1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_ssl_hs_server_init_main(void *t0ctx
);
66 void br_ssl_hs_server_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_server_context *)ENG)
95 * Decrypt the pre-master secret (RSA key exchange).
98 do_rsa_decrypt(br_ssl_server_context
*ctx
, int prf_id
,
99 unsigned char *epms
, size_t len
)
102 unsigned char rpms
[48];
107 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
, epms
, len
);
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
116 br_enc16be(epms
, ctx
->client_max_version
);
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
123 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, sizeof rpms
);
124 br_ccopy(x
^ 1, epms
, rpms
, sizeof rpms
);
127 * Compute master secret.
129 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, epms
, 48);
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
135 memset(epms
, 0, len
);
139 * Common part for ECDH and ECDHE.
142 ecdh_common(br_ssl_server_context
*ctx
, int prf_id
,
143 unsigned char *cpoint
, size_t cpoint_len
, uint32_t ctl
)
145 unsigned char rpms
[80];
149 * The point length is supposed to be 1+2*Xlen, where Xlen is
150 * the length (in bytes) of the X coordinate, i.e. the pre-master
151 * secret. If the provided point is too large, then it is
152 * obviously incorrect (i.e. everybody can see that it is
153 * incorrect), so leaking that fact is not a problem.
155 pms_len
= cpoint_len
>> 1;
156 if (pms_len
> sizeof rpms
) {
157 pms_len
= sizeof rpms
;
162 * Make a random PMS and copy it above the decrypted value if the
163 * decryption failed. Note that we use a constant-time conditional
166 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, pms_len
);
167 br_ccopy(ctl
^ 1, cpoint
+ 1, rpms
, pms_len
);
170 * Compute master secret.
172 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, cpoint
+ 1, pms_len
);
175 * Clear the pre-master secret from RAM: it is normally a buffer
176 * in the context, hence potentially long-lived.
178 memset(cpoint
, 0, cpoint_len
);
182 * Do the ECDH key exchange (not ECDHE).
185 do_ecdh(br_ssl_server_context
*ctx
, int prf_id
,
186 unsigned char *cpoint
, size_t cpoint_len
)
191 * Finalise the key exchange.
193 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
,
195 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
199 * Do the full static ECDH key exchange. When this function is called,
200 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
201 * and the client's public key (from its certificate) has type EC and is
202 * apt for key exchange.
205 do_static_ecdh(br_ssl_server_context
*ctx
, int prf_id
)
207 unsigned char cpoint
[133];
209 const br_x509_class
**xc
;
210 const br_x509_pkey
*pk
;
212 xc
= ctx
->eng
.x509ctx
;
213 pk
= (*xc
)->get_pkey(xc
, NULL
);
214 cpoint_len
= pk
->key
.ec
.qlen
;
215 if (cpoint_len
> sizeof cpoint
) {
217 * If the point is larger than our buffer then we need to
218 * restrict it. Length 2 is not a valid point length, so
219 * the ECDH will fail.
223 memcpy(cpoint
, pk
->key
.ec
.q
, cpoint_len
);
224 do_ecdh(ctx
, prf_id
, cpoint
, cpoint_len
);
228 * Do the ECDHE key exchange (part 1: generation of transient key, and
229 * computing of the point to send to the client). Returned value is the
230 * signature length (in bytes), or -x on error (with x being an error
231 * code). The encoded point is written in the ecdhe_point[] context buffer
232 * (length in ecdhe_point_len).
235 do_ecdhe_part1(br_ssl_server_context
*ctx
, int curve
)
239 const unsigned char *order
, *generator
;
241 br_multihash_context mhc
;
242 unsigned char head
[4];
243 size_t hv_len
, sig_len
;
245 if (!((ctx
->eng
.iec
->supported_curves
>> curve
) & 1)) {
246 return -BR_ERR_INVALID_ALGORITHM
;
248 ctx
->eng
.ecdhe_curve
= curve
;
251 * Generate our private key. We need a non-zero random value
252 * which is lower than the curve order, in a "large enough"
253 * range. We force the top bit to 0 and bottom bit to 1, which
254 * does the trick. Note that contrary to what happens in ECDSA,
255 * this is not a problem if we do not cover the full range of
258 order
= ctx
->eng
.iec
->order(curve
, &olen
);
260 while (mask
>= order
[0]) {
263 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->ecdhe_key
, olen
);
264 ctx
->ecdhe_key
[0] &= mask
;
265 ctx
->ecdhe_key
[olen
- 1] |= 0x01;
266 ctx
->ecdhe_key_len
= olen
;
269 * Compute our ECDH point.
271 generator
= ctx
->eng
.iec
->generator(curve
, &glen
);
272 memcpy(ctx
->eng
.ecdhe_point
, generator
, glen
);
273 ctx
->eng
.ecdhe_point_len
= glen
;
274 if (!ctx
->eng
.iec
->mul(ctx
->eng
.ecdhe_point
, glen
,
275 ctx
->ecdhe_key
, olen
, curve
))
277 return -BR_ERR_INVALID_ALGORITHM
;
281 * Compute the signature.
283 br_multihash_zero(&mhc
);
284 br_multihash_copyimpl(&mhc
, &ctx
->eng
.mhash
);
285 br_multihash_init(&mhc
);
286 br_multihash_update(&mhc
,
287 ctx
->eng
.client_random
, sizeof ctx
->eng
.client_random
);
288 br_multihash_update(&mhc
,
289 ctx
->eng
.server_random
, sizeof ctx
->eng
.server_random
);
293 head
[3] = ctx
->eng
.ecdhe_point_len
;
294 br_multihash_update(&mhc
, head
, sizeof head
);
295 br_multihash_update(&mhc
,
296 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
297 hash
= ctx
->sign_hash_id
;
299 hv_len
= br_multihash_out(&mhc
, hash
, ctx
->eng
.pad
);
301 return -BR_ERR_INVALID_ALGORITHM
;
304 if (!br_multihash_out(&mhc
, br_md5_ID
, ctx
->eng
.pad
)
305 || !br_multihash_out(&mhc
,
306 br_sha1_ID
, ctx
->eng
.pad
+ 16))
308 return -BR_ERR_INVALID_ALGORITHM
;
312 sig_len
= (*ctx
->policy_vtable
)->do_sign(ctx
->policy_vtable
,
313 hash
, hv_len
, ctx
->eng
.pad
, sizeof ctx
->eng
.pad
);
314 return sig_len
? (int)sig_len
: -BR_ERR_INVALID_ALGORITHM
;
318 * Do the ECDHE key exchange (part 2: computation of the shared secret
319 * from the point sent by the client).
322 do_ecdhe_part2(br_ssl_server_context
*ctx
, int prf_id
,
323 unsigned char *cpoint
, size_t cpoint_len
)
328 curve
= ctx
->eng
.ecdhe_curve
;
331 * Finalise the key exchange.
333 x
= ctx
->eng
.iec
->mul(cpoint
, cpoint_len
,
334 ctx
->ecdhe_key
, ctx
->ecdhe_key_len
, curve
);
335 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
338 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
339 * as that key does not get stolen, so we'd better destroy it
340 * as soon as it ceases to be useful.
342 memset(ctx
->ecdhe_key
, 0, ctx
->ecdhe_key_len
);
346 * Offset for hash value within the pad (when obtaining all hash values,
347 * in preparation for verification of the CertificateVerify message).
348 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
349 * is used to get the total length.
351 static const unsigned char HASH_PAD_OFF
[] = { 0, 16, 36, 64, 96, 144, 208 };
354 * OID for hash functions in RSA signatures.
356 static const unsigned char HASH_OID_SHA1
[] = {
357 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
360 static const unsigned char HASH_OID_SHA224
[] = {
361 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
364 static const unsigned char HASH_OID_SHA256
[] = {
365 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
368 static const unsigned char HASH_OID_SHA384
[] = {
369 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
372 static const unsigned char HASH_OID_SHA512
[] = {
373 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
376 static const unsigned char *HASH_OID
[] = {
385 * Verify the signature in CertificateVerify. Returned value is 0 on
386 * success, or a non-zero error code. Lack of implementation of the
387 * designated signature algorithm is reported as a "bad signature"
388 * error (because it means that the peer did not honour our advertised
389 * set of supported signature algorithms).
392 verify_CV_sig(br_ssl_server_context
*ctx
, size_t sig_len
)
394 const br_x509_class
**xc
;
395 const br_x509_pkey
*pk
;
398 id
= ctx
->hash_CV_id
;
399 xc
= ctx
->eng
.x509ctx
;
400 pk
= (*xc
)->get_pkey(xc
, NULL
);
401 if (pk
->key_type
== BR_KEYTYPE_RSA
) {
402 unsigned char tmp
[64];
403 const unsigned char *hash_oid
;
408 hash_oid
= HASH_OID
[id
- 2];
410 if (ctx
->eng
.irsavrfy
== 0) {
411 return BR_ERR_BAD_SIGNATURE
;
413 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
414 hash_oid
, ctx
->hash_CV_len
, &pk
->key
.rsa
, tmp
)
415 || memcmp(tmp
, ctx
->hash_CV
, ctx
->hash_CV_len
) != 0)
417 return BR_ERR_BAD_SIGNATURE
;
420 if (ctx
->eng
.iecdsa
== 0) {
421 return BR_ERR_BAD_SIGNATURE
;
423 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
,
424 ctx
->hash_CV
, ctx
->hash_CV_len
,
425 &pk
->key
.ec
, ctx
->eng
.pad
, sig_len
))
427 return BR_ERR_BAD_SIGNATURE
;
435 static const uint8_t t0_datablock
[] = {
436 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
437 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
438 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
439 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
440 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
441 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
442 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
443 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
444 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
445 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
446 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
447 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
448 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
451 static const uint8_t t0_codeblock
[] = {
452 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
453 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
454 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
455 0x28, 0x28, 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00,
456 0x01, T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_BAD_SIGNATURE
), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_BAD_VERSION
), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_NO_CLIENT_AUTH
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
466 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
469 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
470 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
471 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
473 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
475 T0_INT2(offsetof(br_ssl_server_context
, client_max_version
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, client_random
)),
478 T0_INT2(offsetof(br_ssl_server_context
, client_suites
)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(br_ssl_server_context
, client_suites_num
)),
481 T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(br_ssl_server_context
, curves
)), 0x00, 0x00,
483 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00,
484 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)),
485 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)),
486 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context
, hashes
)),
487 0x00, 0x00, 0x73, 0x01,
488 T0_INT2(BR_MAX_CIPHER_SUITES
* sizeof(br_suite_translated
)), 0x00,
489 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
490 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00,
492 T0_INT2(offsetof(br_ssl_engine_context
, peer_log_max_frag_len
)), 0x00,
493 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)),
495 T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)), 0x00, 0x00,
497 0x01, T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00,
498 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)),
500 T0_INT2(offsetof(br_ssl_engine_context
, server_random
)), 0x00, 0x00,
502 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
504 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
506 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
507 0x01, T0_INT2(offsetof(br_ssl_server_context
, sign_hash_id
)), 0x00,
508 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00,
509 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00,
511 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
512 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
514 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
515 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
516 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
517 0x00, 0x00, 0x09, 0x29, 0x56, 0x06, 0x02, 0x62, 0x2A, 0x00, 0x00, 0x01,
518 0x01, 0x00, 0x01, 0x03, 0x00, 0x81, 0x11, 0x29, 0x5C, 0x46, 0x81, 0x15,
519 0x29, 0x05, 0x04, 0x5D, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x03,
520 0x81, 0x15, 0x00, 0x5C, 0x04, 0x69, 0x00, 0x06, 0x02, 0x62, 0x2A, 0x00,
521 0x00, 0x29, 0x81, 0x02, 0x46, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x46, 0x70,
522 0x2D, 0x81, 0x1D, 0x1C, 0x7D, 0x01, 0x0C, 0x32, 0x00, 0x00, 0x29, 0x21,
523 0x01, 0x08, 0x0C, 0x46, 0x5A, 0x21, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01,
524 0x00, 0x6F, 0x41, 0x2B, 0x19, 0x37, 0x06, 0x08, 0x02, 0x00, 0x81, 0x43,
525 0x03, 0x00, 0x04, 0x74, 0x01, 0x00, 0x81, 0x3B, 0x02, 0x00, 0x29, 0x19,
526 0x13, 0x06, 0x02, 0x69, 0x2A, 0x81, 0x43, 0x04, 0x75, 0x00, 0x01, 0x00,
527 0x6F, 0x41, 0x01, 0x16, 0x81, 0x00, 0x41, 0x35, 0x81, 0x25, 0x34, 0x06,
528 0x02, 0x6B, 0x2A, 0x06, 0x0D, 0x81, 0x4A, 0x01, 0x00, 0x81, 0x46, 0x01,
529 0x00, 0x81, 0x21, 0x04, 0x80, 0x59, 0x81, 0x4A, 0x81, 0x47, 0x28, 0x81,
530 0x4C, 0x4B, 0x06, 0x02, 0x81, 0x48, 0x81, 0x4B, 0x2B, 0x4B, 0x06, 0x3C,
531 0x01, 0x00, 0x81, 0x22, 0x29, 0x56, 0x06, 0x13, 0x01, 0x02, 0x81, 0x1A,
532 0x05, 0x02, 0x36, 0x2A, 0x28, 0x81, 0x26, 0x81, 0x24, 0x29, 0x81, 0x3C,
533 0x28, 0x04, 0x1F, 0x29, 0x58, 0x06, 0x0D, 0x28, 0x01, 0x02, 0x81, 0x1A,
534 0x05, 0x02, 0x68, 0x2A, 0x81, 0x26, 0x04, 0x0E, 0x81, 0x28, 0x29, 0x05,
535 0x05, 0x28, 0x81, 0x20, 0x04, 0x04, 0x81, 0x27, 0x81, 0x23, 0x04, 0x02,
536 0x81, 0x26, 0x01, 0x00, 0x81, 0x21, 0x01, 0x00, 0x81, 0x46, 0x3D, 0x01,
537 0x01, 0x6F, 0x41, 0x01, 0x17, 0x81, 0x00, 0x41, 0x00, 0x00, 0x39, 0x39,
538 0x00, 0x01, 0x03, 0x00, 0x2B, 0x19, 0x37, 0x06, 0x05, 0x81, 0x42, 0x28,
539 0x04, 0x77, 0x01, 0x02, 0x02, 0x00, 0x81, 0x3A, 0x19, 0x37, 0x06, 0x05,
540 0x81, 0x42, 0x28, 0x04, 0x77, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2A,
541 0x00, 0x00, 0x79, 0x2E, 0x46, 0x12, 0x01, 0x01, 0x13, 0x36, 0x00, 0x00,
542 0x01, 0x7F, 0x81, 0x17, 0x81, 0x42, 0x29, 0x01, 0x07, 0x13, 0x01, 0x00,
543 0x39, 0x0F, 0x06, 0x0A, 0x28, 0x01, 0x10, 0x13, 0x06, 0x02, 0x81, 0x39,
544 0x04, 0x2F, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x26, 0x28, 0x28, 0x81, 0x01,
545 0x2F, 0x01, 0x01, 0x0F, 0x01, 0x01, 0x81, 0x1A, 0x38, 0x06, 0x11, 0x2B,
546 0x19, 0x37, 0x06, 0x05, 0x81, 0x42, 0x28, 0x04, 0x77, 0x01, 0x80, 0x64,
547 0x81, 0x3B, 0x04, 0x04, 0x01, 0x00, 0x81, 0x17, 0x04, 0x03, 0x6B, 0x2A,
548 0x28, 0x04, 0xFF, 0x38, 0x01, 0x29, 0x03, 0x00, 0x09, 0x29, 0x56, 0x06,
549 0x02, 0x62, 0x2A, 0x02, 0x00, 0x00, 0x00, 0x81, 0x12, 0x01, 0x0F, 0x13,
550 0x00, 0x00, 0x6E, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x10, 0x28, 0x29,
551 0x01, 0x01, 0x0E, 0x06, 0x03, 0x28, 0x01, 0x02, 0x6E, 0x41, 0x01, 0x00,
552 0x04, 0x22, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x15, 0x28, 0x01, 0x00, 0x6E,
553 0x41, 0x29, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00, 0x08,
554 0x2A, 0x58, 0x00, 0x04, 0x07, 0x28, 0x01, 0x82, 0x00, 0x08, 0x2A, 0x28,
555 0x00, 0x00, 0x01, 0x00, 0x30, 0x06, 0x06, 0x3C, 0x81, 0x1E, 0x38, 0x04,
556 0x77, 0x29, 0x06, 0x05, 0x01, 0x01, 0x81, 0x07, 0x41, 0x00, 0x00, 0x01,
557 0x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x6C, 0x2A, 0x70, 0x2D, 0x29,
558 0x81, 0x3E, 0x05, 0x02, 0x6B, 0x2A, 0x81, 0x1D, 0x27, 0x00, 0x00, 0x30,
559 0x06, 0x0B, 0x7F, 0x2F, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x6B, 0x2A, 0x04,
560 0x12, 0x81, 0x42, 0x01, 0x07, 0x13, 0x29, 0x01, 0x02, 0x0E, 0x06, 0x06,
561 0x06, 0x02, 0x6B, 0x2A, 0x04, 0x6F, 0x28, 0x81, 0x37, 0x01, 0x01, 0x0E,
562 0x34, 0x38, 0x06, 0x02, 0x5E, 0x2A, 0x29, 0x01, 0x01, 0x81, 0x3D, 0x37,
563 0x81, 0x29, 0x00, 0x01, 0x81, 0x2E, 0x01, 0x0B, 0x0F, 0x05, 0x02, 0x6B,
564 0x2A, 0x29, 0x01, 0x03, 0x0F, 0x06, 0x09, 0x81, 0x35, 0x06, 0x02, 0x62,
565 0x2A, 0x46, 0x28, 0x00, 0x46, 0x55, 0x81, 0x35, 0x81, 0x1C, 0x29, 0x06,
566 0x27, 0x81, 0x35, 0x81, 0x1C, 0x29, 0x54, 0x29, 0x06, 0x19, 0x29, 0x01,
567 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x29, 0x03,
568 0x00, 0x7D, 0x02, 0x00, 0x81, 0x2A, 0x02, 0x00, 0x51, 0x04, 0x64, 0x81,
569 0x13, 0x52, 0x04, 0x56, 0x81, 0x13, 0x81, 0x13, 0x53, 0x29, 0x06, 0x02,
570 0x36, 0x00, 0x28, 0x2C, 0x00, 0x02, 0x29, 0x01, 0x20, 0x13, 0x05, 0x02,
571 0x6C, 0x2A, 0x01, 0x0F, 0x13, 0x03, 0x00, 0x81, 0x24, 0x81, 0x0B, 0x2D,
572 0x01, 0x86, 0x03, 0x11, 0x06, 0x24, 0x81, 0x34, 0x29, 0x01, 0x81, 0x7F,
573 0x13, 0x5A, 0x01, 0x01, 0x12, 0x02, 0x00, 0x0F, 0x05, 0x02, 0x64, 0x2A,
574 0x01, 0x08, 0x12, 0x29, 0x01, 0x02, 0x0B, 0x39, 0x01, 0x06, 0x10, 0x38,
575 0x06, 0x02, 0x66, 0x2A, 0x04, 0x0D, 0x02, 0x00, 0x01, 0x01, 0x0F, 0x06,
576 0x04, 0x01, 0x00, 0x04, 0x02, 0x01, 0x02, 0x20, 0x05, 0x02, 0x66, 0x2A,
577 0x81, 0x34, 0x29, 0x03, 0x01, 0x29, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02,
578 0x67, 0x2A, 0x7D, 0x46, 0x81, 0x2A, 0x02, 0x01, 0x4E, 0x29, 0x06, 0x01,
579 0x2A, 0x28, 0x81, 0x13, 0x00, 0x00, 0x1D, 0x81, 0x2E, 0x01, 0x0F, 0x0F,
580 0x05, 0x02, 0x6B, 0x2A, 0x00, 0x0A, 0x81, 0x2E, 0x01, 0x01, 0x0F, 0x05,
581 0x02, 0x6B, 0x2A, 0x81, 0x34, 0x29, 0x03, 0x00, 0x71, 0x3F, 0x72, 0x01,
582 0x20, 0x81, 0x2A, 0x81, 0x36, 0x29, 0x01, 0x20, 0x10, 0x06, 0x02, 0x6A,
583 0x2A, 0x29, 0x81, 0x06, 0x41, 0x81, 0x05, 0x46, 0x81, 0x2A, 0x1A, 0x03,
584 0x01, 0x81, 0x34, 0x81, 0x1C, 0x01, 0x00, 0x03, 0x02, 0x01, 0x00, 0x03,
585 0x03, 0x7B, 0x81, 0x18, 0x17, 0x39, 0x08, 0x03, 0x04, 0x03, 0x05, 0x29,
586 0x06, 0x80, 0x73, 0x81, 0x34, 0x29, 0x03, 0x06, 0x02, 0x01, 0x06, 0x0A,
587 0x29, 0x70, 0x2D, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x03, 0x29, 0x01,
588 0x81, 0x7F, 0x0F, 0x06, 0x0B, 0x81, 0x01, 0x2F, 0x06, 0x02, 0x63, 0x2A,
589 0x01, 0x7F, 0x03, 0x02, 0x29, 0x01, 0x81, 0xAC, 0x00, 0x0F, 0x06, 0x13,
590 0x02, 0x00, 0x81, 0x0E, 0x2D, 0x11, 0x02, 0x00, 0x81, 0x0D, 0x2D, 0x0B,
591 0x13, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x81, 0x38, 0x29, 0x56, 0x06,
592 0x03, 0x28, 0x04, 0x27, 0x01, 0x00, 0x81, 0x1A, 0x06, 0x0B, 0x01, 0x02,
593 0x0C, 0x73, 0x08, 0x02, 0x06, 0x46, 0x3F, 0x04, 0x16, 0x28, 0x02, 0x05,
594 0x02, 0x04, 0x11, 0x06, 0x02, 0x61, 0x2A, 0x02, 0x06, 0x02, 0x05, 0x3F,
595 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x09, 0x28, 0x01,
596 0x00, 0x03, 0x07, 0x81, 0x36, 0x81, 0x1C, 0x29, 0x06, 0x0A, 0x81, 0x36,
597 0x05, 0x04, 0x01, 0x7F, 0x03, 0x07, 0x04, 0x73, 0x81, 0x13, 0x01, 0x00,
598 0x81, 0x03, 0x41, 0x01, 0x88, 0x04, 0x7A, 0x3F, 0x01, 0x84, 0x80, 0x80,
599 0x00, 0x76, 0x40, 0x29, 0x06, 0x80, 0x4E, 0x81, 0x34, 0x81, 0x1C, 0x29,
600 0x06, 0x80, 0x44, 0x81, 0x34, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x05, 0x28,
601 0x81, 0x2D, 0x04, 0x34, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x05, 0x28, 0x81,
602 0x2B, 0x04, 0x29, 0x01, 0x83, 0xFE, 0x01, 0x39, 0x0F, 0x06, 0x05, 0x28,
603 0x81, 0x2C, 0x04, 0x1C, 0x01, 0x0D, 0x39, 0x0F, 0x06, 0x05, 0x28, 0x81,
604 0x32, 0x04, 0x11, 0x01, 0x0A, 0x39, 0x0F, 0x06, 0x05, 0x28, 0x81, 0x33,
605 0x04, 0x06, 0x28, 0x81, 0x30, 0x01, 0x00, 0x28, 0x04, 0xFF, 0x38, 0x81,
606 0x13, 0x81, 0x13, 0x02, 0x01, 0x02, 0x03, 0x13, 0x03, 0x01, 0x02, 0x00,
607 0x56, 0x06, 0x0A, 0x71, 0x2D, 0x81, 0x0F, 0x3F, 0x01, 0x80, 0x56, 0x81,
608 0x19, 0x81, 0x0D, 0x2D, 0x29, 0x02, 0x00, 0x10, 0x06, 0x03, 0x28, 0x02,
609 0x00, 0x29, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x65, 0x2A, 0x02, 0x00,
610 0x81, 0x0E, 0x2D, 0x0B, 0x06, 0x05, 0x01, 0x80, 0x46, 0x81, 0x19, 0x02,
611 0x01, 0x06, 0x12, 0x81, 0x0B, 0x2D, 0x02, 0x00, 0x0D, 0x06, 0x06, 0x28,
612 0x81, 0x0B, 0x2D, 0x04, 0x04, 0x01, 0x00, 0x03, 0x01, 0x29, 0x81, 0x0B,
613 0x3F, 0x29, 0x81, 0x0C, 0x3F, 0x29, 0x81, 0x0F, 0x3F, 0x01, 0x86, 0x03,
614 0x11, 0x03, 0x08, 0x02, 0x02, 0x06, 0x05, 0x01, 0x02, 0x81, 0x01, 0x41,
615 0x02, 0x07, 0x05, 0x04, 0x01, 0x28, 0x81, 0x19, 0x43, 0x28, 0x01, 0x82,
616 0x01, 0x07, 0x7A, 0x2D, 0x13, 0x29, 0x7A, 0x3F, 0x29, 0x01, 0x81, 0x7F,
617 0x13, 0x57, 0x36, 0x46, 0x01, 0x08, 0x12, 0x57, 0x01, 0x02, 0x13, 0x38,
618 0x03, 0x09, 0x76, 0x2E, 0x42, 0x13, 0x29, 0x76, 0x40, 0x05, 0x04, 0x01,
619 0x00, 0x03, 0x09, 0x02, 0x01, 0x06, 0x03, 0x01, 0x7F, 0x00, 0x81, 0x05,
620 0x01, 0x20, 0x33, 0x01, 0x20, 0x81, 0x06, 0x41, 0x73, 0x29, 0x03, 0x05,
621 0x29, 0x02, 0x04, 0x0B, 0x06, 0x80, 0x4A, 0x29, 0x2D, 0x29, 0x81, 0x12,
622 0x29, 0x01, 0x0C, 0x12, 0x29, 0x01, 0x01, 0x0F, 0x46, 0x01, 0x02, 0x0F,
623 0x38, 0x06, 0x0A, 0x29, 0x02, 0x09, 0x13, 0x05, 0x04, 0x5D, 0x01, 0x00,
624 0x29, 0x02, 0x08, 0x05, 0x0E, 0x29, 0x01, 0x81, 0x70, 0x13, 0x01, 0x20,
625 0x0E, 0x06, 0x04, 0x5D, 0x01, 0x00, 0x29, 0x29, 0x06, 0x10, 0x02, 0x05,
626 0x5C, 0x3F, 0x02, 0x05, 0x3F, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05,
627 0x04, 0x01, 0x5D, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x2F, 0x28, 0x02, 0x05,
628 0x73, 0x09, 0x01, 0x02, 0x12, 0x29, 0x05, 0x04, 0x01, 0x28, 0x81, 0x19,
629 0x74, 0x41, 0x18, 0x05, 0x04, 0x01, 0x28, 0x81, 0x19, 0x01, 0x00, 0x00,
630 0x00, 0x81, 0x28, 0x81, 0x27, 0x00, 0x04, 0x70, 0x2D, 0x81, 0x41, 0x06,
631 0x19, 0x81, 0x34, 0x29, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02, 0x67, 0x2A,
632 0x29, 0x03, 0x00, 0x7D, 0x46, 0x81, 0x2A, 0x02, 0x00, 0x70, 0x2D, 0x81,
633 0x1D, 0x26, 0x70, 0x2D, 0x29, 0x81, 0x3F, 0x46, 0x81, 0x3E, 0x03, 0x01,
634 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x38, 0x06, 0x17, 0x81, 0x36, 0x29,
635 0x03, 0x03, 0x7D, 0x46, 0x81, 0x2A, 0x02, 0x03, 0x70, 0x2D, 0x81, 0x1D,
636 0x02, 0x02, 0x06, 0x03, 0x25, 0x04, 0x01, 0x23, 0x81, 0x13, 0x00, 0x00,
637 0x81, 0x2E, 0x01, 0x10, 0x0F, 0x05, 0x02, 0x6B, 0x2A, 0x00, 0x00, 0x81,
638 0x14, 0x81, 0x2E, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x6B, 0x2A, 0x7D, 0x01,
639 0x0C, 0x08, 0x01, 0x0C, 0x81, 0x2A, 0x81, 0x13, 0x7D, 0x29, 0x01, 0x0C,
640 0x08, 0x01, 0x0C, 0x31, 0x05, 0x02, 0x5F, 0x2A, 0x00, 0x02, 0x03, 0x00,
641 0x03, 0x01, 0x02, 0x00, 0x81, 0x10, 0x02, 0x01, 0x02, 0x00, 0x3B, 0x29,
642 0x01, 0x00, 0x0F, 0x06, 0x02, 0x5D, 0x00, 0x81, 0x44, 0x04, 0x73, 0x00,
643 0x81, 0x34, 0x01, 0x01, 0x0E, 0x06, 0x02, 0x60, 0x2A, 0x81, 0x36, 0x29,
644 0x29, 0x58, 0x46, 0x01, 0x05, 0x11, 0x38, 0x06, 0x02, 0x60, 0x2A, 0x01,
645 0x08, 0x08, 0x29, 0x7C, 0x2F, 0x0B, 0x06, 0x0D, 0x29, 0x01, 0x01, 0x46,
646 0x0C, 0x3E, 0x29, 0x7C, 0x41, 0x7E, 0x41, 0x04, 0x01, 0x28, 0x00, 0x00,
647 0x81, 0x34, 0x81, 0x01, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x15, 0x28,
648 0x01, 0x01, 0x0F, 0x05, 0x02, 0x63, 0x2A, 0x81, 0x36, 0x06, 0x02, 0x63,
649 0x2A, 0x01, 0x02, 0x81, 0x01, 0x41, 0x04, 0x2B, 0x01, 0x02, 0x39, 0x0F,
650 0x06, 0x22, 0x28, 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x63, 0x2A, 0x81, 0x36,
651 0x01, 0x0C, 0x0F, 0x05, 0x02, 0x63, 0x2A, 0x7D, 0x01, 0x0C, 0x81, 0x2A,
652 0x81, 0x02, 0x7D, 0x01, 0x0C, 0x31, 0x05, 0x02, 0x63, 0x2A, 0x04, 0x03,
653 0x63, 0x2A, 0x28, 0x00, 0x00, 0x81, 0x34, 0x81, 0x1C, 0x81, 0x34, 0x81,
654 0x1C, 0x29, 0x06, 0x24, 0x81, 0x36, 0x06, 0x04, 0x81, 0x30, 0x04, 0x1A,
655 0x81, 0x34, 0x29, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0F, 0x29, 0x81, 0x03,
656 0x08, 0x01, 0x00, 0x46, 0x41, 0x81, 0x03, 0x46, 0x81, 0x2A, 0x04, 0x02,
657 0x81, 0x3C, 0x04, 0x59, 0x81, 0x13, 0x81, 0x13, 0x00, 0x00, 0x81, 0x2F,
658 0x29, 0x58, 0x06, 0x07, 0x28, 0x06, 0x02, 0x61, 0x2A, 0x04, 0x73, 0x00,
659 0x00, 0x81, 0x37, 0x01, 0x03, 0x81, 0x35, 0x46, 0x28, 0x46, 0x00, 0x00,
660 0x81, 0x34, 0x81, 0x3C, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, 0x81, 0x34,
661 0x81, 0x1C, 0x29, 0x06, 0x34, 0x81, 0x36, 0x03, 0x01, 0x81, 0x36, 0x03,
662 0x02, 0x02, 0x01, 0x01, 0x02, 0x11, 0x02, 0x01, 0x01, 0x06, 0x0D, 0x13,
663 0x02, 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02, 0x01, 0x03, 0x0F, 0x38, 0x13,
664 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x5B, 0x01, 0x02, 0x0C,
665 0x02, 0x01, 0x08, 0x0C, 0x38, 0x03, 0x00, 0x04, 0x49, 0x81, 0x13, 0x02,
666 0x00, 0x00, 0x00, 0x81, 0x34, 0x81, 0x1C, 0x81, 0x31, 0x7A, 0x3F, 0x81,
667 0x13, 0x00, 0x00, 0x81, 0x34, 0x81, 0x1C, 0x81, 0x34, 0x81, 0x1C, 0x01,
668 0x00, 0x76, 0x40, 0x29, 0x06, 0x16, 0x81, 0x34, 0x29, 0x01, 0x20, 0x0B,
669 0x06, 0x0B, 0x01, 0x01, 0x46, 0x0C, 0x76, 0x2E, 0x38, 0x76, 0x40, 0x04,
670 0x01, 0x28, 0x04, 0x67, 0x81, 0x13, 0x81, 0x13, 0x00, 0x00, 0x01, 0x02,
671 0x81, 0x10, 0x81, 0x37, 0x01, 0x08, 0x0C, 0x81, 0x37, 0x08, 0x00, 0x00,
672 0x01, 0x03, 0x81, 0x10, 0x81, 0x37, 0x01, 0x08, 0x0C, 0x81, 0x37, 0x08,
673 0x01, 0x08, 0x0C, 0x81, 0x37, 0x08, 0x00, 0x00, 0x01, 0x01, 0x81, 0x10,
674 0x81, 0x37, 0x00, 0x00, 0x3C, 0x29, 0x56, 0x05, 0x01, 0x00, 0x28, 0x81,
675 0x44, 0x04, 0x75, 0x02, 0x03, 0x00, 0x81, 0x0A, 0x2F, 0x03, 0x01, 0x01,
676 0x00, 0x29, 0x02, 0x01, 0x0B, 0x06, 0x11, 0x29, 0x01, 0x01, 0x0C, 0x81,
677 0x09, 0x08, 0x2D, 0x02, 0x00, 0x0F, 0x06, 0x01, 0x00, 0x5A, 0x04, 0x69,
678 0x28, 0x01, 0x7F, 0x00, 0x00, 0x2B, 0x19, 0x37, 0x06, 0x05, 0x81, 0x42,
679 0x28, 0x04, 0x77, 0x01, 0x16, 0x81, 0x00, 0x41, 0x01, 0x00, 0x81, 0x55,
680 0x01, 0x00, 0x81, 0x54, 0x2B, 0x01, 0x17, 0x81, 0x00, 0x41, 0x00, 0x00,
681 0x01, 0x15, 0x81, 0x00, 0x41, 0x46, 0x50, 0x28, 0x50, 0x28, 0x2B, 0x00,
682 0x00, 0x01, 0x01, 0x46, 0x81, 0x3A, 0x00, 0x00, 0x46, 0x39, 0x81, 0x10,
683 0x46, 0x29, 0x06, 0x06, 0x81, 0x37, 0x28, 0x5B, 0x04, 0x77, 0x28, 0x00,
684 0x02, 0x03, 0x00, 0x70, 0x2D, 0x81, 0x12, 0x03, 0x01, 0x02, 0x01, 0x01,
685 0x0F, 0x13, 0x02, 0x01, 0x01, 0x04, 0x12, 0x01, 0x0F, 0x13, 0x02, 0x01,
686 0x01, 0x08, 0x12, 0x01, 0x0F, 0x13, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x10,
687 0x28, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01,
688 0x4A, 0x04, 0x80, 0x56, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x10, 0x28, 0x01,
689 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04,
690 0x80, 0x40, 0x01, 0x02, 0x39, 0x0F, 0x06, 0x0F, 0x28, 0x01, 0x01, 0x01,
691 0x20, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04, 0x2B, 0x01,
692 0x03, 0x39, 0x0F, 0x06, 0x0E, 0x28, 0x28, 0x01, 0x10, 0x02, 0x00, 0x06,
693 0x03, 0x47, 0x04, 0x01, 0x48, 0x04, 0x17, 0x01, 0x04, 0x39, 0x0F, 0x06,
694 0x0E, 0x28, 0x28, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x47, 0x04, 0x01,
695 0x48, 0x04, 0x03, 0x62, 0x2A, 0x28, 0x00, 0x00, 0x81, 0x12, 0x01, 0x0C,
696 0x12, 0x01, 0x02, 0x10, 0x00, 0x00, 0x81, 0x12, 0x01, 0x0C, 0x12, 0x29,
697 0x59, 0x46, 0x01, 0x03, 0x0B, 0x13, 0x00, 0x00, 0x81, 0x12, 0x01, 0x0C,
698 0x12, 0x01, 0x01, 0x0F, 0x00, 0x00, 0x81, 0x12, 0x01, 0x0C, 0x12, 0x58,
699 0x00, 0x00, 0x1B, 0x01, 0x00, 0x6D, 0x2F, 0x29, 0x06, 0x20, 0x01, 0x01,
700 0x39, 0x0F, 0x06, 0x07, 0x28, 0x01, 0x00, 0x81, 0x16, 0x04, 0x11, 0x01,
701 0x02, 0x39, 0x0F, 0x06, 0x0A, 0x28, 0x6F, 0x2F, 0x06, 0x03, 0x01, 0x10,
702 0x38, 0x04, 0x01, 0x28, 0x04, 0x01, 0x28, 0x75, 0x2F, 0x05, 0x35, 0x30,
703 0x06, 0x32, 0x7F, 0x2F, 0x01, 0x14, 0x39, 0x0F, 0x06, 0x06, 0x28, 0x01,
704 0x02, 0x38, 0x04, 0x24, 0x01, 0x15, 0x39, 0x0F, 0x06, 0x0B, 0x28, 0x81,
705 0x1F, 0x06, 0x04, 0x01, 0x7F, 0x81, 0x16, 0x04, 0x13, 0x01, 0x16, 0x39,
706 0x0F, 0x06, 0x06, 0x28, 0x01, 0x01, 0x38, 0x04, 0x07, 0x28, 0x01, 0x04,
707 0x38, 0x01, 0x00, 0x28, 0x19, 0x06, 0x03, 0x01, 0x08, 0x38, 0x00, 0x00,
708 0x1B, 0x29, 0x05, 0x10, 0x30, 0x06, 0x0D, 0x7F, 0x2F, 0x01, 0x15, 0x0F,
709 0x06, 0x05, 0x28, 0x81, 0x1F, 0x04, 0x01, 0x22, 0x00, 0x00, 0x81, 0x42,
710 0x01, 0x07, 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x6B, 0x2A, 0x00, 0x01,
711 0x03, 0x00, 0x2B, 0x19, 0x06, 0x06, 0x02, 0x00, 0x81, 0x00, 0x41, 0x00,
712 0x81, 0x42, 0x28, 0x04, 0x72, 0x00, 0x01, 0x14, 0x81, 0x45, 0x01, 0x01,
713 0x81, 0x55, 0x2B, 0x29, 0x01, 0x00, 0x81, 0x3D, 0x01, 0x16, 0x81, 0x45,
714 0x81, 0x49, 0x2B, 0x00, 0x00, 0x01, 0x0B, 0x81, 0x55, 0x4C, 0x29, 0x29,
715 0x01, 0x03, 0x08, 0x81, 0x54, 0x81, 0x54, 0x14, 0x29, 0x56, 0x06, 0x02,
716 0x28, 0x00, 0x81, 0x54, 0x1E, 0x29, 0x06, 0x06, 0x7D, 0x46, 0x81, 0x4D,
717 0x04, 0x76, 0x28, 0x04, 0x6A, 0x00, 0x01, 0x00, 0x81, 0x4F, 0x81, 0x0B,
718 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x06, 0x5C, 0x01, 0x00, 0x81, 0x50,
719 0x08, 0x4B, 0x08, 0x01, 0x03, 0x08, 0x01, 0x0D, 0x81, 0x55, 0x81, 0x54,
720 0x01, 0x00, 0x81, 0x4F, 0x81, 0x55, 0x01, 0x01, 0x81, 0x4F, 0x28, 0x81,
721 0x0B, 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x0B, 0x01, 0x00, 0x81, 0x50,
722 0x81, 0x53, 0x01, 0x01, 0x81, 0x50, 0x28, 0x4B, 0x81, 0x53, 0x16, 0x15,
723 0x29, 0x56, 0x06, 0x02, 0x28, 0x00, 0x81, 0x53, 0x1F, 0x29, 0x06, 0x06,
724 0x7D, 0x46, 0x81, 0x4D, 0x04, 0x76, 0x28, 0x04, 0x6A, 0x00, 0x81, 0x14,
725 0x01, 0x14, 0x81, 0x55, 0x01, 0x0C, 0x81, 0x54, 0x7D, 0x01, 0x0C, 0x81,
726 0x4D, 0x00, 0x03, 0x03, 0x00, 0x01, 0x02, 0x81, 0x55, 0x01, 0x80, 0x46,
727 0x81, 0x01, 0x2F, 0x01, 0x02, 0x0F, 0x06, 0x0C, 0x02, 0x00, 0x06, 0x04,
728 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02, 0x01, 0x00, 0x03, 0x01,
729 0x7E, 0x2F, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x00, 0x03, 0x02,
730 0x02, 0x01, 0x02, 0x02, 0x08, 0x29, 0x06, 0x03, 0x01, 0x02, 0x08, 0x08,
731 0x81, 0x54, 0x81, 0x0B, 0x2D, 0x81, 0x53, 0x81, 0x04, 0x01, 0x04, 0x17,
732 0x81, 0x04, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x33, 0x81, 0x04, 0x01, 0x20,
733 0x81, 0x4D, 0x01, 0x20, 0x81, 0x55, 0x81, 0x05, 0x01, 0x20, 0x81, 0x4D,
734 0x70, 0x2D, 0x81, 0x53, 0x01, 0x00, 0x81, 0x55, 0x02, 0x01, 0x02, 0x02,
735 0x08, 0x29, 0x06, 0x31, 0x81, 0x53, 0x02, 0x01, 0x29, 0x06, 0x14, 0x01,
736 0x83, 0xFE, 0x01, 0x81, 0x53, 0x01, 0x04, 0x09, 0x29, 0x81, 0x53, 0x5B,
737 0x81, 0x02, 0x46, 0x81, 0x4E, 0x04, 0x01, 0x28, 0x02, 0x02, 0x06, 0x0F,
738 0x01, 0x01, 0x81, 0x53, 0x01, 0x01, 0x81, 0x53, 0x7E, 0x2F, 0x01, 0x08,
739 0x09, 0x81, 0x55, 0x04, 0x01, 0x28, 0x00, 0x00, 0x01, 0x0E, 0x81, 0x55,
740 0x01, 0x00, 0x81, 0x54, 0x00, 0x03, 0x70, 0x2D, 0x81, 0x3F, 0x05, 0x01,
741 0x00, 0x76, 0x2E, 0x01, 0x00, 0x81, 0x18, 0x12, 0x01, 0x01, 0x13, 0x58,
742 0x06, 0x03, 0x5A, 0x04, 0x74, 0x03, 0x00, 0x28, 0x02, 0x00, 0x24, 0x29,
743 0x56, 0x06, 0x02, 0x36, 0x2A, 0x03, 0x01, 0x81, 0x0B, 0x2D, 0x01, 0x86,
744 0x03, 0x11, 0x03, 0x02, 0x01, 0x0C, 0x81, 0x55, 0x02, 0x01, 0x78, 0x2F,
745 0x08, 0x02, 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0x81, 0x54,
746 0x01, 0x03, 0x81, 0x55, 0x02, 0x00, 0x81, 0x53, 0x77, 0x78, 0x2F, 0x81,
747 0x4E, 0x02, 0x02, 0x06, 0x11, 0x81, 0x08, 0x2F, 0x81, 0x55, 0x70, 0x2D,
748 0x81, 0x40, 0x01, 0x01, 0x0C, 0x01, 0x03, 0x08, 0x81, 0x55, 0x02, 0x01,
749 0x81, 0x53, 0x7D, 0x02, 0x01, 0x81, 0x4D, 0x00, 0x00, 0x4F, 0x29, 0x01,
750 0x00, 0x0F, 0x06, 0x02, 0x5D, 0x00, 0x81, 0x42, 0x28, 0x04, 0x72, 0x00,
751 0x29, 0x81, 0x55, 0x81, 0x4D, 0x00, 0x00, 0x01, 0x00, 0x70, 0x2D, 0x81,
752 0x3E, 0x06, 0x0E, 0x5C, 0x39, 0x06, 0x0A, 0x01, 0x80, 0x41, 0x81, 0x55,
753 0x01, 0x80, 0x42, 0x81, 0x55, 0x45, 0x06, 0x08, 0x5A, 0x39, 0x06, 0x04,
754 0x01, 0x01, 0x81, 0x55, 0x44, 0x06, 0x09, 0x5A, 0x39, 0x06, 0x05, 0x01,
755 0x80, 0x40, 0x81, 0x55, 0x46, 0x28, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00,
756 0x45, 0x44, 0x38, 0x05, 0x16, 0x01, 0x01, 0x01, 0x80, 0x7C, 0x81, 0x51,
757 0x03, 0x00, 0x01, 0x03, 0x01, 0x80, 0x7C, 0x81, 0x51, 0x02, 0x00, 0x08,
758 0x46, 0x28, 0x00, 0x45, 0x06, 0x08, 0x01, 0x01, 0x43, 0x28, 0x81, 0x51,
759 0x03, 0x00, 0x44, 0x06, 0x0B, 0x01, 0x03, 0x43, 0x28, 0x81, 0x51, 0x02,
760 0x00, 0x08, 0x03, 0x00, 0x28, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01,
761 0x04, 0x81, 0x52, 0x01, 0x05, 0x81, 0x52, 0x01, 0x06, 0x81, 0x52, 0x01,
762 0x03, 0x81, 0x52, 0x01, 0x02, 0x81, 0x52, 0x0A, 0x5D, 0x00, 0x01, 0x03,
763 0x00, 0x39, 0x01, 0x01, 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x5C,
764 0x01, 0x03, 0x3A, 0x06, 0x09, 0x02, 0x00, 0x81, 0x55, 0x01, 0x02, 0x3A,
765 0x81, 0x55, 0x00, 0x00, 0x29, 0x01, 0x08, 0x4D, 0x81, 0x55, 0x81, 0x55,
766 0x00, 0x00, 0x29, 0x01, 0x10, 0x4D, 0x81, 0x55, 0x81, 0x53, 0x00, 0x00,
767 0x29, 0x50, 0x06, 0x02, 0x28, 0x00, 0x81, 0x42, 0x28, 0x04, 0x75
770 static const uint16_t t0_caddr
[] = {
901 #define T0_INTERPRETED 86
903 #define T0_ENTER(ip, rp, slot) do { \
904 const unsigned char *t0_newip; \
906 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
907 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
909 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
913 #define T0_DEFENTRY(name, slot) \
917 t0_context *t0ctx = ctx; \
918 t0ctx->ip = &t0_codeblock[0]; \
919 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
922 T0_DEFENTRY(br_ssl_hs_server_init_main
, 155)
925 br_ssl_hs_server_run(void *t0ctx
)
928 const unsigned char *ip
;
930 #define T0_LOCAL(x) (*(rp - 2 - (x)))
931 #define T0_POP() (*-- dp)
932 #define T0_POPi() (*(int32_t *)(-- dp))
933 #define T0_PEEK(x) (*(dp - 1 - (x)))
934 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
935 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
936 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
937 #define T0_RPOP() (*-- rp)
938 #define T0_RPOPi() (*(int32_t *)(-- rp))
939 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
940 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
941 #define T0_ROLL(x) do { \
942 size_t t0len = (size_t)(x); \
943 uint32_t t0tmp = *(dp - 1 - t0len); \
944 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
947 #define T0_SWAP() do { \
948 uint32_t t0tmp = *(dp - 2); \
949 *(dp - 2) = *(dp - 1); \
952 #define T0_ROT() do { \
953 uint32_t t0tmp = *(dp - 3); \
954 *(dp - 3) = *(dp - 2); \
955 *(dp - 2) = *(dp - 1); \
958 #define T0_NROT() do { \
959 uint32_t t0tmp = *(dp - 1); \
960 *(dp - 1) = *(dp - 2); \
961 *(dp - 2) = *(dp - 3); \
964 #define T0_PICK(x) do { \
965 uint32_t t0depth = (x); \
966 T0_PUSH(T0_PEEK(t0depth)); \
968 #define T0_CO() do { \
971 #define T0_RET() break
973 dp
= ((t0_context
*)t0ctx
)->dp
;
974 rp
= ((t0_context
*)t0ctx
)->rp
;
975 ip
= ((t0_context
*)t0ctx
)->ip
;
979 t0x
= t0_parse7E_unsigned(&ip
);
980 if (t0x
< T0_INTERPRETED
) {
992 ip
= &t0_codeblock
[t0x
];
994 case 1: /* literal constant */
995 T0_PUSHi(t0_parse7E_signed(&ip
));
997 case 2: /* read local */
998 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
1000 case 3: /* write local */
1001 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
1004 t0off
= t0_parse7E_signed(&ip
);
1007 case 5: /* jump if */
1008 t0off
= t0_parse7E_signed(&ip
);
1013 case 6: /* jump if not */
1014 t0off
= t0_parse7E_signed(&ip
);
1022 uint32_t b
= T0_POP();
1023 uint32_t a
= T0_POP();
1031 uint32_t b
= T0_POP();
1032 uint32_t a
= T0_POP();
1040 uint32_t b
= T0_POP();
1041 uint32_t a
= T0_POP();
1054 int32_t b
= T0_POPi();
1055 int32_t a
= T0_POPi();
1056 T0_PUSH(-(uint32_t)(a
< b
));
1063 int c
= (int)T0_POPi();
1064 uint32_t x
= T0_POP();
1072 int32_t b
= T0_POPi();
1073 int32_t a
= T0_POPi();
1074 T0_PUSH(-(uint32_t)(a
<= b
));
1081 uint32_t b
= T0_POP();
1082 uint32_t a
= T0_POP();
1083 T0_PUSH(-(uint32_t)(a
!= b
));
1090 uint32_t b
= T0_POP();
1091 uint32_t a
= T0_POP();
1092 T0_PUSH(-(uint32_t)(a
== b
));
1099 int32_t b
= T0_POPi();
1100 int32_t a
= T0_POPi();
1101 T0_PUSH(-(uint32_t)(a
> b
));
1108 int32_t b
= T0_POPi();
1109 int32_t a
= T0_POPi();
1110 T0_PUSH(-(uint32_t)(a
>= b
));
1117 int c
= (int)T0_POPi();
1118 int32_t x
= T0_POPi();
1126 uint32_t b
= T0_POP();
1127 uint32_t a
= T0_POP();
1135 if (ENG
->chain_len
== 0) {
1138 ENG
->cert_cur
= ENG
->chain
->data
;
1139 ENG
->cert_len
= ENG
->chain
->data_len
;
1142 T0_PUSH(ENG
->cert_len
);
1150 const br_x500_name
*dn
;
1151 if (CTX
->cur_dn_index
>= CTX
->num_tas
) {
1154 if (CTX
->ta_names
== NULL
) {
1155 dn
= &CTX
->tas
[CTX
->cur_dn_index
].dn
;
1157 dn
= &CTX
->ta_names
[CTX
->cur_dn_index
];
1159 CTX
->cur_dn_index
++;
1160 CTX
->cur_dn
= dn
->data
;
1161 CTX
->cur_dn_len
= dn
->len
;
1162 T0_PUSH(CTX
->cur_dn_len
);
1168 /* begin-ta-name-list */
1170 CTX
->cur_dn_index
= 0;
1177 size_t len
= (size_t)T0_POP();
1178 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1179 memset(addr
, 0, len
);
1184 /* call-policy-handler */
1187 br_ssl_server_choices choices
;
1189 x
= (*CTX
->policy_vtable
)->choose(
1190 CTX
->policy_vtable
, CTX
, &choices
);
1191 ENG
->session
.cipher_suite
= choices
.cipher_suite
;
1192 CTX
->sign_hash_id
= choices
.hash_id
;
1193 ENG
->chain
= choices
.chain
;
1194 ENG
->chain_len
= choices
.chain_len
;
1195 T0_PUSHi(-(x
!= 0));
1202 T0_PUSHi(-(ENG
->hlen_out
> 0));
1209 if (ENG
->session
.session_id_len
== 32
1210 && CTX
->cache_vtable
!= NULL
&& (*CTX
->cache_vtable
)->load(
1211 CTX
->cache_vtable
, CTX
, &ENG
->session
))
1226 /* compute-Finished-inner */
1228 int prf_id
= T0_POP();
1229 int from_client
= T0_POPi();
1230 unsigned char seed
[48];
1233 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1234 if (ENG
->session
.version
>= BR_TLS12
) {
1235 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1237 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1238 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1241 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1242 sizeof ENG
->session
.master_secret
,
1243 from_client
? "client finished" : "server finished",
1249 /* compute-hash-CV */
1253 for (i
= 1; i
<= 6; i
++) {
1254 br_multihash_out(&ENG
->mhash
, i
,
1255 ENG
->pad
+ HASH_PAD_OFF
[i
- 1]);
1261 /* copy-cert-chunk */
1265 clen
= ENG
->cert_len
;
1266 if (clen
> sizeof ENG
->pad
) {
1267 clen
= sizeof ENG
->pad
;
1269 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1270 ENG
->cert_cur
+= clen
;
1271 ENG
->cert_len
-= clen
;
1281 clen
= CTX
->cur_dn_len
;
1282 if (clen
> sizeof ENG
->pad
) {
1283 clen
= sizeof ENG
->pad
;
1285 memcpy(ENG
->pad
, CTX
->cur_dn
, clen
);
1286 CTX
->cur_dn
+= clen
;
1287 CTX
->cur_dn_len
-= clen
;
1302 if (br_multihash_getimpl(&ENG
->mhash
, id
) == 0) {
1306 off
= HASH_PAD_OFF
[id
- 1];
1307 len
= HASH_PAD_OFF
[id
] - off
;
1309 memcpy(CTX
->hash_CV
, ENG
->pad
+ off
, len
);
1310 CTX
->hash_CV_len
= len
;
1311 CTX
->hash_CV_id
= id
;
1319 size_t addr
= T0_POP();
1320 T0_PUSH(t0_datablock
[addr
]);
1334 int prf_id
= T0_POPi();
1335 size_t len
= T0_POP();
1336 do_ecdh(CTX
, prf_id
, ENG
->pad
, len
);
1341 /* do-ecdhe-part1 */
1343 int curve
= T0_POPi();
1344 T0_PUSHi(do_ecdhe_part1(CTX
, curve
));
1349 /* do-ecdhe-part2 */
1351 int prf_id
= T0_POPi();
1352 size_t len
= T0_POP();
1353 do_ecdhe_part2(CTX
, prf_id
, ENG
->pad
, len
);
1358 /* do-rsa-decrypt */
1360 int prf_id
= T0_POPi();
1361 size_t len
= T0_POP();
1362 do_rsa_decrypt(CTX
, prf_id
, ENG
->pad
, len
);
1367 /* do-static-ecdh */
1369 do_static_ecdh(CTX
, T0_POP());
1380 T0_PUSH(T0_PEEK(0));
1386 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1394 br_ssl_engine_flush_record(ENG
);
1399 /* get-key-type-usages */
1401 const br_x509_class
*xc
;
1402 const br_x509_pkey
*pk
;
1405 xc
= *(ENG
->x509ctx
);
1406 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1410 T0_PUSH(pk
->key_type
| usages
);
1418 size_t addr
= (size_t)T0_POP();
1419 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1426 size_t addr
= (size_t)T0_POP();
1427 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1434 size_t addr
= (size_t)T0_POP();
1435 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1442 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1449 size_t len
= (size_t)T0_POP();
1450 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1451 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1452 int x
= memcmp(addr1
, addr2
, len
);
1453 T0_PUSH((uint32_t)-(x
== 0));
1460 size_t len
= (size_t)T0_POP();
1461 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1462 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1463 memcpy(dst
, src
, len
);
1470 size_t len
= (size_t)T0_POP();
1471 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1472 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1477 /* more-incoming-bytes? */
1479 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1484 /* multihash-init */
1486 br_multihash_init(&ENG
->mhash
);
1493 uint32_t a
= T0_POP();
1501 uint32_t a
= T0_POP();
1509 uint32_t b
= T0_POP();
1510 uint32_t a
= T0_POP();
1517 T0_PUSH(T0_PEEK(1));
1526 /* read-chunk-native */
1528 size_t clen
= ENG
->hlen_in
;
1534 if ((size_t)len
< clen
) {
1537 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1538 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1539 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1541 T0_PUSH(addr
+ (uint32_t)clen
);
1542 T0_PUSH(len
- (uint32_t)clen
);
1543 ENG
->hbuf_in
+= clen
;
1544 ENG
->hlen_in
-= clen
;
1552 if (ENG
->hlen_in
> 0) {
1555 x
= *ENG
->hbuf_in
++;
1556 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1557 br_multihash_update(&ENG
->mhash
, &x
, 1);
1570 if (CTX
->cache_vtable
!= NULL
) {
1571 (*CTX
->cache_vtable
)->save(
1572 CTX
->cache_vtable
, CTX
, &ENG
->session
);
1578 /* set-max-frag-len */
1580 size_t max_frag_len
= T0_POP();
1582 br_ssl_engine_new_max_frag_len(ENG
, max_frag_len
);
1585 * We must adjust our own output limit. Since we call this only
1586 * after receiving a ClientHello and before beginning to send
1587 * the ServerHello, the next output record should be empty at
1588 * that point, so we can use max_frag_len as a limit.
1590 if (ENG
->hlen_out
> max_frag_len
) {
1591 ENG
->hlen_out
= max_frag_len
;
1599 size_t addr
= (size_t)T0_POP();
1600 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1607 size_t addr
= (size_t)T0_POP();
1608 *(uint32_t *)((unsigned char *)ENG
+ addr
) = (uint32_t)T0_POP();
1615 size_t addr
= (size_t)T0_POP();
1616 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1621 /* supported-curves */
1623 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1629 /* supported-hash-functions */
1636 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1637 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1648 /* supports-ecdsa? */
1650 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1655 /* supports-rsa-sign? */
1657 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1667 /* switch-aesgcm-in */
1669 int is_client
, prf_id
;
1670 unsigned cipher_key_len
;
1672 cipher_key_len
= T0_POP();
1674 is_client
= T0_POP();
1675 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1676 ENG
->iaes_ctr
, cipher_key_len
);
1681 /* switch-aesgcm-out */
1683 int is_client
, prf_id
;
1684 unsigned cipher_key_len
;
1686 cipher_key_len
= T0_POP();
1688 is_client
= T0_POP();
1689 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1690 ENG
->iaes_ctr
, cipher_key_len
);
1697 int is_client
, prf_id
, mac_id
, aes
;
1698 unsigned cipher_key_len
;
1700 cipher_key_len
= T0_POP();
1704 is_client
= T0_POP();
1705 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1706 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1711 /* switch-cbc-out */
1713 int is_client
, prf_id
, mac_id
, aes
;
1714 unsigned cipher_key_len
;
1716 cipher_key_len
= T0_POP();
1720 is_client
= T0_POP();
1721 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1722 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1727 /* ta-names-total-length */
1732 if (CTX
->ta_names
!= NULL
) {
1733 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1734 len
+= CTX
->ta_names
[u
].len
+ 2;
1736 } else if (CTX
->tas
!= NULL
) {
1737 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1738 len
+= CTX
->tas
[u
].dn
.len
+ 2;
1746 /* total-chain-length */
1752 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1753 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1762 int c
= (int)T0_POPi();
1763 uint32_t x
= T0_POP();
1773 err
= verify_CV_sig(CTX
, T0_POP());
1779 /* write-blob-chunk */
1781 size_t clen
= ENG
->hlen_out
;
1787 if ((size_t)len
< clen
) {
1790 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1791 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1792 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1794 T0_PUSH(addr
+ (uint32_t)clen
);
1795 T0_PUSH(len
- (uint32_t)clen
);
1796 ENG
->hbuf_out
+= clen
;
1797 ENG
->hlen_out
-= clen
;
1807 x
= (unsigned char)T0_POP();
1808 if (ENG
->hlen_out
> 0) {
1809 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1810 br_multihash_update(&ENG
->mhash
, &x
, 1);
1812 *ENG
->hbuf_out
++ = x
;
1824 const br_x509_class
*xc
;
1827 xc
= *(ENG
->x509ctx
);
1829 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1836 const br_x509_class
*xc
;
1838 xc
= *(ENG
->x509ctx
);
1839 xc
->end_cert(ENG
->x509ctx
);
1844 /* x509-end-chain */
1846 const br_x509_class
*xc
;
1848 xc
= *(ENG
->x509ctx
);
1849 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1854 /* x509-start-cert */
1856 const br_x509_class
*xc
;
1858 xc
= *(ENG
->x509ctx
);
1859 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1864 /* x509-start-chain */
1866 const br_x509_class
*xc
;
1870 xc
= *(ENG
->x509ctx
);
1871 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1878 T0_ENTER(ip
, rp
, t0x
);
1882 ((t0_context
*)t0ctx
)->dp
= dp
;
1883 ((t0_context
*)t0ctx
)->rp
= rp
;
1884 ((t0_context
*)t0ctx
)->ip
= ip
;