1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 /* static const unsigned char t0_datablock[]; */
64 void br_ssl_hs_server_init_main(void *t0ctx
);
66 void br_ssl_hs_server_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_server_context *)ENG)
95 * Decrypt the pre-master secret (RSA key exchange).
98 do_rsa_decrypt(br_ssl_server_context
*ctx
, int prf_id
,
99 unsigned char *epms
, size_t len
)
102 unsigned char rpms
[48];
107 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
, epms
, &len
);
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
116 br_enc16be(epms
, ctx
->client_max_version
);
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
123 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, sizeof rpms
);
124 br_ccopy(x
^ 1, epms
, rpms
, sizeof rpms
);
127 * Compute master secret.
129 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, epms
, 48);
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
135 memset(epms
, 0, len
);
139 * Common part for ECDH and ECDHE.
142 ecdh_common(br_ssl_server_context
*ctx
, int prf_id
,
143 unsigned char *xcoor
, size_t xcoor_len
, uint32_t ctl
)
145 unsigned char rpms
[80];
147 if (xcoor_len
> sizeof rpms
) {
148 xcoor_len
= sizeof rpms
;
153 * Make a random PMS and copy it above the decrypted value if the
154 * decryption failed. Note that we use a constant-time conditional
157 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, xcoor_len
);
158 br_ccopy(ctl
^ 1, xcoor
, rpms
, xcoor_len
);
161 * Compute master secret.
163 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, xcoor
, xcoor_len
);
166 * Clear the pre-master secret from RAM: it is normally a buffer
167 * in the context, hence potentially long-lived.
169 memset(xcoor
, 0, xcoor_len
);
173 * Do the ECDH key exchange (not ECDHE).
176 do_ecdh(br_ssl_server_context
*ctx
, int prf_id
,
177 unsigned char *cpoint
, size_t cpoint_len
)
182 * Finalise the key exchange.
184 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
,
185 cpoint
, &cpoint_len
);
186 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
190 * Do the full static ECDH key exchange. When this function is called,
191 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
192 * and the client's public key (from its certificate) has type EC and is
193 * apt for key exchange.
196 do_static_ecdh(br_ssl_server_context
*ctx
, int prf_id
)
198 unsigned char cpoint
[133];
200 const br_x509_class
**xc
;
201 const br_x509_pkey
*pk
;
203 xc
= ctx
->eng
.x509ctx
;
204 pk
= (*xc
)->get_pkey(xc
, NULL
);
205 cpoint_len
= pk
->key
.ec
.qlen
;
206 if (cpoint_len
> sizeof cpoint
) {
208 * If the point is larger than our buffer then we need to
209 * restrict it. Length 2 is not a valid point length, so
210 * the ECDH will fail.
214 memcpy(cpoint
, pk
->key
.ec
.q
, cpoint_len
);
215 do_ecdh(ctx
, prf_id
, cpoint
, cpoint_len
);
219 hash_data(br_ssl_server_context
*ctx
,
220 void *dst
, int hash_id
, const void *src
, size_t len
)
222 const br_hash_class
*hf
;
223 br_hash_compat_context hc
;
226 unsigned char tmp
[36];
228 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, br_md5_ID
);
232 hf
->init(&hc
.vtable
);
233 hf
->update(&hc
.vtable
, src
, len
);
234 hf
->out(&hc
.vtable
, tmp
);
235 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, br_sha1_ID
);
239 hf
->init(&hc
.vtable
);
240 hf
->update(&hc
.vtable
, src
, len
);
241 hf
->out(&hc
.vtable
, tmp
+ 16);
242 memcpy(dst
, tmp
, 36);
245 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, hash_id
);
249 hf
->init(&hc
.vtable
);
250 hf
->update(&hc
.vtable
, src
, len
);
251 hf
->out(&hc
.vtable
, dst
);
252 return (hf
->desc
>> BR_HASHDESC_OUT_OFF
) & BR_HASHDESC_OUT_MASK
;
257 * Do the ECDHE key exchange (part 1: generation of transient key, and
258 * computing of the point to send to the client). Returned value is the
259 * signature length (in bytes), or -x on error (with x being an error
260 * code). The encoded point is written in the ecdhe_point[] context buffer
261 * (length in ecdhe_point_len).
264 do_ecdhe_part1(br_ssl_server_context
*ctx
, int curve
)
268 const unsigned char *order
;
270 size_t hv_len
, sig_len
;
272 if (!((ctx
->eng
.iec
->supported_curves
>> curve
) & 1)) {
273 return -BR_ERR_INVALID_ALGORITHM
;
275 ctx
->eng
.ecdhe_curve
= curve
;
278 * Generate our private key. We need a non-zero random value
279 * which is lower than the curve order, in a "large enough"
280 * range. We force the top bit to 0 and bottom bit to 1, which
281 * does the trick. Note that contrary to what happens in ECDSA,
282 * this is not a problem if we do not cover the full range of
285 order
= ctx
->eng
.iec
->order(curve
, &olen
);
287 while (mask
>= order
[0]) {
290 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->ecdhe_key
, olen
);
291 ctx
->ecdhe_key
[0] &= mask
;
292 ctx
->ecdhe_key
[olen
- 1] |= 0x01;
293 ctx
->ecdhe_key_len
= olen
;
296 * Compute our ECDH point.
298 glen
= ctx
->eng
.iec
->mulgen(ctx
->eng
.ecdhe_point
,
299 ctx
->ecdhe_key
, olen
, curve
);
300 ctx
->eng
.ecdhe_point_len
= glen
;
303 * Assemble the message to be signed, and possibly hash it.
305 memcpy(ctx
->eng
.pad
, ctx
->eng
.client_random
, 32);
306 memcpy(ctx
->eng
.pad
+ 32, ctx
->eng
.server_random
, 32);
307 ctx
->eng
.pad
[64 + 0] = 0x03;
308 ctx
->eng
.pad
[64 + 1] = 0x00;
309 ctx
->eng
.pad
[64 + 2] = curve
;
310 ctx
->eng
.pad
[64 + 3] = ctx
->eng
.ecdhe_point_len
;
311 memcpy(ctx
->eng
.pad
+ 64 + 4,
312 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
313 hv_len
= 64 + 4 + ctx
->eng
.ecdhe_point_len
;
314 algo_id
= ctx
->sign_hash_id
;
315 if (algo_id
>= (unsigned)0xFF00) {
316 hv_len
= hash_data(ctx
, ctx
->eng
.pad
, algo_id
& 0xFF,
317 ctx
->eng
.pad
, hv_len
);
319 return -BR_ERR_INVALID_ALGORITHM
;
323 sig_len
= (*ctx
->policy_vtable
)->do_sign(ctx
->policy_vtable
,
324 algo_id
, ctx
->eng
.pad
, hv_len
, sizeof ctx
->eng
.pad
);
325 return sig_len
? (int)sig_len
: -BR_ERR_INVALID_ALGORITHM
;
329 * Do the ECDHE key exchange (part 2: computation of the shared secret
330 * from the point sent by the client).
333 do_ecdhe_part2(br_ssl_server_context
*ctx
, int prf_id
,
334 unsigned char *cpoint
, size_t cpoint_len
)
340 curve
= ctx
->eng
.ecdhe_curve
;
343 * Finalise the key exchange.
345 ctl
= ctx
->eng
.iec
->mul(cpoint
, cpoint_len
,
346 ctx
->ecdhe_key
, ctx
->ecdhe_key_len
, curve
);
347 xoff
= ctx
->eng
.iec
->xoff(curve
, &xlen
);
348 ecdh_common(ctx
, prf_id
, cpoint
+ xoff
, xlen
, ctl
);
351 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
352 * as that key does not get stolen, so we'd better destroy it
353 * as soon as it ceases to be useful.
355 memset(ctx
->ecdhe_key
, 0, ctx
->ecdhe_key_len
);
359 * Offset for hash value within the pad (when obtaining all hash values,
360 * in preparation for verification of the CertificateVerify message).
361 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
362 * is used to get the total length.
364 static const unsigned char HASH_PAD_OFF
[] = { 0, 16, 36, 64, 96, 144, 208 };
367 * OID for hash functions in RSA signatures.
369 static const unsigned char HASH_OID_SHA1
[] = {
370 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
373 static const unsigned char HASH_OID_SHA224
[] = {
374 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
377 static const unsigned char HASH_OID_SHA256
[] = {
378 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
381 static const unsigned char HASH_OID_SHA384
[] = {
382 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
385 static const unsigned char HASH_OID_SHA512
[] = {
386 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
389 static const unsigned char *HASH_OID
[] = {
398 * Verify the signature in CertificateVerify. Returned value is 0 on
399 * success, or a non-zero error code. Lack of implementation of the
400 * designated signature algorithm is reported as a "bad signature"
401 * error (because it means that the peer did not honour our advertised
402 * set of supported signature algorithms).
405 verify_CV_sig(br_ssl_server_context
*ctx
, size_t sig_len
)
407 const br_x509_class
**xc
;
408 const br_x509_pkey
*pk
;
411 id
= ctx
->hash_CV_id
;
412 xc
= ctx
->eng
.x509ctx
;
413 pk
= (*xc
)->get_pkey(xc
, NULL
);
414 if (pk
->key_type
== BR_KEYTYPE_RSA
) {
415 unsigned char tmp
[64];
416 const unsigned char *hash_oid
;
421 hash_oid
= HASH_OID
[id
- 2];
423 if (ctx
->eng
.irsavrfy
== 0) {
424 return BR_ERR_BAD_SIGNATURE
;
426 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
427 hash_oid
, ctx
->hash_CV_len
, &pk
->key
.rsa
, tmp
)
428 || memcmp(tmp
, ctx
->hash_CV
, ctx
->hash_CV_len
) != 0)
430 return BR_ERR_BAD_SIGNATURE
;
433 if (ctx
->eng
.iecdsa
== 0) {
434 return BR_ERR_BAD_SIGNATURE
;
436 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
,
437 ctx
->hash_CV
, ctx
->hash_CV_len
,
438 &pk
->key
.ec
, ctx
->eng
.pad
, sig_len
))
440 return BR_ERR_BAD_SIGNATURE
;
448 static const unsigned char t0_datablock
[] = {
449 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
450 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
451 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
452 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
453 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
454 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
455 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
456 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
457 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
458 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
459 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
460 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
461 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
464 static const unsigned char t0_codeblock
[] = {
465 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
466 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
467 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
468 0x01, 0x02, 0x09, 0x00, 0x00, 0x29, 0x29, 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_BAD_SIGNATURE
), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_BAD_VERSION
), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_NO_CLIENT_AUTH
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
480 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
483 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
484 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
485 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
487 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
489 T0_INT2(offsetof(br_ssl_server_context
, client_max_version
)), 0x00,
490 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, client_random
)),
492 T0_INT2(offsetof(br_ssl_server_context
, client_suites
)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(br_ssl_server_context
, client_suites_num
)),
495 T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_server_context
, curves
)), 0x00, 0x00,
497 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00,
498 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)),
499 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)),
500 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context
, hashes
)),
501 0x00, 0x00, 0x79, 0x01,
502 T0_INT2(BR_MAX_CIPHER_SUITES
* sizeof(br_suite_translated
)), 0x00,
503 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
504 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00,
506 T0_INT2(offsetof(br_ssl_engine_context
, peer_log_max_frag_len
)), 0x00,
508 T0_INT2(offsetof(br_ssl_engine_context
, protocol_names_num
)), 0x00,
509 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)),
511 T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)), 0x00, 0x00,
512 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)), 0x00, 0x00,
513 0x01, T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00,
515 T0_INT2(offsetof(br_ssl_engine_context
, selected_protocol
)), 0x00,
516 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)),
518 T0_INT2(offsetof(br_ssl_engine_context
, server_random
)), 0x00, 0x00,
520 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
522 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
524 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
525 0x01, T0_INT2(offsetof(br_ssl_server_context
, sign_hash_id
)), 0x00,
526 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00,
527 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00,
529 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
530 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
532 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
533 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
534 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
535 0x00, 0x00, 0x09, 0x2A, 0x5B, 0x06, 0x02, 0x68, 0x2B, 0x00, 0x00, 0x01,
536 0x01, 0x00, 0x01, 0x03, 0x00, 0x99, 0x2A, 0x61, 0x47, 0x9D, 0x2A, 0x05,
537 0x04, 0x63, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x9D, 0x00,
538 0x61, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x68, 0x2B, 0x00, 0x00, 0x2A, 0x89,
539 0x47, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x47, 0x76, 0x2E, 0xA6, 0x1C, 0x83,
540 0x01, 0x0C, 0x33, 0x00, 0x00, 0x2A, 0x22, 0x01, 0x08, 0x0C, 0x47, 0x5F,
541 0x22, 0x08, 0x00, 0x01, 0x03, 0x00, 0x75, 0x30, 0x02, 0x00, 0x38, 0x13,
542 0x01, 0x01, 0x0C, 0x75, 0x42, 0x2C, 0x19, 0x38, 0x06, 0x07, 0x02, 0x00,
543 0xCD, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00, 0xC5, 0x02, 0x00, 0x2A, 0x19,
544 0x13, 0x06, 0x02, 0x6F, 0x2B, 0xCD, 0x04, 0x76, 0x00, 0x01, 0x00, 0x75,
545 0x42, 0x01, 0x16, 0x87, 0x42, 0x01, 0x00, 0x8A, 0x40, 0x36, 0xAF, 0x35,
546 0x06, 0x02, 0x71, 0x2B, 0x06, 0x0A, 0xD4, 0x01, 0x00, 0xD0, 0x01, 0x00,
547 0xAB, 0x04, 0x80, 0x46, 0xD4, 0xD1, 0x29, 0xD6, 0x4E, 0x06, 0x01, 0xD2,
548 0xD5, 0x2C, 0x4E, 0x06, 0x31, 0x01, 0x00, 0xAC, 0x2A, 0x5B, 0x06, 0x0F,
549 0x01, 0x02, 0xA2, 0x05, 0x02, 0x37, 0x2B, 0x29, 0xB0, 0xAE, 0x2A, 0xC6,
550 0x29, 0x04, 0x19, 0x2A, 0x5D, 0x06, 0x0B, 0x29, 0x01, 0x02, 0xA2, 0x05,
551 0x02, 0x6E, 0x2B, 0xB0, 0x04, 0x0A, 0xB2, 0x2A, 0x05, 0x04, 0x29, 0xA9,
552 0x04, 0x02, 0xB1, 0xAD, 0x04, 0x01, 0xB0, 0x01, 0x00, 0xAB, 0x01, 0x00,
553 0xD0, 0x3E, 0x01, 0x01, 0x75, 0x42, 0x01, 0x17, 0x87, 0x42, 0x00, 0x00,
554 0x3A, 0x3A, 0x00, 0x01, 0x03, 0x00, 0x2C, 0x19, 0x38, 0x06, 0x04, 0xCC,
555 0x29, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00, 0xC4, 0x19, 0x38, 0x06, 0x04,
556 0xCC, 0x29, 0x04, 0x78, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2B, 0x00,
557 0x00, 0x7F, 0x2F, 0x47, 0x12, 0x01, 0x01, 0x13, 0x37, 0x00, 0x00, 0x2A,
558 0x05, 0x04, 0x29, 0x01, 0x7F, 0x00, 0x01, 0x00, 0xA0, 0x12, 0x01, 0x01,
559 0x13, 0x5D, 0x06, 0x03, 0x5F, 0x04, 0x75, 0x47, 0x29, 0x00, 0x00, 0x01,
560 0x7F, 0x9F, 0xCC, 0x2A, 0x01, 0x07, 0x13, 0x01, 0x00, 0x3A, 0x0F, 0x06,
561 0x09, 0x29, 0x01, 0x10, 0x13, 0x06, 0x01, 0xC3, 0x04, 0x2A, 0x01, 0x01,
562 0x3A, 0x0F, 0x06, 0x21, 0x29, 0x29, 0x88, 0x30, 0x01, 0x01, 0x0F, 0x01,
563 0x01, 0xA2, 0x39, 0x06, 0x0F, 0x2C, 0x19, 0x38, 0x06, 0x04, 0xCC, 0x29,
564 0x04, 0x78, 0x01, 0x80, 0x64, 0xC5, 0x04, 0x03, 0x01, 0x00, 0x9F, 0x04,
565 0x03, 0x71, 0x2B, 0x29, 0x04, 0x40, 0x01, 0x2A, 0x03, 0x00, 0x09, 0x2A,
566 0x5B, 0x06, 0x02, 0x68, 0x2B, 0x02, 0x00, 0x00, 0x00, 0x9A, 0x01, 0x0F,
567 0x13, 0x00, 0x00, 0x74, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x10, 0x29,
568 0x2A, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x29, 0x01, 0x02, 0x74, 0x42, 0x01,
569 0x00, 0x04, 0x21, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x14, 0x29, 0x01, 0x00,
570 0x74, 0x42, 0x2A, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00,
571 0x08, 0x2B, 0x5D, 0x04, 0x07, 0x29, 0x01, 0x82, 0x00, 0x08, 0x2B, 0x29,
572 0x00, 0x00, 0x01, 0x00, 0x31, 0x06, 0x05, 0x3D, 0xA7, 0x39, 0x04, 0x78,
573 0x2A, 0x06, 0x04, 0x01, 0x01, 0x8F, 0x42, 0x00, 0x00, 0x01, 0x1F, 0x13,
574 0x01, 0x12, 0x0F, 0x05, 0x02, 0x72, 0x2B, 0x76, 0x2E, 0x2A, 0xC8, 0x05,
575 0x02, 0x71, 0x2B, 0xA6, 0x28, 0x00, 0x02, 0x85, 0x2E, 0x05, 0x02, 0xBA,
576 0x00, 0xBE, 0xA5, 0xBE, 0xA5, 0x01, 0x7E, 0x03, 0x00, 0x2A, 0x06, 0x17,
577 0xC0, 0x2A, 0x03, 0x01, 0x83, 0x47, 0xB4, 0x02, 0x01, 0x4F, 0x2A, 0x02,
578 0x00, 0x51, 0x06, 0x04, 0x03, 0x00, 0x04, 0x01, 0x29, 0x04, 0x66, 0x9B,
579 0x9B, 0x02, 0x00, 0x5F, 0x8A, 0x40, 0x00, 0x00, 0x31, 0x06, 0x0B, 0x86,
580 0x30, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x71, 0x2B, 0x04, 0x11, 0xCC, 0x01,
581 0x07, 0x13, 0x2A, 0x01, 0x02, 0x0E, 0x06, 0x06, 0x06, 0x02, 0x71, 0x2B,
582 0x04, 0x70, 0x29, 0xC1, 0x01, 0x01, 0x0E, 0x35, 0x39, 0x06, 0x02, 0x64,
583 0x2B, 0x2A, 0x01, 0x01, 0xC7, 0x38, 0xB3, 0x00, 0x01, 0xB8, 0x01, 0x0B,
584 0x0F, 0x05, 0x02, 0x71, 0x2B, 0x2A, 0x01, 0x03, 0x0F, 0x06, 0x08, 0xBF,
585 0x06, 0x02, 0x68, 0x2B, 0x47, 0x29, 0x00, 0x47, 0x5A, 0xBF, 0xA5, 0x2A,
586 0x06, 0x23, 0xBF, 0xA5, 0x2A, 0x59, 0x2A, 0x06, 0x18, 0x2A, 0x01, 0x82,
587 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x2A, 0x03, 0x00,
588 0x83, 0x02, 0x00, 0xB4, 0x02, 0x00, 0x56, 0x04, 0x65, 0x9B, 0x57, 0x04,
589 0x5A, 0x9B, 0x9B, 0x58, 0x2A, 0x06, 0x02, 0x37, 0x00, 0x29, 0x2D, 0x00,
590 0x02, 0x2A, 0x01, 0x20, 0x13, 0x05, 0x02, 0x72, 0x2B, 0x01, 0x0F, 0x13,
591 0x03, 0x00, 0xAE, 0x93, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06, 0x23, 0xBE,
592 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x5F, 0x01, 0x01, 0x12, 0x02, 0x00, 0x0F,
593 0x05, 0x02, 0x6A, 0x2B, 0x01, 0x08, 0x12, 0x2A, 0x01, 0x02, 0x0B, 0x3A,
594 0x01, 0x06, 0x10, 0x39, 0x06, 0x02, 0x6C, 0x2B, 0x04, 0x0D, 0x02, 0x00,
595 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00, 0x04, 0x02, 0x01, 0x02, 0x20,
596 0x05, 0x02, 0x6C, 0x2B, 0xBE, 0x2A, 0x03, 0x01, 0x2A, 0x01, 0x84, 0x00,
597 0x10, 0x06, 0x02, 0x6D, 0x2B, 0x83, 0x47, 0xB4, 0x02, 0x01, 0x53, 0x2A,
598 0x06, 0x01, 0x2B, 0x29, 0x9B, 0x00, 0x00, 0x1D, 0xB8, 0x01, 0x0F, 0x0F,
599 0x05, 0x02, 0x71, 0x2B, 0x00, 0x0A, 0xB8, 0x01, 0x01, 0x0F, 0x05, 0x02,
600 0x71, 0x2B, 0xBE, 0x2A, 0x03, 0x00, 0x77, 0x40, 0x78, 0x01, 0x20, 0xB4,
601 0xC0, 0x2A, 0x01, 0x20, 0x10, 0x06, 0x02, 0x70, 0x2B, 0x2A, 0x8E, 0x42,
602 0x8D, 0x47, 0xB4, 0x1A, 0x03, 0x01, 0xBE, 0xA5, 0x01, 0x00, 0x03, 0x02,
603 0x01, 0x00, 0x03, 0x03, 0x81, 0xA0, 0x17, 0x3A, 0x08, 0x03, 0x04, 0x03,
604 0x05, 0x2A, 0x06, 0x80, 0x6D, 0xBE, 0x2A, 0x03, 0x06, 0x02, 0x01, 0x06,
605 0x0A, 0x2A, 0x76, 0x2E, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x03, 0x2A,
606 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x88, 0x30, 0x06, 0x02, 0x69, 0x2B,
607 0x01, 0x7F, 0x03, 0x02, 0x2A, 0x01, 0x81, 0xAC, 0x00, 0x0F, 0x06, 0x11,
608 0x02, 0x00, 0x96, 0x2E, 0x11, 0x02, 0x00, 0x95, 0x2E, 0x0B, 0x13, 0x06,
609 0x04, 0x01, 0x7F, 0x03, 0x00, 0xC2, 0x2A, 0x5B, 0x06, 0x03, 0x29, 0x04,
610 0x26, 0x01, 0x00, 0xA2, 0x06, 0x0B, 0x01, 0x02, 0x0C, 0x79, 0x08, 0x02,
611 0x06, 0x47, 0x40, 0x04, 0x16, 0x29, 0x02, 0x05, 0x02, 0x04, 0x11, 0x06,
612 0x02, 0x67, 0x2B, 0x02, 0x06, 0x02, 0x05, 0x40, 0x02, 0x05, 0x01, 0x04,
613 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x29, 0x01, 0x00, 0x03, 0x07, 0xC0,
614 0xA5, 0x2A, 0x06, 0x09, 0xC0, 0x05, 0x04, 0x01, 0x7F, 0x03, 0x07, 0x04,
615 0x74, 0x9B, 0x01, 0x00, 0x8B, 0x42, 0x01, 0x88, 0x04, 0x80, 0x41, 0x01,
616 0x84, 0x80, 0x80, 0x00, 0x7C, 0x41, 0x2A, 0x06, 0x80, 0x4E, 0xBE, 0xA5,
617 0x2A, 0x06, 0x80, 0x47, 0xBE, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x04, 0x29,
618 0xB7, 0x04, 0x39, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xB5, 0x04,
619 0x2F, 0x01, 0x83, 0xFE, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xB6, 0x04,
620 0x23, 0x01, 0x0D, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBC, 0x04, 0x19, 0x01,
621 0x0A, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBD, 0x04, 0x0F, 0x01, 0x10, 0x3A,
622 0x0F, 0x06, 0x04, 0x29, 0xAA, 0x04, 0x05, 0x29, 0xBA, 0x01, 0x00, 0x29,
623 0x04, 0xFF, 0x35, 0x9B, 0x9B, 0x02, 0x01, 0x02, 0x03, 0x13, 0x03, 0x01,
624 0x02, 0x00, 0x5B, 0x06, 0x08, 0x77, 0x2E, 0x97, 0x40, 0x01, 0x80, 0x56,
625 0xA1, 0x95, 0x2E, 0x2A, 0x02, 0x00, 0x10, 0x06, 0x03, 0x29, 0x02, 0x00,
626 0x2A, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x6B, 0x2B, 0x02, 0x00, 0x96,
627 0x2E, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46, 0xA1, 0x02, 0x01, 0x06, 0x10,
628 0x93, 0x2E, 0x02, 0x00, 0x0D, 0x06, 0x05, 0x29, 0x93, 0x2E, 0x04, 0x04,
629 0x01, 0x00, 0x03, 0x01, 0x2A, 0x93, 0x40, 0x2A, 0x94, 0x40, 0x2A, 0x97,
630 0x40, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08, 0x02, 0x02, 0x06, 0x04, 0x01,
631 0x02, 0x88, 0x42, 0x88, 0x30, 0x05, 0x04, 0x01, 0x01, 0x88, 0x42, 0x02,
632 0x07, 0x05, 0x03, 0x01, 0x28, 0xA1, 0x44, 0x29, 0x01, 0x82, 0x01, 0x07,
633 0x01, 0xFC, 0x80, 0x00, 0x39, 0x80, 0x2F, 0x13, 0x2A, 0x80, 0x41, 0x2A,
634 0x01, 0x81, 0x7F, 0x13, 0x5C, 0x37, 0x47, 0x01, 0x08, 0x12, 0x5C, 0x01,
635 0x02, 0x13, 0x39, 0x01, 0x0C, 0x0C, 0x03, 0x09, 0x7C, 0x2F, 0x43, 0x13,
636 0x2A, 0x7C, 0x41, 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02, 0x01, 0x06,
637 0x03, 0x01, 0x7F, 0x00, 0x8D, 0x01, 0x20, 0x34, 0x01, 0x20, 0x8E, 0x42,
638 0x79, 0x2A, 0x03, 0x05, 0x2A, 0x02, 0x04, 0x0B, 0x06, 0x80, 0x49, 0x2A,
639 0x2E, 0x2A, 0x9A, 0x2A, 0x01, 0x0C, 0x12, 0x2A, 0x01, 0x01, 0x0F, 0x47,
640 0x01, 0x02, 0x0F, 0x39, 0x06, 0x0A, 0x2A, 0x02, 0x09, 0x13, 0x05, 0x04,
641 0x63, 0x01, 0x00, 0x2A, 0x02, 0x08, 0x05, 0x0E, 0x2A, 0x01, 0x81, 0x70,
642 0x13, 0x01, 0x20, 0x0E, 0x06, 0x04, 0x63, 0x01, 0x00, 0x2A, 0x2A, 0x06,
643 0x10, 0x02, 0x05, 0x61, 0x40, 0x02, 0x05, 0x40, 0x02, 0x05, 0x01, 0x04,
644 0x08, 0x03, 0x05, 0x04, 0x01, 0x63, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x30,
645 0x29, 0x02, 0x05, 0x79, 0x09, 0x01, 0x02, 0x12, 0x2A, 0x05, 0x03, 0x01,
646 0x28, 0xA1, 0x7A, 0x42, 0x8A, 0x2E, 0x01, 0x83, 0xFF, 0x7F, 0x0F, 0x06,
647 0x0D, 0x01, 0x03, 0xA2, 0x06, 0x04, 0x01, 0x80, 0x78, 0xA1, 0x01, 0x00,
648 0x8A, 0x40, 0x18, 0x05, 0x03, 0x01, 0x28, 0xA1, 0x01, 0x00, 0x00, 0x00,
649 0xB2, 0xB1, 0x00, 0x04, 0x76, 0x2E, 0xCB, 0x06, 0x16, 0xBE, 0x2A, 0x01,
650 0x84, 0x00, 0x10, 0x06, 0x02, 0x6D, 0x2B, 0x2A, 0x03, 0x00, 0x83, 0x47,
651 0xB4, 0x02, 0x00, 0x76, 0x2E, 0xA6, 0x27, 0x76, 0x2E, 0x2A, 0xC9, 0x47,
652 0xC8, 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x39, 0x06, 0x14,
653 0xC0, 0x2A, 0x03, 0x03, 0x83, 0x47, 0xB4, 0x02, 0x03, 0x76, 0x2E, 0xA6,
654 0x02, 0x02, 0x06, 0x03, 0x26, 0x04, 0x01, 0x24, 0x9B, 0x00, 0x00, 0xB8,
655 0x01, 0x10, 0x0F, 0x05, 0x02, 0x71, 0x2B, 0x00, 0x00, 0x9C, 0xB8, 0x01,
656 0x14, 0x0E, 0x06, 0x02, 0x71, 0x2B, 0x83, 0x01, 0x0C, 0x08, 0x01, 0x0C,
657 0xB4, 0x9B, 0x83, 0x2A, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x32, 0x05, 0x02,
658 0x65, 0x2B, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00, 0x98, 0x02,
659 0x01, 0x02, 0x00, 0x3C, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x63, 0x00,
660 0xCE, 0x04, 0x74, 0x00, 0xBE, 0x01, 0x01, 0x0E, 0x06, 0x02, 0x66, 0x2B,
661 0xC0, 0x2A, 0x2A, 0x5D, 0x47, 0x01, 0x05, 0x11, 0x39, 0x06, 0x02, 0x66,
662 0x2B, 0x01, 0x08, 0x08, 0x2A, 0x82, 0x30, 0x0B, 0x06, 0x0D, 0x2A, 0x01,
663 0x01, 0x47, 0x0C, 0x3F, 0x2A, 0x82, 0x42, 0x84, 0x42, 0x04, 0x01, 0x29,
664 0x00, 0x00, 0xBE, 0x88, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x13, 0x29,
665 0x01, 0x01, 0x0F, 0x05, 0x02, 0x69, 0x2B, 0xC0, 0x06, 0x02, 0x69, 0x2B,
666 0x01, 0x02, 0x88, 0x42, 0x04, 0x28, 0x01, 0x02, 0x3A, 0x0F, 0x06, 0x1F,
667 0x29, 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x69, 0x2B, 0xC0, 0x01, 0x0C, 0x0F,
668 0x05, 0x02, 0x69, 0x2B, 0x83, 0x01, 0x0C, 0xB4, 0x89, 0x83, 0x01, 0x0C,
669 0x32, 0x05, 0x02, 0x69, 0x2B, 0x04, 0x03, 0x69, 0x2B, 0x29, 0x00, 0x00,
670 0xBE, 0xA5, 0xBE, 0xA5, 0x2A, 0x06, 0x1D, 0xC0, 0x06, 0x03, 0xBA, 0x04,
671 0x15, 0xBE, 0x2A, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x2A, 0x8B, 0x08,
672 0x01, 0x00, 0x47, 0x42, 0x8B, 0x47, 0xB4, 0x04, 0x01, 0xC6, 0x04, 0x60,
673 0x9B, 0x9B, 0x00, 0x00, 0xB9, 0x2A, 0x5D, 0x06, 0x07, 0x29, 0x06, 0x02,
674 0x67, 0x2B, 0x04, 0x74, 0x00, 0x00, 0xC1, 0x01, 0x03, 0xBF, 0x47, 0x29,
675 0x47, 0x00, 0x00, 0xBE, 0xC6, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, 0xBE,
676 0xA5, 0x2A, 0x06, 0x80, 0x50, 0xC0, 0x03, 0x01, 0xC0, 0x03, 0x02, 0x02,
677 0x01, 0x01, 0x08, 0x0F, 0x06, 0x16, 0x02, 0x02, 0x01, 0x0F, 0x0D, 0x06,
678 0x0D, 0x01, 0x01, 0x02, 0x02, 0x01, 0x10, 0x08, 0x0C, 0x02, 0x00, 0x39,
679 0x03, 0x00, 0x04, 0x2A, 0x02, 0x01, 0x01, 0x02, 0x11, 0x02, 0x01, 0x01,
680 0x06, 0x0D, 0x13, 0x02, 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02, 0x01, 0x03,
681 0x0F, 0x39, 0x13, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x60,
682 0x01, 0x02, 0x0C, 0x02, 0x01, 0x08, 0x0C, 0x39, 0x03, 0x00, 0x04, 0xFF,
683 0x2C, 0x9B, 0x02, 0x00, 0x00, 0x00, 0xBE, 0xA5, 0xBB, 0x80, 0x41, 0x9B,
684 0x00, 0x00, 0xBE, 0xA5, 0xBE, 0xA5, 0x01, 0x00, 0x7C, 0x41, 0x2A, 0x06,
685 0x15, 0xBE, 0x2A, 0x01, 0x20, 0x0B, 0x06, 0x0B, 0x01, 0x01, 0x47, 0x0C,
686 0x7C, 0x2F, 0x39, 0x7C, 0x41, 0x04, 0x01, 0x29, 0x04, 0x68, 0x9B, 0x9B,
687 0x00, 0x00, 0x01, 0x02, 0x98, 0xC1, 0x01, 0x08, 0x0C, 0xC1, 0x08, 0x00,
688 0x00, 0x01, 0x03, 0x98, 0xC1, 0x01, 0x08, 0x0C, 0xC1, 0x08, 0x01, 0x08,
689 0x0C, 0xC1, 0x08, 0x00, 0x00, 0x01, 0x01, 0x98, 0xC1, 0x00, 0x00, 0x3D,
690 0x2A, 0x5B, 0x05, 0x01, 0x00, 0x29, 0xCE, 0x04, 0x76, 0x02, 0x03, 0x00,
691 0x92, 0x30, 0x03, 0x01, 0x01, 0x00, 0x2A, 0x02, 0x01, 0x0B, 0x06, 0x10,
692 0x2A, 0x01, 0x01, 0x0C, 0x91, 0x08, 0x2E, 0x02, 0x00, 0x0F, 0x06, 0x01,
693 0x00, 0x5F, 0x04, 0x6A, 0x29, 0x01, 0x7F, 0x00, 0x00, 0x2C, 0x19, 0x38,
694 0x06, 0x04, 0xCC, 0x29, 0x04, 0x78, 0x01, 0x16, 0x87, 0x42, 0x01, 0x00,
695 0xDF, 0x01, 0x00, 0xDE, 0x2C, 0x01, 0x17, 0x87, 0x42, 0x00, 0x00, 0x01,
696 0x15, 0x87, 0x42, 0x47, 0x55, 0x29, 0x55, 0x29, 0x2C, 0x00, 0x00, 0x01,
697 0x01, 0x47, 0xC4, 0x00, 0x00, 0x47, 0x3A, 0x98, 0x47, 0x2A, 0x06, 0x05,
698 0xC1, 0x29, 0x60, 0x04, 0x78, 0x29, 0x00, 0x02, 0x03, 0x00, 0x76, 0x2E,
699 0x9A, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x04,
700 0x12, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x08, 0x12, 0x01, 0x0F, 0x13,
701 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x00, 0x01, 0x18, 0x02,
702 0x00, 0x06, 0x03, 0x4A, 0x04, 0x01, 0x4B, 0x04, 0x80, 0x68, 0x01, 0x01,
703 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06,
704 0x03, 0x4A, 0x04, 0x01, 0x4B, 0x04, 0x80, 0x52, 0x01, 0x02, 0x3A, 0x0F,
705 0x06, 0x0F, 0x29, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x4A,
706 0x04, 0x01, 0x4B, 0x04, 0x3D, 0x01, 0x03, 0x3A, 0x0F, 0x06, 0x0E, 0x29,
707 0x29, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x48, 0x04, 0x01, 0x49, 0x04,
708 0x29, 0x01, 0x04, 0x3A, 0x0F, 0x06, 0x0E, 0x29, 0x29, 0x01, 0x20, 0x02,
709 0x00, 0x06, 0x03, 0x48, 0x04, 0x01, 0x49, 0x04, 0x15, 0x01, 0x05, 0x3A,
710 0x0F, 0x06, 0x0C, 0x29, 0x29, 0x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01,
711 0x4D, 0x04, 0x03, 0x68, 0x2B, 0x29, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12,
712 0x01, 0x02, 0x10, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x2A, 0x5E, 0x47,
713 0x01, 0x03, 0x0B, 0x13, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x01, 0x01,
714 0x0F, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x5D, 0x00, 0x00, 0x1B, 0x01,
715 0x00, 0x73, 0x30, 0x2A, 0x06, 0x22, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x06,
716 0x29, 0x01, 0x00, 0x9E, 0x04, 0x14, 0x01, 0x02, 0x3A, 0x0F, 0x06, 0x0D,
717 0x29, 0x75, 0x30, 0x01, 0x01, 0x0F, 0x06, 0x03, 0x01, 0x10, 0x39, 0x04,
718 0x01, 0x29, 0x04, 0x01, 0x29, 0x7B, 0x30, 0x05, 0x33, 0x31, 0x06, 0x30,
719 0x86, 0x30, 0x01, 0x14, 0x3A, 0x0F, 0x06, 0x06, 0x29, 0x01, 0x02, 0x39,
720 0x04, 0x22, 0x01, 0x15, 0x3A, 0x0F, 0x06, 0x09, 0x29, 0xA8, 0x06, 0x03,
721 0x01, 0x7F, 0x9E, 0x04, 0x13, 0x01, 0x16, 0x3A, 0x0F, 0x06, 0x06, 0x29,
722 0x01, 0x01, 0x39, 0x04, 0x07, 0x29, 0x01, 0x04, 0x39, 0x01, 0x00, 0x29,
723 0x19, 0x06, 0x03, 0x01, 0x08, 0x39, 0x00, 0x00, 0x1B, 0x2A, 0x05, 0x13,
724 0x31, 0x06, 0x10, 0x86, 0x30, 0x01, 0x15, 0x0F, 0x06, 0x08, 0x29, 0xA8,
725 0x01, 0x00, 0x75, 0x42, 0x04, 0x01, 0x23, 0x00, 0x00, 0xCC, 0x01, 0x07,
726 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x71, 0x2B, 0x00, 0x01, 0x03, 0x00,
727 0x2C, 0x19, 0x06, 0x05, 0x02, 0x00, 0x87, 0x42, 0x00, 0xCC, 0x29, 0x04,
728 0x74, 0x00, 0x01, 0x14, 0xCF, 0x01, 0x01, 0xDF, 0x2C, 0x2A, 0x01, 0x00,
729 0xC7, 0x01, 0x16, 0xCF, 0xD3, 0x2C, 0x00, 0x00, 0x01, 0x0B, 0xDF, 0x50,
730 0x2A, 0x2A, 0x01, 0x03, 0x08, 0xDE, 0xDE, 0x14, 0x2A, 0x5B, 0x06, 0x02,
731 0x29, 0x00, 0xDE, 0x1E, 0x2A, 0x06, 0x05, 0x83, 0x47, 0xD7, 0x04, 0x77,
732 0x29, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xD9, 0x93, 0x2E, 0x01, 0x86, 0x03,
733 0x11, 0x06, 0x05, 0x61, 0x01, 0x00, 0xDA, 0x08, 0x4E, 0x08, 0x01, 0x03,
734 0x08, 0x01, 0x0D, 0xDF, 0xDE, 0x01, 0x00, 0xD9, 0xDF, 0x01, 0x01, 0xD9,
735 0x29, 0x93, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06, 0x08, 0x01, 0x00, 0xDA,
736 0xDD, 0x01, 0x01, 0xDA, 0x29, 0x4E, 0xDD, 0x16, 0x15, 0x2A, 0x5B, 0x06,
737 0x02, 0x29, 0x00, 0xDD, 0x1F, 0x2A, 0x06, 0x05, 0x83, 0x47, 0xD7, 0x04,
738 0x77, 0x29, 0x04, 0x6C, 0x00, 0x9C, 0x01, 0x14, 0xDF, 0x01, 0x0C, 0xDE,
739 0x83, 0x01, 0x0C, 0xD7, 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, 0xDF, 0x01,
740 0x80, 0x46, 0x88, 0x30, 0x01, 0x02, 0x0F, 0x06, 0x0C, 0x02, 0x00, 0x06,
741 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02, 0x01, 0x00, 0x03,
742 0x01, 0x84, 0x30, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x00, 0x03,
743 0x02, 0x8A, 0x2E, 0x2A, 0x06, 0x05, 0x60, 0x21, 0x01, 0x07, 0x08, 0x03,
744 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08, 0x2A, 0x06, 0x03,
745 0x01, 0x02, 0x08, 0x08, 0xDE, 0x93, 0x2E, 0xDD, 0x8C, 0x01, 0x04, 0x17,
746 0x8C, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x34, 0x8C, 0x01, 0x20, 0xD7, 0x01,
747 0x20, 0xDF, 0x8D, 0x01, 0x20, 0xD7, 0x76, 0x2E, 0xDD, 0x01, 0x00, 0xDF,
748 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08, 0x2A, 0x06, 0x80, 0x40,
749 0xDD, 0x02, 0x01, 0x2A, 0x06, 0x10, 0x01, 0x83, 0xFE, 0x01, 0xDD, 0x01,
750 0x04, 0x09, 0x2A, 0xDD, 0x60, 0x89, 0x47, 0xD8, 0x04, 0x01, 0x29, 0x02,
751 0x02, 0x06, 0x0C, 0x01, 0x01, 0xDD, 0x01, 0x01, 0xDD, 0x84, 0x30, 0x01,
752 0x08, 0x09, 0xDF, 0x02, 0x03, 0x2A, 0x06, 0x11, 0x01, 0x10, 0xDD, 0x01,
753 0x04, 0x09, 0x2A, 0xDD, 0x62, 0x2A, 0xDD, 0x60, 0x83, 0x47, 0xD8, 0x04,
754 0x01, 0x29, 0x04, 0x01, 0x29, 0x00, 0x00, 0x01, 0x0E, 0xDF, 0x01, 0x00,
755 0xDE, 0x00, 0x03, 0x76, 0x2E, 0xC9, 0x05, 0x01, 0x00, 0x7C, 0x2F, 0x2A,
756 0x01, 0x82, 0x80, 0x80, 0x80, 0x00, 0x13, 0x06, 0x05, 0x29, 0x01, 0x1D,
757 0x04, 0x0E, 0x2A, 0x01, 0x83, 0xC0, 0x80, 0x80, 0x00, 0x13, 0x2A, 0x06,
758 0x01, 0x47, 0x29, 0xA3, 0x03, 0x00, 0x02, 0x00, 0x25, 0x2A, 0x5B, 0x06,
759 0x02, 0x37, 0x2B, 0x03, 0x01, 0x93, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x03,
760 0x02, 0x01, 0x0C, 0xDF, 0x02, 0x01, 0x7E, 0x30, 0x08, 0x02, 0x02, 0x01,
761 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0xDE, 0x01, 0x03, 0xDF, 0x02, 0x00,
762 0xDD, 0x7D, 0x7E, 0x30, 0xD8, 0x02, 0x02, 0x06, 0x1C, 0x90, 0x2E, 0x2A,
763 0x01, 0x83, 0xFE, 0x00, 0x0B, 0x06, 0x03, 0xDD, 0x04, 0x0F, 0x01, 0x81,
764 0x7F, 0x13, 0xDF, 0x76, 0x2E, 0xCA, 0x01, 0x01, 0x0C, 0x01, 0x03, 0x08,
765 0xDF, 0x02, 0x01, 0xDD, 0x83, 0x02, 0x01, 0xD7, 0x00, 0x00, 0x54, 0x2A,
766 0x01, 0x00, 0x0F, 0x06, 0x02, 0x63, 0x00, 0xCC, 0x29, 0x04, 0x73, 0x00,
767 0x2A, 0xDF, 0xD7, 0x00, 0x00, 0x01, 0x00, 0x76, 0x2E, 0xC8, 0x06, 0x0C,
768 0x61, 0x3A, 0x06, 0x08, 0x01, 0x80, 0x41, 0xDF, 0x01, 0x80, 0x42, 0xDF,
769 0x46, 0x06, 0x07, 0x5F, 0x3A, 0x06, 0x03, 0x01, 0x01, 0xDF, 0x45, 0x06,
770 0x08, 0x5F, 0x3A, 0x06, 0x04, 0x01, 0x80, 0x40, 0xDF, 0x47, 0x29, 0x00,
771 0x01, 0x01, 0x00, 0x03, 0x00, 0x46, 0x45, 0x39, 0x05, 0x14, 0x01, 0x01,
772 0x01, 0x80, 0x7C, 0xDB, 0x03, 0x00, 0x01, 0x03, 0x01, 0x80, 0x7C, 0xDB,
773 0x02, 0x00, 0x08, 0x47, 0x29, 0x00, 0x46, 0x06, 0x07, 0x01, 0x01, 0x44,
774 0x29, 0xDB, 0x03, 0x00, 0x45, 0x06, 0x0A, 0x01, 0x03, 0x44, 0x29, 0xDB,
775 0x02, 0x00, 0x08, 0x03, 0x00, 0x29, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00,
776 0x01, 0x04, 0xDC, 0x01, 0x05, 0xDC, 0x01, 0x06, 0xDC, 0x01, 0x03, 0xDC,
777 0x01, 0x02, 0xDC, 0x0A, 0x63, 0x00, 0x01, 0x03, 0x00, 0x3A, 0x01, 0x01,
778 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x61, 0x01, 0x03, 0x3B, 0x06,
779 0x07, 0x02, 0x00, 0xDF, 0x01, 0x02, 0x3B, 0xDF, 0x00, 0x00, 0x2A, 0x01,
780 0x08, 0x52, 0xDF, 0xDF, 0x00, 0x00, 0x2A, 0x01, 0x10, 0x52, 0xDF, 0xDD,
781 0x00, 0x00, 0x2A, 0x55, 0x06, 0x02, 0x29, 0x00, 0xCC, 0x29, 0x04, 0x76
784 static const uint16_t t0_caddr
[] = {
920 #define T0_INTERPRETED 91
922 #define T0_ENTER(ip, rp, slot) do { \
923 const unsigned char *t0_newip; \
925 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
926 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
928 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
932 #define T0_DEFENTRY(name, slot) \
936 t0_context *t0ctx = ctx; \
937 t0ctx->ip = &t0_codeblock[0]; \
938 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
941 T0_DEFENTRY(br_ssl_hs_server_init_main
, 164)
943 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
946 br_ssl_hs_server_run(void *t0ctx
)
949 const unsigned char *ip
;
951 #define T0_LOCAL(x) (*(rp - 2 - (x)))
952 #define T0_POP() (*-- dp)
953 #define T0_POPi() (*(int32_t *)(-- dp))
954 #define T0_PEEK(x) (*(dp - 1 - (x)))
955 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
956 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
957 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
958 #define T0_RPOP() (*-- rp)
959 #define T0_RPOPi() (*(int32_t *)(-- rp))
960 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
961 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
962 #define T0_ROLL(x) do { \
963 size_t t0len = (size_t)(x); \
964 uint32_t t0tmp = *(dp - 1 - t0len); \
965 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
968 #define T0_SWAP() do { \
969 uint32_t t0tmp = *(dp - 2); \
970 *(dp - 2) = *(dp - 1); \
973 #define T0_ROT() do { \
974 uint32_t t0tmp = *(dp - 3); \
975 *(dp - 3) = *(dp - 2); \
976 *(dp - 2) = *(dp - 1); \
979 #define T0_NROT() do { \
980 uint32_t t0tmp = *(dp - 1); \
981 *(dp - 1) = *(dp - 2); \
982 *(dp - 2) = *(dp - 3); \
985 #define T0_PICK(x) do { \
986 uint32_t t0depth = (x); \
987 T0_PUSH(T0_PEEK(t0depth)); \
989 #define T0_CO() do { \
992 #define T0_RET() goto t0_next
994 dp
= ((t0_context
*)t0ctx
)->dp
;
995 rp
= ((t0_context
*)t0ctx
)->rp
;
996 ip
= ((t0_context
*)t0ctx
)->ip
;
1003 if (t0x
< T0_INTERPRETED
) {
1015 ip
= &t0_codeblock
[t0x
];
1017 case 1: /* literal constant */
1018 T0_PUSHi(t0_parse7E_signed(&ip
));
1020 case 2: /* read local */
1021 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
1023 case 3: /* write local */
1024 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
1027 t0off
= t0_parse7E_signed(&ip
);
1030 case 5: /* jump if */
1031 t0off
= t0_parse7E_signed(&ip
);
1036 case 6: /* jump if not */
1037 t0off
= t0_parse7E_signed(&ip
);
1045 uint32_t b
= T0_POP();
1046 uint32_t a
= T0_POP();
1054 uint32_t b
= T0_POP();
1055 uint32_t a
= T0_POP();
1063 uint32_t b
= T0_POP();
1064 uint32_t a
= T0_POP();
1077 int32_t b
= T0_POPi();
1078 int32_t a
= T0_POPi();
1079 T0_PUSH(-(uint32_t)(a
< b
));
1086 int c
= (int)T0_POPi();
1087 uint32_t x
= T0_POP();
1095 int32_t b
= T0_POPi();
1096 int32_t a
= T0_POPi();
1097 T0_PUSH(-(uint32_t)(a
<= b
));
1104 uint32_t b
= T0_POP();
1105 uint32_t a
= T0_POP();
1106 T0_PUSH(-(uint32_t)(a
!= b
));
1113 uint32_t b
= T0_POP();
1114 uint32_t a
= T0_POP();
1115 T0_PUSH(-(uint32_t)(a
== b
));
1122 int32_t b
= T0_POPi();
1123 int32_t a
= T0_POPi();
1124 T0_PUSH(-(uint32_t)(a
> b
));
1131 int32_t b
= T0_POPi();
1132 int32_t a
= T0_POPi();
1133 T0_PUSH(-(uint32_t)(a
>= b
));
1140 int c
= (int)T0_POPi();
1141 int32_t x
= T0_POPi();
1149 uint32_t b
= T0_POP();
1150 uint32_t a
= T0_POP();
1158 if (ENG
->chain_len
== 0) {
1161 ENG
->cert_cur
= ENG
->chain
->data
;
1162 ENG
->cert_len
= ENG
->chain
->data_len
;
1165 T0_PUSH(ENG
->cert_len
);
1173 const br_x500_name
*dn
;
1174 if (CTX
->cur_dn_index
>= CTX
->num_tas
) {
1177 if (CTX
->ta_names
== NULL
) {
1178 dn
= &CTX
->tas
[CTX
->cur_dn_index
].dn
;
1180 dn
= &CTX
->ta_names
[CTX
->cur_dn_index
];
1182 CTX
->cur_dn_index
++;
1183 CTX
->cur_dn
= dn
->data
;
1184 CTX
->cur_dn_len
= dn
->len
;
1185 T0_PUSH(CTX
->cur_dn_len
);
1191 /* begin-ta-name-list */
1193 CTX
->cur_dn_index
= 0;
1200 size_t len
= (size_t)T0_POP();
1201 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1202 memset(addr
, 0, len
);
1207 /* call-policy-handler */
1210 br_ssl_server_choices choices
;
1212 x
= (*CTX
->policy_vtable
)->choose(
1213 CTX
->policy_vtable
, CTX
, &choices
);
1214 ENG
->session
.cipher_suite
= choices
.cipher_suite
;
1215 CTX
->sign_hash_id
= choices
.algo_id
;
1216 ENG
->chain
= choices
.chain
;
1217 ENG
->chain_len
= choices
.chain_len
;
1218 T0_PUSHi(-(x
!= 0));
1225 T0_PUSHi(-(ENG
->hlen_out
> 0));
1232 if (ENG
->session
.session_id_len
== 32
1233 && CTX
->cache_vtable
!= NULL
&& (*CTX
->cache_vtable
)->load(
1234 CTX
->cache_vtable
, CTX
, &ENG
->session
))
1249 /* compute-Finished-inner */
1251 int prf_id
= T0_POP();
1252 int from_client
= T0_POPi();
1253 unsigned char tmp
[48];
1254 br_tls_prf_seed_chunk seed
;
1256 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1258 if (ENG
->session
.version
>= BR_TLS12
) {
1259 seed
.len
= br_multihash_out(&ENG
->mhash
, prf_id
, tmp
);
1261 br_multihash_out(&ENG
->mhash
, br_md5_ID
, tmp
);
1262 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, tmp
+ 16);
1265 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1266 sizeof ENG
->session
.master_secret
,
1267 from_client
? "client finished" : "server finished",
1273 /* compute-hash-CV */
1277 for (i
= 1; i
<= 6; i
++) {
1278 br_multihash_out(&ENG
->mhash
, i
,
1279 ENG
->pad
+ HASH_PAD_OFF
[i
- 1]);
1285 /* copy-cert-chunk */
1289 clen
= ENG
->cert_len
;
1290 if (clen
> sizeof ENG
->pad
) {
1291 clen
= sizeof ENG
->pad
;
1293 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1294 ENG
->cert_cur
+= clen
;
1295 ENG
->cert_len
-= clen
;
1305 clen
= CTX
->cur_dn_len
;
1306 if (clen
> sizeof ENG
->pad
) {
1307 clen
= sizeof ENG
->pad
;
1309 memcpy(ENG
->pad
, CTX
->cur_dn
, clen
);
1310 CTX
->cur_dn
+= clen
;
1311 CTX
->cur_dn_len
-= clen
;
1326 if (br_multihash_getimpl(&ENG
->mhash
, id
) == 0) {
1330 off
= HASH_PAD_OFF
[id
- 1];
1331 len
= HASH_PAD_OFF
[id
] - off
;
1333 memcpy(CTX
->hash_CV
, ENG
->pad
+ off
, len
);
1334 CTX
->hash_CV_len
= len
;
1335 CTX
->hash_CV_id
= id
;
1341 /* copy-protocol-name */
1343 size_t idx
= T0_POP();
1344 size_t len
= strlen(ENG
->protocol_names
[idx
]);
1345 memcpy(ENG
->pad
, ENG
->protocol_names
[idx
], len
);
1353 size_t addr
= T0_POP();
1354 T0_PUSH(t0_datablock
[addr
]);
1368 int prf_id
= T0_POPi();
1369 size_t len
= T0_POP();
1370 do_ecdh(CTX
, prf_id
, ENG
->pad
, len
);
1375 /* do-ecdhe-part1 */
1377 int curve
= T0_POPi();
1378 T0_PUSHi(do_ecdhe_part1(CTX
, curve
));
1383 /* do-ecdhe-part2 */
1385 int prf_id
= T0_POPi();
1386 size_t len
= T0_POP();
1387 do_ecdhe_part2(CTX
, prf_id
, ENG
->pad
, len
);
1392 /* do-rsa-decrypt */
1394 int prf_id
= T0_POPi();
1395 size_t len
= T0_POP();
1396 do_rsa_decrypt(CTX
, prf_id
, ENG
->pad
, len
);
1401 /* do-static-ecdh */
1403 do_static_ecdh(CTX
, T0_POP());
1414 T0_PUSH(T0_PEEK(0));
1420 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1428 br_ssl_engine_flush_record(ENG
);
1433 /* get-key-type-usages */
1435 const br_x509_class
*xc
;
1436 const br_x509_pkey
*pk
;
1439 xc
= *(ENG
->x509ctx
);
1440 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1444 T0_PUSH(pk
->key_type
| usages
);
1452 size_t addr
= (size_t)T0_POP();
1453 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1460 size_t addr
= (size_t)T0_POP();
1461 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1468 size_t addr
= (size_t)T0_POP();
1469 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1476 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1483 size_t len
= (size_t)T0_POP();
1484 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1485 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1486 int x
= memcmp(addr1
, addr2
, len
);
1487 T0_PUSH((uint32_t)-(x
== 0));
1494 size_t len
= (size_t)T0_POP();
1495 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1496 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1497 memcpy(dst
, src
, len
);
1504 size_t len
= (size_t)T0_POP();
1505 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1506 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1511 /* more-incoming-bytes? */
1513 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1518 /* multihash-init */
1520 br_multihash_init(&ENG
->mhash
);
1527 uint32_t a
= T0_POP();
1535 uint32_t a
= T0_POP();
1543 uint32_t b
= T0_POP();
1544 uint32_t a
= T0_POP();
1551 T0_PUSH(T0_PEEK(1));
1560 /* read-chunk-native */
1562 size_t clen
= ENG
->hlen_in
;
1568 if ((size_t)len
< clen
) {
1571 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1572 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1573 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1575 T0_PUSH(addr
+ (uint32_t)clen
);
1576 T0_PUSH(len
- (uint32_t)clen
);
1577 ENG
->hbuf_in
+= clen
;
1578 ENG
->hlen_in
-= clen
;
1586 if (ENG
->hlen_in
> 0) {
1589 x
= *ENG
->hbuf_in
++;
1590 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1591 br_multihash_update(&ENG
->mhash
, &x
, 1);
1604 if (CTX
->cache_vtable
!= NULL
) {
1605 (*CTX
->cache_vtable
)->save(
1606 CTX
->cache_vtable
, CTX
, &ENG
->session
);
1612 /* set-max-frag-len */
1614 size_t max_frag_len
= T0_POP();
1616 br_ssl_engine_new_max_frag_len(ENG
, max_frag_len
);
1619 * We must adjust our own output limit. Since we call this only
1620 * after receiving a ClientHello and before beginning to send
1621 * the ServerHello, the next output record should be empty at
1622 * that point, so we can use max_frag_len as a limit.
1624 if (ENG
->hlen_out
> max_frag_len
) {
1625 ENG
->hlen_out
= max_frag_len
;
1633 size_t addr
= (size_t)T0_POP();
1634 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1641 size_t addr
= (size_t)T0_POP();
1642 *(uint32_t *)((unsigned char *)ENG
+ addr
) = (uint32_t)T0_POP();
1649 size_t addr
= (size_t)T0_POP();
1650 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1655 /* supported-curves */
1657 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1663 /* supported-hash-functions */
1670 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1671 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1682 /* supports-ecdsa? */
1684 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1689 /* supports-rsa-sign? */
1691 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1701 /* switch-aesgcm-in */
1703 int is_client
, prf_id
;
1704 unsigned cipher_key_len
;
1706 cipher_key_len
= T0_POP();
1708 is_client
= T0_POP();
1709 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1710 ENG
->iaes_ctr
, cipher_key_len
);
1715 /* switch-aesgcm-out */
1717 int is_client
, prf_id
;
1718 unsigned cipher_key_len
;
1720 cipher_key_len
= T0_POP();
1722 is_client
= T0_POP();
1723 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1724 ENG
->iaes_ctr
, cipher_key_len
);
1731 int is_client
, prf_id
, mac_id
, aes
;
1732 unsigned cipher_key_len
;
1734 cipher_key_len
= T0_POP();
1738 is_client
= T0_POP();
1739 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1740 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1745 /* switch-cbc-out */
1747 int is_client
, prf_id
, mac_id
, aes
;
1748 unsigned cipher_key_len
;
1750 cipher_key_len
= T0_POP();
1754 is_client
= T0_POP();
1755 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1756 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1761 /* switch-chapol-in */
1763 int is_client
, prf_id
;
1766 is_client
= T0_POP();
1767 br_ssl_engine_switch_chapol_in(ENG
, is_client
, prf_id
);
1772 /* switch-chapol-out */
1774 int is_client
, prf_id
;
1777 is_client
= T0_POP();
1778 br_ssl_engine_switch_chapol_out(ENG
, is_client
, prf_id
);
1783 /* ta-names-total-length */
1788 if (CTX
->ta_names
!= NULL
) {
1789 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1790 len
+= CTX
->ta_names
[u
].len
+ 2;
1792 } else if (CTX
->tas
!= NULL
) {
1793 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1794 len
+= CTX
->tas
[u
].dn
.len
+ 2;
1802 /* test-protocol-name */
1804 size_t len
= T0_POP();
1807 for (u
= 0; u
< ENG
->protocol_names_num
; u
++) {
1810 name
= ENG
->protocol_names
[u
];
1811 if (len
== strlen(name
) && memcmp(ENG
->pad
, name
, len
) == 0) {
1821 /* total-chain-length */
1827 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1828 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1837 uint32_t b
= T0_POP();
1838 uint32_t a
= T0_POP();
1839 T0_PUSH(-(uint32_t)(a
< b
));
1846 int c
= (int)T0_POPi();
1847 uint32_t x
= T0_POP();
1857 err
= verify_CV_sig(CTX
, T0_POP());
1863 /* write-blob-chunk */
1865 size_t clen
= ENG
->hlen_out
;
1871 if ((size_t)len
< clen
) {
1874 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1875 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1876 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1878 T0_PUSH(addr
+ (uint32_t)clen
);
1879 T0_PUSH(len
- (uint32_t)clen
);
1880 ENG
->hbuf_out
+= clen
;
1881 ENG
->hlen_out
-= clen
;
1891 x
= (unsigned char)T0_POP();
1892 if (ENG
->hlen_out
> 0) {
1893 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1894 br_multihash_update(&ENG
->mhash
, &x
, 1);
1896 *ENG
->hbuf_out
++ = x
;
1908 const br_x509_class
*xc
;
1911 xc
= *(ENG
->x509ctx
);
1913 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1920 const br_x509_class
*xc
;
1922 xc
= *(ENG
->x509ctx
);
1923 xc
->end_cert(ENG
->x509ctx
);
1928 /* x509-end-chain */
1930 const br_x509_class
*xc
;
1932 xc
= *(ENG
->x509ctx
);
1933 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1938 /* x509-start-cert */
1940 const br_x509_class
*xc
;
1942 xc
= *(ENG
->x509ctx
);
1943 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1948 /* x509-start-chain */
1950 const br_x509_class
*xc
;
1954 xc
= *(ENG
->x509ctx
);
1955 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1962 T0_ENTER(ip
, rp
, t0x
);
1966 ((t0_context
*)t0ctx
)->dp
= dp
;
1967 ((t0_context
*)t0ctx
)->rp
= rp
;
1968 ((t0_context
*)t0ctx
)->ip
= ip
;