1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_ssl_hs_server_init_main(void *t0ctx
);
66 void br_ssl_hs_server_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_server_context *)ENG)
95 * Decrypt the pre-master secret (RSA key exchange).
98 do_rsa_decrypt(br_ssl_server_context
*ctx
, int prf_id
,
99 unsigned char *epms
, size_t len
)
102 unsigned char rpms
[48];
107 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
, epms
, len
);
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
116 br_enc16be(epms
, ctx
->client_max_version
);
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
123 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, sizeof rpms
);
124 br_ccopy(x
^ 1, epms
, rpms
, sizeof rpms
);
127 * Compute master secret.
129 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, epms
, 48);
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
135 memset(epms
, 0, len
);
139 * Common part for ECDH and ECDHE.
142 ecdh_common(br_ssl_server_context
*ctx
, int prf_id
,
143 unsigned char *cpoint
, size_t cpoint_len
, uint32_t ctl
)
145 unsigned char rpms
[80];
149 * The point length is supposed to be 1+2*Xlen, where Xlen is
150 * the length (in bytes) of the X coordinate, i.e. the pre-master
151 * secret. If the provided point is too large, then it is
152 * obviously incorrect (i.e. everybody can see that it is
153 * incorrect), so leaking that fact is not a problem.
155 pms_len
= cpoint_len
>> 1;
156 if (pms_len
> sizeof rpms
) {
157 pms_len
= sizeof rpms
;
162 * Make a random PMS and copy it above the decrypted value if the
163 * decryption failed. Note that we use a constant-time conditional
166 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, pms_len
);
167 br_ccopy(ctl
^ 1, cpoint
+ 1, rpms
, pms_len
);
170 * Compute master secret.
172 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, cpoint
+ 1, pms_len
);
175 * Clear the pre-master secret from RAM: it is normally a buffer
176 * in the context, hence potentially long-lived.
178 memset(cpoint
, 0, cpoint_len
);
182 * Do the ECDH key exchange (not ECDHE).
185 do_ecdh(br_ssl_server_context
*ctx
, int prf_id
,
186 unsigned char *cpoint
, size_t cpoint_len
)
191 * Finalise the key exchange.
193 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
,
195 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
199 * Do the full static ECDH key exchange. When this function is called,
200 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
201 * and the client's public key (from its certificate) has type EC and is
202 * apt for key exchange.
205 do_static_ecdh(br_ssl_server_context
*ctx
, int prf_id
)
207 unsigned char cpoint
[133];
209 const br_x509_class
**xc
;
210 const br_x509_pkey
*pk
;
212 xc
= ctx
->eng
.x509ctx
;
213 pk
= (*xc
)->get_pkey(xc
, NULL
);
214 cpoint_len
= pk
->key
.ec
.qlen
;
215 if (cpoint_len
> sizeof cpoint
) {
217 * If the point is larger than our buffer then we need to
218 * restrict it. Length 2 is not a valid point length, so
219 * the ECDH will fail.
223 memcpy(cpoint
, pk
->key
.ec
.q
, cpoint_len
);
224 do_ecdh(ctx
, prf_id
, cpoint
, cpoint_len
);
228 * Do the ECDHE key exchange (part 1: generation of transient key, and
229 * computing of the point to send to the client). Returned value is the
230 * signature length (in bytes), or -x on error (with x being an error
231 * code). The encoded point is written in the ecdhe_point[] context buffer
232 * (length in ecdhe_point_len).
235 do_ecdhe_part1(br_ssl_server_context
*ctx
, int curve
)
239 const unsigned char *order
, *generator
;
241 br_multihash_context mhc
;
242 unsigned char head
[4];
243 size_t hv_len
, sig_len
;
245 if (!((ctx
->eng
.iec
->supported_curves
>> curve
) & 1)) {
246 return -BR_ERR_INVALID_ALGORITHM
;
248 ctx
->eng
.ecdhe_curve
= curve
;
251 * Generate our private key. We need a non-zero random value
252 * which is lower than the curve order, in a "large enough"
253 * range. We force the top bit to 0 and bottom bit to 1, which
254 * does the trick. Note that contrary to what happens in ECDSA,
255 * this is not a problem if we do not cover the full range of
258 order
= ctx
->eng
.iec
->order(curve
, &olen
);
260 while (mask
>= order
[0]) {
263 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->ecdhe_key
, olen
);
264 ctx
->ecdhe_key
[0] &= mask
;
265 ctx
->ecdhe_key
[olen
- 1] |= 0x01;
266 ctx
->ecdhe_key_len
= olen
;
269 * Compute our ECDH point.
271 generator
= ctx
->eng
.iec
->generator(curve
, &glen
);
272 memcpy(ctx
->eng
.ecdhe_point
, generator
, glen
);
273 ctx
->eng
.ecdhe_point_len
= glen
;
274 if (!ctx
->eng
.iec
->mul(ctx
->eng
.ecdhe_point
, glen
,
275 ctx
->ecdhe_key
, olen
, curve
))
277 return -BR_ERR_INVALID_ALGORITHM
;
281 * Compute the signature.
283 br_multihash_zero(&mhc
);
284 br_multihash_copyimpl(&mhc
, &ctx
->eng
.mhash
);
285 br_multihash_init(&mhc
);
286 br_multihash_update(&mhc
,
287 ctx
->eng
.client_random
, sizeof ctx
->eng
.client_random
);
288 br_multihash_update(&mhc
,
289 ctx
->eng
.server_random
, sizeof ctx
->eng
.server_random
);
293 head
[3] = ctx
->eng
.ecdhe_point_len
;
294 br_multihash_update(&mhc
, head
, sizeof head
);
295 br_multihash_update(&mhc
,
296 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
297 hash
= ctx
->sign_hash_id
;
299 hv_len
= br_multihash_out(&mhc
, hash
, ctx
->eng
.pad
);
301 return -BR_ERR_INVALID_ALGORITHM
;
304 if (!br_multihash_out(&mhc
, br_md5_ID
, ctx
->eng
.pad
)
305 || !br_multihash_out(&mhc
,
306 br_sha1_ID
, ctx
->eng
.pad
+ 16))
308 return -BR_ERR_INVALID_ALGORITHM
;
312 sig_len
= (*ctx
->policy_vtable
)->do_sign(ctx
->policy_vtable
,
313 hash
, hv_len
, ctx
->eng
.pad
, sizeof ctx
->eng
.pad
);
314 return sig_len
? (int)sig_len
: -BR_ERR_INVALID_ALGORITHM
;
318 * Do the ECDHE key exchange (part 2: computation of the shared secret
319 * from the point sent by the client).
322 do_ecdhe_part2(br_ssl_server_context
*ctx
, int prf_id
,
323 unsigned char *cpoint
, size_t cpoint_len
)
328 curve
= ctx
->eng
.ecdhe_curve
;
331 * Finalise the key exchange.
333 x
= ctx
->eng
.iec
->mul(cpoint
, cpoint_len
,
334 ctx
->ecdhe_key
, ctx
->ecdhe_key_len
, curve
);
335 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
338 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
339 * as that key does not get stolen, so we'd better destroy it
340 * as soon as it ceases to be useful.
342 memset(ctx
->ecdhe_key
, 0, ctx
->ecdhe_key_len
);
346 * Offset for hash value within the pad (when obtaining all hash values,
347 * in preparation for verification of the CertificateVerify message).
348 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
349 * is used to get the total length.
351 static const unsigned char HASH_PAD_OFF
[] = { 0, 16, 36, 64, 96, 144, 208 };
354 * OID for hash functions in RSA signatures.
356 static const unsigned char HASH_OID_SHA1
[] = {
357 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
360 static const unsigned char HASH_OID_SHA224
[] = {
361 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
364 static const unsigned char HASH_OID_SHA256
[] = {
365 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
368 static const unsigned char HASH_OID_SHA384
[] = {
369 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
372 static const unsigned char HASH_OID_SHA512
[] = {
373 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
376 static const unsigned char *HASH_OID
[] = {
385 * Verify the signature in CertificateVerify. Returned value is 0 on
386 * success, or a non-zero error code. Lack of implementation of the
387 * designated signature algorithm is reported as a "bad signature"
388 * error (because it means that the peer did not honour our advertised
389 * set of supported signature algorithms).
392 verify_CV_sig(br_ssl_server_context
*ctx
, size_t sig_len
)
394 const br_x509_class
**xc
;
395 const br_x509_pkey
*pk
;
398 id
= ctx
->hash_CV_id
;
399 xc
= ctx
->eng
.x509ctx
;
400 pk
= (*xc
)->get_pkey(xc
, NULL
);
401 if (pk
->key_type
== BR_KEYTYPE_RSA
) {
402 unsigned char tmp
[64];
403 const unsigned char *hash_oid
;
408 hash_oid
= HASH_OID
[id
- 2];
410 if (ctx
->eng
.irsavrfy
== 0) {
411 return BR_ERR_BAD_SIGNATURE
;
413 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
414 hash_oid
, ctx
->hash_CV_len
, &pk
->key
.rsa
, tmp
)
415 || memcmp(tmp
, ctx
->hash_CV
, ctx
->hash_CV_len
) != 0)
417 return BR_ERR_BAD_SIGNATURE
;
420 if (ctx
->eng
.iecdsa
== 0) {
421 return BR_ERR_BAD_SIGNATURE
;
423 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
,
424 ctx
->hash_CV
, ctx
->hash_CV_len
,
425 &pk
->key
.ec
, ctx
->eng
.pad
, sig_len
))
427 return BR_ERR_BAD_SIGNATURE
;
435 static const uint8_t t0_datablock
[] = {
436 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
437 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
438 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
439 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
440 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
441 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
442 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
443 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
444 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
445 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
446 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
447 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
448 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
451 static const uint8_t t0_codeblock
[] = {
452 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
453 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
454 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
455 0x28, 0x28, 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00,
456 0x01, T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_BAD_SIGNATURE
), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_BAD_VERSION
), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_NO_CLIENT_AUTH
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
466 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
469 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
470 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
471 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
473 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
475 T0_INT2(offsetof(br_ssl_server_context
, client_max_version
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, client_random
)),
478 T0_INT2(offsetof(br_ssl_server_context
, client_suites
)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(br_ssl_server_context
, client_suites_num
)),
481 T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(br_ssl_server_context
, curves
)), 0x00, 0x00,
483 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00,
484 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)),
485 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)),
486 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context
, hashes
)),
487 0x00, 0x00, 0x73, 0x01,
488 T0_INT2(BR_MAX_CIPHER_SUITES
* sizeof(br_suite_translated
)), 0x00,
489 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
490 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00,
492 T0_INT2(offsetof(br_ssl_engine_context
, peer_log_max_frag_len
)), 0x00,
493 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)),
495 T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)), 0x00, 0x00,
497 0x01, T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00,
498 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)),
500 T0_INT2(offsetof(br_ssl_engine_context
, server_random
)), 0x00, 0x00,
502 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
504 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
506 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
507 0x01, T0_INT2(offsetof(br_ssl_server_context
, sign_hash_id
)), 0x00,
508 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00,
509 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00,
511 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
512 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
514 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
515 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
516 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
517 0x00, 0x00, 0x09, 0x29, 0x56, 0x06, 0x02, 0x62, 0x2A, 0x00, 0x00, 0x01,
518 0x01, 0x00, 0x01, 0x03, 0x00, 0x91, 0x29, 0x5C, 0x46, 0x95, 0x29, 0x05,
519 0x04, 0x5D, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x95, 0x00,
520 0x5C, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x62, 0x2A, 0x00, 0x00, 0x29, 0x82,
521 0x46, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x46, 0x70, 0x2D, 0x9D, 0x1C, 0x7D,
522 0x01, 0x0C, 0x32, 0x00, 0x00, 0x29, 0x21, 0x01, 0x08, 0x0C, 0x46, 0x5A,
523 0x21, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01, 0x00, 0x6F, 0x41, 0x2B, 0x19,
524 0x37, 0x06, 0x07, 0x02, 0x00, 0xC3, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00,
525 0xBB, 0x02, 0x00, 0x29, 0x19, 0x13, 0x06, 0x02, 0x69, 0x2A, 0xC3, 0x04,
526 0x76, 0x00, 0x01, 0x00, 0x6F, 0x41, 0x01, 0x16, 0x80, 0x41, 0x35, 0xA5,
527 0x34, 0x06, 0x02, 0x6B, 0x2A, 0x06, 0x0A, 0xCA, 0x01, 0x00, 0xC6, 0x01,
528 0x00, 0xA1, 0x04, 0x80, 0x46, 0xCA, 0xC7, 0x28, 0xCC, 0x4B, 0x06, 0x01,
529 0xC8, 0xCB, 0x2B, 0x4B, 0x06, 0x31, 0x01, 0x00, 0xA2, 0x29, 0x56, 0x06,
530 0x0F, 0x01, 0x02, 0x9A, 0x05, 0x02, 0x36, 0x2A, 0x28, 0xA6, 0xA4, 0x29,
531 0xBC, 0x28, 0x04, 0x19, 0x29, 0x58, 0x06, 0x0B, 0x28, 0x01, 0x02, 0x9A,
532 0x05, 0x02, 0x68, 0x2A, 0xA6, 0x04, 0x0A, 0xA8, 0x29, 0x05, 0x04, 0x28,
533 0xA0, 0x04, 0x02, 0xA7, 0xA3, 0x04, 0x01, 0xA6, 0x01, 0x00, 0xA1, 0x01,
534 0x00, 0xC6, 0x3D, 0x01, 0x01, 0x6F, 0x41, 0x01, 0x17, 0x80, 0x41, 0x00,
535 0x00, 0x39, 0x39, 0x00, 0x01, 0x03, 0x00, 0x2B, 0x19, 0x37, 0x06, 0x04,
536 0xC2, 0x28, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00, 0xBA, 0x19, 0x37, 0x06,
537 0x04, 0xC2, 0x28, 0x04, 0x78, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2A,
538 0x00, 0x00, 0x79, 0x2E, 0x46, 0x12, 0x01, 0x01, 0x13, 0x36, 0x00, 0x00,
539 0x01, 0x7F, 0x97, 0xC2, 0x29, 0x01, 0x07, 0x13, 0x01, 0x00, 0x39, 0x0F,
540 0x06, 0x09, 0x28, 0x01, 0x10, 0x13, 0x06, 0x01, 0xB9, 0x04, 0x2A, 0x01,
541 0x01, 0x39, 0x0F, 0x06, 0x21, 0x28, 0x28, 0x81, 0x2F, 0x01, 0x01, 0x0F,
542 0x01, 0x01, 0x9A, 0x38, 0x06, 0x0F, 0x2B, 0x19, 0x37, 0x06, 0x04, 0xC2,
543 0x28, 0x04, 0x78, 0x01, 0x80, 0x64, 0xBB, 0x04, 0x03, 0x01, 0x00, 0x97,
544 0x04, 0x03, 0x6B, 0x2A, 0x28, 0x04, 0x40, 0x01, 0x29, 0x03, 0x00, 0x09,
545 0x29, 0x56, 0x06, 0x02, 0x62, 0x2A, 0x02, 0x00, 0x00, 0x00, 0x92, 0x01,
546 0x0F, 0x13, 0x00, 0x00, 0x6E, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x10,
547 0x28, 0x29, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x28, 0x01, 0x02, 0x6E, 0x41,
548 0x01, 0x00, 0x04, 0x22, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x15, 0x28, 0x01,
549 0x00, 0x6E, 0x41, 0x29, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01, 0x82,
550 0x00, 0x08, 0x2A, 0x58, 0x00, 0x04, 0x07, 0x28, 0x01, 0x82, 0x00, 0x08,
551 0x2A, 0x28, 0x00, 0x00, 0x01, 0x00, 0x30, 0x06, 0x05, 0x3C, 0x9E, 0x38,
552 0x04, 0x78, 0x29, 0x06, 0x04, 0x01, 0x01, 0x87, 0x41, 0x00, 0x00, 0x01,
553 0x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x6C, 0x2A, 0x70, 0x2D, 0x29,
554 0xBE, 0x05, 0x02, 0x6B, 0x2A, 0x9D, 0x27, 0x00, 0x00, 0x30, 0x06, 0x0B,
555 0x7F, 0x2F, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x6B, 0x2A, 0x04, 0x11, 0xC2,
556 0x01, 0x07, 0x13, 0x29, 0x01, 0x02, 0x0E, 0x06, 0x06, 0x06, 0x02, 0x6B,
557 0x2A, 0x04, 0x70, 0x28, 0xB7, 0x01, 0x01, 0x0E, 0x34, 0x38, 0x06, 0x02,
558 0x5E, 0x2A, 0x29, 0x01, 0x01, 0xBD, 0x37, 0xA9, 0x00, 0x01, 0xAE, 0x01,
559 0x0B, 0x0F, 0x05, 0x02, 0x6B, 0x2A, 0x29, 0x01, 0x03, 0x0F, 0x06, 0x08,
560 0xB5, 0x06, 0x02, 0x62, 0x2A, 0x46, 0x28, 0x00, 0x46, 0x55, 0xB5, 0x9C,
561 0x29, 0x06, 0x23, 0xB5, 0x9C, 0x29, 0x54, 0x29, 0x06, 0x18, 0x29, 0x01,
562 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x29, 0x03,
563 0x00, 0x7D, 0x02, 0x00, 0xAA, 0x02, 0x00, 0x51, 0x04, 0x65, 0x93, 0x52,
564 0x04, 0x5A, 0x93, 0x93, 0x53, 0x29, 0x06, 0x02, 0x36, 0x00, 0x28, 0x2C,
565 0x00, 0x02, 0x29, 0x01, 0x20, 0x13, 0x05, 0x02, 0x6C, 0x2A, 0x01, 0x0F,
566 0x13, 0x03, 0x00, 0xA4, 0x8B, 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x23,
567 0xB4, 0x29, 0x01, 0x81, 0x7F, 0x13, 0x5A, 0x01, 0x01, 0x12, 0x02, 0x00,
568 0x0F, 0x05, 0x02, 0x64, 0x2A, 0x01, 0x08, 0x12, 0x29, 0x01, 0x02, 0x0B,
569 0x39, 0x01, 0x06, 0x10, 0x38, 0x06, 0x02, 0x66, 0x2A, 0x04, 0x0D, 0x02,
570 0x00, 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00, 0x04, 0x02, 0x01, 0x02,
571 0x20, 0x05, 0x02, 0x66, 0x2A, 0xB4, 0x29, 0x03, 0x01, 0x29, 0x01, 0x84,
572 0x00, 0x10, 0x06, 0x02, 0x67, 0x2A, 0x7D, 0x46, 0xAA, 0x02, 0x01, 0x4E,
573 0x29, 0x06, 0x01, 0x2A, 0x28, 0x93, 0x00, 0x00, 0x1D, 0xAE, 0x01, 0x0F,
574 0x0F, 0x05, 0x02, 0x6B, 0x2A, 0x00, 0x0A, 0xAE, 0x01, 0x01, 0x0F, 0x05,
575 0x02, 0x6B, 0x2A, 0xB4, 0x29, 0x03, 0x00, 0x71, 0x3F, 0x72, 0x01, 0x20,
576 0xAA, 0xB6, 0x29, 0x01, 0x20, 0x10, 0x06, 0x02, 0x6A, 0x2A, 0x29, 0x86,
577 0x41, 0x85, 0x46, 0xAA, 0x1A, 0x03, 0x01, 0xB4, 0x9C, 0x01, 0x00, 0x03,
578 0x02, 0x01, 0x00, 0x03, 0x03, 0x7B, 0x98, 0x17, 0x39, 0x08, 0x03, 0x04,
579 0x03, 0x05, 0x29, 0x06, 0x80, 0x6D, 0xB4, 0x29, 0x03, 0x06, 0x02, 0x01,
580 0x06, 0x0A, 0x29, 0x70, 0x2D, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x03,
581 0x29, 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x81, 0x2F, 0x06, 0x02, 0x63,
582 0x2A, 0x01, 0x7F, 0x03, 0x02, 0x29, 0x01, 0x81, 0xAC, 0x00, 0x0F, 0x06,
583 0x11, 0x02, 0x00, 0x8E, 0x2D, 0x11, 0x02, 0x00, 0x8D, 0x2D, 0x0B, 0x13,
584 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0xB8, 0x29, 0x56, 0x06, 0x03, 0x28,
585 0x04, 0x26, 0x01, 0x00, 0x9A, 0x06, 0x0B, 0x01, 0x02, 0x0C, 0x73, 0x08,
586 0x02, 0x06, 0x46, 0x3F, 0x04, 0x16, 0x28, 0x02, 0x05, 0x02, 0x04, 0x11,
587 0x06, 0x02, 0x61, 0x2A, 0x02, 0x06, 0x02, 0x05, 0x3F, 0x02, 0x05, 0x01,
588 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x28, 0x01, 0x00, 0x03, 0x07,
589 0xB6, 0x9C, 0x29, 0x06, 0x09, 0xB6, 0x05, 0x04, 0x01, 0x7F, 0x03, 0x07,
590 0x04, 0x74, 0x93, 0x01, 0x00, 0x83, 0x41, 0x01, 0x88, 0x04, 0x7A, 0x3F,
591 0x01, 0x84, 0x80, 0x80, 0x00, 0x76, 0x40, 0x29, 0x06, 0x80, 0x42, 0xB4,
592 0x9C, 0x29, 0x06, 0x3C, 0xB4, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x04, 0x28,
593 0xAD, 0x04, 0x2F, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xAB, 0x04,
594 0x25, 0x01, 0x83, 0xFE, 0x01, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xAC, 0x04,
595 0x19, 0x01, 0x0D, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xB2, 0x04, 0x0F, 0x01,
596 0x0A, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xB3, 0x04, 0x05, 0x28, 0xB0, 0x01,
597 0x00, 0x28, 0x04, 0x41, 0x93, 0x93, 0x02, 0x01, 0x02, 0x03, 0x13, 0x03,
598 0x01, 0x02, 0x00, 0x56, 0x06, 0x08, 0x71, 0x2D, 0x8F, 0x3F, 0x01, 0x80,
599 0x56, 0x99, 0x8D, 0x2D, 0x29, 0x02, 0x00, 0x10, 0x06, 0x03, 0x28, 0x02,
600 0x00, 0x29, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x65, 0x2A, 0x02, 0x00,
601 0x8E, 0x2D, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46, 0x99, 0x02, 0x01, 0x06,
602 0x10, 0x8B, 0x2D, 0x02, 0x00, 0x0D, 0x06, 0x05, 0x28, 0x8B, 0x2D, 0x04,
603 0x04, 0x01, 0x00, 0x03, 0x01, 0x29, 0x8B, 0x3F, 0x29, 0x8C, 0x3F, 0x29,
604 0x8F, 0x3F, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08, 0x02, 0x02, 0x06, 0x04,
605 0x01, 0x02, 0x81, 0x41, 0x02, 0x07, 0x05, 0x03, 0x01, 0x28, 0x99, 0x43,
606 0x28, 0x01, 0x82, 0x01, 0x07, 0x7A, 0x2D, 0x13, 0x29, 0x7A, 0x3F, 0x29,
607 0x01, 0x81, 0x7F, 0x13, 0x57, 0x36, 0x46, 0x01, 0x08, 0x12, 0x57, 0x01,
608 0x02, 0x13, 0x38, 0x03, 0x09, 0x76, 0x2E, 0x42, 0x13, 0x29, 0x76, 0x40,
609 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02, 0x01, 0x06, 0x03, 0x01, 0x7F,
610 0x00, 0x85, 0x01, 0x20, 0x33, 0x01, 0x20, 0x86, 0x41, 0x73, 0x29, 0x03,
611 0x05, 0x29, 0x02, 0x04, 0x0B, 0x06, 0x80, 0x49, 0x29, 0x2D, 0x29, 0x92,
612 0x29, 0x01, 0x0C, 0x12, 0x29, 0x01, 0x01, 0x0F, 0x46, 0x01, 0x02, 0x0F,
613 0x38, 0x06, 0x0A, 0x29, 0x02, 0x09, 0x13, 0x05, 0x04, 0x5D, 0x01, 0x00,
614 0x29, 0x02, 0x08, 0x05, 0x0E, 0x29, 0x01, 0x81, 0x70, 0x13, 0x01, 0x20,
615 0x0E, 0x06, 0x04, 0x5D, 0x01, 0x00, 0x29, 0x29, 0x06, 0x10, 0x02, 0x05,
616 0x5C, 0x3F, 0x02, 0x05, 0x3F, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05,
617 0x04, 0x01, 0x5D, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x30, 0x28, 0x02, 0x05,
618 0x73, 0x09, 0x01, 0x02, 0x12, 0x29, 0x05, 0x03, 0x01, 0x28, 0x99, 0x74,
619 0x41, 0x18, 0x05, 0x03, 0x01, 0x28, 0x99, 0x01, 0x00, 0x00, 0x00, 0xA8,
620 0xA7, 0x00, 0x04, 0x70, 0x2D, 0xC1, 0x06, 0x16, 0xB4, 0x29, 0x01, 0x84,
621 0x00, 0x10, 0x06, 0x02, 0x67, 0x2A, 0x29, 0x03, 0x00, 0x7D, 0x46, 0xAA,
622 0x02, 0x00, 0x70, 0x2D, 0x9D, 0x26, 0x70, 0x2D, 0x29, 0xBF, 0x46, 0xBE,
623 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x38, 0x06, 0x14, 0xB6,
624 0x29, 0x03, 0x03, 0x7D, 0x46, 0xAA, 0x02, 0x03, 0x70, 0x2D, 0x9D, 0x02,
625 0x02, 0x06, 0x03, 0x25, 0x04, 0x01, 0x23, 0x93, 0x00, 0x00, 0xAE, 0x01,
626 0x10, 0x0F, 0x05, 0x02, 0x6B, 0x2A, 0x00, 0x00, 0x94, 0xAE, 0x01, 0x14,
627 0x0E, 0x06, 0x02, 0x6B, 0x2A, 0x7D, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0xAA,
628 0x93, 0x7D, 0x29, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x31, 0x05, 0x02, 0x5F,
629 0x2A, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00, 0x90, 0x02, 0x01,
630 0x02, 0x00, 0x3B, 0x29, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x5D, 0x00, 0xC4,
631 0x04, 0x74, 0x00, 0xB4, 0x01, 0x01, 0x0E, 0x06, 0x02, 0x60, 0x2A, 0xB6,
632 0x29, 0x29, 0x58, 0x46, 0x01, 0x05, 0x11, 0x38, 0x06, 0x02, 0x60, 0x2A,
633 0x01, 0x08, 0x08, 0x29, 0x7C, 0x2F, 0x0B, 0x06, 0x0D, 0x29, 0x01, 0x01,
634 0x46, 0x0C, 0x3E, 0x29, 0x7C, 0x41, 0x7E, 0x41, 0x04, 0x01, 0x28, 0x00,
635 0x00, 0xB4, 0x81, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x13, 0x28, 0x01,
636 0x01, 0x0F, 0x05, 0x02, 0x63, 0x2A, 0xB6, 0x06, 0x02, 0x63, 0x2A, 0x01,
637 0x02, 0x81, 0x41, 0x04, 0x28, 0x01, 0x02, 0x39, 0x0F, 0x06, 0x1F, 0x28,
638 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x63, 0x2A, 0xB6, 0x01, 0x0C, 0x0F, 0x05,
639 0x02, 0x63, 0x2A, 0x7D, 0x01, 0x0C, 0xAA, 0x82, 0x7D, 0x01, 0x0C, 0x31,
640 0x05, 0x02, 0x63, 0x2A, 0x04, 0x03, 0x63, 0x2A, 0x28, 0x00, 0x00, 0xB4,
641 0x9C, 0xB4, 0x9C, 0x29, 0x06, 0x1D, 0xB6, 0x06, 0x03, 0xB0, 0x04, 0x15,
642 0xB4, 0x29, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x29, 0x83, 0x08, 0x01,
643 0x00, 0x46, 0x41, 0x83, 0x46, 0xAA, 0x04, 0x01, 0xBC, 0x04, 0x60, 0x93,
644 0x93, 0x00, 0x00, 0xAF, 0x29, 0x58, 0x06, 0x07, 0x28, 0x06, 0x02, 0x61,
645 0x2A, 0x04, 0x74, 0x00, 0x00, 0xB7, 0x01, 0x03, 0xB5, 0x46, 0x28, 0x46,
646 0x00, 0x00, 0xB4, 0xBC, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, 0xB4, 0x9C,
647 0x29, 0x06, 0x32, 0xB6, 0x03, 0x01, 0xB6, 0x03, 0x02, 0x02, 0x01, 0x01,
648 0x02, 0x11, 0x02, 0x01, 0x01, 0x06, 0x0D, 0x13, 0x02, 0x02, 0x01, 0x01,
649 0x0F, 0x02, 0x02, 0x01, 0x03, 0x0F, 0x38, 0x13, 0x06, 0x11, 0x02, 0x00,
650 0x01, 0x01, 0x02, 0x02, 0x5B, 0x01, 0x02, 0x0C, 0x02, 0x01, 0x08, 0x0C,
651 0x38, 0x03, 0x00, 0x04, 0x4B, 0x93, 0x02, 0x00, 0x00, 0x00, 0xB4, 0x9C,
652 0xB1, 0x7A, 0x3F, 0x93, 0x00, 0x00, 0xB4, 0x9C, 0xB4, 0x9C, 0x01, 0x00,
653 0x76, 0x40, 0x29, 0x06, 0x15, 0xB4, 0x29, 0x01, 0x20, 0x0B, 0x06, 0x0B,
654 0x01, 0x01, 0x46, 0x0C, 0x76, 0x2E, 0x38, 0x76, 0x40, 0x04, 0x01, 0x28,
655 0x04, 0x68, 0x93, 0x93, 0x00, 0x00, 0x01, 0x02, 0x90, 0xB7, 0x01, 0x08,
656 0x0C, 0xB7, 0x08, 0x00, 0x00, 0x01, 0x03, 0x90, 0xB7, 0x01, 0x08, 0x0C,
657 0xB7, 0x08, 0x01, 0x08, 0x0C, 0xB7, 0x08, 0x00, 0x00, 0x01, 0x01, 0x90,
658 0xB7, 0x00, 0x00, 0x3C, 0x29, 0x56, 0x05, 0x01, 0x00, 0x28, 0xC4, 0x04,
659 0x76, 0x02, 0x03, 0x00, 0x8A, 0x2F, 0x03, 0x01, 0x01, 0x00, 0x29, 0x02,
660 0x01, 0x0B, 0x06, 0x10, 0x29, 0x01, 0x01, 0x0C, 0x89, 0x08, 0x2D, 0x02,
661 0x00, 0x0F, 0x06, 0x01, 0x00, 0x5A, 0x04, 0x6A, 0x28, 0x01, 0x7F, 0x00,
662 0x00, 0x2B, 0x19, 0x37, 0x06, 0x04, 0xC2, 0x28, 0x04, 0x78, 0x01, 0x16,
663 0x80, 0x41, 0x01, 0x00, 0xD5, 0x01, 0x00, 0xD4, 0x2B, 0x01, 0x17, 0x80,
664 0x41, 0x00, 0x00, 0x01, 0x15, 0x80, 0x41, 0x46, 0x50, 0x28, 0x50, 0x28,
665 0x2B, 0x00, 0x00, 0x01, 0x01, 0x46, 0xBA, 0x00, 0x00, 0x46, 0x39, 0x90,
666 0x46, 0x29, 0x06, 0x05, 0xB7, 0x28, 0x5B, 0x04, 0x78, 0x28, 0x00, 0x02,
667 0x03, 0x00, 0x70, 0x2D, 0x92, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x13,
668 0x02, 0x01, 0x01, 0x04, 0x12, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x08,
669 0x12, 0x01, 0x0F, 0x13, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x10, 0x28, 0x01,
670 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04,
671 0x80, 0x56, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x10, 0x28, 0x01, 0x01, 0x01,
672 0x10, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04, 0x80, 0x40,
673 0x01, 0x02, 0x39, 0x0F, 0x06, 0x0F, 0x28, 0x01, 0x01, 0x01, 0x20, 0x02,
674 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04, 0x2B, 0x01, 0x03, 0x39,
675 0x0F, 0x06, 0x0E, 0x28, 0x28, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x47,
676 0x04, 0x01, 0x48, 0x04, 0x17, 0x01, 0x04, 0x39, 0x0F, 0x06, 0x0E, 0x28,
677 0x28, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x47, 0x04, 0x01, 0x48, 0x04,
678 0x03, 0x62, 0x2A, 0x28, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x12, 0x01, 0x02,
679 0x10, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x12, 0x29, 0x59, 0x46, 0x01, 0x03,
680 0x0B, 0x13, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x12, 0x01, 0x01, 0x0F, 0x00,
681 0x00, 0x92, 0x01, 0x0C, 0x12, 0x58, 0x00, 0x00, 0x1B, 0x01, 0x00, 0x6D,
682 0x2F, 0x29, 0x06, 0x1F, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x06, 0x28, 0x01,
683 0x00, 0x96, 0x04, 0x11, 0x01, 0x02, 0x39, 0x0F, 0x06, 0x0A, 0x28, 0x6F,
684 0x2F, 0x06, 0x03, 0x01, 0x10, 0x38, 0x04, 0x01, 0x28, 0x04, 0x01, 0x28,
685 0x75, 0x2F, 0x05, 0x33, 0x30, 0x06, 0x30, 0x7F, 0x2F, 0x01, 0x14, 0x39,
686 0x0F, 0x06, 0x06, 0x28, 0x01, 0x02, 0x38, 0x04, 0x22, 0x01, 0x15, 0x39,
687 0x0F, 0x06, 0x09, 0x28, 0x9F, 0x06, 0x03, 0x01, 0x7F, 0x96, 0x04, 0x13,
688 0x01, 0x16, 0x39, 0x0F, 0x06, 0x06, 0x28, 0x01, 0x01, 0x38, 0x04, 0x07,
689 0x28, 0x01, 0x04, 0x38, 0x01, 0x00, 0x28, 0x19, 0x06, 0x03, 0x01, 0x08,
690 0x38, 0x00, 0x00, 0x1B, 0x29, 0x05, 0x0F, 0x30, 0x06, 0x0C, 0x7F, 0x2F,
691 0x01, 0x15, 0x0F, 0x06, 0x04, 0x28, 0x9F, 0x04, 0x01, 0x22, 0x00, 0x00,
692 0xC2, 0x01, 0x07, 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x6B, 0x2A, 0x00,
693 0x01, 0x03, 0x00, 0x2B, 0x19, 0x06, 0x05, 0x02, 0x00, 0x80, 0x41, 0x00,
694 0xC2, 0x28, 0x04, 0x74, 0x00, 0x01, 0x14, 0xC5, 0x01, 0x01, 0xD5, 0x2B,
695 0x29, 0x01, 0x00, 0xBD, 0x01, 0x16, 0xC5, 0xC9, 0x2B, 0x00, 0x00, 0x01,
696 0x0B, 0xD5, 0x4C, 0x29, 0x29, 0x01, 0x03, 0x08, 0xD4, 0xD4, 0x14, 0x29,
697 0x56, 0x06, 0x02, 0x28, 0x00, 0xD4, 0x1E, 0x29, 0x06, 0x05, 0x7D, 0x46,
698 0xCD, 0x04, 0x77, 0x28, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xCF, 0x8B, 0x2D,
699 0x01, 0x86, 0x03, 0x11, 0x06, 0x05, 0x5C, 0x01, 0x00, 0xD0, 0x08, 0x4B,
700 0x08, 0x01, 0x03, 0x08, 0x01, 0x0D, 0xD5, 0xD4, 0x01, 0x00, 0xCF, 0xD5,
701 0x01, 0x01, 0xCF, 0x28, 0x8B, 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x08,
702 0x01, 0x00, 0xD0, 0xD3, 0x01, 0x01, 0xD0, 0x28, 0x4B, 0xD3, 0x16, 0x15,
703 0x29, 0x56, 0x06, 0x02, 0x28, 0x00, 0xD3, 0x1F, 0x29, 0x06, 0x05, 0x7D,
704 0x46, 0xCD, 0x04, 0x77, 0x28, 0x04, 0x6C, 0x00, 0x94, 0x01, 0x14, 0xD5,
705 0x01, 0x0C, 0xD4, 0x7D, 0x01, 0x0C, 0xCD, 0x00, 0x03, 0x03, 0x00, 0x01,
706 0x02, 0xD5, 0x01, 0x80, 0x46, 0x81, 0x2F, 0x01, 0x02, 0x0F, 0x06, 0x0C,
707 0x02, 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02,
708 0x01, 0x00, 0x03, 0x01, 0x7E, 0x2F, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02,
709 0x01, 0x00, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x08, 0x29, 0x06, 0x03,
710 0x01, 0x02, 0x08, 0x08, 0xD4, 0x8B, 0x2D, 0xD3, 0x84, 0x01, 0x04, 0x17,
711 0x84, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x33, 0x84, 0x01, 0x20, 0xCD, 0x01,
712 0x20, 0xD5, 0x85, 0x01, 0x20, 0xCD, 0x70, 0x2D, 0xD3, 0x01, 0x00, 0xD5,
713 0x02, 0x01, 0x02, 0x02, 0x08, 0x29, 0x06, 0x29, 0xD3, 0x02, 0x01, 0x29,
714 0x06, 0x10, 0x01, 0x83, 0xFE, 0x01, 0xD3, 0x01, 0x04, 0x09, 0x29, 0xD3,
715 0x5B, 0x82, 0x46, 0xCE, 0x04, 0x01, 0x28, 0x02, 0x02, 0x06, 0x0C, 0x01,
716 0x01, 0xD3, 0x01, 0x01, 0xD3, 0x7E, 0x2F, 0x01, 0x08, 0x09, 0xD5, 0x04,
717 0x01, 0x28, 0x00, 0x00, 0x01, 0x0E, 0xD5, 0x01, 0x00, 0xD4, 0x00, 0x03,
718 0x70, 0x2D, 0xBF, 0x05, 0x01, 0x00, 0x76, 0x2E, 0x01, 0x00, 0x98, 0x12,
719 0x01, 0x01, 0x13, 0x58, 0x06, 0x03, 0x5A, 0x04, 0x75, 0x03, 0x00, 0x28,
720 0x02, 0x00, 0x24, 0x29, 0x56, 0x06, 0x02, 0x36, 0x2A, 0x03, 0x01, 0x8B,
721 0x2D, 0x01, 0x86, 0x03, 0x11, 0x03, 0x02, 0x01, 0x0C, 0xD5, 0x02, 0x01,
722 0x78, 0x2F, 0x08, 0x02, 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08,
723 0xD4, 0x01, 0x03, 0xD5, 0x02, 0x00, 0xD3, 0x77, 0x78, 0x2F, 0xCE, 0x02,
724 0x02, 0x06, 0x0D, 0x88, 0x2F, 0xD5, 0x70, 0x2D, 0xC0, 0x01, 0x01, 0x0C,
725 0x01, 0x03, 0x08, 0xD5, 0x02, 0x01, 0xD3, 0x7D, 0x02, 0x01, 0xCD, 0x00,
726 0x00, 0x4F, 0x29, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x5D, 0x00, 0xC2, 0x28,
727 0x04, 0x73, 0x00, 0x29, 0xD5, 0xCD, 0x00, 0x00, 0x01, 0x00, 0x70, 0x2D,
728 0xBE, 0x06, 0x0C, 0x5C, 0x39, 0x06, 0x08, 0x01, 0x80, 0x41, 0xD5, 0x01,
729 0x80, 0x42, 0xD5, 0x45, 0x06, 0x07, 0x5A, 0x39, 0x06, 0x03, 0x01, 0x01,
730 0xD5, 0x44, 0x06, 0x08, 0x5A, 0x39, 0x06, 0x04, 0x01, 0x80, 0x40, 0xD5,
731 0x46, 0x28, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00, 0x45, 0x44, 0x38, 0x05,
732 0x14, 0x01, 0x01, 0x01, 0x80, 0x7C, 0xD1, 0x03, 0x00, 0x01, 0x03, 0x01,
733 0x80, 0x7C, 0xD1, 0x02, 0x00, 0x08, 0x46, 0x28, 0x00, 0x45, 0x06, 0x07,
734 0x01, 0x01, 0x43, 0x28, 0xD1, 0x03, 0x00, 0x44, 0x06, 0x0A, 0x01, 0x03,
735 0x43, 0x28, 0xD1, 0x02, 0x00, 0x08, 0x03, 0x00, 0x28, 0x02, 0x00, 0x00,
736 0x00, 0x01, 0x00, 0x01, 0x04, 0xD2, 0x01, 0x05, 0xD2, 0x01, 0x06, 0xD2,
737 0x01, 0x03, 0xD2, 0x01, 0x02, 0xD2, 0x0A, 0x5D, 0x00, 0x01, 0x03, 0x00,
738 0x39, 0x01, 0x01, 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x5C, 0x01,
739 0x03, 0x3A, 0x06, 0x07, 0x02, 0x00, 0xD5, 0x01, 0x02, 0x3A, 0xD5, 0x00,
740 0x00, 0x29, 0x01, 0x08, 0x4D, 0xD5, 0xD5, 0x00, 0x00, 0x29, 0x01, 0x10,
741 0x4D, 0xD5, 0xD3, 0x00, 0x00, 0x29, 0x50, 0x06, 0x02, 0x28, 0x00, 0xC2,
745 static const uint16_t t0_caddr
[] = {
876 #define T0_INTERPRETED 86
878 #define T0_ENTER(ip, rp, slot) do { \
879 const unsigned char *t0_newip; \
881 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
882 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
884 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
888 #define T0_DEFENTRY(name, slot) \
892 t0_context *t0ctx = ctx; \
893 t0ctx->ip = &t0_codeblock[0]; \
894 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
897 T0_DEFENTRY(br_ssl_hs_server_init_main
, 155)
899 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
902 br_ssl_hs_server_run(void *t0ctx
)
905 const unsigned char *ip
;
907 #define T0_LOCAL(x) (*(rp - 2 - (x)))
908 #define T0_POP() (*-- dp)
909 #define T0_POPi() (*(int32_t *)(-- dp))
910 #define T0_PEEK(x) (*(dp - 1 - (x)))
911 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
912 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
913 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
914 #define T0_RPOP() (*-- rp)
915 #define T0_RPOPi() (*(int32_t *)(-- rp))
916 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
917 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
918 #define T0_ROLL(x) do { \
919 size_t t0len = (size_t)(x); \
920 uint32_t t0tmp = *(dp - 1 - t0len); \
921 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
924 #define T0_SWAP() do { \
925 uint32_t t0tmp = *(dp - 2); \
926 *(dp - 2) = *(dp - 1); \
929 #define T0_ROT() do { \
930 uint32_t t0tmp = *(dp - 3); \
931 *(dp - 3) = *(dp - 2); \
932 *(dp - 2) = *(dp - 1); \
935 #define T0_NROT() do { \
936 uint32_t t0tmp = *(dp - 1); \
937 *(dp - 1) = *(dp - 2); \
938 *(dp - 2) = *(dp - 3); \
941 #define T0_PICK(x) do { \
942 uint32_t t0depth = (x); \
943 T0_PUSH(T0_PEEK(t0depth)); \
945 #define T0_CO() do { \
948 #define T0_RET() goto t0_next
950 dp
= ((t0_context
*)t0ctx
)->dp
;
951 rp
= ((t0_context
*)t0ctx
)->rp
;
952 ip
= ((t0_context
*)t0ctx
)->ip
;
959 if (t0x
< T0_INTERPRETED
) {
971 ip
= &t0_codeblock
[t0x
];
973 case 1: /* literal constant */
974 T0_PUSHi(t0_parse7E_signed(&ip
));
976 case 2: /* read local */
977 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
979 case 3: /* write local */
980 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
983 t0off
= t0_parse7E_signed(&ip
);
986 case 5: /* jump if */
987 t0off
= t0_parse7E_signed(&ip
);
992 case 6: /* jump if not */
993 t0off
= t0_parse7E_signed(&ip
);
1001 uint32_t b
= T0_POP();
1002 uint32_t a
= T0_POP();
1010 uint32_t b
= T0_POP();
1011 uint32_t a
= T0_POP();
1019 uint32_t b
= T0_POP();
1020 uint32_t a
= T0_POP();
1033 int32_t b
= T0_POPi();
1034 int32_t a
= T0_POPi();
1035 T0_PUSH(-(uint32_t)(a
< b
));
1042 int c
= (int)T0_POPi();
1043 uint32_t x
= T0_POP();
1051 int32_t b
= T0_POPi();
1052 int32_t a
= T0_POPi();
1053 T0_PUSH(-(uint32_t)(a
<= b
));
1060 uint32_t b
= T0_POP();
1061 uint32_t a
= T0_POP();
1062 T0_PUSH(-(uint32_t)(a
!= b
));
1069 uint32_t b
= T0_POP();
1070 uint32_t a
= T0_POP();
1071 T0_PUSH(-(uint32_t)(a
== b
));
1078 int32_t b
= T0_POPi();
1079 int32_t a
= T0_POPi();
1080 T0_PUSH(-(uint32_t)(a
> b
));
1087 int32_t b
= T0_POPi();
1088 int32_t a
= T0_POPi();
1089 T0_PUSH(-(uint32_t)(a
>= b
));
1096 int c
= (int)T0_POPi();
1097 int32_t x
= T0_POPi();
1105 uint32_t b
= T0_POP();
1106 uint32_t a
= T0_POP();
1114 if (ENG
->chain_len
== 0) {
1117 ENG
->cert_cur
= ENG
->chain
->data
;
1118 ENG
->cert_len
= ENG
->chain
->data_len
;
1121 T0_PUSH(ENG
->cert_len
);
1129 const br_x500_name
*dn
;
1130 if (CTX
->cur_dn_index
>= CTX
->num_tas
) {
1133 if (CTX
->ta_names
== NULL
) {
1134 dn
= &CTX
->tas
[CTX
->cur_dn_index
].dn
;
1136 dn
= &CTX
->ta_names
[CTX
->cur_dn_index
];
1138 CTX
->cur_dn_index
++;
1139 CTX
->cur_dn
= dn
->data
;
1140 CTX
->cur_dn_len
= dn
->len
;
1141 T0_PUSH(CTX
->cur_dn_len
);
1147 /* begin-ta-name-list */
1149 CTX
->cur_dn_index
= 0;
1156 size_t len
= (size_t)T0_POP();
1157 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1158 memset(addr
, 0, len
);
1163 /* call-policy-handler */
1166 br_ssl_server_choices choices
;
1168 x
= (*CTX
->policy_vtable
)->choose(
1169 CTX
->policy_vtable
, CTX
, &choices
);
1170 ENG
->session
.cipher_suite
= choices
.cipher_suite
;
1171 CTX
->sign_hash_id
= choices
.hash_id
;
1172 ENG
->chain
= choices
.chain
;
1173 ENG
->chain_len
= choices
.chain_len
;
1174 T0_PUSHi(-(x
!= 0));
1181 T0_PUSHi(-(ENG
->hlen_out
> 0));
1188 if (ENG
->session
.session_id_len
== 32
1189 && CTX
->cache_vtable
!= NULL
&& (*CTX
->cache_vtable
)->load(
1190 CTX
->cache_vtable
, CTX
, &ENG
->session
))
1205 /* compute-Finished-inner */
1207 int prf_id
= T0_POP();
1208 int from_client
= T0_POPi();
1209 unsigned char seed
[48];
1212 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1213 if (ENG
->session
.version
>= BR_TLS12
) {
1214 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1216 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1217 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1220 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1221 sizeof ENG
->session
.master_secret
,
1222 from_client
? "client finished" : "server finished",
1228 /* compute-hash-CV */
1232 for (i
= 1; i
<= 6; i
++) {
1233 br_multihash_out(&ENG
->mhash
, i
,
1234 ENG
->pad
+ HASH_PAD_OFF
[i
- 1]);
1240 /* copy-cert-chunk */
1244 clen
= ENG
->cert_len
;
1245 if (clen
> sizeof ENG
->pad
) {
1246 clen
= sizeof ENG
->pad
;
1248 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1249 ENG
->cert_cur
+= clen
;
1250 ENG
->cert_len
-= clen
;
1260 clen
= CTX
->cur_dn_len
;
1261 if (clen
> sizeof ENG
->pad
) {
1262 clen
= sizeof ENG
->pad
;
1264 memcpy(ENG
->pad
, CTX
->cur_dn
, clen
);
1265 CTX
->cur_dn
+= clen
;
1266 CTX
->cur_dn_len
-= clen
;
1281 if (br_multihash_getimpl(&ENG
->mhash
, id
) == 0) {
1285 off
= HASH_PAD_OFF
[id
- 1];
1286 len
= HASH_PAD_OFF
[id
] - off
;
1288 memcpy(CTX
->hash_CV
, ENG
->pad
+ off
, len
);
1289 CTX
->hash_CV_len
= len
;
1290 CTX
->hash_CV_id
= id
;
1298 size_t addr
= T0_POP();
1299 T0_PUSH(t0_datablock
[addr
]);
1313 int prf_id
= T0_POPi();
1314 size_t len
= T0_POP();
1315 do_ecdh(CTX
, prf_id
, ENG
->pad
, len
);
1320 /* do-ecdhe-part1 */
1322 int curve
= T0_POPi();
1323 T0_PUSHi(do_ecdhe_part1(CTX
, curve
));
1328 /* do-ecdhe-part2 */
1330 int prf_id
= T0_POPi();
1331 size_t len
= T0_POP();
1332 do_ecdhe_part2(CTX
, prf_id
, ENG
->pad
, len
);
1337 /* do-rsa-decrypt */
1339 int prf_id
= T0_POPi();
1340 size_t len
= T0_POP();
1341 do_rsa_decrypt(CTX
, prf_id
, ENG
->pad
, len
);
1346 /* do-static-ecdh */
1348 do_static_ecdh(CTX
, T0_POP());
1359 T0_PUSH(T0_PEEK(0));
1365 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1373 br_ssl_engine_flush_record(ENG
);
1378 /* get-key-type-usages */
1380 const br_x509_class
*xc
;
1381 const br_x509_pkey
*pk
;
1384 xc
= *(ENG
->x509ctx
);
1385 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1389 T0_PUSH(pk
->key_type
| usages
);
1397 size_t addr
= (size_t)T0_POP();
1398 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1405 size_t addr
= (size_t)T0_POP();
1406 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1413 size_t addr
= (size_t)T0_POP();
1414 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1421 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1428 size_t len
= (size_t)T0_POP();
1429 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1430 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1431 int x
= memcmp(addr1
, addr2
, len
);
1432 T0_PUSH((uint32_t)-(x
== 0));
1439 size_t len
= (size_t)T0_POP();
1440 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1441 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1442 memcpy(dst
, src
, len
);
1449 size_t len
= (size_t)T0_POP();
1450 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1451 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1456 /* more-incoming-bytes? */
1458 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1463 /* multihash-init */
1465 br_multihash_init(&ENG
->mhash
);
1472 uint32_t a
= T0_POP();
1480 uint32_t a
= T0_POP();
1488 uint32_t b
= T0_POP();
1489 uint32_t a
= T0_POP();
1496 T0_PUSH(T0_PEEK(1));
1505 /* read-chunk-native */
1507 size_t clen
= ENG
->hlen_in
;
1513 if ((size_t)len
< clen
) {
1516 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1517 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1518 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1520 T0_PUSH(addr
+ (uint32_t)clen
);
1521 T0_PUSH(len
- (uint32_t)clen
);
1522 ENG
->hbuf_in
+= clen
;
1523 ENG
->hlen_in
-= clen
;
1531 if (ENG
->hlen_in
> 0) {
1534 x
= *ENG
->hbuf_in
++;
1535 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1536 br_multihash_update(&ENG
->mhash
, &x
, 1);
1549 if (CTX
->cache_vtable
!= NULL
) {
1550 (*CTX
->cache_vtable
)->save(
1551 CTX
->cache_vtable
, CTX
, &ENG
->session
);
1557 /* set-max-frag-len */
1559 size_t max_frag_len
= T0_POP();
1561 br_ssl_engine_new_max_frag_len(ENG
, max_frag_len
);
1564 * We must adjust our own output limit. Since we call this only
1565 * after receiving a ClientHello and before beginning to send
1566 * the ServerHello, the next output record should be empty at
1567 * that point, so we can use max_frag_len as a limit.
1569 if (ENG
->hlen_out
> max_frag_len
) {
1570 ENG
->hlen_out
= max_frag_len
;
1578 size_t addr
= (size_t)T0_POP();
1579 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1586 size_t addr
= (size_t)T0_POP();
1587 *(uint32_t *)((unsigned char *)ENG
+ addr
) = (uint32_t)T0_POP();
1594 size_t addr
= (size_t)T0_POP();
1595 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1600 /* supported-curves */
1602 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1608 /* supported-hash-functions */
1615 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1616 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1627 /* supports-ecdsa? */
1629 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1634 /* supports-rsa-sign? */
1636 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1646 /* switch-aesgcm-in */
1648 int is_client
, prf_id
;
1649 unsigned cipher_key_len
;
1651 cipher_key_len
= T0_POP();
1653 is_client
= T0_POP();
1654 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1655 ENG
->iaes_ctr
, cipher_key_len
);
1660 /* switch-aesgcm-out */
1662 int is_client
, prf_id
;
1663 unsigned cipher_key_len
;
1665 cipher_key_len
= T0_POP();
1667 is_client
= T0_POP();
1668 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1669 ENG
->iaes_ctr
, cipher_key_len
);
1676 int is_client
, prf_id
, mac_id
, aes
;
1677 unsigned cipher_key_len
;
1679 cipher_key_len
= T0_POP();
1683 is_client
= T0_POP();
1684 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1685 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1690 /* switch-cbc-out */
1692 int is_client
, prf_id
, mac_id
, aes
;
1693 unsigned cipher_key_len
;
1695 cipher_key_len
= T0_POP();
1699 is_client
= T0_POP();
1700 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1701 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1706 /* ta-names-total-length */
1711 if (CTX
->ta_names
!= NULL
) {
1712 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1713 len
+= CTX
->ta_names
[u
].len
+ 2;
1715 } else if (CTX
->tas
!= NULL
) {
1716 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1717 len
+= CTX
->tas
[u
].dn
.len
+ 2;
1725 /* total-chain-length */
1731 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1732 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1741 int c
= (int)T0_POPi();
1742 uint32_t x
= T0_POP();
1752 err
= verify_CV_sig(CTX
, T0_POP());
1758 /* write-blob-chunk */
1760 size_t clen
= ENG
->hlen_out
;
1766 if ((size_t)len
< clen
) {
1769 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1770 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1771 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1773 T0_PUSH(addr
+ (uint32_t)clen
);
1774 T0_PUSH(len
- (uint32_t)clen
);
1775 ENG
->hbuf_out
+= clen
;
1776 ENG
->hlen_out
-= clen
;
1786 x
= (unsigned char)T0_POP();
1787 if (ENG
->hlen_out
> 0) {
1788 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1789 br_multihash_update(&ENG
->mhash
, &x
, 1);
1791 *ENG
->hbuf_out
++ = x
;
1803 const br_x509_class
*xc
;
1806 xc
= *(ENG
->x509ctx
);
1808 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1815 const br_x509_class
*xc
;
1817 xc
= *(ENG
->x509ctx
);
1818 xc
->end_cert(ENG
->x509ctx
);
1823 /* x509-end-chain */
1825 const br_x509_class
*xc
;
1827 xc
= *(ENG
->x509ctx
);
1828 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1833 /* x509-start-cert */
1835 const br_x509_class
*xc
;
1837 xc
= *(ENG
->x509ctx
);
1838 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1843 /* x509-start-chain */
1845 const br_x509_class
*xc
;
1849 xc
= *(ENG
->x509ctx
);
1850 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1857 T0_ENTER(ip
, rp
, t0x
);
1861 ((t0_context
*)t0ctx
)->dp
= dp
;
1862 ((t0_context
*)t0ctx
)->rp
= rp
;
1863 ((t0_context
*)t0ctx
)->ip
= ip
;