280
| NSS: PK11_FreeSymKey
| NSS: PK11_GetKeyLength
| ikev2_prfplus: release old_t[final]-key@0x55c780800aa0
| NSS: PK11_FreeSymKey
| ikev2_child_sa_keymat: release data-key@0x55c7806bef40
| NSS: PK11_FreeSymKey
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7807ff890, size: 128 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 0, key-size: 36
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806bef40, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| initiator to responder keys extracting all 36 bytes of key@0x55c7806bef40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| initiator to responder keyssymkey-key@0x55c7806bef40, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| initiator to responder keysnew slot-key@0x55c7806b2210, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 48
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: b6 94 8a 74  81 24 51 69  18 cf c8 8d  93 10 ed 67  75 60 a2 d1  cc 0b 57 4b  16 69 5c de  13 b9 b0 10  a2 43 d0 c3  16 78 19 b8  f4 29 f0 a0  3c a0 c5 fb
| NSS: PK11_Decrypt
| initiator to responder keys: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| initiator to responder keys extracted len 48 bytes at 0x55c78082d1d8
| unwrapped:  0b 7a 78 2a  94 96 77 e4  48 95 47 65  e3 3c a8 be
| unwrapped:  07 d8 3f 41  37 40 5e 17  91 31 1f b1  e8 7a 1f 9f
| unwrapped:  fd 0a 35 14  00 00 00 00  00 00 00 00  00 00 00 00
| ikev2_derive_child_keys: release ikey-key@0x55c7806bef40
| NSS: PK11_FreeSymKey
| EXTRACT_KEY_FROM_KEY:
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     key-key@0x55c7807ff890, size: 128 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
|     key-offset: 36, key-size: 36
|     -> flags:  target: EXTRACT_KEY_FROM_KEY
| NSS: PK11_DeriveWithFlags
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     result: result-key@0x55c7806bef40, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| responder to initiator keys: extracting all 36 bytes of key@0x55c7806bef40
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| responder to initiator keys:symkey-key@0x55c7806bef40, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
|     ephemeral-key@0x55c7806acc40, size: 16 bytes, type/mechanism: AES_KEY_GEN
| NSS: PK11_GetSlotFromKey
| NSS: PK11_MoveSymKey
| NSS: PK11_FreeSlot
| NSS: PK11_GetKeyLength
| NSS: PK11_GetKeyLength
| responder to initiator keys:new slot-key@0x55c7806b2210, size: 36 bytes, type/mechanism: EXTRACT_KEY_FROM_KEY
| sizeof bytes 48
| NSS: PK11_WrapSymKey
| wrapper: siBuffer: 5a a0 b4 e7  f5 8b aa cd  f1 ea ed 3b  9b 9f 6a 76  87 7c 9d 72  5a 11 9a 3e  7a 17 84 db  a3 79 4d f1  10 af 4f eb  a7 51 ae 65  27 35 5b 68  20 ad 6f f1
| NSS: PK11_Decrypt
| responder to initiator keys:: release slot-key-key@0x55c7806b2210
| NSS: PK11_FreeSymKey
| responder to initiator keys: extracted len 48 bytes at 0x55c780815dd8
| unwrapped:  bf 68 3b 7a  a6 cf c1 8d  74 a3 8d ac  9c f8 3c 44
| unwrapped:  10 93 d7 e2  fd 30 1d 3d  cd f5 37 3f  78 31 b5 d3
| unwrapped:  6b 59 96 3f  00 00 00 00  00 00 00 00  00 00 00 00
| ikev2_derive_child_keys: release rkey-key@0x55c7806bef40
| NSS: PK11_FreeSymKey
| ikev2_derive_child_keys: release keymat-key@0x55c7807ff890
| NSS: PK11_FreeSymKey
| install_ipsec_sa() for #2: inbound and outbound
| could_route called for ikev2-westnet-eastnet-x509-cr (kind=CK_PERMANENT)
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000 vs
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000
| route owner of "ikev2-westnet-eastnet-x509-cr" unrouted: NULL; eroute owner: NULL
| looking for alg with encrypt: AES_GCM_16 keylen: 256 integ: NONE
| encrypt AES_GCM_16 keylen=256 transid=20, key_size=32, encryptalg=20
| AES_GCM_16 requires 4 salt bytes
| st->st_esp.keymat_len=36 is encrypt_keymat_size=36 + integ_keymat_size=0
| setting IPsec SA replay-window to 32
| netlink: enabling tunnel mode
| netlink: setting IPsec SA replay-window to 32 using old-style req
| netlink response for Add SA esp.90d046d4@192.1.2.45 included non-error error
| set up outgoing SA, ref=0/0
| looking for alg with encrypt: AES_GCM_16 keylen: 256 integ: NONE
| encrypt AES_GCM_16 keylen=256 transid=20, key_size=32, encryptalg=20
| AES_GCM_16 requires 4 salt bytes
| st->st_esp.keymat_len=36 is encrypt_keymat_size=36 + integ_keymat_size=0
| setting IPsec SA replay-window to 32
| netlink: enabling tunnel mode
| netlink: setting IPsec SA replay-window to 32 using old-style req
| netlink response for Add SA esp.48ff48ca@192.1.2.23 included non-error error
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
| add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute)
| IPsec SA SPD priority set to 1042407
| raw_eroute result=success
| set up incoming SA, ref=0/0
| sr for #2: unrouted
| route_and_eroute() for proto 0, and source port 0 dest port 0
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000 vs
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000
| route owner of "ikev2-westnet-eastnet-x509-cr" unrouted: NULL; eroute owner: NULL
| route_and_eroute with c: ikev2-westnet-eastnet-x509-cr (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
| eroute_connection add eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45 (raw_eroute)
| IPsec SA SPD priority set to 1042407
| raw_eroute result=success
| running updown command "ipsec _updown" for verb up 
| command executing up-client
| get_sa_info esp.90d046d4@192.1.2.45
| get_sa_info esp.48ff48ca@192.1.2.23
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='xfrm' PLUTO_ADDTIME='1546545636' PLUTO_C
| popen cmd is 1486 chars long
| cmd(   0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastn:
| cmd(  80):et-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2:
| cmd( 160):.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, :
| cmd( 240):CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIEN:
| cmd( 320):T='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.2:
| cmd( 400):55.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TY:
| cmd( 480):PE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=L:
| cmd( 560):ibreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing:
| cmd( 640):.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.:
| cmd( 720):0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCO:
| cmd( 800):L='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Departmen:
| cmd( 880):t, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='xfrm:
| cmd( 960):' PLUTO_ADDTIME='1546545636' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_:
| cmd(1040):ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CO:
| cmd(1120):NN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_MY_SOURCEIP='192.0.2.254' PLUTO_IS_PEE:
| cmd(1200):R_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER=':
| cmd(1280):' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' PLUTO_INBYTE:
| cmd(1360):S='0' PLUTO_OUTBYTES='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x:
| cmd(1440):90d046d4 SPI_OUT=0x48ff48ca ipsec _updown 2>&1:
| route_and_eroute: firewall_notified: true
| running updown command "ipsec _updown" for verb prepare 
| command executing prepare-client
| get_sa_info esp.90d046d4@192.1.2.45
| get_sa_info esp.48ff48ca@192.1.2.23
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='xfrm' PLUTO_ADDTIME='154654563
| popen cmd is 1491 chars long
| cmd(   0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-:
| cmd(  80):eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='19:
| cmd( 160):2.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Departm:
| cmd( 240):ent, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_:
| cmd( 320):CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.:
| cmd( 400):255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_:
| cmd( 480):SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto:
| cmd( 560):, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@te:
| cmd( 640):sting.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192:
| cmd( 720):.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PR:
| cmd( 800):OTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Depa:
| cmd( 880):rtment, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='n:
| cmd( 960):etkey' PLUTO_ADDTIME='1546545636' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+I:
| cmd(1040):KEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLU:
| cmd(1120):TO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_MY_SOURCEIP='192.0.2.254' PLUTO_I:
| cmd(1200):S_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BAN:
| cmd(1280):NER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' PLUTO_I:
| cmd(1360):NBYTES='0' PLUTO_OUTBYTES='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_:
| cmd(1440):IN=0x90d046d4 SPI_OUT=0x48ff48ca ipsec _updown 2>&1:
| running updown command "ipsec _updown" for verb route 
| command executing route-client
| get_sa_info esp.90d046d4@192.1.2.45
| get_sa_info esp.48ff48ca@192.1.2.23
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='xfrm' PLUTO_ADDTIME='1546545636' P
| popen cmd is 1489 chars long
| cmd(   0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-ea:
| cmd(  80):stnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.:
| cmd( 160):1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Departmen:
| cmd( 240):t, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CL:
| cmd( 320):IENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.25:
| cmd( 400):5.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA:
| cmd( 480):_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, :
| cmd( 560):O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@test:
| cmd( 640):ing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0:
| cmd( 720):.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROT:
| cmd( 800):OCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Depart:
| cmd( 880):ment, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='net:
| cmd( 960):key' PLUTO_ADDTIME='1546545636' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKE:
| cmd(1040):V2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO:
| cmd(1120):_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_MY_SOURCEIP='192.0.2.254' PLUTO_IS_:
| cmd(1200):PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNE:
| cmd(1280):R='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' PLUTO_INB:
| cmd(1360):YTES='0' PLUTO_OUTBYTES='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN:
| cmd(1440):=0x90d046d4 SPI_OUT=0x48ff48ca ipsec _updown 2>&1:
| route_and_eroute: instance "ikev2-westnet-eastnet-x509-cr", setting eroute_owner {spd=0x55c7806be390,sr=0x55c7806be390} to #2 (was #0) (newest_ipsec_sa=#0)
| ISAKMP_v2_IKE_AUTH: instance ikev2-westnet-eastnet-x509-cr[0], setting IKEv2 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
| emitting length of IKEv2 Encryption Payload: 1928
| emitting length of ISAKMP Message: 1956
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SK (0x2e)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
|    length: 1956 (0x7a4)
| **parse IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2IDr (0x24)
|    flags: none (0x0)
|    length: 1928 (0x788)
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2IDr (0x24)
|    flags: none (0x0)
|    fragment number: 1 (0x1)
|    total fragments: 4 (0x4)
| next payload chain: using supplied v2SKF 'IKEv2 Encrypted Fragment'.'next payload type' value 36:ISAKMP_NEXT_v2IDr
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encrypted Fragment (53:ISAKMP_NEXT_v2SKF)
| next payload chain: saving location 'IKEv2 Encrypted Fragment'.'next payload type' in 'reply frag packet'
| emitting 8 zero bytes of IV into IKEv2 Encrypted Fragment
| emitting 478 raw bytes of cleartext fragment into IKEv2 Encrypted Fragment
| cleartext fragment  25 00 00 bf  09 00 00 00  30 81 b4 31  0b 30 09 06
| cleartext fragment  03 55 04 06  13 02 43 41  31 10 30 0e  06 03 55 04
| cleartext fragment  08 0c 07 4f  6e 74 61 72  69 6f 31 10  30 0e 06 03
| cleartext fragment  55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
| cleartext fragment  06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
| cleartext fragment  31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
| cleartext fragment  44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
| cleartext fragment  55 04 03 0c  1a 65 61 73  74 2e 74 65  73 74 69 6e
| cleartext fragment  67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
| cleartext fragment  2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
| cleartext fragment  75 73 65 72  2d 65 61 73  74 40 74 65  73 74 69 6e
| cleartext fragment  67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 27
| cleartext fragment  00 04 d0 04  30 82 04 c7  30 82 04 30  a0 03 02 01
| cleartext fragment  02 02 01 03  30 0d 06 09  2a 86 48 86  f7 0d 01 01
| cleartext fragment  0b 05 00 30  81 ac 31 0b  30 09 06 03  55 04 06 13
| cleartext fragment  02 43 41 31  10 30 0e 06  03 55 04 08  0c 07 4f 6e
| cleartext fragment  74 61 72 69  6f 31 10 30  0e 06 03 55  04 07 0c 07
| cleartext fragment  54 6f 72 6f  6e 74 6f 31  12 30 10 06  03 55 04 0a
| cleartext fragment  0c 09 4c 69  62 72 65 73  77 61 6e 31  18 30 16 06
| cleartext fragment  03 55 04 0b  0c 0f 54 65  73 74 20 44  65 70 61 72
| cleartext fragment  74 6d 65 6e  74 31 25 30  23 06 03 55  04 03 0c 1c
| cleartext fragment  4c 69 62 72  65 73 77 61  6e 20 74 65  73 74 20 43
| cleartext fragment  41 20 66 6f  72 20 6d 61  69 6e 63 61  31 24 30 22
| cleartext fragment  06 09 2a 86  48 86 f7 0d  01 09 01 16  15 74 65 73
| cleartext fragment  74 69 6e 67  40 6c 69 62  72 65 73 77  61 6e 2e 6f
| cleartext fragment  72 67 30 22  18 0f 32 30  31 38 31 32  31 38 31 39
| cleartext fragment  35 36 31 33  5a 18 0f 32  30 32 31 31  32 31 37 31
| cleartext fragment  39 35 36 31  33 5a 30 81  b4 31 0b 30  09 06 03 55
| cleartext fragment  04 06 13 02  43 41 31 10  30 0e 06 03  55 04 08 0c
| cleartext fragment  07 4f 6e 74  61 72 69 6f  31 10 30 0e  06 03
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encrypted Fragment
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
| emitting length of IKEv2 Encrypted Fragment: 511
| emitting length of ISAKMP Message: 539
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   66 60 2a 30  bd d5 fa f4
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  24 00 01 ff
|   00 01 00 04
| data before authenticated encryption:
|   25 00 00 bf  09 00 00 00  30 81 b4 31  0b 30 09 06
|   03 55 04 06  13 02 43 41  31 10 30 0e  06 03 55 04
|   08 0c 07 4f  6e 74 61 72  69 6f 31 10  30 0e 06 03
|   55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
|   06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
|   31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
|   44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
|   55 04 03 0c  1a 65 61 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
|   2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
|   75 73 65 72  2d 65 61 73  74 40 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 27
|   00 04 d0 04  30 82 04 c7  30 82 04 30  a0 03 02 01
|   02 02 01 03  30 0d 06 09  2a 86 48 86  f7 0d 01 01
|   0b 05 00 30  81 ac 31 0b  30 09 06 03  55 04 06 13
|   02 43 41 31  10 30 0e 06  03 55 04 08  0c 07 4f 6e
|   74 61 72 69  6f 31 10 30  0e 06 03 55  04 07 0c 07
|   54 6f 72 6f  6e 74 6f 31  12 30 10 06  03 55 04 0a
|   0c 09 4c 69  62 72 65 73  77 61 6e 31  18 30 16 06
|   03 55 04 0b  0c 0f 54 65  73 74 20 44  65 70 61 72
|   74 6d 65 6e  74 31 25 30  23 06 03 55  04 03 0c 1c
|   4c 69 62 72  65 73 77 61  6e 20 74 65  73 74 20 43
|   41 20 66 6f  72 20 6d 61  69 6e 63 61  31 24 30 22
|   06 09 2a 86  48 86 f7 0d  01 09 01 16  15 74 65 73
|   74 69 6e 67  40 6c 69 62  72 65 73 77  61 6e 2e 6f
|   72 67 30 22  18 0f 32 30  31 38 31 32  31 38 31 39
|   35 36 31 33  5a 18 0f 32  30 32 31 31  32 31 37 31
|   39 35 36 31  33 5a 30 81  b4 31 0b 30  09 06 03 55
|   04 06 13 02  43 41 31 10  30 0e 06 03  55 04 08 0c
|   07 4f 6e 74  61 72 69 6f  31 10 30 0e  06 03 00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   f7 c1 db 54  64 19 35 07  1d 31 09 d4  72 b0 57 1a
|   af 8f f6 5b  ef 2d a4 f6  e4 34 4d f9  54 d8 df 9e
|   c3 cd 6a d8  39 65 18 77  1e 0c 5a 3d  d8 90 4e 3e
|   58 c0 37 c2  a6 60 7a f7  2b fa ee e8  05 0e 78 6d
|   11 00 89 33  77 49 e6 d7  ee 92 84 d5  56 fc 67 d9
|   bb 86 f7 b4  94 97 51 b0  b5 ee e8 f6  54 e0 88 16
|   b7 9d 28 75  d6 88 ed b0  64 2e 49 8c  83 26 14 fa
|   36 e7 d7 3e  ac bb 07 9b  a1 c9 ae 61  69 91 46 e3
|   cf d6 48 35  4b 1b 9a 75  70 b6 ce a3  e3 2a 1e 0b
|   20 44 30 53  32 7c 14 6d  ce 64 1d 61  9d f9 de f5
|   48 0d c5 08  0d ea 08 b5  f4 c4 23 3c  b9 5b 23 33
|   4d 87 7f f9  16 0e fd 20  45 3a 52 8e  19 d1 1f 54
|   39 8a f7 54  ca 05 41 2a  3e 5d 92 ee  3c 0f 2c 0c
|   f2 ed 00 d5  eb db 64 1a  dd 0c 55 ba  df 0d f7 4c
|   98 b0 46 48  75 c5 86 f4  ed a7 cf a6  45 b0 73 8c
|   b9 d4 e1 47  23 82 f5 79  01 4b 20 1f  d8 6c 9a a6
|   52 04 de 5e  a7 44 dd 99  9f ed ec fa  39 6b 08 a1
|   ee 31 27 40  49 6e 10 fa  85 6a 9b 96  8f 3b 58 47
|   03 05 19 e4  da 82 7a 4a  4c 40 7d fd  45 92 32 39
|   2f 4d f5 b7  7d 76 9f 88  c0 ec 37 b6  6c 53 7b c0
|   84 ca 31 60  9a 4a 92 3e  2a c6 92 a4  fb 2d ea d7
|   c1 99 44 d2  9e b8 22 c9  f4 38 bd c8  cd 61 c2 11
|   0a ca 40 0f  8c 04 17 cd  bc 35 e3 5d  86 7e 33 6c
|   2c 26 ad 92  ad ba 24 bc  af 3f 14 7a  55 91 53 c9
|   ec ca 07 91  98 f9 59 17  33 c0 05 7a  ca ea 01 a7
|   25 a2 c2 09  96 93 2f d7  d6 a8 a9 aa  be d5 10 51
|   bf 62 53 f4  70 dd 20 cf  d5 d3 29 3f  46 d3 61 d2
|   5b 21 c3 bd  54 2e a1 23  59 a7 40 a0  8f 8a e7 71
|   80 60 b5 10  29 2d c1 43  82 12 95 95  28 10 c7 d7
|   4e 70 b8 20  08 98 8b eb  5c 7b d4 00  55 46 bf
| integ after authenticated encryption:
|   71 7f ea 22  88 9d 0f 26  f8 48 cb db  fb 1d fb 7d
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    fragment number: 2 (0x2)
|    total fragments: 4 (0x4)
| next payload chain: using supplied v2SKF 'IKEv2 Encrypted Fragment'.'next payload type' value 0:ISAKMP_NEXT_v2NONE
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encrypted Fragment (53:ISAKMP_NEXT_v2SKF)
| next payload chain: saving location 'IKEv2 Encrypted Fragment'.'next payload type' in 'reply frag packet'
| emitting 8 zero bytes of IV into IKEv2 Encrypted Fragment
| emitting 478 raw bytes of cleartext fragment into IKEv2 Encrypted Fragment
| cleartext fragment  55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
| cleartext fragment  06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
| cleartext fragment  31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
| cleartext fragment  44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
| cleartext fragment  55 04 03 0c  1a 65 61 73  74 2e 74 65  73 74 69 6e
| cleartext fragment  67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
| cleartext fragment  2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
| cleartext fragment  75 73 65 72  2d 65 61 73  74 40 74 65  73 74 69 6e
| cleartext fragment  67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 30
| cleartext fragment  82 01 a2 30  0d 06 09 2a  86 48 86 f7  0d 01 01 01
| cleartext fragment  05 00 03 82  01 8f 00 30  82 01 8a 02  82 01 81 00
| cleartext fragment  a4 96 3b d9  39 ca 30 5b  d4 2e f2 c0  5f 02 2e 1e
| cleartext fragment  4f 39 4e 45  58 c9 30 32  fa 72 1b 0b  25 32 3d 1c
| cleartext fragment  78 d4 bd a3  fa 93 31 74  8e 28 54 32  50 38 5a 58
| cleartext fragment  37 5d 3c 95  35 db 69 d0  78 92 9a 59  36 0f 5a d2
| cleartext fragment  4c af b9 91  b2 c0 ee a5  72 4a 5e c4  ed 6b 88 92
| cleartext fragment  79 3d 45 32  f3 84 94 4a  59 f8 78 f5  1e 40 33 c7
| cleartext fragment  35 df 17 a7  d7 43 61 82  a4 c0 64 d4  19 27 82 29
| cleartext fragment  66 84 45 db  f7 db bc 80  b9 2f f1 dc  a5 0c 9e f5
| cleartext fragment  cd 87 19 26  33 c8 87 4f  d9 b1 58 9d  47 2b c3 68
| cleartext fragment  e0 ca 08 0d  be cd 7d df  9a 48 d0 c8  30 8d e8 a5
| cleartext fragment  c5 5e 3c bb  a9 f0 d6 f2  9e a1 7e 5e  c6 b4 77 e7
| cleartext fragment  2d b9 8c cd  bc 58 6f f6  ab 1e fb b1  f3 b3 de 87
| cleartext fragment  5f ac 3e 4f  08 77 a5 fa  a4 5f fb 53  a2 43 5e 30
| cleartext fragment  2c 9a b0 86  28 90 65 1e  7a 47 62 e5  d1 0d 7d ae
| cleartext fragment  5b ef e5 a1  93 8d 74 d7  38 7e 55 64  39 9b 43 d9
| cleartext fragment  fb e3 03 b2  d6 d2 44 8d  86 77 e8 cb  9f e5 a6 76
| cleartext fragment  d0 bb 5c 44  a7 ca 0a 9f  ae dc 2e 0d  4d a1 83 48
| cleartext fragment  8d 99 06 33  ef 83 6b ab  a9 05 0e e6  eb 0a 5e de
| cleartext fragment  14 b4 9f b8  f4 70 90 a3  60 de cc 55  ab 67
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encrypted Fragment
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
| emitting length of IKEv2 Encrypted Fragment: 511
| emitting length of ISAKMP Message: 539
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   99 ea 65 22  e9 83 ad ff
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 02 00 04
| data before authenticated encryption:
|   55 04 07 0c  07 54 6f 72  6f 6e 74 6f  31 12 30 10
|   06 03 55 04  0a 0c 09 4c  69 62 72 65  73 77 61 6e
|   31 18 30 16  06 03 55 04  0b 0c 0f 54  65 73 74 20
|   44 65 70 61  72 74 6d 65  6e 74 31 23  30 21 06 03
|   55 04 03 0c  1a 65 61 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 31
|   2e 30 2c 06  09 2a 86 48  86 f7 0d 01  09 01 16 1f
|   75 73 65 72  2d 65 61 73  74 40 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 30
|   82 01 a2 30  0d 06 09 2a  86 48 86 f7  0d 01 01 01
|   05 00 03 82  01 8f 00 30  82 01 8a 02  82 01 81 00
|   a4 96 3b d9  39 ca 30 5b  d4 2e f2 c0  5f 02 2e 1e
|   4f 39 4e 45  58 c9 30 32  fa 72 1b 0b  25 32 3d 1c
|   78 d4 bd a3  fa 93 31 74  8e 28 54 32  50 38 5a 58
|   37 5d 3c 95  35 db 69 d0  78 92 9a 59  36 0f 5a d2
|   4c af b9 91  b2 c0 ee a5  72 4a 5e c4  ed 6b 88 92
|   79 3d 45 32  f3 84 94 4a  59 f8 78 f5  1e 40 33 c7
|   35 df 17 a7  d7 43 61 82  a4 c0 64 d4  19 27 82 29
|   66 84 45 db  f7 db bc 80  b9 2f f1 dc  a5 0c 9e f5
|   cd 87 19 26  33 c8 87 4f  d9 b1 58 9d  47 2b c3 68
|   e0 ca 08 0d  be cd 7d df  9a 48 d0 c8  30 8d e8 a5
|   c5 5e 3c bb  a9 f0 d6 f2  9e a1 7e 5e  c6 b4 77 e7
|   2d b9 8c cd  bc 58 6f f6  ab 1e fb b1  f3 b3 de 87
|   5f ac 3e 4f  08 77 a5 fa  a4 5f fb 53  a2 43 5e 30
|   2c 9a b0 86  28 90 65 1e  7a 47 62 e5  d1 0d 7d ae
|   5b ef e5 a1  93 8d 74 d7  38 7e 55 64  39 9b 43 d9
|   fb e3 03 b2  d6 d2 44 8d  86 77 e8 cb  9f e5 a6 76
|   d0 bb 5c 44  a7 ca 0a 9f  ae dc 2e 0d  4d a1 83 48
|   8d 99 06 33  ef 83 6b ab  a9 05 0e e6  eb 0a 5e de
|   14 b4 9f b8  f4 70 90 a3  60 de cc 55  ab 67 00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   2e 17 0b 36  f8 0a b4 c3  2e fa 80 b1  bc 07 d4 06
|   66 e7 9e 46  03 02 1d b6  93 3c 29 55  c2 cb b8 d8
|   70 fe f7 c1  73 bf 9c e4  16 ab 45 ec  18 39 ec e3
|   d4 66 d9 3f  10 92 f5 8a  dd 04 d4 b6  eb b6 0d 6e
|   d0 82 29 49  83 56 8b fb  1a 75 4f 23  01 7e cd e1
|   81 3a cf 68  dd 89 f8 13  03 cd 60 f3  f6 ba be 3b
|   6d 09 eb 97  db 37 d9 27  c2 84 d5 17  aa ea 12 06
|   67 ff 92 9e  52 9f 3e aa  96 2a 02 e0  22 45 3b 28
|   c9 28 be 7d  eb 10 d4 52  c7 42 a8 f2  fa 5c dc d6
|   af 55 e3 2a  26 55 8d ae  c8 46 a6 a8  9b b5 a3 82
|   77 d8 6f 64  de 10 8b 38  18 63 76 81  a1 15 83 61
|   25 d2 e3 50  25 c3 cd b3  88 72 25 cd  d9 89 32 2c
|   09 e6 06 d1  94 ec b5 df  d8 70 1f aa  7c 85 4c b0
|   e3 d5 78 5d  20 50 1e 03  3d 33 e0 75  d2 45 5c 10
|   f7 3b 0f 51  b1 33 1c 17  17 b8 9f 92  fe 7a 98 9c
|   1d b1 5a c2  13 31 87 02  25 1c f1 1d  bc 69 21 65
|   a7 2d 96 a8  03 fd b3 96  8c 18 9a 10  bf 79 19 27
|   a2 06 35 8d  57 30 4d d4  dd a3 8e 2a  87 13 fd 24
|   ae 90 4c d7  25 08 40 42  b3 6c 9d 98  c7 a7 85 f9
|   3a a0 3d a5  15 6e e6 54  a3 f9 7b 5a  9f 23 5e 41
|   52 d0 50 a1  77 64 8e bc  ca 4a 3f 30  35 a5 8a 61
|   08 9b 82 34  87 09 e0 aa  e8 b3 7d 51  1c b3 61 67
|   d9 cb 2d bc  6c 54 28 d8  35 0d 22 e5  eb 5f 1b 7d
|   3b b6 97 f9  3b a3 09 2f  cd 88 5e 75  7f 9b 3b 0b
|   ee 79 2e 47  65 93 fc 25  d8 4e 80 79  57 9c fe 9f
|   9e 4c 20 81  6e ec 5c 26  05 b4 7d 14  cd ff 67 6e
|   2f b1 d9 7c  33 8a d4 3a  9b 28 c0 ba  6d 7e d2 78
|   b1 f8 0b f1  b4 fe 6a 11  8a 01 ea cb  a0 a6 cc 24
|   50 19 4d a9  a7 ea be 37  b6 4b bf da  db cf fb a3
|   17 b3 79 34  e6 f9 a2 06  2d c0 7f e6  7d 8a 91
| integ after authenticated encryption:
|   db 70 19 c4  27 30 f5 c8  0c 42 a0 51  17 58 f2 90
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    fragment number: 3 (0x3)
|    total fragments: 4 (0x4)
| next payload chain: using supplied v2SKF 'IKEv2 Encrypted Fragment'.'next payload type' value 0:ISAKMP_NEXT_v2NONE
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encrypted Fragment (53:ISAKMP_NEXT_v2SKF)
| next payload chain: saving location 'IKEv2 Encrypted Fragment'.'next payload type' in 'reply frag packet'
| emitting 8 zero bytes of IV into IKEv2 Encrypted Fragment
| emitting 478 raw bytes of cleartext fragment into IKEv2 Encrypted Fragment
| cleartext fragment  20 4b d8 fc  7c 0a 19 75  b7 8f e7 11  80 29 0d ae
| cleartext fragment  66 ab d2 10  ba 5e c1 b8  ac 95 a2 6a  0e ac 55 1c
| cleartext fragment  39 41 eb 0c  64 75 64 4b  94 4c 45 59  4b 19 c8 e1
| cleartext fragment  33 30 47 09  2f 5b bd 78  45 9b dd b6  09 37 92 81
| cleartext fragment  05 0f 68 17  d6 c8 20 03  a6 a5 0b dd  b8 45 85 6a
| cleartext fragment  b9 3b 02 03  01 00 01 a3  81 e6 30 81  e3 30 09 06
| cleartext fragment  03 55 1d 13  04 02 30 00  30 47 06 03  55 1d 11 04
| cleartext fragment  40 30 3e 82  1a 65 61 73  74 2e 74 65  73 74 69 6e
| cleartext fragment  67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 81
| cleartext fragment  1a 65 61 73  74 40 74 65  73 74 69 6e  67 2e 6c 69
| cleartext fragment  62 72 65 73  77 61 6e 2e  6f 72 67 87  04 c0 01 02
| cleartext fragment  17 30 0b 06  03 55 1d 0f  04 04 03 02  07 80 30 41
| cleartext fragment  06 08 2b 06  01 05 05 07  01 01 04 35  30 33 30 31
| cleartext fragment  06 08 2b 06  01 05 05 07  30 01 86 25  68 74 74 70
| cleartext fragment  3a 2f 2f 6e  69 63 2e 74  65 73 74 69  6e 67 2e 6c
| cleartext fragment  69 62 72 65  73 77 61 6e  2e 6f 72 67  3a 32 35 36
| cleartext fragment  30 30 3d 06  03 55 1d 1f  04 36 30 34  30 32 a0 30
| cleartext fragment  a0 2e 86 2c  68 74 74 70  3a 2f 2f 6e  69 63 2e 74
| cleartext fragment  65 73 74 69  6e 67 2e 6c  69 62 72 65  73 77 61 6e
| cleartext fragment  2e 6f 72 67  2f 72 65 76  6f 6b 65 64  2e 63 72 6c
| cleartext fragment  30 0d 06 09  2a 86 48 86  f7 0d 01 01  0b 05 00 03
| cleartext fragment  81 81 00 a1  b3 5c d8 0c  31 2a e8 80  6b 58 cf f8
| cleartext fragment  4e 42 3e cd  db f3 0a 8f  64 a5 fd 01  e3 b0 8c 83
| cleartext fragment  29 46 18 21  63 54 39 ec  e0 ef 5a 13  ce 7e 5c e4
| cleartext fragment  93 e7 1b 71  25 85 a5 cd  31 4f 8f 98  a1 cc 70 c6
| cleartext fragment  8b ce fa 82  a6 9c fd 5a  c6 a2 63 83  17 e8 a1 50
| cleartext fragment  46 07 1a 80  b1 a0 7f df  bc 8d 40 78  6d 1b e7 2e
| cleartext fragment  bd 63 1b dc  1c e9 27 7d  e8 36 9a 0f  33 26 62 dc
| cleartext fragment  c2 c4 12 7e  90 ac f0 b5  85 75 77 4a  78 30 44 c5
| cleartext fragment  c1 34 27 21  00 01 88 01  00 00 00 0e  7e 77
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encrypted Fragment
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
| emitting length of IKEv2 Encrypted Fragment: 511
| emitting length of ISAKMP Message: 539
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   c2 0a c8 8e  81 b3 e7 89
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 03 00 04
| data before authenticated encryption:
|   20 4b d8 fc  7c 0a 19 75  b7 8f e7 11  80 29 0d ae
|   66 ab d2 10  ba 5e c1 b8  ac 95 a2 6a  0e ac 55 1c
|   39 41 eb 0c  64 75 64 4b  94 4c 45 59  4b 19 c8 e1
|   33 30 47 09  2f 5b bd 78  45 9b dd b6  09 37 92 81
|   05 0f 68 17  d6 c8 20 03  a6 a5 0b dd  b8 45 85 6a
|   b9 3b 02 03  01 00 01 a3  81 e6 30 81  e3 30 09 06
|   03 55 1d 13  04 02 30 00  30 47 06 03  55 1d 11 04
|   40 30 3e 82  1a 65 61 73  74 2e 74 65  73 74 69 6e
|   67 2e 6c 69  62 72 65 73  77 61 6e 2e  6f 72 67 81
|   1a 65 61 73  74 40 74 65  73 74 69 6e  67 2e 6c 69
|   62 72 65 73  77 61 6e 2e  6f 72 67 87  04 c0 01 02
|   17 30 0b 06  03 55 1d 0f  04 04 03 02  07 80 30 41
|   06 08 2b 06  01 05 05 07  01 01 04 35  30 33 30 31
|   06 08 2b 06  01 05 05 07  30 01 86 25  68 74 74 70
|   3a 2f 2f 6e  69 63 2e 74  65 73 74 69  6e 67 2e 6c
|   69 62 72 65  73 77 61 6e  2e 6f 72 67  3a 32 35 36
|   30 30 3d 06  03 55 1d 1f  04 36 30 34  30 32 a0 30
|   a0 2e 86 2c  68 74 74 70  3a 2f 2f 6e  69 63 2e 74
|   65 73 74 69  6e 67 2e 6c  69 62 72 65  73 77 61 6e
|   2e 6f 72 67  2f 72 65 76  6f 6b 65 64  2e 63 72 6c
|   30 0d 06 09  2a 86 48 86  f7 0d 01 01  0b 05 00 03
|   81 81 00 a1  b3 5c d8 0c  31 2a e8 80  6b 58 cf f8
|   4e 42 3e cd  db f3 0a 8f  64 a5 fd 01  e3 b0 8c 83
|   29 46 18 21  63 54 39 ec  e0 ef 5a 13  ce 7e 5c e4
|   93 e7 1b 71  25 85 a5 cd  31 4f 8f 98  a1 cc 70 c6
|   8b ce fa 82  a6 9c fd 5a  c6 a2 63 83  17 e8 a1 50
|   46 07 1a 80  b1 a0 7f df  bc 8d 40 78  6d 1b e7 2e
|   bd 63 1b dc  1c e9 27 7d  e8 36 9a 0f  33 26 62 dc
|   c2 c4 12 7e  90 ac f0 b5  85 75 77 4a  78 30 44 c5
|   c1 34 27 21  00 01 88 01  00 00 00 0e  7e 77 00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   e9 55 13 3d  a8 38 23 93  9d 6e d8 04  67 41 c3 0f
|   3c cc dd a3  33 c7 fe 6e  07 16 4f b8  5b e0 91 42
|   3d 20 d7 00  dc 2e 83 27  34 6c 68 6d  83 bf 66 7d
|   6c bc b7 1f  1f fa 7d af  93 8a 8f 40  f1 6f 58 92
|   ad 20 fe bf  eb d6 c5 16  12 ad d1 6b  f4 4b 17 0f
|   ca b5 01 86  58 66 13 bf  a9 d5 c6 a7  d3 3c 89 75
|   3e 2a 19 25  1f 9d 23 e7  7c ab bc d2  c1 3e e5 5c
|   e8 15 c8 02  0d a7 c0 30  84 8c cf d1  bf 51 22 98
|   89 ce f6 49  61 8b bd 3d  00 bb b7 11  29 16 e8 8b
|   cf e2 44 95  1f 45 28 f6  08 59 19 e5  63 d3 58 d5
|   a4 db b0 36  8d 23 17 37  36 73 60 cf  45 07 54 3e
|   9d c1 af 7a  98 b7 09 b6  c5 c9 c5 4c  a2 f2 58 8c
|   4e d6 de da  27 0a 94 15  fc f5 a4 e6  0b e3 81 c2
|   0b ba 7b 7e  0e 4d 98 35  c6 c3 82 d5  15 d7 c9 d8
|   3e 16 03 2a  17 e5 98 0a  f6 b4 c5 65  09 5a 0a 4f
|   f3 c7 26 ff  7d 63 a7 43  30 c3 3f da  f3 90 79 a5
|   0a 99 a8 37  49 ac d9 60  79 77 29 f4  ac 34 c5 a2
|   37 09 46 3d  46 32 ab e1  a9 d0 bd 4f  9b 2e d8 80
|   7c da 6b 23  54 55 20 9b  12 34 fb 33  4b 43 52 52
|   a1 47 91 5f  3f d0 46 9b  6d 35 1d b4  fd 75 b4 a4
|   11 6b e0 09  0e 61 ea d2  73 22 39 42  2b 9b 75 c6
|   ca 02 b9 ef  fb 6b ee e2  db 2c b5 1f  3b e7 67 2d
|   7f 54 f6 29  03 aa 86 66  c4 ea 3e 81  69 56 49 19
|   31 ad 6d 9a  50 86 43 75  1b f6 bc 89  c9 ea 2b fa
|   3a a0 56 9e  ae 2d 2e 60  ca 4a c1 e2  7c e2 5c 2d
|   b0 ec e4 81  a0 ad a0 d6  7c 06 73 b8  9f 54 2c 18
|   3b 8d 6d 05  c2 f3 88 01  57 b0 02 63  73 da 60 a2
|   35 fb 38 53  bf 9f 59 d0  6f 5b 9b a3  c1 ca 5d ed
|   ae 32 15 97  31 6d 1a 31  56 18 c1 48  c7 09 7a 0b
|   55 35 91 27  01 a1 bd 58  ba db 22 b7  44 b1 8c
| integ after authenticated encryption:
|   f5 bf 1f f5  86 13 c6 14  95 a6 f1 30  ba ea 74 07
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_IKE_AUTH (0x23)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 1 (0x1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encrypted Fragment:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    fragment number: 4 (0x4)
|    total fragments: 4 (0x4)
| next payload chain: using supplied v2SKF 'IKEv2 Encrypted Fragment'.'next payload type' value 0:ISAKMP_NEXT_v2NONE
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encrypted Fragment (53:ISAKMP_NEXT_v2SKF)
| next payload chain: saving location 'IKEv2 Encrypted Fragment'.'next payload type' in 'reply frag packet'
| emitting 8 zero bytes of IV into IKEv2 Encrypted Fragment
| emitting 465 raw bytes of cleartext fragment into IKEv2 Encrypted Fragment
| cleartext fragment  cc 89 02 5c  b0 42 20 50  b1 b5 f4 aa  92 b0 5c 3b
| cleartext fragment  43 9b 58 7c  d7 69 65 e2  ac 54 b6 55  57 93 67 e9
| cleartext fragment  c9 76 e3 17  2e 13 d8 e9  53 4c 96 0f  31 d0 56 ad
| cleartext fragment  05 3c d3 3c  3d b9 0c 78  bc 53 90 11  60 28 b1 6e
| cleartext fragment  23 3d 8d 99  b6 a0 3c f2  a4 35 da c2  3d 4f 46 b6
| cleartext fragment  e4 0f 1d eb  79 58 7e 6a  fd fb 75 8d  09 62 71 9d
| cleartext fragment  ee 4b 56 a6  42 2a 7d ee  d0 d9 5a b8  43 ed 72 ed
| cleartext fragment  2c 84 82 2a  ca e4 ad fd  19 04 36 1e  3a 6a 57 3d
| cleartext fragment  6d df 49 45  5c b9 6f 83  35 d3 e4 21  89 df 39 e1
| cleartext fragment  57 85 41 25  9b 0f f3 b0  1e 48 50 59  1e 2f d7 5c
| cleartext fragment  17 5f e2 f8  e8 fb 3c 3e  62 67 db 4e  dd c1 42 bf
| cleartext fragment  de c7 de 0a  0e 45 f3 84  96 1d 9b 09  3c c9 72 05
| cleartext fragment  81 90 a2 17  7d 47 03 c8  63 8c cf 8f  96 aa 8f 24
| cleartext fragment  c3 8b 6d 99  88 06 e7 b0  f1 1c b9 56  16 e5 3f be
| cleartext fragment  59 1e 34 bc  71 e3 02 55  95 fc 55 11  3e 6b 5c 8d
| cleartext fragment  2b 9f b5 ed  32 9f d3 69  f4 7c 03 92  44 71 cc 62
| cleartext fragment  69 64 ae ae  6b d8 36 09  d9 58 71 33  2d b3 14 e4
| cleartext fragment  0a ac 37 7e  b9 f2 ad a5  f4 88 c9 44  37 6b 30 4d
| cleartext fragment  fb e9 b6 e7  55 90 73 dc  61 c8 9c ea  ba 48 59 93
| cleartext fragment  4e 3c 7e 93  be f2 cd 70  e7 11 27 79  9a 57 35 c6
| cleartext fragment  71 f4 74 ac  d1 d2 b3 42  31 42 4c 30  e5 dc ae d5
| cleartext fragment  de 96 2b 50  89 d4 2f 74  1f 53 d4 c1  3c 55 ca 0e
| cleartext fragment  43 3b c2 0b  0c 56 ad c7  ce 5c 6a d4  55 4d 87 dc
| cleartext fragment  21 a7 f5 b4  68 e8 bd 25  c3 24 3e 9d  91 2c 00 00
| cleartext fragment  24 00 00 00  20 01 03 04  02 48 ff 48  ca 03 00 00
| cleartext fragment  0c 01 00 00  14 80 0e 01  00 00 00 00  08 05 00 00
| cleartext fragment  00 2d 00 00  18 01 00 00  00 07 00 00  10 00 00 ff
| cleartext fragment  ff c0 00 01  00 c0 00 01  ff 00 00 00  18 01 00 00
| cleartext fragment  00 07 00 00  10 00 00 ff  ff c0 00 02  00 c0 00 02
| cleartext fragment  ff
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encrypted Fragment
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
| emitting length of IKEv2 Encrypted Fragment: 498
| emitting length of ISAKMP Message: 526
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   12 9b 27 7f  73 34 5a fc
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 0e  00 00 01 f2
|   00 04 00 04
| data before authenticated encryption:
|   cc 89 02 5c  b0 42 20 50  b1 b5 f4 aa  92 b0 5c 3b
|   43 9b 58 7c  d7 69 65 e2  ac 54 b6 55  57 93 67 e9
|   c9 76 e3 17  2e 13 d8 e9  53 4c 96 0f  31 d0 56 ad
|   05 3c d3 3c  3d b9 0c 78  bc 53 90 11  60 28 b1 6e
|   23 3d 8d 99  b6 a0 3c f2  a4 35 da c2  3d 4f 46 b6
|   e4 0f 1d eb  79 58 7e 6a  fd fb 75 8d  09 62 71 9d
|   ee 4b 56 a6  42 2a 7d ee  d0 d9 5a b8  43 ed 72 ed
|   2c 84 82 2a  ca e4 ad fd  19 04 36 1e  3a 6a 57 3d
|   6d df 49 45  5c b9 6f 83  35 d3 e4 21  89 df 39 e1
|   57 85 41 25  9b 0f f3 b0  1e 48 50 59  1e 2f d7 5c
|   17 5f e2 f8  e8 fb 3c 3e  62 67 db 4e  dd c1 42 bf
|   de c7 de 0a  0e 45 f3 84  96 1d 9b 09  3c c9 72 05
|   81 90 a2 17  7d 47 03 c8  63 8c cf 8f  96 aa 8f 24
|   c3 8b 6d 99  88 06 e7 b0  f1 1c b9 56  16 e5 3f be
|   59 1e 34 bc  71 e3 02 55  95 fc 55 11  3e 6b 5c 8d
|   2b 9f b5 ed  32 9f d3 69  f4 7c 03 92  44 71 cc 62
|   69 64 ae ae  6b d8 36 09  d9 58 71 33  2d b3 14 e4
|   0a ac 37 7e  b9 f2 ad a5  f4 88 c9 44  37 6b 30 4d
|   fb e9 b6 e7  55 90 73 dc  61 c8 9c ea  ba 48 59 93
|   4e 3c 7e 93  be f2 cd 70  e7 11 27 79  9a 57 35 c6
|   71 f4 74 ac  d1 d2 b3 42  31 42 4c 30  e5 dc ae d5
|   de 96 2b 50  89 d4 2f 74  1f 53 d4 c1  3c 55 ca 0e
|   43 3b c2 0b  0c 56 ad c7  ce 5c 6a d4  55 4d 87 dc
|   21 a7 f5 b4  68 e8 bd 25  c3 24 3e 9d  91 2c 00 00
|   24 00 00 00  20 01 03 04  02 48 ff 48  ca 03 00 00
|   0c 01 00 00  14 80 0e 01  00 00 00 00  08 05 00 00
|   00 2d 00 00  18 01 00 00  00 07 00 00  10 00 00 ff
|   ff c0 00 01  00 c0 00 01  ff 00 00 00  18 01 00 00
|   00 07 00 00  10 00 00 ff  ff c0 00 02  00 c0 00 02
|   ff 00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   b9 bb 1c 0f  d6 f2 30 39  12 a5 be 7a  07 48 5f 83
|   db d0 a9 3f  a9 3a e7 3c  65 58 34 ac  7e 29 6d e4
|   f2 6c 00 73  56 80 18 50  ee ef 72 5e  19 b1 f1 ca
|   db 96 96 df  26 0e 76 92  5d b8 76 ce  0b fe 1e 23
|   4f bb cb ac  a4 b2 c9 16  bc f0 a0 ac  fe 55 44 24
|   cb 19 83 e1  e0 c0 23 6d  06 a9 b2 ff  b5 77 6b 3f
|   a3 83 a1 ec  2d 5c 34 da  5f 0e 30 0f  dc 88 14 a0
|   17 e1 5d c4  81 81 71 8e  a4 86 eb 25  9a 41 92 da
|   27 cf 14 45  90 19 18 c2  68 bd a5 75  1e 0b 59 9b
|   f2 08 bd 8f  60 df 40 59  60 9a c7 e2  3e 25 0d 15
|   e5 24 de cd  d4 67 43 7b  8c 65 12 4a  16 e0 39 f4
|   04 87 5f e0  61 cf 7f 42  86 bf 1c 75  f9 32 08 8d
|   5d 7c dd 23  d0 a7 57 56  4e a9 df ad  54 2d 97 31
|   13 71 83 93  0c fb 91 3d  b1 28 34 63  c1 40 ac 15
|   db df 5a 07  0e d4 46 7d  ad f2 81 8a  33 53 2e 93
|   5e 5f 75 c4  12 b3 00 1b  b8 28 5e fb  06 8a 8a a0
|   47 d3 ef 81  f3 a5 d3 be  7d 6e 34 1e  9e 10 47 c2
|   8a 6b b8 59  90 20 88 08  ba de 82 06  9e 11 4d 49
|   19 f9 19 ef  52 88 95 e9  a5 e4 77 08  0d b1 dd 97
|   27 78 5f b4  78 58 83 a4  59 f4 44 be  22 3b 24 da
|   a0 6d 2b d1  b4 af 1a 74  d7 9e 7a 3c  1a 5a 63 d2
|   d8 26 a7 bd  ed 17 17 5f  fb 3d e4 01  ba f3 37 31
|   10 96 ef 34  8f d9 b5 a4  98 56 65 31  2f 1a df 6d
|   36 3d 96 34  95 69 59 b0  a1 a0 61 b7  e0 51 1e 7f
|   f8 ba 72 d8  4b 90 4d 85  f3 b8 11 3c  56 00 d9 9c
|   07 b7 84 60  c0 0f 5a cc  10 6e 1f ba  68 db b7 b3
|   72 7b 2d 4f  8d 5d 5e e9  6c 02 fa ec  95 c9 64 c5
|   8f 74 c3 50  c3 40 1d 4e  10 4f 2e b3  9f 85 1a 83
|   57 f3 1c 8d  8f 8b c4 6d  f1 42 b4 e0  58 ae b7 fc
|   2d b8
| integ after authenticated encryption:
|   ef c8 83 ec  83 56 58 dd  26 ac 8d 99  01 de 2d 9e
| ikev2_parent_inI2outR2_continue_tail returned STF_OK
| processing: suspend state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| processing: start state #2 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| #2 complete v2 state transition from UNDEFINED md.from_state=PARENT_R1 svm.state=PARENT_R1 to V2_IPSEC_R with status STF_OK
| serialno table: hash serialno #1 to head 0x55c77e373c40
| IKEv2: transition from state STATE_PARENT_R1 to state STATE_V2_IPSEC_R
| child state #2: UNDEFINED(ignore) => V2_IPSEC_R(established CHILD SA)
| Message ID: updating counters for #2 after switching state
| serialno table: hash serialno #1 to head 0x55c77e373c40
| Message ID: 'ikev2-westnet-eastnet-x509-cr' IKE #1 PARENT_R2; CHILD #2 V2_IPSEC_R; message-request msgid=1; initiator { lastack=4294967295 nextuse=0 } responder { lastrecv=0->1 lastreplied=1 }
"ikev2-westnet-eastnet-x509-cr" #2: negotiated connection [192.0.2.0-192.0.2.255:0-65535 0] -> [192.0.1.0-192.0.1.255:0-65535 0]
| NAT-T: encaps is 'auto'
"ikev2-westnet-eastnet-x509-cr" #2: STATE_V2_IPSEC_R: IPsec SA established tunnel mode {ESP=>0x90d046d4 <0x48ff48ca xfrm=AES_GCM_16_256-NONE NATOA=none NATD=none DPD=passive}
| sending V2 reply packet to 192.1.2.45:500 (from port 500)
| sending fragments ...
| sending 539 bytes for STATE_PARENT_R1 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  24 00 01 ff
|   00 01 00 04  66 60 2a 30  bd d5 fa f4  f7 c1 db 54
|   64 19 35 07  1d 31 09 d4  72 b0 57 1a  af 8f f6 5b
|   ef 2d a4 f6  e4 34 4d f9  54 d8 df 9e  c3 cd 6a d8
|   39 65 18 77  1e 0c 5a 3d  d8 90 4e 3e  58 c0 37 c2
|   a6 60 7a f7  2b fa ee e8  05 0e 78 6d  11 00 89 33
|   77 49 e6 d7  ee 92 84 d5  56 fc 67 d9  bb 86 f7 b4
|   94 97 51 b0  b5 ee e8 f6  54 e0 88 16  b7 9d 28 75
|   d6 88 ed b0  64 2e 49 8c  83 26 14 fa  36 e7 d7 3e
|   ac bb 07 9b  a1 c9 ae 61  69 91 46 e3  cf d6 48 35
|   4b 1b 9a 75  70 b6 ce a3  e3 2a 1e 0b  20 44 30 53
|   32 7c 14 6d  ce 64 1d 61  9d f9 de f5  48 0d c5 08
|   0d ea 08 b5  f4 c4 23 3c  b9 5b 23 33  4d 87 7f f9
|   16 0e fd 20  45 3a 52 8e  19 d1 1f 54  39 8a f7 54
|   ca 05 41 2a  3e 5d 92 ee  3c 0f 2c 0c  f2 ed 00 d5
|   eb db 64 1a  dd 0c 55 ba  df 0d f7 4c  98 b0 46 48
|   75 c5 86 f4  ed a7 cf a6  45 b0 73 8c  b9 d4 e1 47
|   23 82 f5 79  01 4b 20 1f  d8 6c 9a a6  52 04 de 5e
|   a7 44 dd 99  9f ed ec fa  39 6b 08 a1  ee 31 27 40
|   49 6e 10 fa  85 6a 9b 96  8f 3b 58 47  03 05 19 e4
|   da 82 7a 4a  4c 40 7d fd  45 92 32 39  2f 4d f5 b7
|   7d 76 9f 88  c0 ec 37 b6  6c 53 7b c0  84 ca 31 60
|   9a 4a 92 3e  2a c6 92 a4  fb 2d ea d7  c1 99 44 d2
|   9e b8 22 c9  f4 38 bd c8  cd 61 c2 11  0a ca 40 0f
|   8c 04 17 cd  bc 35 e3 5d  86 7e 33 6c  2c 26 ad 92
|   ad ba 24 bc  af 3f 14 7a  55 91 53 c9  ec ca 07 91
|   98 f9 59 17  33 c0 05 7a  ca ea 01 a7  25 a2 c2 09
|   96 93 2f d7  d6 a8 a9 aa  be d5 10 51  bf 62 53 f4
|   70 dd 20 cf  d5 d3 29 3f  46 d3 61 d2  5b 21 c3 bd
|   54 2e a1 23  59 a7 40 a0  8f 8a e7 71  80 60 b5 10
|   29 2d c1 43  82 12 95 95  28 10 c7 d7  4e 70 b8 20
|   08 98 8b eb  5c 7b d4 00  55 46 bf 71  7f ea 22 88
|   9d 0f 26 f8  48 cb db fb  1d fb 7d
| sending 539 bytes for STATE_PARENT_R1 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 02 00 04  99 ea 65 22  e9 83 ad ff  2e 17 0b 36
|   f8 0a b4 c3  2e fa 80 b1  bc 07 d4 06  66 e7 9e 46
|   03 02 1d b6  93 3c 29 55  c2 cb b8 d8  70 fe f7 c1
|   73 bf 9c e4  16 ab 45 ec  18 39 ec e3  d4 66 d9 3f
|   10 92 f5 8a  dd 04 d4 b6  eb b6 0d 6e  d0 82 29 49
|   83 56 8b fb  1a 75 4f 23  01 7e cd e1  81 3a cf 68
|   dd 89 f8 13  03 cd 60 f3  f6 ba be 3b  6d 09 eb 97
|   db 37 d9 27  c2 84 d5 17  aa ea 12 06  67 ff 92 9e
|   52 9f 3e aa  96 2a 02 e0  22 45 3b 28  c9 28 be 7d
|   eb 10 d4 52  c7 42 a8 f2  fa 5c dc d6  af 55 e3 2a
|   26 55 8d ae  c8 46 a6 a8  9b b5 a3 82  77 d8 6f 64
|   de 10 8b 38  18 63 76 81  a1 15 83 61  25 d2 e3 50
|   25 c3 cd b3  88 72 25 cd  d9 89 32 2c  09 e6 06 d1
|   94 ec b5 df  d8 70 1f aa  7c 85 4c b0  e3 d5 78 5d
|   20 50 1e 03  3d 33 e0 75  d2 45 5c 10  f7 3b 0f 51
|   b1 33 1c 17  17 b8 9f 92  fe 7a 98 9c  1d b1 5a c2
|   13 31 87 02  25 1c f1 1d  bc 69 21 65  a7 2d 96 a8
|   03 fd b3 96  8c 18 9a 10  bf 79 19 27  a2 06 35 8d
|   57 30 4d d4  dd a3 8e 2a  87 13 fd 24  ae 90 4c d7
|   25 08 40 42  b3 6c 9d 98  c7 a7 85 f9  3a a0 3d a5
|   15 6e e6 54  a3 f9 7b 5a  9f 23 5e 41  52 d0 50 a1
|   77 64 8e bc  ca 4a 3f 30  35 a5 8a 61  08 9b 82 34
|   87 09 e0 aa  e8 b3 7d 51  1c b3 61 67  d9 cb 2d bc
|   6c 54 28 d8  35 0d 22 e5  eb 5f 1b 7d  3b b6 97 f9
|   3b a3 09 2f  cd 88 5e 75  7f 9b 3b 0b  ee 79 2e 47
|   65 93 fc 25  d8 4e 80 79  57 9c fe 9f  9e 4c 20 81
|   6e ec 5c 26  05 b4 7d 14  cd ff 67 6e  2f b1 d9 7c
|   33 8a d4 3a  9b 28 c0 ba  6d 7e d2 78  b1 f8 0b f1
|   b4 fe 6a 11  8a 01 ea cb  a0 a6 cc 24  50 19 4d a9
|   a7 ea be 37  b6 4b bf da  db cf fb a3  17 b3 79 34
|   e6 f9 a2 06  2d c0 7f e6  7d 8a 91 db  70 19 c4 27
|   30 f5 c8 0c  42 a0 51 17  58 f2 90
| sending 539 bytes for STATE_PARENT_R1 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 1b  00 00 01 ff
|   00 03 00 04  c2 0a c8 8e  81 b3 e7 89  e9 55 13 3d
|   a8 38 23 93  9d 6e d8 04  67 41 c3 0f  3c cc dd a3
|   33 c7 fe 6e  07 16 4f b8  5b e0 91 42  3d 20 d7 00
|   dc 2e 83 27  34 6c 68 6d  83 bf 66 7d  6c bc b7 1f
|   1f fa 7d af  93 8a 8f 40  f1 6f 58 92  ad 20 fe bf
|   eb d6 c5 16  12 ad d1 6b  f4 4b 17 0f  ca b5 01 86
|   58 66 13 bf  a9 d5 c6 a7  d3 3c 89 75  3e 2a 19 25
|   1f 9d 23 e7  7c ab bc d2  c1 3e e5 5c  e8 15 c8 02
|   0d a7 c0 30  84 8c cf d1  bf 51 22 98  89 ce f6 49
|   61 8b bd 3d  00 bb b7 11  29 16 e8 8b  cf e2 44 95
|   1f 45 28 f6  08 59 19 e5  63 d3 58 d5  a4 db b0 36
|   8d 23 17 37  36 73 60 cf  45 07 54 3e  9d c1 af 7a
|   98 b7 09 b6  c5 c9 c5 4c  a2 f2 58 8c  4e d6 de da
|   27 0a 94 15  fc f5 a4 e6  0b e3 81 c2  0b ba 7b 7e
|   0e 4d 98 35  c6 c3 82 d5  15 d7 c9 d8  3e 16 03 2a
|   17 e5 98 0a  f6 b4 c5 65  09 5a 0a 4f  f3 c7 26 ff
|   7d 63 a7 43  30 c3 3f da  f3 90 79 a5  0a 99 a8 37
|   49 ac d9 60  79 77 29 f4  ac 34 c5 a2  37 09 46 3d
|   46 32 ab e1  a9 d0 bd 4f  9b 2e d8 80  7c da 6b 23
|   54 55 20 9b  12 34 fb 33  4b 43 52 52  a1 47 91 5f
|   3f d0 46 9b  6d 35 1d b4  fd 75 b4 a4  11 6b e0 09
|   0e 61 ea d2  73 22 39 42  2b 9b 75 c6  ca 02 b9 ef
|   fb 6b ee e2  db 2c b5 1f  3b e7 67 2d  7f 54 f6 29
|   03 aa 86 66  c4 ea 3e 81  69 56 49 19  31 ad 6d 9a
|   50 86 43 75  1b f6 bc 89  c9 ea 2b fa  3a a0 56 9e
|   ae 2d 2e 60  ca 4a c1 e2  7c e2 5c 2d  b0 ec e4 81
|   a0 ad a0 d6  7c 06 73 b8  9f 54 2c 18  3b 8d 6d 05
|   c2 f3 88 01  57 b0 02 63  73 da 60 a2  35 fb 38 53
|   bf 9f 59 d0  6f 5b 9b a3  c1 ca 5d ed  ae 32 15 97
|   31 6d 1a 31  56 18 c1 48  c7 09 7a 0b  55 35 91 27
|   01 a1 bd 58  ba db 22 b7  44 b1 8c f5  bf 1f f5 86
|   13 c6 14 95  a6 f1 30 ba  ea 74 07
| sending 526 bytes for STATE_PARENT_R1 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   35 20 23 20  00 00 00 01  00 00 02 0e  00 00 01 f2
|   00 04 00 04  12 9b 27 7f  73 34 5a fc  b9 bb 1c 0f
|   d6 f2 30 39  12 a5 be 7a  07 48 5f 83  db d0 a9 3f
|   a9 3a e7 3c  65 58 34 ac  7e 29 6d e4  f2 6c 00 73
|   56 80 18 50  ee ef 72 5e  19 b1 f1 ca  db 96 96 df
|   26 0e 76 92  5d b8 76 ce  0b fe 1e 23  4f bb cb ac
|   a4 b2 c9 16  bc f0 a0 ac  fe 55 44 24  cb 19 83 e1
|   e0 c0 23 6d  06 a9 b2 ff  b5 77 6b 3f  a3 83 a1 ec
|   2d 5c 34 da  5f 0e 30 0f  dc 88 14 a0  17 e1 5d c4
|   81 81 71 8e  a4 86 eb 25  9a 41 92 da  27 cf 14 45
|   90 19 18 c2  68 bd a5 75  1e 0b 59 9b  f2 08 bd 8f
|   60 df 40 59  60 9a c7 e2  3e 25 0d 15  e5 24 de cd
|   d4 67 43 7b  8c 65 12 4a  16 e0 39 f4  04 87 5f e0
|   61 cf 7f 42  86 bf 1c 75  f9 32 08 8d  5d 7c dd 23
|   d0 a7 57 56  4e a9 df ad  54 2d 97 31  13 71 83 93
|   0c fb 91 3d  b1 28 34 63  c1 40 ac 15  db df 5a 07
|   0e d4 46 7d  ad f2 81 8a  33 53 2e 93  5e 5f 75 c4
|   12 b3 00 1b  b8 28 5e fb  06 8a 8a a0  47 d3 ef 81
|   f3 a5 d3 be  7d 6e 34 1e  9e 10 47 c2  8a 6b b8 59
|   90 20 88 08  ba de 82 06  9e 11 4d 49  19 f9 19 ef
|   52 88 95 e9  a5 e4 77 08  0d b1 dd 97  27 78 5f b4
|   78 58 83 a4  59 f4 44 be  22 3b 24 da  a0 6d 2b d1
|   b4 af 1a 74  d7 9e 7a 3c  1a 5a 63 d2  d8 26 a7 bd
|   ed 17 17 5f  fb 3d e4 01  ba f3 37 31  10 96 ef 34
|   8f d9 b5 a4  98 56 65 31  2f 1a df 6d  36 3d 96 34
|   95 69 59 b0  a1 a0 61 b7  e0 51 1e 7f  f8 ba 72 d8
|   4b 90 4d 85  f3 b8 11 3c  56 00 d9 9c  07 b7 84 60
|   c0 0f 5a cc  10 6e 1f ba  68 db b7 b3  72 7b 2d 4f
|   8d 5d 5e e9  6c 02 fa ec  95 c9 64 c5  8f 74 c3 50
|   c3 40 1d 4e  10 4f 2e b3  9f 85 1a 83  57 f3 1c 8d
|   8f 8b c4 6d  f1 42 b4 e0  58 ae b7 fc  2d b8 ef c8
|   83 ec 83 56  58 dd 26 ac  8d 99 01 de  2d 9e
| sent 4 fragments
| releasing whack for #2 (sock=fd@-1)
| serialno table: hash serialno #1 to head 0x55c77e373c40
| releasing whack and unpending for parent #1
| unpending state #1 connection "ikev2-westnet-eastnet-x509-cr"
| #2 will start re-keying in 28530 seconds with margin of 270 seconds (attempting re-key)
| event_schedule: new EVENT_SA_REPLACE-pe@0x55c7808316b8
| inserting event EVENT_SA_REPLACE, timeout in 28530.000 seconds for #2
| processing: stop state #2 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in schedule_event_now_cb() at server.c:549)
| serialno table: hash serialno #0 to head 0x55c77e373c20
|  kernel_process_msg_cb process netlink message
| netlink_get: XFRM_MSG_EXPIRE message
| waitpid returned ECHILD (no child processes left)
| waitpid returned ECHILD (no child processes left)
| waitpid returned ECHILD (no child processes left)
| *received 69 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 08  00 00 00 02  00 00 00 45  2a 00 00 29
|   08 f3 15 14  0c fc 79 5e  7e 4d 5f 57  96 23 a7 06
|   41 5e e0 f5  10 86 b0 fd  ee 88 7f f3  a5 61 f8 c2
|   b2 1a de a4  d1
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SK (0x2e)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 2 (0x2)
|    length: 69 (0x45)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_INFORMATIONAL (37)
| I am receiving an IKEv2 Request ISAKMP_v2_INFORMATIONAL
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R2
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002
| #1 in state PARENT_R2: received v2I2, PARENT SA established
| Unpacking clear payload for svm: R2: process INFORMATIONAL Request
| Now let's proceed with payload (ISAKMP_NEXT_v2SK)
| ***parse IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2D (0x2a)
|    flags: none (0x0)
|    length: 41 (0x29)
| processing payload: ISAKMP_NEXT_v2SK (len=37)
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   08 f3 15 14  0c fc 79 5e
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 08  00 00 00 02  00 00 00 45  2a 00 00 29
| data before authenticated decryption:
|   7e 4d 5f 57  96 23 a7 06  41 5e e0 f5  10
| integ before authenticated decryption:
|   86 b0 fd ee  88 7f f3 a5  61 f8 c2 b2  1a de a4 d1
| data after authenticated decryption:
|   00 00 00 0c  03 04 00 01  90 d0 46 d4  00 86 b0 fd
|   ee 88 7f f3  a5 61 f8 c2  b2 1a de a4  d1
| stripping 1 octets as pad
| #1 ikev2 ISAKMP_v2_INFORMATIONAL decrypt success
| Now let's proceed with payload (ISAKMP_NEXT_v2D)
| **parse IKEv2 Delete Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 12 (0xc)
|    protocol ID: PROTO_v2_ESP (0x3)
|    SPI size: 4 (0x4)
|    number of SPIs: 1 (0x1)
| processing payload: ISAKMP_NEXT_v2D (len=4)
| selected state microcode R2: process INFORMATIONAL Request
| Now let's proceed with state specific processing
| calling processor R2: process INFORMATIONAL Request
| an informational request should send a response 
| Received an INFORMATIONAL response, updating st_last_liveness, no pending_liveness
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 2 (0x2)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
| next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'information exchange reply packet'
| emitting 8 zero bytes of IV into IKEv2 Encryption Payload
| parsing 4 raw bytes of IKEv2 Delete Payload into SPI
| SPI  90 d0 46 d4
| delete PROTO_v2_ESP SA(0x90d046d4)
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 CHILD SA #2 found using their inbound (our outbound) SPI, in STATE_V2_IPSEC_R
| our side SPI that needs to be deleted: PROTO_v2_ESP SA(0x90d046d4)
"ikev2-westnet-eastnet-x509-cr" #1: received Delete SA payload: delete IPSEC State #2 now
| processing: suspend state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in delete_state() at state.c:748)
| processing: start state #2 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in delete_state() at state.c:748)
| serialno table: hash serialno #1 to head 0x55c77e373c40
"ikev2-westnet-eastnet-x509-cr" #2: deleting other state #2 (STATE_V2_IPSEC_R) aged 3.506s and NOT sending notification
| child state #2: V2_IPSEC_R(established CHILD SA) => delete
| get_sa_info esp.90d046d4@192.1.2.45
| get_sa_info esp.48ff48ca@192.1.2.23
"ikev2-westnet-eastnet-x509-cr" #2: ESP traffic information: in=336B out=336B
| child state #2: V2_IPSEC_R(established CHILD SA) => CHILDSA_DEL(informational)
| state #2 requesting EVENT_SA_REPLACE to be deleted
| free_event_entry: release EVENT_SA_REPLACE-pe@0x55c7808316b8
| serialno list: removing  object 0x55c780815e38 (state #2) entry 0x55c780816608 (older 0x55c7807ff1b8 newer 0x55c77e37e860)
| serialno list: updated older  object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1b8 (older 0x55c77e37e860 newer 0x55c77e37e860)
| serialno list: updated newer  entry 0x55c77e37e860 is HEAD (older 0x55c7807ff1b8 newer 0x55c7807ff1b8)
| serialno table: removing  object 0x55c780815e38 (state #2) entry 0x55c780816628 (older 0x55c77e373c60 newer 0x55c77e373c60)
| serialno table: empty
| running updown command "ipsec _updown" for verb down 
| command executing down-client
| get_sa_info esp.90d046d4@192.1.2.45
| get_sa_info esp.48ff48ca@192.1.2.23
| trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
| executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='xfrm' PLUTO_ADDTIME='1546545636' PLU
| popen cmd is 1492 chars long
| cmd(   0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eas:
| cmd(  80):tnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1:
| cmd( 160):.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department:
| cmd( 240):, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLI:
| cmd( 320):ENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255:
| cmd( 400):.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_:
| cmd( 480):TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O:
| cmd( 560):=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testi:
| cmd( 640):ng.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.:
| cmd( 720):1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTO:
| cmd( 800):COL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Departm:
| cmd( 880):ent, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netk:
| cmd( 960):ey' PLUTO_ADDTIME='1546545636' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKEV:
| cmd(1040):2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_:
| cmd(1120):CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_MY_SOURCEIP='192.0.2.254' PLUTO_IS_P:
| cmd(1200):EER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER:
| cmd(1280):='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' PLUTO_INBY:
| cmd(1360):TES='336' PLUTO_OUTBYTES='336' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI:
| cmd(1440):_IN=0x90d046d4 SPI_OUT=0x48ff48ca ipsec _updown 2>&1:
| shunt_eroute() called for connection 'ikev2-westnet-eastnet-x509-cr' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0
| netlink_shunt_eroute for proto 0, and source port 0 dest port 0
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
| IPsec SA SPD priority set to 1042407
| delete esp.90d046d4@192.1.2.45
| netlink response for Del SA esp.90d046d4@192.1.2.45 included non-error error
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
| delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute)
| raw_eroute result=success
| delete esp.48ff48ca@192.1.2.23
| netlink response for Del SA esp.48ff48ca@192.1.2.23 included non-error error
| in connection_discard for connection ikev2-westnet-eastnet-x509-cr
| child state #2: CHILDSA_DEL(informational) => UNDEFINED(ignore)
| processing: stop state #2 192.1.2.45:500 (in delete_state() at state.c:960)
| serialno table: hash serialno #1 to head 0x55c77e373c40
| processing: resume state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in delete_state() at state.c:960)
| delete_state: release st->st_shared_nss-key@NULL
| delete_state: release st->st_skeyid_nss-key@NULL
| delete_state: release st->st_skey_d_nss-key@0x55c7806b55c0
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_ai_nss-key@NULL
| delete_state: release st->st_skey_ar_nss-key@NULL
| delete_state: release st->st_skey_ei_nss-key@0x55c7806afc00
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_er_nss-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_pi_nss-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_pr_nss-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| delete_state: release st->st_enc_key_nss-key@NULL
| delete_state: release st->st_sk_d_no_ppk-key@NULL
| delete_state: release st->st_sk_pi_no_ppk-key@NULL
| delete_state: release st->st_sk_pr_no_ppk-key@NULL
| ****emit IKEv2 Delete Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    protocol ID: PROTO_v2_ESP (0x3)
|    SPI size: 4 (0x4)
|    number of SPIs: 1 (0x1)
| next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Delete Payload (42:ISAKMP_NEXT_v2D)
| next payload chain: saving location 'IKEv2 Delete Payload'.'next payload type' in 'information exchange reply packet'
| emitting 4 raw bytes of local SPIs into IKEv2 Delete Payload
| local SPIs  48 ff 48 ca
| emitting length of IKEv2 Delete Payload: 12
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
| emitting length of IKEv2 Encryption Payload: 41
| emitting length of ISAKMP Message: 69
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   2c 9a 1a e3  73 03 d5 b2
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 20  00 00 00 02  00 00 00 45  2a 00 00 29
| data before authenticated encryption:
|   00 00 00 0c  03 04 00 01  48 ff 48 ca  00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   b1 f3 72 fb  19 64 ea 5d  26 91 72 a9  da
| integ after authenticated encryption:
|   11 07 68 5d  3e d3 91 f4  2c d1 22 0c  dc 6e 61 50
| sending 69 bytes for reply packet for process_encrypted_informational_ikev2 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 20  00 00 00 02  00 00 00 45  2a 00 00 29
|   2c 9a 1a e3  73 03 d5 b2  b1 f3 72 fb  19 64 ea 5d
|   26 91 72 a9  da 11 07 68  5d 3e d3 91  f4 2c d1 22
|   0c dc 6e 61  50
| Message ID: processing a informational
| Message ID: 'ikev2-westnet-eastnet-x509-cr' IKE #1 PARENT_R2; message-request msgid=2; initiator { lastack=4294967295 nextuse=0 } responder { lastrecv=1->2 lastreplied=2 }
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3004)
| #1 complete v2 state transition from PARENT_R2 to PARENT_R2 with status STF_OK
| Message ID: updating counters for #1 after switching state
| Message ID: 'ikev2-westnet-eastnet-x509-cr' IKE #1 PARENT_R2; message-request msgid=2; initiator { lastack=4294967295 nextuse=0 } responder { lastrecv=2 lastreplied=2 }
"ikev2-westnet-eastnet-x509-cr" #1: STATE_PARENT_R2: received v2I2, PARENT SA established
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: stop state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| *received 65 bytes from 192.1.2.45:500 on eth1 (port=500)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 08  00 00 00 03  00 00 00 41  2a 00 00 25
|   f1 88 da 43  32 23 07 c7  97 b0 0a d6  cf 00 18 51
|   b4 11 f3 85  78 06 9e 42  75 70 de 5d  e3 ee 86 8a
|   6c
| processing: start from 192.1.2.45:500 (in process_md() at demux.c:437)
| **parse ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_v2SK (0x2e)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
|    flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
|    Message ID: 3 (0x3)
|    length: 65 (0x41)
|  processing version=2.0 packet with exchange type=ISAKMP_v2_INFORMATIONAL (37)
| I am receiving an IKEv2 Request ISAKMP_v2_INFORMATIONAL
| I am the IKE SA Original Responder
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| v2 IKE SA #1 found, in state STATE_PARENT_R2
| found state #1
| processing: start state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:1682)
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1687)
| #1 is idle
| #1 idle
| #1 st.st_msgid_lastrecv 2 md.hdr.isa_msgid 00000003
| #1 in state PARENT_R2: received v2I2, PARENT SA established
| Unpacking clear payload for svm: R2: process INFORMATIONAL Request
| Now let's proceed with payload (ISAKMP_NEXT_v2SK)
| ***parse IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2D (0x2a)
|    flags: none (0x0)
|    length: 37 (0x25)
| processing payload: ISAKMP_NEXT_v2SK (len=33)
| Salt before authenticated decryption:
|   74 55 c3 07
| IV before authenticated decryption:
|   f1 88 da 43  32 23 07 c7
| AAD before authenticated decryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 08  00 00 00 03  00 00 00 41  2a 00 00 25
| data before authenticated decryption:
|   97 b0 0a d6  cf 00 18 51  b4
| integ before authenticated decryption:
|   11 f3 85 78  06 9e 42 75  70 de 5d e3  ee 86 8a 6c
| data after authenticated decryption:
|   00 00 00 08  01 00 00 00  00 11 f3 85  78 06 9e 42
|   75 70 de 5d  e3 ee 86 8a  6c
| stripping 1 octets as pad
| #1 ikev2 ISAKMP_v2_INFORMATIONAL decrypt success
| Now let's proceed with payload (ISAKMP_NEXT_v2D)
| **parse IKEv2 Delete Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
|    length: 8 (0x8)
|    protocol ID: PROTO_v2_IKE (0x1)
|    SPI size: 0 (0x0)
|    number of SPIs: 0 (0x0)
| processing payload: ISAKMP_NEXT_v2D (len=0)
| selected state microcode R2: process INFORMATIONAL Request
| Now let's proceed with state specific processing
| calling processor R2: process INFORMATIONAL Request
| an informational request should send a response 
| Received an INFORMATIONAL response, updating st_last_liveness, no pending_liveness
| **emit ISAKMP Message:
|    initiator cookie:
|   84 ef af 3b  c7 ff b0 7d
|    responder cookie:
|   1d c6 2d a1  c4 09 35 20
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
|    exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
|    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
|    Message ID: 3 (0x3)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit IKEv2 Encryption Payload:
|    next payload type: ISAKMP_NEXT_v2NONE (0x0)
|    flags: none (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
| next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'information exchange reply packet'
| emitting 8 zero bytes of IV into IKEv2 Encryption Payload
| adding 1 bytes of padding (including 1 byte padding-length)
| emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload
| emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
| emitting length of IKEv2 Encryption Payload: 29
| emitting length of ISAKMP Message: 57
| Salt before authenticated encryption:
|   47 5e 93 0d
| IV before authenticated encryption:
|   c4 78 3e c9  47 36 32 5b
| AAD before authenticated encryption:
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 20  00 00 00 03  00 00 00 39  00 00 00 1d
| data before authenticated encryption:
|   00
| integ before authenticated encryption:
|   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
| data after authenticated encryption:
|   d0
| integ after authenticated encryption:
|   73 fb 34 65  f1 25 7c c5  f4 fe 68 72  7a 2c ee 38
| sending 57 bytes for reply packet for process_encrypted_informational_ikev2 through eth1:500 to 192.1.2.45:500 (using #1)
|   84 ef af 3b  c7 ff b0 7d  1d c6 2d a1  c4 09 35 20
|   2e 20 25 20  00 00 00 03  00 00 00 39  00 00 00 1d
|   c4 78 3e c9  47 36 32 5b  d0 73 fb 34  65 f1 25 7c
|   c5 f4 fe 68  72 7a 2c ee  38
| IKE SPIi:SPIr table: hash IKE SPIi 84 ef af 3b  c7 ff b0 7d SPIr 1d c6 2d a1  c4 09 35 20 to 821499715557917139 slot 0x55c77e36e080
| parent state #1: PARENT_R2(established IKE SA) => IKESA_DEL(established IKE SA)
| processing: [RE]START state #1 connection "ikev2-westnet-eastnet-x509-cr" 192.1.2.45:500 (in delete_state() at state.c:748)
| serialno table: hash serialno #1 to head 0x55c77e373c40
"ikev2-westnet-eastnet-x509-cr" #1: deleting state (STATE_IKESA_DEL) aged 3.741s and NOT sending notification
| parent state #1: IKESA_DEL(established IKE SA) => delete
| state #1 requesting EVENT_SA_REPLACE to be deleted
| free_event_entry: release EVENT_SA_REPLACE-pe@0x55c7806bea28
| serialno list: removing  object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1b8 (older 0x55c77e37e860 newer 0x55c77e37e860)
| serialno list: empty
| serialno table: removing  object 0x55c7807fe9e8 (state #1) entry 0x55c7807ff1d8 (older 0x55c77e373c40 newer 0x55c77e373c40)
| serialno table: empty
| in connection_discard for connection ikev2-westnet-eastnet-x509-cr
| parent state #1: IKESA_DEL(established IKE SA) => UNDEFINED(ignore)
| unreference key: 0x55c78082dc98 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org cnt 2--
| DH secret MODP2048@0x7fbf90003a28: destroyed
| processing: stop state #1 192.1.2.45:500 (in delete_state() at state.c:960)
| serialno table: hash serialno #1 to head 0x55c77e373c40
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in delete_state() at state.c:960)
| delete_state: release st->st_shared_nss-key@0x55c7806ae420
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skeyid_nss-key@NULL
| delete_state: release st->st_skey_d_nss-key@0x55c7806b55c0
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_ai_nss-key@NULL
| delete_state: release st->st_skey_ar_nss-key@NULL
| delete_state: release st->st_skey_ei_nss-key@0x55c7806afc00
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_er_nss-key@0x55c7806b6e40
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_pi_nss-key@0x55c7806b7180
| NSS: PK11_FreeSymKey
| delete_state: release st->st_skey_pr_nss-key@0x7fbf880098f0
| NSS: PK11_FreeSymKey
| delete_state: release st->st_enc_key_nss-key@NULL
| delete_state: release st->st_sk_d_no_ppk-key@NULL
| delete_state: release st->st_sk_pi_no_ppk-key@NULL
| delete_state: release st->st_sk_pr_no_ppk-key@NULL
| Message ID: processing a informational
| Message ID: current processor deleted the state nothing to update
| skip start processing: state #0 (in complete_v2_state_transition() at ikev2.c:3004)
| #0 complete v2 state transition from UNDEFINED md.from_state=PARENT_R2 svm.state=PARENT_R2 to PARENT_R2 with status STF_OK
| STF_OK but no state object remains
| processing: stop from 192.1.2.45:500 (BACKGROUND) (in process_md() at demux.c:439)
| processing: STOP state #0 (in process_md() at demux.c:441)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| processing: resume connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:441)
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in process_md() at demux.c:442)
| waitpid returned ECHILD (no child processes left)
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@17 (in whack_handle() at rcv_whack.c:700)
| serialno table: hash serialno #0 to head 0x55c77e373c20
| serialno table: hash serialno #0 to head 0x55c77e373c20
| close_any(fd@17) (in whack_process() at rcv_whack.c:680)
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@17 (in whack_handle() at rcv_whack.c:700)
shutting down
| processing: RESET whack log_fd (was fd@17) (in exit_pluto() at plutomain.c:1813)
| pluto_sd: executing action action: stopping(6), status 0
| certs and keys locked by 'free_preshared_secrets'
forgetting secrets
| NSS: SECKEY_DestroyPrivateKey
| certs and keys unlocked by 'free_preshared_secrets'
| unreference key: 0x55c78082dc98 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org cnt 1--
| unreference key: 0x55c7807c8ad8 user-west@testing.libreswan.org cnt 1--
| unreference key: 0x55c780817098 @west.testing.libreswan.org cnt 1--
| unreference key: 0x55c7807c7da8 west@testing.libreswan.org cnt 1--
| unreference key: 0x55c780830d68 192.1.2.45 cnt 1--
| unreference key: 0x55c7807fe028 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
| unreference key: 0x55c7807fc0a8 user-east@testing.libreswan.org cnt 1--
| unreference key: 0x55c7807fbcf8 @east.testing.libreswan.org cnt 1--
| unreference key: 0x55c7807fb988 east@testing.libreswan.org cnt 1--
| unreference key: 0x55c78068dde8 192.1.2.23 cnt 1--
| processing: start connection "ikev2-westnet-eastnet-x509-cr" (in delete_connection() at connections.c:264)
"ikev2-westnet-eastnet-x509-cr": deleting non-instance connection
| Deleting states for connection - including all other IPsec SA's of this IKE SA
| pass 0
| pass 1
| shunt_eroute() called for connection 'ikev2-westnet-eastnet-x509-cr' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0
| netlink_shunt_eroute for proto 0, and source port 0 dest port 0
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
| priority calculation of connection "ikev2-westnet-eastnet-x509-cr" is 0xfe7e7
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000 vs
|  conn ikev2-westnet-eastnet-x509-cr mark 0/00000000, 0/00000000
| route owner of "ikev2-westnet-eastnet-x509-cr" unrouted: NULL
| running updown command "ipsec _updown" for verb unroute 
| command executing unroute-client
| executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='xfrm' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' 
| popen cmd is 1314 chars long
| cmd(   0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='ikev2-westnet-:
| cmd(  80):eastnet-x509-cr' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='19:
| cmd( 160):2.1.2.23' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Departm:
| cmd( 240):ent, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_MY_:
| cmd( 320):CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.:
| cmd( 400):255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_:
| cmd( 480):SA_TYPE='none' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toront:
| cmd( 560):o, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=user-west@t:
| cmd( 640):esting.libreswan.org' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='19:
| cmd( 720):2.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_P:
| cmd( 800):ROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='xfrm' PLUTO_ADDTIME='0' PLUTO_CONN_P:
| cmd( 880):OLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' :
| cmd( 960):PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO:
| cmd(1040):_MY_SOURCEIP='192.0.2.254' PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_:
| cmd(1120):PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT=':
| cmd(1200):0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=:
| cmd(1280):0x0 SPI_OUT=0x0 ipsec _updown 2>&1:
| processing: stop connection "ikev2-westnet-eastnet-x509-cr" (in delete_connection() at connections.c:314)
| crl fetch request list locked by 'free_crl_fetch'
| crl fetch request list unlocked by 'free_crl_fetch'
shutting down interface lo/lo 127.0.0.1:4500
shutting down interface lo/lo 127.0.0.1:500
shutting down interface eth0/eth0 192.0.2.254:4500
shutting down interface eth0/eth0 192.0.2.254:500
shutting down interface eth1/eth1 192.1.2.23:4500
shutting down interface eth1/eth1 192.1.2.23:500
shutting down interface eth2/eth2 192.9.2.23:4500
shutting down interface eth2/eth2 192.9.2.23:500
| free_event_entry: release EVENT_NULL-pe@0x55c7806bda88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bdb88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bdc88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bdd88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bde88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bdf88
| free_event_entry: release EVENT_NULL-pe@0x55c7806be088
| free_event_entry: release EVENT_NULL-pe@0x55c7806be188
| free_event_entry: release EVENT_NULL-pe@0x55c7806bd578
| free_event_entry: release EVENT_NULL-pe@0x55c7806bd3d8
| free_event_entry: release EVENT_NULL-pe@0x55c7806bd238
| free_event_entry: release EVENT_NULL-pe@0x55c7806bcf88
| free_event_entry: release EVENT_NULL-pe@0x55c7806bce88
| free_event_entry: release EVENT_SD_WATCHDOG-pe@0x55c7806bb8a8
| free_event_entry: release EVENT_NULL-pe@0x55c7806b1c68
| free_event_entry: release EVENT_NULL-pe@0x55c7806a8e08
| free_event_entry: release EVENT_SHUNT_SCAN-pe@0x55c7806b1d98
| free_event_entry: release EVENT_PENDING_PHASE2-pe@0x55c7806747f8
| free_event_entry: release EVENT_PENDING_DDNS-pe@0x55c780674788
| free_event_entry: release EVENT_REINIT_SECRET-pe@0x55c78062d928
leak detective found no leaks
