X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_client.c;h=de36165aa94751b80c5d1285cfc87a0b3cbece01;hp=c06cf705a3d3ad5c9590bb525c8b331805e28e77;hb=c6ffcd29381f555783a75d957c28c0ff861cd33a;hpb=60126cafc85572a53d38752b8830e91c7ab18f88;ds=sidebyside diff --git a/src/ssl/ssl_hs_client.c b/src/ssl/ssl_hs_client.c index c06cf70..de36165 100644 --- a/src/ssl/ssl_hs_client.c +++ b/src/ssl/ssl_hs_client.c @@ -58,7 +58,7 @@ t0_parse7E_signed(const unsigned char **p) #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0) #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0) -static const uint8_t t0_datablock[]; +/* static const unsigned char t0_datablock[]; */ void br_ssl_hs_client_init_main(void *t0ctx); @@ -75,7 +75,7 @@ void br_ssl_hs_client_run(void *t0ctx); /* * This macro evaluates to a pointer to the current engine context. */ -#define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu))) +#define ENG ((br_ssl_engine_context *)(void *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu))) @@ -86,7 +86,7 @@ void br_ssl_hs_client_run(void *t0ctx); * specific name. It must be noted that since the engine context is the * first field of the br_ssl_client_context structure ('eng'), then * pointers values of both types are interchangeable, modulo an - * appropriate cast. This also means that "adresses" computed as offsets + * appropriate cast. This also means that "addresses" computed as offsets * within the structure work for both kinds of context. */ #define CTX ((br_ssl_client_context *)ENG) @@ -110,7 +110,7 @@ make_pms_rsa(br_ssl_client_context *ctx, int prf_id) size_t nlen, u; xc = ctx->eng.x509ctx; - pk = (*xc)->get_pkey(xc); + pk = (*xc)->get_pkey(xc, NULL); /* * Compute actual RSA key length, in case there are leading zeros. @@ -170,39 +170,21 @@ make_pms_rsa(br_ssl_client_context *ctx, int prf_id) /* * OID for hash functions in RSA signatures. */ -static const unsigned char HASH_OID_SHA1[] = { - 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A -}; - -static const unsigned char HASH_OID_SHA224[] = { - 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04 -}; - -static const unsigned char HASH_OID_SHA256[] = { - 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 -}; - -static const unsigned char HASH_OID_SHA384[] = { - 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02 -}; - -static const unsigned char HASH_OID_SHA512[] = { - 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03 -}; - static const unsigned char *HASH_OID[] = { - HASH_OID_SHA1, - HASH_OID_SHA224, - HASH_OID_SHA256, - HASH_OID_SHA384, - HASH_OID_SHA512 + BR_HASH_OID_SHA1, + BR_HASH_OID_SHA224, + BR_HASH_OID_SHA256, + BR_HASH_OID_SHA384, + BR_HASH_OID_SHA512 }; /* * Check the RSA signature on the ServerKeyExchange message. + * * hash hash function ID (2 to 6), or 0 for MD5+SHA-1 (with RSA only) * use_rsa non-zero for RSA signature, zero for ECDSA * sig_len signature length (in bytes); signature value is in the pad + * * Returned value is 0 on success, or an error code. */ static int @@ -216,7 +198,7 @@ verify_SKE_sig(br_ssl_client_context *ctx, size_t hv_len; xc = ctx->eng.x509ctx; - pk = (*xc)->get_pkey(xc); + pk = (*xc)->get_pkey(xc, NULL); br_multihash_zero(&mhc); br_multihash_copyimpl(&mhc, &ctx->eng.mhash); br_multihash_init(&mhc); @@ -253,14 +235,14 @@ verify_SKE_sig(br_ssl_client_context *ctx, } else { hash_oid = NULL; } - if (!ctx->irsavrfy(ctx->eng.pad, sig_len, + if (!ctx->eng.irsavrfy(ctx->eng.pad, sig_len, hash_oid, hv_len, &pk->key.rsa, tmp) || memcmp(tmp, hv, hv_len) != 0) { return BR_ERR_BAD_SIGNATURE; } } else { - if (!ctx->iecdsa(ctx->eng.iec, hv, hv_len, &pk->key.ec, + if (!ctx->eng.iecdsa(ctx->eng.iec, hv, hv_len, &pk->key.ec, ctx->eng.pad, sig_len)) { return BR_ERR_BAD_SIGNATURE; @@ -270,7 +252,7 @@ verify_SKE_sig(br_ssl_client_context *ctx, } /* - * Perform client-size ECDH (or ECDHE). The point that should be sent to + * Perform client-side ECDH (or ECDHE). The point that should be sent to * the server is written in the pad; returned value is either the point * length (in bytes), or -x on error, with 'x' being an error code. * @@ -283,8 +265,8 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id) { int curve; unsigned char key[66], point[133]; - const unsigned char *generator, *order, *point_src; - size_t glen, olen, point_len; + const unsigned char *order, *point_src; + size_t glen, olen, point_len, xoff, xlen; unsigned char mask; if (ecdhe) { @@ -296,7 +278,7 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id) const br_x509_pkey *pk; xc = ctx->eng.x509ctx; - pk = (*xc)->get_pkey(xc); + pk = (*xc)->get_pkey(xc, NULL); curve = pk->key.ec.curve; point_src = pk->key.ec.q; point_len = pk->key.ec.qlen; @@ -324,7 +306,7 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id) * Compute the common ECDH point, whose X coordinate is the * pre-master secret. */ - generator = ctx->eng.iec->generator(curve, &glen); + ctx->eng.iec->generator(curve, &glen); if (glen != point_len) { return -BR_ERR_INVALID_ALGORITHM; } @@ -337,19 +319,84 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id) /* * The pre-master secret is the X coordinate. */ - br_ssl_engine_compute_master(&ctx->eng, prf_id, point + 1, glen >> 1); + xoff = ctx->eng.iec->xoff(curve, &xlen); + br_ssl_engine_compute_master(&ctx->eng, prf_id, point + xoff, xlen); - memcpy(point, generator, glen); - if (!ctx->eng.iec->mul(point, glen, key, olen, curve)) { - return -BR_ERR_INVALID_ALGORITHM; - } + ctx->eng.iec->mulgen(point, key, olen, curve); memcpy(ctx->eng.pad, point, glen); return (int)glen; } +/* + * Perform full static ECDH. This occurs only in the context of client + * authentication with certificates: the server uses an EC public key, + * the cipher suite is of type ECDH (not ECDHE), the server requested a + * client certificate and accepts static ECDH, the client has a + * certificate with an EC public key in the same curve, and accepts + * static ECDH as well. + * + * Returned value is 0 on success, -1 on error. + */ +static int +make_pms_static_ecdh(br_ssl_client_context *ctx, int prf_id) +{ + unsigned char point[133]; + size_t point_len; + const br_x509_class **xc; + const br_x509_pkey *pk; + + xc = ctx->eng.x509ctx; + pk = (*xc)->get_pkey(xc, NULL); + point_len = pk->key.ec.qlen; + if (point_len > sizeof point) { + return -1; + } + memcpy(point, pk->key.ec.q, point_len); + if (!(*ctx->client_auth_vtable)->do_keyx( + ctx->client_auth_vtable, point, &point_len)) + { + return -1; + } + br_ssl_engine_compute_master(&ctx->eng, + prf_id, point, point_len); + return 0; +} + +/* + * Compute the client-side signature. This is invoked only when a + * signature-based client authentication was selected. The computed + * signature is in the pad; its length (in bytes) is returned. On + * error, 0 is returned. + */ +static size_t +make_client_sign(br_ssl_client_context *ctx) +{ + size_t hv_len; + + /* + * Compute hash of handshake messages so far. This "cannot" fail + * because the list of supported hash functions provided to the + * client certificate handler was trimmed to include only the + * hash functions that the multi-hasher supports. + */ + if (ctx->hash_id) { + hv_len = br_multihash_out(&ctx->eng.mhash, + ctx->hash_id, ctx->eng.pad); + } else { + br_multihash_out(&ctx->eng.mhash, + br_md5_ID, ctx->eng.pad); + br_multihash_out(&ctx->eng.mhash, + br_sha1_ID, ctx->eng.pad + 16); + hv_len = 36; + } + return (*ctx->client_auth_vtable)->do_sign( + ctx->client_auth_vtable, ctx->hash_id, hv_len, + ctx->eng.pad, sizeof ctx->eng.pad); +} + -static const uint8_t t0_datablock[] = { +static const unsigned char t0_datablock[] = { 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02, 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03, 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41, @@ -361,15 +408,18 @@ static const uint8_t t0_datablock[] = { 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32, 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43, 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14, - 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15, - 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00 + 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xC0, 0x9C, 0x06, + 0x04, 0xC0, 0x9D, 0x07, 0x04, 0xC0, 0xA0, 0x08, 0x04, 0xC0, 0xA1, 0x09, + 0x04, 0xC0, 0xAC, 0x26, 0x04, 0xC0, 0xAD, 0x27, 0x04, 0xC0, 0xAE, 0x28, + 0x04, 0xC0, 0xAF, 0x29, 0x04, 0xCC, 0xA8, 0x15, 0x04, 0xCC, 0xA9, 0x25, + 0x04, 0x00, 0x00 }; -static const uint8_t t0_codeblock[] = { - 0x00, 0x01, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x00, 0x0C, 0x00, 0x00, 0x01, - 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01, 0x01, 0x08, +static const unsigned char t0_codeblock[] = { + 0x00, 0x01, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, + 0x00, 0x0E, 0x00, 0x00, 0x01, 0x00, 0x0F, 0x00, 0x00, 0x01, 0x01, 0x08, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00, - 0x01, 0x02, 0x09, 0x00, 0x00, 0x1A, 0x1A, 0x00, 0x00, 0x01, + 0x01, 0x02, 0x09, 0x00, 0x00, 0x25, 0x25, 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_CCS), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_CIPHER_SUITE), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_COMPRESSION), 0x00, 0x00, 0x01, @@ -387,9 +437,11 @@ static const uint8_t t0_codeblock[] = { T0_INT1(BR_ERR_RESUME_MISMATCH), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_UNEXPECTED), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_UNSUPPORTED_VERSION), 0x00, 0x00, 0x01, + T0_INT1(BR_ERR_WRONG_KEY_USAGE), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, action)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, alert)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, application_data)), 0x00, 0x00, + 0x01, T0_INT2(offsetof(br_ssl_client_context, auth_type)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, cipher_suite)), 0x00, 0x00, 0x01, @@ -399,18 +451,25 @@ static const uint8_t t0_codeblock[] = { 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point_len)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, flags)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context, hash_id)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context, hashes)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, log_max_frag_len)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context, min_clienthello_len)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, pad)), 0x00, 0x00, - 0x01, T0_INT2(offsetof(br_ssl_engine_context, record_type_in)), 0x00, - 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, record_type_out)), - 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, reneg)), + 0x01, T0_INT2(offsetof(br_ssl_engine_context, protocol_names_num)), + 0x00, 0x00, 0x01, + T0_INT2(offsetof(br_ssl_engine_context, record_type_in)), 0x00, 0x00, + 0x01, T0_INT2(offsetof(br_ssl_engine_context, record_type_out)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, reneg)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, saved_finished)), 0x00, 0x00, 0x01, - T0_INT2(offsetof(br_ssl_engine_context, saved_finished)), 0x00, 0x00, - 0x01, T0_INT2(offsetof(br_ssl_engine_context, server_name)), 0x00, - 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, server_random)), + T0_INT2(offsetof(br_ssl_engine_context, selected_protocol)), 0x00, + 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, server_name)), 0x00, 0x00, 0x01, + T0_INT2(offsetof(br_ssl_engine_context, server_random)), 0x00, 0x00, + 0x01, T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id_len)), @@ -425,215 +484,258 @@ static const uint8_t t0_codeblock[] = { T0_INT2(offsetof(br_ssl_engine_context, version_max)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_min)), 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_out)), - 0x00, 0x00, 0x09, 0x1B, 0x40, 0x06, 0x02, 0x50, 0x1C, 0x00, 0x00, 0x06, - 0x08, 0x1E, 0x0D, 0x05, 0x02, 0x59, 0x1C, 0x04, 0x01, 0x2B, 0x00, 0x00, - 0x01, 0x01, 0x00, 0x01, 0x03, 0x00, 0x7A, 0x1B, 0x46, 0x32, 0x7E, 0x1B, - 0x05, 0x04, 0x48, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0D, 0x06, 0x02, 0x7E, - 0x00, 0x46, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x50, 0x1C, 0x00, 0x00, 0x1B, - 0x6B, 0x32, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x32, 0x5F, 0x1E, 0x81, 0x0B, - 0x15, 0x67, 0x01, 0x0C, 0x22, 0x00, 0x00, 0x1B, 0x16, 0x01, 0x08, 0x0B, - 0x32, 0x44, 0x16, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01, 0x00, 0x5E, 0x2C, - 0x1D, 0x13, 0x26, 0x06, 0x08, 0x02, 0x00, 0x81, 0x2A, 0x03, 0x00, 0x04, - 0x74, 0x01, 0x00, 0x81, 0x22, 0x02, 0x00, 0x1B, 0x13, 0x11, 0x06, 0x02, - 0x57, 0x1C, 0x81, 0x2A, 0x04, 0x75, 0x01, 0x01, 0x00, 0x5E, 0x2C, 0x01, - 0x16, 0x69, 0x2C, 0x25, 0x81, 0x2E, 0x1D, 0x81, 0x12, 0x06, 0x0B, 0x01, - 0x7F, 0x81, 0x0E, 0x01, 0x7F, 0x81, 0x2D, 0x04, 0x80, 0x42, 0x81, 0x0F, - 0x5F, 0x1E, 0x81, 0x02, 0x01, T0_INT1(BR_KEYTYPE_SIGN), 0x11, 0x06, - 0x02, 0x81, 0x13, 0x81, 0x16, 0x1B, 0x01, 0x0D, 0x0D, 0x06, 0x09, 0x1A, - 0x81, 0x15, 0x81, 0x16, 0x01, 0x7F, 0x04, 0x02, 0x01, 0x00, 0x03, 0x00, - 0x01, 0x0E, 0x0D, 0x05, 0x02, 0x5A, 0x1C, 0x06, 0x02, 0x4F, 0x1C, 0x24, - 0x06, 0x02, 0x5A, 0x1C, 0x02, 0x00, 0x06, 0x02, 0x81, 0x34, 0x81, 0x2F, - 0x01, 0x7F, 0x81, 0x2D, 0x01, 0x7F, 0x81, 0x0E, 0x01, 0x01, 0x5E, 0x2C, - 0x01, 0x17, 0x69, 0x2C, 0x00, 0x00, 0x28, 0x28, 0x00, 0x00, 0x7B, 0x01, - 0x0C, 0x10, 0x01, 0x00, 0x28, 0x0D, 0x06, 0x05, 0x1A, 0x01, + 0x00, 0x00, 0x09, 0x26, 0x58, 0x06, 0x02, 0x68, 0x28, 0x00, 0x00, 0x06, + 0x08, 0x2C, 0x0E, 0x05, 0x02, 0x71, 0x28, 0x04, 0x01, 0x3C, 0x00, 0x00, + 0x01, 0x01, 0x00, 0x01, 0x03, 0x00, 0x99, 0x26, 0x5E, 0x44, 0x9D, 0x26, + 0x05, 0x04, 0x60, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0E, 0x06, 0x02, 0x9D, + 0x00, 0x5E, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x68, 0x28, 0x00, 0x00, 0x26, + 0x89, 0x44, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x44, 0x79, 0x2C, 0xAB, 0x1C, + 0x84, 0x01, 0x0C, 0x31, 0x00, 0x00, 0x26, 0x1F, 0x01, 0x08, 0x0B, 0x44, + 0x5C, 0x1F, 0x08, 0x00, 0x01, 0x03, 0x00, 0x77, 0x2E, 0x02, 0x00, 0x36, + 0x17, 0x01, 0x01, 0x0B, 0x77, 0x3E, 0x29, 0x1A, 0x36, 0x06, 0x07, 0x02, + 0x00, 0xCF, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00, 0xC5, 0x02, 0x00, 0x26, + 0x1A, 0x17, 0x06, 0x02, 0x6F, 0x28, 0xCF, 0x04, 0x76, 0x01, 0x01, 0x00, + 0x77, 0x3E, 0x01, 0x16, 0x87, 0x3E, 0x01, 0x00, 0x8A, 0x3C, 0x34, 0xD5, + 0x29, 0xB4, 0x06, 0x09, 0x01, 0x7F, 0xAF, 0x01, 0x7F, 0xD2, 0x04, 0x80, + 0x53, 0xB1, 0x79, 0x2C, 0xA1, 0x01, T0_INT1(BR_KEYTYPE_SIGN), 0x17, + 0x06, 0x01, 0xB5, 0xB8, 0x26, 0x01, 0x0D, 0x0E, 0x06, 0x07, 0x25, 0xB7, + 0xB8, 0x01, 0x7F, 0x04, 0x02, 0x01, 0x00, 0x03, 0x00, 0x01, 0x0E, 0x0E, + 0x05, 0x02, 0x72, 0x28, 0x06, 0x02, 0x67, 0x28, 0x33, 0x06, 0x02, 0x72, + 0x28, 0x02, 0x00, 0x06, 0x1C, 0xD3, 0x80, 0x2E, 0x01, 0x81, 0x7F, 0x0E, + 0x06, 0x0D, 0x25, 0x01, 0x10, 0xDE, 0x01, 0x00, 0xDD, 0x79, 0x2C, 0xAB, + 0x24, 0x04, 0x04, 0xD6, 0x06, 0x01, 0xD4, 0x04, 0x01, 0xD6, 0x01, 0x7F, + 0xD2, 0x01, 0x7F, 0xAF, 0x01, 0x01, 0x77, 0x3E, 0x01, 0x17, 0x87, 0x3E, + 0x00, 0x00, 0x38, 0x38, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x11, 0x01, 0x00, + 0x38, 0x0E, 0x06, 0x05, 0x25, 0x01, T0_INT1(BR_KEYTYPE_RSA | BR_KEYTYPE_KEYX), 0x04, 0x30, 0x01, 0x01, - 0x28, 0x0D, 0x06, 0x05, 0x1A, 0x01, + 0x38, 0x0E, 0x06, 0x05, 0x25, 0x01, T0_INT1(BR_KEYTYPE_RSA | BR_KEYTYPE_SIGN), 0x04, 0x25, 0x01, 0x02, - 0x28, 0x0D, 0x06, 0x05, 0x1A, 0x01, + 0x38, 0x0E, 0x06, 0x05, 0x25, 0x01, T0_INT1(BR_KEYTYPE_EC | BR_KEYTYPE_SIGN), 0x04, 0x1A, 0x01, 0x03, - 0x28, 0x0D, 0x06, 0x05, 0x1A, 0x01, + 0x38, 0x0E, 0x06, 0x05, 0x25, 0x01, T0_INT1(BR_KEYTYPE_EC | BR_KEYTYPE_KEYX), 0x04, 0x0F, 0x01, 0x04, - 0x28, 0x0D, 0x06, 0x05, 0x1A, 0x01, + 0x38, 0x0E, 0x06, 0x05, 0x25, 0x01, T0_INT1(BR_KEYTYPE_EC | BR_KEYTYPE_KEYX), 0x04, 0x04, 0x01, 0x00, - 0x32, 0x1A, 0x00, 0x00, 0x65, 0x1F, 0x01, 0x0E, 0x0D, 0x06, 0x04, 0x01, - 0x00, 0x04, 0x02, 0x01, 0x05, 0x00, 0x00, 0x2E, 0x06, 0x04, 0x01, 0x06, - 0x04, 0x02, 0x01, 0x00, 0x00, 0x00, 0x6A, 0x1F, 0x1B, 0x06, 0x08, 0x01, - 0x01, 0x09, 0x01, 0x11, 0x07, 0x04, 0x03, 0x1A, 0x01, 0x05, 0x00, 0x01, - 0x2F, 0x03, 0x00, 0x1A, 0x01, 0x00, 0x31, 0x06, 0x03, 0x02, 0x00, 0x08, - 0x30, 0x06, 0x03, 0x02, 0x00, 0x08, 0x1B, 0x06, 0x06, 0x01, 0x01, 0x0B, - 0x01, 0x06, 0x08, 0x00, 0x00, 0x6C, 0x2D, 0x1B, 0x06, 0x03, 0x01, 0x09, - 0x08, 0x00, 0x01, 0x2E, 0x1B, 0x06, 0x1E, 0x01, 0x00, 0x03, 0x00, 0x1B, - 0x06, 0x0E, 0x1B, 0x01, 0x01, 0x11, 0x02, 0x00, 0x08, 0x03, 0x00, 0x01, - 0x01, 0x10, 0x04, 0x6F, 0x1A, 0x02, 0x00, 0x01, 0x01, 0x0B, 0x01, 0x06, - 0x08, 0x00, 0x00, 0x81, 0x00, 0x81, 0x29, 0x1B, 0x01, 0x07, 0x11, 0x01, - 0x00, 0x28, 0x0D, 0x06, 0x0A, 0x1A, 0x01, 0x10, 0x11, 0x06, 0x02, 0x81, - 0x00, 0x04, 0x2D, 0x01, 0x01, 0x28, 0x0D, 0x06, 0x24, 0x1A, 0x1A, 0x01, - 0x00, 0x5E, 0x2C, 0x81, 0x11, 0x6A, 0x1F, 0x01, 0x01, 0x0D, 0x06, 0x11, - 0x1D, 0x13, 0x26, 0x06, 0x05, 0x81, 0x29, 0x1A, 0x04, 0x77, 0x01, 0x80, - 0x64, 0x81, 0x22, 0x04, 0x02, 0x81, 0x00, 0x04, 0x03, 0x5A, 0x1C, 0x1A, - 0x04, 0xFF, 0x3A, 0x01, 0x1B, 0x03, 0x00, 0x09, 0x1B, 0x40, 0x06, 0x02, - 0x50, 0x1C, 0x02, 0x00, 0x00, 0x00, 0x7B, 0x01, 0x0F, 0x11, 0x00, 0x00, - 0x5D, 0x1F, 0x01, 0x00, 0x28, 0x0D, 0x06, 0x10, 0x1A, 0x1B, 0x01, 0x01, - 0x0C, 0x06, 0x03, 0x1A, 0x01, 0x02, 0x5D, 0x2C, 0x01, 0x00, 0x04, 0x15, - 0x01, 0x01, 0x28, 0x0D, 0x06, 0x09, 0x1A, 0x01, 0x00, 0x5D, 0x2C, 0x42, - 0x00, 0x04, 0x06, 0x01, 0x82, 0x00, 0x08, 0x1C, 0x1A, 0x00, 0x00, 0x01, - 0x00, 0x20, 0x06, 0x06, 0x2A, 0x81, 0x0C, 0x27, 0x04, 0x77, 0x1B, 0x06, - 0x04, 0x01, 0x01, 0x70, 0x2C, 0x00, 0x00, 0x20, 0x06, 0x0B, 0x68, 0x1F, - 0x01, 0x14, 0x0C, 0x06, 0x02, 0x5A, 0x1C, 0x04, 0x12, 0x81, 0x29, 0x01, - 0x07, 0x11, 0x1B, 0x01, 0x02, 0x0C, 0x06, 0x06, 0x06, 0x02, 0x5A, 0x1C, - 0x04, 0x6F, 0x1A, 0x81, 0x1F, 0x01, 0x01, 0x0C, 0x24, 0x27, 0x06, 0x02, - 0x49, 0x1C, 0x1B, 0x01, 0x01, 0x81, 0x25, 0x26, 0x81, 0x10, 0x00, 0x01, - 0x81, 0x16, 0x01, 0x0B, 0x0D, 0x05, 0x02, 0x5A, 0x1C, 0x5F, 0x1E, 0x81, - 0x02, 0x3F, 0x81, 0x1D, 0x81, 0x0A, 0x1B, 0x06, 0x26, 0x81, 0x1D, 0x81, - 0x0A, 0x1B, 0x3E, 0x1B, 0x06, 0x19, 0x1B, 0x01, 0x82, 0x00, 0x0E, 0x06, - 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x1B, 0x03, 0x00, 0x67, 0x02, 0x00, - 0x81, 0x14, 0x02, 0x00, 0x3B, 0x04, 0x64, 0x7C, 0x3C, 0x04, 0x57, 0x7C, - 0x7C, 0x3D, 0x1B, 0x06, 0x01, 0x1C, 0x1A, 0x00, 0x00, 0x7D, 0x81, 0x16, - 0x01, 0x14, 0x0C, 0x06, 0x02, 0x5A, 0x1C, 0x67, 0x01, 0x0C, 0x08, 0x01, - 0x0C, 0x81, 0x14, 0x7C, 0x67, 0x1B, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x21, - 0x05, 0x02, 0x4C, 0x1C, 0x00, 0x00, 0x81, 0x17, 0x06, 0x02, 0x5A, 0x1C, - 0x06, 0x02, 0x4E, 0x1C, 0x00, 0x09, 0x81, 0x16, 0x01, 0x02, 0x0D, 0x05, - 0x02, 0x5A, 0x1C, 0x81, 0x1C, 0x03, 0x00, 0x02, 0x00, 0x76, 0x1E, 0x0A, - 0x02, 0x00, 0x75, 0x1E, 0x0E, 0x27, 0x06, 0x02, 0x5B, 0x1C, 0x02, 0x00, - 0x74, 0x1E, 0x0C, 0x06, 0x02, 0x53, 0x1C, 0x02, 0x00, 0x77, 0x2B, 0x6D, - 0x01, 0x20, 0x81, 0x14, 0x01, 0x00, 0x03, 0x01, 0x81, 0x1E, 0x03, 0x02, - 0x02, 0x02, 0x01, 0x20, 0x0E, 0x06, 0x02, 0x58, 0x1C, 0x67, 0x02, 0x02, - 0x81, 0x14, 0x02, 0x02, 0x6F, 0x1F, 0x0D, 0x02, 0x02, 0x01, 0x00, 0x0E, - 0x11, 0x06, 0x0B, 0x6E, 0x67, 0x02, 0x02, 0x21, 0x06, 0x04, 0x01, 0x7F, - 0x03, 0x01, 0x6E, 0x67, 0x02, 0x02, 0x22, 0x02, 0x02, 0x6F, 0x2C, 0x02, - 0x00, 0x73, 0x02, 0x01, 0x79, 0x81, 0x1C, 0x1B, 0x81, 0x20, 0x40, 0x06, - 0x02, 0x4A, 0x1C, 0x5F, 0x02, 0x01, 0x79, 0x81, 0x1E, 0x06, 0x02, 0x4B, - 0x1C, 0x1B, 0x06, 0x81, 0x3D, 0x81, 0x1C, 0x81, 0x0A, 0x81, 0x07, 0x03, - 0x03, 0x81, 0x05, 0x03, 0x04, 0x81, 0x03, 0x03, 0x05, 0x81, 0x06, 0x03, - 0x06, 0x81, 0x08, 0x03, 0x07, 0x81, 0x04, 0x03, 0x08, 0x1B, 0x06, 0x81, - 0x0B, 0x81, 0x1C, 0x01, 0x00, 0x28, 0x0D, 0x06, 0x10, 0x1A, 0x02, 0x03, - 0x05, 0x02, 0x54, 0x1C, 0x01, 0x00, 0x03, 0x03, 0x81, 0x1B, 0x04, 0x80, - 0x70, 0x01, 0x01, 0x28, 0x0D, 0x06, 0x10, 0x1A, 0x02, 0x05, 0x05, 0x02, - 0x54, 0x1C, 0x01, 0x00, 0x03, 0x05, 0x81, 0x19, 0x04, 0x80, 0x5A, 0x01, - 0x83, 0xFE, 0x01, 0x28, 0x0D, 0x06, 0x10, 0x1A, 0x02, 0x04, 0x05, 0x02, - 0x54, 0x1C, 0x01, 0x00, 0x03, 0x04, 0x81, 0x1A, 0x04, 0x80, 0x42, 0x01, - 0x0D, 0x28, 0x0D, 0x06, 0x0F, 0x1A, 0x02, 0x06, 0x05, 0x02, 0x54, 0x1C, - 0x01, 0x00, 0x03, 0x06, 0x81, 0x18, 0x04, 0x2D, 0x01, 0x0A, 0x28, 0x0D, - 0x06, 0x0F, 0x1A, 0x02, 0x07, 0x05, 0x02, 0x54, 0x1C, 0x01, 0x00, 0x03, - 0x07, 0x81, 0x18, 0x04, 0x18, 0x01, 0x0B, 0x28, 0x0D, 0x06, 0x0F, 0x1A, - 0x02, 0x08, 0x05, 0x02, 0x54, 0x1C, 0x01, 0x00, 0x03, 0x08, 0x81, 0x18, - 0x04, 0x03, 0x54, 0x1C, 0x1A, 0x04, 0xFE, 0x71, 0x02, 0x04, 0x06, 0x0D, - 0x02, 0x04, 0x01, 0x05, 0x0E, 0x06, 0x02, 0x51, 0x1C, 0x01, 0x01, 0x6A, - 0x2C, 0x7C, 0x7C, 0x02, 0x01, 0x00, 0x04, 0x81, 0x16, 0x01, 0x0C, 0x0D, - 0x05, 0x02, 0x5A, 0x1C, 0x81, 0x1E, 0x01, 0x03, 0x0D, 0x05, 0x02, 0x55, - 0x1C, 0x81, 0x1C, 0x1B, 0x62, 0x2C, 0x1B, 0x01, 0x20, 0x0F, 0x06, 0x02, - 0x55, 0x1C, 0x2E, 0x32, 0x10, 0x01, 0x01, 0x11, 0x05, 0x02, 0x55, 0x1C, - 0x81, 0x1E, 0x1B, 0x01, 0x81, 0x05, 0x0E, 0x06, 0x02, 0x55, 0x1C, 0x1B, - 0x64, 0x2C, 0x63, 0x32, 0x81, 0x14, 0x73, 0x1E, 0x01, 0x86, 0x03, 0x0F, - 0x03, 0x00, 0x5F, 0x1E, 0x81, 0x27, 0x03, 0x01, 0x01, 0x02, 0x03, 0x02, - 0x02, 0x00, 0x06, 0x23, 0x81, 0x1E, 0x1B, 0x1B, 0x01, 0x02, 0x0A, 0x32, - 0x01, 0x06, 0x0E, 0x27, 0x06, 0x02, 0x55, 0x1C, 0x03, 0x02, 0x81, 0x1E, - 0x02, 0x01, 0x01, 0x01, 0x0B, 0x01, 0x03, 0x08, 0x0D, 0x05, 0x02, 0x55, - 0x1C, 0x04, 0x08, 0x02, 0x01, 0x06, 0x04, 0x01, 0x00, 0x03, 0x02, 0x81, - 0x1C, 0x1B, 0x03, 0x03, 0x1B, 0x01, 0x84, 0x00, 0x0E, 0x06, 0x02, 0x56, - 0x1C, 0x67, 0x32, 0x81, 0x14, 0x02, 0x02, 0x02, 0x01, 0x02, 0x03, 0x38, - 0x1B, 0x06, 0x01, 0x1C, 0x1A, 0x7C, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, - 0x02, 0x00, 0x78, 0x02, 0x01, 0x02, 0x00, 0x29, 0x1B, 0x01, 0x00, 0x0D, - 0x06, 0x02, 0x48, 0x00, 0x81, 0x2B, 0x04, 0x73, 0x00, 0x1B, 0x06, 0x05, - 0x81, 0x1E, 0x1A, 0x04, 0x78, 0x1A, 0x00, 0x00, 0x81, 0x17, 0x1B, 0x42, - 0x06, 0x07, 0x1A, 0x06, 0x02, 0x4E, 0x1C, 0x04, 0x73, 0x00, 0x00, 0x81, - 0x1F, 0x01, 0x03, 0x81, 0x1D, 0x32, 0x1A, 0x32, 0x00, 0x00, 0x81, 0x1C, - 0x81, 0x23, 0x00, 0x00, 0x81, 0x1C, 0x01, 0x01, 0x0D, 0x05, 0x02, 0x4D, - 0x1C, 0x81, 0x1E, 0x01, 0x08, 0x08, 0x65, 0x1F, 0x0D, 0x05, 0x02, 0x4D, - 0x1C, 0x00, 0x00, 0x81, 0x1C, 0x6A, 0x1F, 0x05, 0x16, 0x01, 0x01, 0x0D, - 0x05, 0x02, 0x51, 0x1C, 0x81, 0x1E, 0x01, 0x00, 0x0D, 0x05, 0x02, 0x51, - 0x1C, 0x01, 0x02, 0x6A, 0x2C, 0x04, 0x1E, 0x01, 0x19, 0x0D, 0x05, 0x02, - 0x51, 0x1C, 0x81, 0x1E, 0x01, 0x18, 0x0D, 0x05, 0x02, 0x51, 0x1C, 0x67, - 0x01, 0x18, 0x81, 0x14, 0x6B, 0x67, 0x01, 0x18, 0x21, 0x05, 0x02, 0x51, - 0x1C, 0x00, 0x00, 0x81, 0x1C, 0x06, 0x02, 0x52, 0x1C, 0x00, 0x00, 0x01, - 0x02, 0x78, 0x81, 0x1F, 0x01, 0x08, 0x0B, 0x81, 0x1F, 0x08, 0x00, 0x00, - 0x01, 0x03, 0x78, 0x81, 0x1F, 0x01, 0x08, 0x0B, 0x81, 0x1F, 0x08, 0x01, - 0x08, 0x0B, 0x81, 0x1F, 0x08, 0x00, 0x00, 0x01, 0x01, 0x78, 0x81, 0x1F, - 0x00, 0x00, 0x2A, 0x1B, 0x40, 0x05, 0x01, 0x00, 0x1A, 0x81, 0x2B, 0x04, - 0x75, 0x02, 0x03, 0x00, 0x72, 0x1F, 0x03, 0x01, 0x01, 0x00, 0x1B, 0x02, - 0x01, 0x0A, 0x06, 0x10, 0x1B, 0x01, 0x01, 0x0B, 0x71, 0x08, 0x1E, 0x02, - 0x00, 0x0D, 0x06, 0x01, 0x00, 0x44, 0x04, 0x6A, 0x1A, 0x01, 0x7F, 0x00, - 0x00, 0x01, 0x15, 0x69, 0x2C, 0x32, 0x3A, 0x1A, 0x3A, 0x1A, 0x1D, 0x00, - 0x00, 0x01, 0x01, 0x32, 0x81, 0x21, 0x00, 0x00, 0x32, 0x28, 0x78, 0x32, - 0x1B, 0x06, 0x06, 0x81, 0x1F, 0x1A, 0x45, 0x04, 0x77, 0x1A, 0x00, 0x00, - 0x7B, 0x41, 0x00, 0x02, 0x03, 0x00, 0x5F, 0x1E, 0x7B, 0x03, 0x01, 0x02, - 0x01, 0x01, 0x0F, 0x11, 0x02, 0x01, 0x01, 0x04, 0x10, 0x01, 0x0F, 0x11, - 0x02, 0x01, 0x01, 0x08, 0x10, 0x01, 0x0F, 0x11, 0x01, 0x00, 0x28, 0x0D, - 0x06, 0x10, 0x1A, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x35, - 0x04, 0x01, 0x36, 0x04, 0x80, 0x56, 0x01, 0x01, 0x28, 0x0D, 0x06, 0x10, - 0x1A, 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x35, 0x04, 0x01, - 0x36, 0x04, 0x80, 0x40, 0x01, 0x02, 0x28, 0x0D, 0x06, 0x0F, 0x1A, 0x01, - 0x01, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x35, 0x04, 0x01, 0x36, 0x04, - 0x2B, 0x01, 0x03, 0x28, 0x0D, 0x06, 0x0E, 0x1A, 0x1A, 0x01, 0x10, 0x02, - 0x00, 0x06, 0x03, 0x33, 0x04, 0x01, 0x34, 0x04, 0x17, 0x01, 0x04, 0x28, - 0x0D, 0x06, 0x0E, 0x1A, 0x1A, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x33, - 0x04, 0x01, 0x34, 0x04, 0x03, 0x50, 0x1C, 0x1A, 0x00, 0x00, 0x7B, 0x01, - 0x0C, 0x10, 0x1B, 0x43, 0x32, 0x01, 0x03, 0x0A, 0x11, 0x00, 0x00, 0x7B, - 0x01, 0x0C, 0x10, 0x01, 0x01, 0x0D, 0x00, 0x00, 0x7B, 0x01, 0x0C, 0x10, - 0x42, 0x00, 0x00, 0x14, 0x01, 0x00, 0x5C, 0x1F, 0x1B, 0x06, 0x1F, 0x01, - 0x01, 0x28, 0x0D, 0x06, 0x06, 0x1A, 0x01, 0x00, 0x7F, 0x04, 0x11, 0x01, - 0x02, 0x28, 0x0D, 0x06, 0x0A, 0x1A, 0x5E, 0x1F, 0x06, 0x03, 0x01, 0x10, - 0x27, 0x04, 0x01, 0x1A, 0x04, 0x01, 0x1A, 0x61, 0x1F, 0x05, 0x34, 0x20, - 0x06, 0x31, 0x68, 0x1F, 0x01, 0x14, 0x28, 0x0D, 0x06, 0x06, 0x1A, 0x01, - 0x02, 0x27, 0x04, 0x23, 0x01, 0x15, 0x28, 0x0D, 0x06, 0x0A, 0x1A, 0x81, - 0x0D, 0x06, 0x03, 0x01, 0x7F, 0x7F, 0x04, 0x13, 0x01, 0x16, 0x28, 0x0D, - 0x06, 0x06, 0x1A, 0x01, 0x01, 0x27, 0x04, 0x07, 0x1A, 0x01, 0x04, 0x27, - 0x01, 0x00, 0x1A, 0x13, 0x06, 0x03, 0x01, 0x08, 0x27, 0x00, 0x00, 0x14, - 0x1B, 0x05, 0x10, 0x20, 0x06, 0x0D, 0x68, 0x1F, 0x01, 0x15, 0x0D, 0x06, - 0x05, 0x1A, 0x81, 0x0D, 0x04, 0x01, 0x17, 0x00, 0x00, 0x81, 0x29, 0x01, - 0x07, 0x11, 0x01, 0x01, 0x0E, 0x06, 0x02, 0x5A, 0x1C, 0x00, 0x01, 0x03, - 0x00, 0x1D, 0x13, 0x06, 0x05, 0x02, 0x00, 0x69, 0x2C, 0x00, 0x81, 0x29, - 0x1A, 0x04, 0x73, 0x00, 0x01, 0x14, 0x81, 0x2C, 0x01, 0x01, 0x81, 0x38, - 0x1D, 0x1B, 0x01, 0x00, 0x81, 0x25, 0x01, 0x16, 0x81, 0x2C, 0x81, 0x30, - 0x1D, 0x00, 0x02, 0x81, 0x05, 0x81, 0x07, 0x08, 0x81, 0x03, 0x08, 0x81, - 0x06, 0x08, 0x81, 0x08, 0x08, 0x81, 0x04, 0x08, 0x03, 0x00, 0x01, 0x01, - 0x81, 0x38, 0x01, 0x27, 0x6F, 0x1F, 0x08, 0x72, 0x1F, 0x01, 0x01, 0x0B, - 0x08, 0x02, 0x00, 0x06, 0x04, 0x46, 0x02, 0x00, 0x08, 0x66, 0x1E, 0x28, - 0x09, 0x1B, 0x43, 0x06, 0x24, 0x02, 0x00, 0x05, 0x04, 0x32, 0x46, 0x32, - 0x47, 0x01, 0x04, 0x09, 0x1B, 0x40, 0x06, 0x03, 0x1A, 0x01, 0x00, 0x1B, - 0x01, 0x04, 0x08, 0x02, 0x00, 0x08, 0x03, 0x00, 0x32, 0x01, 0x04, 0x08, - 0x28, 0x08, 0x32, 0x04, 0x03, 0x1A, 0x01, 0x7F, 0x03, 0x01, 0x81, 0x37, - 0x75, 0x1E, 0x81, 0x36, 0x60, 0x01, 0x04, 0x12, 0x60, 0x01, 0x04, 0x08, - 0x01, 0x1C, 0x23, 0x60, 0x01, 0x20, 0x81, 0x31, 0x6E, 0x6F, 0x1F, 0x81, - 0x33, 0x72, 0x1F, 0x1B, 0x01, 0x01, 0x0B, 0x81, 0x36, 0x71, 0x32, 0x1B, - 0x06, 0x11, 0x45, 0x28, 0x1E, 0x1B, 0x81, 0x24, 0x05, 0x02, 0x4A, 0x1C, - 0x81, 0x36, 0x32, 0x46, 0x32, 0x04, 0x6C, 0x48, 0x01, 0x01, 0x81, 0x38, - 0x01, 0x00, 0x81, 0x38, 0x02, 0x00, 0x06, 0x81, 0x47, 0x02, 0x00, 0x81, - 0x36, 0x81, 0x05, 0x06, 0x12, 0x01, 0x83, 0xFE, 0x01, 0x81, 0x36, 0x6B, - 0x81, 0x05, 0x01, 0x04, 0x09, 0x1B, 0x81, 0x36, 0x45, 0x81, 0x33, 0x81, - 0x07, 0x06, 0x1C, 0x01, 0x00, 0x81, 0x36, 0x6C, 0x81, 0x07, 0x01, 0x04, - 0x09, 0x1B, 0x81, 0x36, 0x01, 0x02, 0x09, 0x1B, 0x81, 0x36, 0x01, 0x00, - 0x81, 0x38, 0x01, 0x03, 0x09, 0x81, 0x32, 0x81, 0x03, 0x06, 0x0F, 0x01, - 0x01, 0x81, 0x36, 0x01, 0x01, 0x81, 0x36, 0x65, 0x1F, 0x01, 0x08, 0x09, - 0x81, 0x38, 0x81, 0x06, 0x06, 0x1F, 0x01, 0x0D, 0x81, 0x36, 0x81, 0x06, - 0x01, 0x04, 0x09, 0x1B, 0x81, 0x36, 0x01, 0x02, 0x09, 0x81, 0x36, 0x30, - 0x06, 0x04, 0x01, 0x03, 0x81, 0x35, 0x31, 0x06, 0x04, 0x01, 0x01, 0x81, - 0x35, 0x81, 0x08, 0x1B, 0x06, 0x27, 0x01, 0x0A, 0x81, 0x36, 0x01, 0x04, - 0x09, 0x1B, 0x81, 0x36, 0x47, 0x81, 0x36, 0x2E, 0x01, 0x00, 0x1B, 0x01, - 0x20, 0x0A, 0x06, 0x0E, 0x81, 0x01, 0x10, 0x01, 0x01, 0x11, 0x06, 0x03, - 0x1B, 0x81, 0x36, 0x44, 0x04, 0x6C, 0x48, 0x04, 0x01, 0x1A, 0x81, 0x04, - 0x06, 0x0D, 0x01, 0x0B, 0x81, 0x36, 0x01, 0x02, 0x81, 0x36, 0x01, 0x82, - 0x00, 0x81, 0x36, 0x02, 0x01, 0x40, 0x05, 0x14, 0x01, 0x15, 0x81, 0x36, - 0x02, 0x01, 0x1B, 0x81, 0x36, 0x1B, 0x06, 0x07, 0x45, 0x01, 0x00, 0x81, - 0x38, 0x04, 0x76, 0x1A, 0x00, 0x00, 0x01, 0x10, 0x81, 0x38, 0x5F, 0x1E, - 0x1B, 0x81, 0x28, 0x06, 0x10, 0x81, 0x0B, 0x19, 0x1B, 0x46, 0x81, 0x37, - 0x1B, 0x81, 0x36, 0x67, 0x32, 0x81, 0x31, 0x04, 0x12, 0x1B, 0x81, 0x26, - 0x32, 0x81, 0x0B, 0x18, 0x1B, 0x44, 0x81, 0x37, 0x1B, 0x81, 0x38, 0x67, - 0x32, 0x81, 0x31, 0x00, 0x00, 0x7D, 0x01, 0x14, 0x81, 0x38, 0x01, 0x0C, - 0x81, 0x37, 0x67, 0x01, 0x0C, 0x81, 0x31, 0x00, 0x00, 0x39, 0x1B, 0x01, - 0x00, 0x0D, 0x06, 0x02, 0x48, 0x00, 0x81, 0x29, 0x1A, 0x04, 0x72, 0x00, - 0x1B, 0x81, 0x36, 0x81, 0x31, 0x00, 0x00, 0x1B, 0x81, 0x38, 0x81, 0x31, - 0x00, 0x00, 0x01, 0x0B, 0x81, 0x38, 0x01, 0x03, 0x81, 0x37, 0x01, 0x00, - 0x81, 0x37, 0x00, 0x01, 0x03, 0x00, 0x2F, 0x1A, 0x1B, 0x01, 0x10, 0x11, - 0x06, 0x08, 0x01, 0x04, 0x81, 0x38, 0x02, 0x00, 0x81, 0x38, 0x1B, 0x01, - 0x08, 0x11, 0x06, 0x08, 0x01, 0x03, 0x81, 0x38, 0x02, 0x00, 0x81, 0x38, - 0x1B, 0x01, 0x20, 0x11, 0x06, 0x08, 0x01, 0x05, 0x81, 0x38, 0x02, 0x00, - 0x81, 0x38, 0x1B, 0x01, 0x80, 0x40, 0x11, 0x06, 0x08, 0x01, 0x06, 0x81, - 0x38, 0x02, 0x00, 0x81, 0x38, 0x01, 0x04, 0x11, 0x06, 0x08, 0x01, 0x02, - 0x81, 0x38, 0x02, 0x00, 0x81, 0x38, 0x00, 0x00, 0x1B, 0x01, 0x08, 0x37, - 0x81, 0x38, 0x81, 0x38, 0x00, 0x00, 0x1B, 0x01, 0x10, 0x37, 0x81, 0x38, - 0x81, 0x36, 0x00, 0x00, 0x1B, 0x3A, 0x06, 0x02, 0x1A, 0x00, 0x81, 0x29, - 0x1A, 0x04, 0x75 + 0x44, 0x25, 0x00, 0x00, 0x82, 0x2E, 0x01, 0x0E, 0x0E, 0x06, 0x04, 0x01, + 0x00, 0x04, 0x02, 0x01, 0x05, 0x00, 0x00, 0x40, 0x06, 0x04, 0x01, 0x06, + 0x04, 0x02, 0x01, 0x00, 0x00, 0x00, 0x88, 0x2E, 0x26, 0x06, 0x08, 0x01, + 0x01, 0x09, 0x01, 0x11, 0x07, 0x04, 0x03, 0x25, 0x01, 0x05, 0x00, 0x01, + 0x41, 0x03, 0x00, 0x25, 0x01, 0x00, 0x43, 0x06, 0x03, 0x02, 0x00, 0x08, + 0x42, 0x06, 0x03, 0x02, 0x00, 0x08, 0x26, 0x06, 0x06, 0x01, 0x01, 0x0B, + 0x01, 0x06, 0x08, 0x00, 0x00, 0x8B, 0x3F, 0x26, 0x06, 0x03, 0x01, 0x09, + 0x08, 0x00, 0x01, 0x40, 0x26, 0x06, 0x1E, 0x01, 0x00, 0x03, 0x00, 0x26, + 0x06, 0x0E, 0x26, 0x01, 0x01, 0x17, 0x02, 0x00, 0x08, 0x03, 0x00, 0x01, + 0x01, 0x11, 0x04, 0x6F, 0x25, 0x02, 0x00, 0x01, 0x01, 0x0B, 0x01, 0x06, + 0x08, 0x00, 0x00, 0x7F, 0x2D, 0x44, 0x11, 0x01, 0x01, 0x17, 0x35, 0x00, + 0x00, 0x9F, 0xCE, 0x26, 0x01, 0x07, 0x17, 0x01, 0x00, 0x38, 0x0E, 0x06, + 0x09, 0x25, 0x01, 0x10, 0x17, 0x06, 0x01, 0x9F, 0x04, 0x35, 0x01, 0x01, + 0x38, 0x0E, 0x06, 0x2C, 0x25, 0x25, 0x01, 0x00, 0x77, 0x3E, 0xB3, 0x88, + 0x2E, 0x01, 0x01, 0x0E, 0x01, 0x01, 0xA8, 0x37, 0x06, 0x17, 0x29, 0x1A, + 0x36, 0x06, 0x04, 0xCE, 0x25, 0x04, 0x78, 0x01, 0x80, 0x64, 0xC5, 0x01, + 0x01, 0x77, 0x3E, 0x01, 0x17, 0x87, 0x3E, 0x04, 0x01, 0x9F, 0x04, 0x03, + 0x72, 0x28, 0x25, 0x04, 0xFF, 0x34, 0x01, 0x26, 0x03, 0x00, 0x09, 0x26, + 0x58, 0x06, 0x02, 0x68, 0x28, 0x02, 0x00, 0x00, 0x00, 0x9A, 0x01, 0x0F, + 0x17, 0x00, 0x00, 0x76, 0x2E, 0x01, 0x00, 0x38, 0x0E, 0x06, 0x10, 0x25, + 0x26, 0x01, 0x01, 0x0D, 0x06, 0x03, 0x25, 0x01, 0x02, 0x76, 0x3E, 0x01, + 0x00, 0x04, 0x21, 0x01, 0x01, 0x38, 0x0E, 0x06, 0x14, 0x25, 0x01, 0x00, + 0x76, 0x3E, 0x26, 0x01, 0x80, 0x64, 0x0E, 0x06, 0x05, 0x01, 0x82, 0x00, + 0x08, 0x28, 0x5A, 0x04, 0x07, 0x25, 0x01, 0x82, 0x00, 0x08, 0x28, 0x25, + 0x00, 0x00, 0x01, 0x00, 0x2F, 0x06, 0x05, 0x3A, 0xAC, 0x37, 0x04, 0x78, + 0x26, 0x06, 0x04, 0x01, 0x01, 0x8F, 0x3E, 0x00, 0x01, 0xBF, 0xAA, 0xBF, + 0xAA, 0xC1, 0x84, 0x44, 0x26, 0x03, 0x00, 0xB6, 0x9B, 0x9B, 0x02, 0x00, + 0x4D, 0x26, 0x58, 0x06, 0x0A, 0x01, 0x03, 0xA8, 0x06, 0x02, 0x72, 0x28, + 0x25, 0x04, 0x03, 0x5C, 0x8A, 0x3C, 0x00, 0x00, 0x2F, 0x06, 0x0B, 0x86, + 0x2E, 0x01, 0x14, 0x0D, 0x06, 0x02, 0x72, 0x28, 0x04, 0x11, 0xCE, 0x01, + 0x07, 0x17, 0x26, 0x01, 0x02, 0x0D, 0x06, 0x06, 0x06, 0x02, 0x72, 0x28, + 0x04, 0x70, 0x25, 0xC2, 0x01, 0x01, 0x0D, 0x33, 0x37, 0x06, 0x02, 0x61, + 0x28, 0x26, 0x01, 0x01, 0xC8, 0x36, 0xB2, 0x00, 0x01, 0xB8, 0x01, 0x0B, + 0x0E, 0x05, 0x02, 0x72, 0x28, 0x26, 0x01, 0x03, 0x0E, 0x06, 0x08, 0xC0, + 0x06, 0x02, 0x68, 0x28, 0x44, 0x25, 0x00, 0x44, 0x57, 0xC0, 0xAA, 0x26, + 0x06, 0x23, 0xC0, 0xAA, 0x26, 0x56, 0x26, 0x06, 0x18, 0x26, 0x01, 0x82, + 0x00, 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x26, 0x03, 0x00, + 0x84, 0x02, 0x00, 0xB6, 0x02, 0x00, 0x53, 0x04, 0x65, 0x9B, 0x54, 0x04, + 0x5A, 0x9B, 0x9B, 0x55, 0x26, 0x06, 0x02, 0x35, 0x00, 0x25, 0x2B, 0x00, + 0x00, 0x79, 0x2C, 0xA1, 0x01, 0x7F, 0xB0, 0x26, 0x58, 0x06, 0x02, 0x35, + 0x28, 0x26, 0x05, 0x02, 0x72, 0x28, 0x38, 0x17, 0x0D, 0x06, 0x02, 0x74, + 0x28, 0x3B, 0x00, 0x00, 0x9C, 0xB8, 0x01, 0x14, 0x0D, 0x06, 0x02, 0x72, + 0x28, 0x84, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0xB6, 0x9B, 0x84, 0x26, 0x01, + 0x0C, 0x08, 0x01, 0x0C, 0x30, 0x05, 0x02, 0x64, 0x28, 0x00, 0x00, 0xB9, + 0x06, 0x02, 0x72, 0x28, 0x06, 0x02, 0x66, 0x28, 0x00, 0x0A, 0xB8, 0x01, + 0x02, 0x0E, 0x05, 0x02, 0x72, 0x28, 0xBF, 0x03, 0x00, 0x02, 0x00, 0x95, + 0x2C, 0x0A, 0x02, 0x00, 0x94, 0x2C, 0x0F, 0x37, 0x06, 0x02, 0x73, 0x28, + 0x02, 0x00, 0x93, 0x2C, 0x0D, 0x06, 0x02, 0x6B, 0x28, 0x02, 0x00, 0x96, + 0x3C, 0x8C, 0x01, 0x20, 0xB6, 0x01, 0x00, 0x03, 0x01, 0xC1, 0x03, 0x02, + 0x02, 0x02, 0x01, 0x20, 0x0F, 0x06, 0x02, 0x70, 0x28, 0x84, 0x02, 0x02, + 0xB6, 0x02, 0x02, 0x8E, 0x2E, 0x0E, 0x02, 0x02, 0x01, 0x00, 0x0F, 0x17, + 0x06, 0x0B, 0x8D, 0x84, 0x02, 0x02, 0x30, 0x06, 0x04, 0x01, 0x7F, 0x03, + 0x01, 0x8D, 0x84, 0x02, 0x02, 0x31, 0x02, 0x02, 0x8E, 0x3E, 0x02, 0x00, + 0x92, 0x02, 0x01, 0x98, 0xBF, 0x26, 0xC3, 0x58, 0x06, 0x02, 0x62, 0x28, + 0x26, 0xCD, 0x02, 0x00, 0x01, 0x86, 0x03, 0x0A, 0x17, 0x06, 0x02, 0x62, + 0x28, 0x79, 0x02, 0x01, 0x98, 0xC1, 0x06, 0x02, 0x63, 0x28, 0x26, 0x06, + 0x81, 0x47, 0xBF, 0xAA, 0xA6, 0x03, 0x03, 0xA4, 0x03, 0x04, 0xA2, 0x03, + 0x05, 0xA5, 0x03, 0x06, 0xA7, 0x03, 0x07, 0xA3, 0x03, 0x08, 0x27, 0x03, + 0x09, 0x26, 0x06, 0x81, 0x18, 0xBF, 0x01, 0x00, 0x38, 0x0E, 0x06, 0x0F, + 0x25, 0x02, 0x03, 0x05, 0x02, 0x6C, 0x28, 0x01, 0x00, 0x03, 0x03, 0xBE, + 0x04, 0x80, 0x7F, 0x01, 0x01, 0x38, 0x0E, 0x06, 0x0F, 0x25, 0x02, 0x05, + 0x05, 0x02, 0x6C, 0x28, 0x01, 0x00, 0x03, 0x05, 0xBC, 0x04, 0x80, 0x6A, + 0x01, 0x83, 0xFE, 0x01, 0x38, 0x0E, 0x06, 0x0F, 0x25, 0x02, 0x04, 0x05, + 0x02, 0x6C, 0x28, 0x01, 0x00, 0x03, 0x04, 0xBD, 0x04, 0x80, 0x53, 0x01, + 0x0D, 0x38, 0x0E, 0x06, 0x0E, 0x25, 0x02, 0x06, 0x05, 0x02, 0x6C, 0x28, + 0x01, 0x00, 0x03, 0x06, 0xBA, 0x04, 0x3F, 0x01, 0x0A, 0x38, 0x0E, 0x06, + 0x0E, 0x25, 0x02, 0x07, 0x05, 0x02, 0x6C, 0x28, 0x01, 0x00, 0x03, 0x07, + 0xBA, 0x04, 0x2B, 0x01, 0x0B, 0x38, 0x0E, 0x06, 0x0E, 0x25, 0x02, 0x08, + 0x05, 0x02, 0x6C, 0x28, 0x01, 0x00, 0x03, 0x08, 0xBA, 0x04, 0x17, 0x01, + 0x10, 0x38, 0x0E, 0x06, 0x0E, 0x25, 0x02, 0x09, 0x05, 0x02, 0x6C, 0x28, + 0x01, 0x00, 0x03, 0x09, 0xAE, 0x04, 0x03, 0x6C, 0x28, 0x25, 0x04, 0xFE, + 0x64, 0x02, 0x04, 0x06, 0x0D, 0x02, 0x04, 0x01, 0x05, 0x0F, 0x06, 0x02, + 0x69, 0x28, 0x01, 0x01, 0x88, 0x3E, 0x9B, 0x04, 0x0C, 0xA4, 0x01, 0x05, + 0x0F, 0x06, 0x02, 0x69, 0x28, 0x01, 0x01, 0x88, 0x3E, 0x9B, 0x02, 0x01, + 0x00, 0x04, 0xB8, 0x01, 0x0C, 0x0E, 0x05, 0x02, 0x72, 0x28, 0xC1, 0x01, + 0x03, 0x0E, 0x05, 0x02, 0x6D, 0x28, 0xBF, 0x26, 0x7C, 0x3E, 0x26, 0x01, + 0x20, 0x10, 0x06, 0x02, 0x6D, 0x28, 0x40, 0x44, 0x11, 0x01, 0x01, 0x17, + 0x05, 0x02, 0x6D, 0x28, 0xC1, 0x26, 0x01, 0x81, 0x05, 0x0F, 0x06, 0x02, + 0x6D, 0x28, 0x26, 0x7E, 0x3E, 0x7D, 0x44, 0xB6, 0x92, 0x2C, 0x01, 0x86, + 0x03, 0x10, 0x03, 0x00, 0x79, 0x2C, 0xCB, 0x03, 0x01, 0x01, 0x02, 0x03, + 0x02, 0x02, 0x00, 0x06, 0x21, 0xC1, 0x26, 0x26, 0x01, 0x02, 0x0A, 0x44, + 0x01, 0x06, 0x0F, 0x37, 0x06, 0x02, 0x6D, 0x28, 0x03, 0x02, 0xC1, 0x02, + 0x01, 0x01, 0x01, 0x0B, 0x01, 0x03, 0x08, 0x0E, 0x05, 0x02, 0x6D, 0x28, + 0x04, 0x08, 0x02, 0x01, 0x06, 0x04, 0x01, 0x00, 0x03, 0x02, 0xBF, 0x26, + 0x03, 0x03, 0x26, 0x01, 0x84, 0x00, 0x0F, 0x06, 0x02, 0x6E, 0x28, 0x84, + 0x44, 0xB6, 0x02, 0x02, 0x02, 0x01, 0x02, 0x03, 0x50, 0x26, 0x06, 0x01, + 0x28, 0x25, 0x9B, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00, 0x97, + 0x02, 0x01, 0x02, 0x00, 0x39, 0x26, 0x01, 0x00, 0x0E, 0x06, 0x02, 0x60, + 0x00, 0xD0, 0x04, 0x74, 0x02, 0x01, 0x00, 0x03, 0x00, 0xC1, 0xAA, 0x26, + 0x06, 0x80, 0x43, 0xC1, 0x01, 0x01, 0x38, 0x0E, 0x06, 0x06, 0x25, 0x01, + 0x81, 0x7F, 0x04, 0x2E, 0x01, 0x80, 0x40, 0x38, 0x0E, 0x06, 0x07, 0x25, + 0x01, 0x83, 0xFE, 0x00, 0x04, 0x20, 0x01, 0x80, 0x41, 0x38, 0x0E, 0x06, + 0x07, 0x25, 0x01, 0x84, 0x80, 0x00, 0x04, 0x12, 0x01, 0x80, 0x42, 0x38, + 0x0E, 0x06, 0x07, 0x25, 0x01, 0x88, 0x80, 0x00, 0x04, 0x04, 0x01, 0x00, + 0x44, 0x25, 0x02, 0x00, 0x37, 0x03, 0x00, 0x04, 0xFF, 0x39, 0x9B, 0x79, + 0x2C, 0xC9, 0x05, 0x09, 0x02, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x17, 0x03, + 0x00, 0x92, 0x2C, 0x01, 0x86, 0x03, 0x10, 0x06, 0x3A, 0xBB, 0x26, 0x81, + 0x3D, 0x41, 0x25, 0x26, 0x01, 0x08, 0x0B, 0x37, 0x01, 0x8C, 0x80, 0x00, + 0x37, 0x17, 0x02, 0x00, 0x17, 0x02, 0x00, 0x01, 0x8C, 0x80, 0x00, 0x17, + 0x06, 0x19, 0x26, 0x01, 0x81, 0x7F, 0x17, 0x06, 0x05, 0x01, 0x84, 0x80, + 0x00, 0x37, 0x26, 0x01, 0x83, 0xFE, 0x00, 0x17, 0x06, 0x05, 0x01, 0x88, + 0x80, 0x00, 0x37, 0x03, 0x00, 0x04, 0x09, 0x02, 0x00, 0x01, 0x8C, 0x88, + 0x01, 0x17, 0x03, 0x00, 0x16, 0xBF, 0xAA, 0x26, 0x06, 0x23, 0xBF, 0xAA, + 0x26, 0x15, 0x26, 0x06, 0x18, 0x26, 0x01, 0x82, 0x00, 0x0F, 0x06, 0x05, + 0x01, 0x82, 0x00, 0x04, 0x01, 0x26, 0x03, 0x01, 0x84, 0x02, 0x01, 0xB6, + 0x02, 0x01, 0x12, 0x04, 0x65, 0x9B, 0x13, 0x04, 0x5A, 0x9B, 0x14, 0x9B, + 0x02, 0x00, 0x2A, 0x00, 0x00, 0xB9, 0x26, 0x5A, 0x06, 0x07, 0x25, 0x06, + 0x02, 0x66, 0x28, 0x04, 0x74, 0x00, 0x00, 0xC2, 0x01, 0x03, 0xC0, 0x44, + 0x25, 0x44, 0x00, 0x00, 0xBF, 0xC6, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, + 0xBF, 0xAA, 0x26, 0x06, 0x80, 0x50, 0xC1, 0x03, 0x01, 0xC1, 0x03, 0x02, + 0x02, 0x01, 0x01, 0x08, 0x0E, 0x06, 0x16, 0x02, 0x02, 0x01, 0x0F, 0x0C, + 0x06, 0x0D, 0x01, 0x01, 0x02, 0x02, 0x01, 0x10, 0x08, 0x0B, 0x02, 0x00, + 0x37, 0x03, 0x00, 0x04, 0x2A, 0x02, 0x01, 0x01, 0x02, 0x10, 0x02, 0x01, + 0x01, 0x06, 0x0C, 0x17, 0x02, 0x02, 0x01, 0x01, 0x0E, 0x02, 0x02, 0x01, + 0x03, 0x0E, 0x37, 0x17, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, + 0x5D, 0x01, 0x02, 0x0B, 0x02, 0x01, 0x08, 0x0B, 0x37, 0x03, 0x00, 0x04, + 0xFF, 0x2C, 0x9B, 0x02, 0x00, 0x00, 0x00, 0xBF, 0x01, 0x01, 0x0E, 0x05, + 0x02, 0x65, 0x28, 0xC1, 0x01, 0x08, 0x08, 0x82, 0x2E, 0x0E, 0x05, 0x02, + 0x65, 0x28, 0x00, 0x00, 0xBF, 0x88, 0x2E, 0x05, 0x15, 0x01, 0x01, 0x0E, + 0x05, 0x02, 0x69, 0x28, 0xC1, 0x01, 0x00, 0x0E, 0x05, 0x02, 0x69, 0x28, + 0x01, 0x02, 0x88, 0x3E, 0x04, 0x1C, 0x01, 0x19, 0x0E, 0x05, 0x02, 0x69, + 0x28, 0xC1, 0x01, 0x18, 0x0E, 0x05, 0x02, 0x69, 0x28, 0x84, 0x01, 0x18, + 0xB6, 0x89, 0x84, 0x01, 0x18, 0x30, 0x05, 0x02, 0x69, 0x28, 0x00, 0x00, + 0xBF, 0x06, 0x02, 0x6A, 0x28, 0x00, 0x00, 0x01, 0x02, 0x97, 0xC2, 0x01, + 0x08, 0x0B, 0xC2, 0x08, 0x00, 0x00, 0x01, 0x03, 0x97, 0xC2, 0x01, 0x08, + 0x0B, 0xC2, 0x08, 0x01, 0x08, 0x0B, 0xC2, 0x08, 0x00, 0x00, 0x01, 0x01, + 0x97, 0xC2, 0x00, 0x00, 0x3A, 0x26, 0x58, 0x05, 0x01, 0x00, 0x25, 0xD0, + 0x04, 0x76, 0x02, 0x03, 0x00, 0x91, 0x2E, 0x03, 0x01, 0x01, 0x00, 0x26, + 0x02, 0x01, 0x0A, 0x06, 0x10, 0x26, 0x01, 0x01, 0x0B, 0x90, 0x08, 0x2C, + 0x02, 0x00, 0x0E, 0x06, 0x01, 0x00, 0x5C, 0x04, 0x6A, 0x25, 0x01, 0x7F, + 0x00, 0x00, 0x01, 0x15, 0x87, 0x3E, 0x44, 0x52, 0x25, 0x52, 0x25, 0x29, + 0x00, 0x00, 0x01, 0x01, 0x44, 0xC4, 0x00, 0x00, 0x44, 0x38, 0x97, 0x44, + 0x26, 0x06, 0x05, 0xC2, 0x25, 0x5D, 0x04, 0x78, 0x25, 0x00, 0x00, 0x26, + 0x01, 0x81, 0xAC, 0x00, 0x0E, 0x06, 0x04, 0x25, 0x01, 0x7F, 0x00, 0x9A, + 0x59, 0x00, 0x02, 0x03, 0x00, 0x79, 0x2C, 0x9A, 0x03, 0x01, 0x02, 0x01, + 0x01, 0x0F, 0x17, 0x02, 0x01, 0x01, 0x04, 0x11, 0x01, 0x0F, 0x17, 0x02, + 0x01, 0x01, 0x08, 0x11, 0x01, 0x0F, 0x17, 0x01, 0x00, 0x38, 0x0E, 0x06, + 0x10, 0x25, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, + 0x01, 0x4A, 0x04, 0x81, 0x0D, 0x01, 0x01, 0x38, 0x0E, 0x06, 0x10, 0x25, + 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, + 0x04, 0x80, 0x77, 0x01, 0x02, 0x38, 0x0E, 0x06, 0x10, 0x25, 0x01, 0x01, + 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04, 0x80, + 0x61, 0x01, 0x03, 0x38, 0x0E, 0x06, 0x0F, 0x25, 0x25, 0x01, 0x10, 0x02, + 0x00, 0x06, 0x03, 0x47, 0x04, 0x01, 0x48, 0x04, 0x80, 0x4C, 0x01, 0x04, + 0x38, 0x0E, 0x06, 0x0E, 0x25, 0x25, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, + 0x47, 0x04, 0x01, 0x48, 0x04, 0x38, 0x01, 0x05, 0x38, 0x0E, 0x06, 0x0C, + 0x25, 0x25, 0x02, 0x00, 0x06, 0x03, 0x4B, 0x04, 0x01, 0x4C, 0x04, 0x26, + 0x26, 0x01, 0x09, 0x0F, 0x06, 0x02, 0x68, 0x28, 0x44, 0x25, 0x26, 0x01, + 0x01, 0x17, 0x01, 0x04, 0x0B, 0x01, 0x10, 0x08, 0x44, 0x01, 0x08, 0x17, + 0x01, 0x10, 0x44, 0x09, 0x02, 0x00, 0x06, 0x03, 0x45, 0x04, 0x01, 0x46, + 0x00, 0x25, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x11, 0x01, 0x02, 0x0F, 0x00, + 0x00, 0x9A, 0x01, 0x0C, 0x11, 0x26, 0x5B, 0x44, 0x01, 0x03, 0x0A, 0x17, + 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x11, 0x01, 0x01, 0x0E, 0x00, 0x00, 0x9A, + 0x01, 0x0C, 0x11, 0x5A, 0x00, 0x00, 0x9A, 0x01, 0x81, 0x70, 0x17, 0x01, + 0x20, 0x0D, 0x00, 0x00, 0x1B, 0x01, 0x00, 0x75, 0x2E, 0x26, 0x06, 0x22, + 0x01, 0x01, 0x38, 0x0E, 0x06, 0x06, 0x25, 0x01, 0x00, 0x9E, 0x04, 0x14, + 0x01, 0x02, 0x38, 0x0E, 0x06, 0x0D, 0x25, 0x77, 0x2E, 0x01, 0x01, 0x0E, + 0x06, 0x03, 0x01, 0x10, 0x37, 0x04, 0x01, 0x25, 0x04, 0x01, 0x25, 0x7B, + 0x2E, 0x05, 0x33, 0x2F, 0x06, 0x30, 0x86, 0x2E, 0x01, 0x14, 0x38, 0x0E, + 0x06, 0x06, 0x25, 0x01, 0x02, 0x37, 0x04, 0x22, 0x01, 0x15, 0x38, 0x0E, + 0x06, 0x09, 0x25, 0xAD, 0x06, 0x03, 0x01, 0x7F, 0x9E, 0x04, 0x13, 0x01, + 0x16, 0x38, 0x0E, 0x06, 0x06, 0x25, 0x01, 0x01, 0x37, 0x04, 0x07, 0x25, + 0x01, 0x04, 0x37, 0x01, 0x00, 0x25, 0x1A, 0x06, 0x03, 0x01, 0x08, 0x37, + 0x00, 0x00, 0x1B, 0x26, 0x05, 0x13, 0x2F, 0x06, 0x10, 0x86, 0x2E, 0x01, + 0x15, 0x0E, 0x06, 0x08, 0x25, 0xAD, 0x01, 0x00, 0x77, 0x3E, 0x04, 0x01, + 0x20, 0x00, 0x00, 0xCE, 0x01, 0x07, 0x17, 0x01, 0x01, 0x0F, 0x06, 0x02, + 0x72, 0x28, 0x00, 0x01, 0x03, 0x00, 0x29, 0x1A, 0x06, 0x05, 0x02, 0x00, + 0x87, 0x3E, 0x00, 0xCE, 0x25, 0x04, 0x74, 0x00, 0x01, 0x14, 0xD1, 0x01, + 0x01, 0xDE, 0x29, 0x26, 0x01, 0x00, 0xC8, 0x01, 0x16, 0xD1, 0xD7, 0x29, + 0x00, 0x00, 0x01, 0x0B, 0xDE, 0x4E, 0x26, 0x26, 0x01, 0x03, 0x08, 0xDD, + 0xDD, 0x18, 0x26, 0x58, 0x06, 0x02, 0x25, 0x00, 0xDD, 0x1D, 0x26, 0x06, + 0x05, 0x84, 0x44, 0xD8, 0x04, 0x77, 0x25, 0x04, 0x6C, 0x00, 0x21, 0x01, + 0x0F, 0xDE, 0x26, 0x92, 0x2C, 0x01, 0x86, 0x03, 0x10, 0x06, 0x0C, 0x01, + 0x04, 0x08, 0xDD, 0x80, 0x2E, 0xDE, 0x78, 0x2E, 0xDE, 0x04, 0x02, 0x5E, + 0xDD, 0x26, 0xDC, 0x84, 0x44, 0xD8, 0x00, 0x02, 0xA4, 0xA6, 0x08, 0xA2, + 0x08, 0xA5, 0x08, 0xA7, 0x08, 0xA3, 0x08, 0x27, 0x08, 0x03, 0x00, 0x01, + 0x01, 0xDE, 0x01, 0x27, 0x8E, 0x2E, 0x08, 0x91, 0x2E, 0x01, 0x01, 0x0B, + 0x08, 0x02, 0x00, 0x06, 0x04, 0x5E, 0x02, 0x00, 0x08, 0x83, 0x2C, 0x38, + 0x09, 0x26, 0x5B, 0x06, 0x24, 0x02, 0x00, 0x05, 0x04, 0x44, 0x5E, 0x44, + 0x5F, 0x01, 0x04, 0x09, 0x26, 0x58, 0x06, 0x03, 0x25, 0x01, 0x00, 0x26, + 0x01, 0x04, 0x08, 0x02, 0x00, 0x08, 0x03, 0x00, 0x44, 0x01, 0x04, 0x08, + 0x38, 0x08, 0x44, 0x04, 0x03, 0x25, 0x01, 0x7F, 0x03, 0x01, 0xDD, 0x94, + 0x2C, 0xDC, 0x7A, 0x01, 0x04, 0x19, 0x7A, 0x01, 0x04, 0x08, 0x01, 0x1C, + 0x32, 0x7A, 0x01, 0x20, 0xD8, 0x8D, 0x8E, 0x2E, 0xDA, 0x91, 0x2E, 0x26, + 0x01, 0x01, 0x0B, 0xDC, 0x90, 0x44, 0x26, 0x06, 0x0F, 0x5D, 0x38, 0x2C, + 0x26, 0xC7, 0x05, 0x02, 0x62, 0x28, 0xDC, 0x44, 0x5E, 0x44, 0x04, 0x6E, + 0x60, 0x01, 0x01, 0xDE, 0x01, 0x00, 0xDE, 0x02, 0x00, 0x06, 0x81, 0x5A, + 0x02, 0x00, 0xDC, 0xA4, 0x06, 0x0E, 0x01, 0x83, 0xFE, 0x01, 0xDC, 0x89, + 0xA4, 0x01, 0x04, 0x09, 0x26, 0xDC, 0x5D, 0xDA, 0xA6, 0x06, 0x16, 0x01, + 0x00, 0xDC, 0x8B, 0xA6, 0x01, 0x04, 0x09, 0x26, 0xDC, 0x01, 0x02, 0x09, + 0x26, 0xDC, 0x01, 0x00, 0xDE, 0x01, 0x03, 0x09, 0xD9, 0xA2, 0x06, 0x0C, + 0x01, 0x01, 0xDC, 0x01, 0x01, 0xDC, 0x82, 0x2E, 0x01, 0x08, 0x09, 0xDE, + 0xA5, 0x06, 0x19, 0x01, 0x0D, 0xDC, 0xA5, 0x01, 0x04, 0x09, 0x26, 0xDC, + 0x01, 0x02, 0x09, 0xDC, 0x42, 0x06, 0x03, 0x01, 0x03, 0xDB, 0x43, 0x06, + 0x03, 0x01, 0x01, 0xDB, 0xA7, 0x26, 0x06, 0x36, 0x01, 0x0A, 0xDC, 0x01, + 0x04, 0x09, 0x26, 0xDC, 0x5F, 0xDC, 0x40, 0x01, 0x00, 0x26, 0x01, 0x82, + 0x80, 0x80, 0x80, 0x00, 0x17, 0x06, 0x0A, 0x01, 0xFD, 0xFF, 0xFF, 0xFF, + 0x7F, 0x17, 0x01, 0x1D, 0xDC, 0x26, 0x01, 0x20, 0x0A, 0x06, 0x0C, 0xA0, + 0x11, 0x01, 0x01, 0x17, 0x06, 0x02, 0x26, 0xDC, 0x5C, 0x04, 0x6E, 0x60, + 0x04, 0x01, 0x25, 0xA3, 0x06, 0x0A, 0x01, 0x0B, 0xDC, 0x01, 0x02, 0xDC, + 0x01, 0x82, 0x00, 0xDC, 0x27, 0x26, 0x06, 0x1F, 0x01, 0x10, 0xDC, 0x01, + 0x04, 0x09, 0x26, 0xDC, 0x5F, 0xDC, 0x85, 0x2C, 0x01, 0x00, 0xA0, 0x0F, + 0x06, 0x0A, 0x26, 0x1E, 0x26, 0xDE, 0x84, 0x44, 0xD8, 0x5C, 0x04, 0x72, + 0x60, 0x04, 0x01, 0x25, 0x02, 0x01, 0x58, 0x05, 0x11, 0x01, 0x15, 0xDC, + 0x02, 0x01, 0x26, 0xDC, 0x26, 0x06, 0x06, 0x5D, 0x01, 0x00, 0xDE, 0x04, + 0x77, 0x25, 0x00, 0x00, 0x01, 0x10, 0xDE, 0x79, 0x2C, 0x26, 0xCC, 0x06, + 0x0C, 0xAB, 0x23, 0x26, 0x5E, 0xDD, 0x26, 0xDC, 0x84, 0x44, 0xD8, 0x04, + 0x0D, 0x26, 0xCA, 0x44, 0xAB, 0x22, 0x26, 0x5C, 0xDD, 0x26, 0xDE, 0x84, + 0x44, 0xD8, 0x00, 0x00, 0x9C, 0x01, 0x14, 0xDE, 0x01, 0x0C, 0xDD, 0x84, + 0x01, 0x0C, 0xD8, 0x00, 0x00, 0x51, 0x26, 0x01, 0x00, 0x0E, 0x06, 0x02, + 0x60, 0x00, 0xCE, 0x25, 0x04, 0x73, 0x00, 0x26, 0xDC, 0xD8, 0x00, 0x00, + 0x26, 0xDE, 0xD8, 0x00, 0x01, 0x03, 0x00, 0x41, 0x25, 0x26, 0x01, 0x10, + 0x17, 0x06, 0x06, 0x01, 0x04, 0xDE, 0x02, 0x00, 0xDE, 0x26, 0x01, 0x08, + 0x17, 0x06, 0x06, 0x01, 0x03, 0xDE, 0x02, 0x00, 0xDE, 0x26, 0x01, 0x20, + 0x17, 0x06, 0x06, 0x01, 0x05, 0xDE, 0x02, 0x00, 0xDE, 0x26, 0x01, 0x80, + 0x40, 0x17, 0x06, 0x06, 0x01, 0x06, 0xDE, 0x02, 0x00, 0xDE, 0x01, 0x04, + 0x17, 0x06, 0x06, 0x01, 0x02, 0xDE, 0x02, 0x00, 0xDE, 0x00, 0x00, 0x26, + 0x01, 0x08, 0x4F, 0xDE, 0xDE, 0x00, 0x00, 0x26, 0x01, 0x10, 0x4F, 0xDE, + 0xDC, 0x00, 0x00, 0x26, 0x52, 0x06, 0x02, 0x25, 0x00, 0xCE, 0x25, 0x04, + 0x76 }; static const uint16_t t0_caddr[] = { @@ -666,101 +768,115 @@ static const uint16_t t0_caddr[] = { 112, 116, 120, - 125, - 130, - 135, - 140, - 145, - 150, - 155, - 160, - 165, - 170, - 175, - 180, - 185, - 190, - 195, - 200, - 205, - 210, - 215, - 220, - 225, - 230, - 235, - 240, - 245, - 250, - 255, - 260, + 124, + 129, + 134, + 139, + 144, + 149, + 154, + 159, + 164, + 169, + 174, + 179, + 184, + 189, + 194, + 199, + 204, + 209, + 214, + 219, + 224, + 229, + 234, + 239, + 244, + 249, + 254, + 259, + 264, 269, - 282, - 286, - 311, - 317, - 337, - 348, - 385, - 488, - 492, - 557, - 572, - 583, - 601, - 630, - 640, - 676, - 749, - 763, - 769, - 816, - 836, - 889, - 958, - 991, - 1003, - 1328, - 1485, - 1510, - 1521, - 1536, - 1547, - 1553, - 1576, - 1636, + 274, + 279, + 284, + 289, + 294, + 303, + 316, + 320, + 345, + 351, + 370, + 381, + 422, + 542, + 546, + 611, + 626, + 637, + 655, + 684, + 694, + 730, + 740, + 818, + 832, + 838, + 897, + 916, + 951, + 1000, + 1076, + 1103, + 1134, + 1145, + 1497, 1644, - 1657, - 1676, - 1683, - 1695, - 1730, - 1742, - 1749, - 1765, - 1769, + 1668, + 1884, + 1898, 1907, - 1920, - 1929, - 1936, - 2040, - 2062, - 2076, - 2093, - 2116, - 2479, - 2526, - 2542, - 2557, - 2564, - 2571, - 2585, - 2661, - 2671, - 2681 + 1911, + 2006, + 2027, + 2083, + 2090, + 2101, + 2117, + 2123, + 2134, + 2169, + 2181, + 2187, + 2202, + 2218, + 2411, + 2420, + 2433, + 2442, + 2449, + 2459, + 2565, + 2590, + 2603, + 2619, + 2637, + 2669, + 2703, + 3071, + 3107, + 3120, + 3134, + 3139, + 3144, + 3210, + 3218, + 3226 }; -#define T0_INTERPRETED 64 +#define T0_INTERPRETED 88 #define T0_ENTER(ip, rp, slot) do { \ const unsigned char *t0_newip; \ @@ -781,7 +897,9 @@ name(void *ctx) \ T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \ } -T0_DEFENTRY(br_ssl_hs_client_init_main, 137) +T0_DEFENTRY(br_ssl_hs_client_init_main, 169) + +#define T0_NEXT(t0ipp) (*(*(t0ipp)) ++) void br_ssl_hs_client_run(void *t0ctx) @@ -830,15 +948,17 @@ br_ssl_hs_client_run(void *t0ctx) #define T0_CO() do { \ goto t0_exit; \ } while (0) -#define T0_RET() break +#define T0_RET() goto t0_next dp = ((t0_context *)t0ctx)->dp; rp = ((t0_context *)t0ctx)->rp; ip = ((t0_context *)t0ctx)->ip; + goto t0_next; for (;;) { uint32_t t0x; - t0x = t0_parse7E_unsigned(&ip); + t0_next: + t0x = T0_NEXT(&ip); if (t0x < T0_INTERPRETED) { switch (t0x) { int32_t t0off; @@ -924,6 +1044,15 @@ br_ssl_hs_client_run(void *t0ctx) } break; case 12: { + /* <= */ + + int32_t b = T0_POPi(); + int32_t a = T0_POPi(); + T0_PUSH(-(uint32_t)(a <= b)); + + } + break; + case 13: { /* <> */ uint32_t b = T0_POP(); @@ -932,7 +1061,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 13: { + case 14: { /* = */ uint32_t b = T0_POP(); @@ -941,7 +1070,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 14: { + case 15: { /* > */ int32_t b = T0_POPi(); @@ -950,7 +1079,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 15: { + case 16: { /* >= */ int32_t b = T0_POPi(); @@ -959,7 +1088,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 16: { + case 17: { /* >> */ int c = (int)T0_POPi(); @@ -968,7 +1097,63 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 17: { + case 18: { + /* anchor-dn-append-name */ + + size_t len; + + len = T0_POP(); + if (CTX->client_auth_vtable != NULL) { + (*CTX->client_auth_vtable)->append_name( + CTX->client_auth_vtable, ENG->pad, len); + } + + } + break; + case 19: { + /* anchor-dn-end-name */ + + if (CTX->client_auth_vtable != NULL) { + (*CTX->client_auth_vtable)->end_name( + CTX->client_auth_vtable); + } + + } + break; + case 20: { + /* anchor-dn-end-name-list */ + + if (CTX->client_auth_vtable != NULL) { + (*CTX->client_auth_vtable)->end_name_list( + CTX->client_auth_vtable); + } + + } + break; + case 21: { + /* anchor-dn-start-name */ + + size_t len; + + len = T0_POP(); + if (CTX->client_auth_vtable != NULL) { + (*CTX->client_auth_vtable)->start_name( + CTX->client_auth_vtable, len); + } + + } + break; + case 22: { + /* anchor-dn-start-name-list */ + + if (CTX->client_auth_vtable != NULL) { + (*CTX->client_auth_vtable)->start_name_list( + CTX->client_auth_vtable); + } + + } + break; + case 23: { /* and */ uint32_t b = T0_POP(); @@ -977,7 +1162,22 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 18: { + case 24: { + /* begin-cert */ + + if (ENG->chain_len == 0) { + T0_PUSHi(-1); + } else { + ENG->cert_cur = ENG->chain->data; + ENG->cert_len = ENG->chain->data_len; + ENG->chain ++; + ENG->chain_len --; + T0_PUSH(ENG->cert_len); + } + + } + break; + case 25: { /* bzero */ size_t len = (size_t)T0_POP(); @@ -986,42 +1186,69 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 19: { + case 26: { /* can-output? */ T0_PUSHi(-(ENG->hlen_out > 0)); } break; - case 20: { + case 27: { /* co */ T0_CO(); } break; - case 21: { + case 28: { /* compute-Finished-inner */ int prf_id = T0_POP(); int from_client = T0_POPi(); - unsigned char seed[48]; - size_t seed_len; + unsigned char tmp[48]; + br_tls_prf_seed_chunk seed; br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id); + seed.data = tmp; if (ENG->session.version >= BR_TLS12) { - seed_len = br_multihash_out(&ENG->mhash, prf_id, seed); + seed.len = br_multihash_out(&ENG->mhash, prf_id, tmp); } else { - br_multihash_out(&ENG->mhash, br_md5_ID, seed); - br_multihash_out(&ENG->mhash, br_sha1_ID, seed + 16); - seed_len = 36; + br_multihash_out(&ENG->mhash, br_md5_ID, tmp); + br_multihash_out(&ENG->mhash, br_sha1_ID, tmp + 16); + seed.len = 36; } prf(ENG->pad, 12, ENG->session.master_secret, sizeof ENG->session.master_secret, from_client ? "client finished" : "server finished", - seed, seed_len); + 1, &seed); } break; - case 22: { + case 29: { + /* copy-cert-chunk */ + + size_t clen; + + clen = ENG->cert_len; + if (clen > sizeof ENG->pad) { + clen = sizeof ENG->pad; + } + memcpy(ENG->pad, ENG->cert_cur, clen); + ENG->cert_cur += clen; + ENG->cert_len -= clen; + T0_PUSH(clen); + + } + break; + case 30: { + /* copy-protocol-name */ + + size_t idx = T0_POP(); + size_t len = strlen(ENG->protocol_names[idx]); + memcpy(ENG->pad, ENG->protocol_names[idx], len); + T0_PUSH(len); + + } + break; + case 31: { /* data-get8 */ size_t addr = T0_POP(); @@ -1029,14 +1256,28 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 23: { + case 32: { /* discard-input */ ENG->hlen_in = 0; } break; - case 24: { + case 33: { + /* do-client-sign */ + + size_t sig_len; + + sig_len = make_client_sign(CTX); + if (sig_len == 0) { + br_ssl_engine_fail(ENG, BR_ERR_INVALID_ALGORITHM); + T0_CO(); + } + T0_PUSH(sig_len); + + } + break; + case 34: { /* do-ecdh */ unsigned prf_id = T0_POP(); @@ -1053,7 +1294,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 25: { + case 35: { /* do-rsa-encrypt */ int x; @@ -1068,17 +1309,46 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 26: { + case 36: { + /* do-static-ecdh */ + + unsigned prf_id = T0_POP(); + + if (make_pms_static_ecdh(CTX, prf_id) < 0) { + br_ssl_engine_fail(ENG, BR_ERR_INVALID_ALGORITHM); + T0_CO(); + } + + } + break; + case 37: { /* drop */ (void)T0_POP(); } break; - case 27: { + case 38: { /* dup */ T0_PUSH(T0_PEEK(0)); } break; - case 28: { + case 39: { + /* ext-ALPN-length */ + + size_t u, len; + + if (ENG->protocol_names_num == 0) { + T0_PUSH(0); + T0_RET(); + } + len = 6; + for (u = 0; u < ENG->protocol_names_num; u ++) { + len += 1 + strlen(ENG->protocol_names[u]); + } + T0_PUSH(len); + + } + break; + case 40: { /* fail */ br_ssl_engine_fail(ENG, (int)T0_POPi()); @@ -1086,22 +1356,69 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 29: { + case 41: { /* flush-record */ br_ssl_engine_flush_record(ENG); } break; - case 30: { + case 42: { + /* get-client-chain */ + + uint32_t auth_types; + + auth_types = T0_POP(); + if (CTX->client_auth_vtable != NULL) { + br_ssl_client_certificate ux; + + (*CTX->client_auth_vtable)->choose(CTX->client_auth_vtable, + CTX, auth_types, &ux); + CTX->auth_type = (unsigned char)ux.auth_type; + CTX->hash_id = (unsigned char)ux.hash_id; + ENG->chain = ux.chain; + ENG->chain_len = ux.chain_len; + } else { + CTX->hash_id = 0; + ENG->chain_len = 0; + } + + } + break; + case 43: { + /* get-key-type-usages */ + + const br_x509_class *xc; + const br_x509_pkey *pk; + unsigned usages; + + xc = *(ENG->x509ctx); + pk = xc->get_pkey(ENG->x509ctx, &usages); + if (pk == NULL) { + T0_PUSH(0); + } else { + T0_PUSH(pk->key_type | usages); + } + + } + break; + case 44: { /* get16 */ size_t addr = (size_t)T0_POP(); - T0_PUSH(*(uint16_t *)((unsigned char *)ENG + addr)); + T0_PUSH(*(uint16_t *)(void *)((unsigned char *)ENG + addr)); } break; - case 31: { + case 45: { + /* get32 */ + + size_t addr = (size_t)T0_POP(); + T0_PUSH(*(uint32_t *)(void *)((unsigned char *)ENG + addr)); + + } + break; + case 46: { /* get8 */ size_t addr = (size_t)T0_POP(); @@ -1109,14 +1426,14 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 32: { + case 47: { /* has-input? */ T0_PUSHi(-(ENG->hlen_in != 0)); } break; - case 33: { + case 48: { /* memcmp */ size_t len = (size_t)T0_POP(); @@ -1127,7 +1444,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 34: { + case 49: { /* memcpy */ size_t len = (size_t)T0_POP(); @@ -1137,7 +1454,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 35: { + case 50: { /* mkrand */ size_t len = (size_t)T0_POP(); @@ -1146,21 +1463,29 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 36: { + case 51: { /* more-incoming-bytes? */ T0_PUSHi(ENG->hlen_in != 0 || !br_ssl_engine_recvrec_finished(ENG)); } break; - case 37: { + case 52: { /* multihash-init */ br_multihash_init(&ENG->mhash); } break; - case 38: { + case 53: { + /* neg */ + + uint32_t a = T0_POP(); + T0_PUSH(-a); + + } + break; + case 54: { /* not */ uint32_t a = T0_POP(); @@ -1168,7 +1493,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 39: { + case 55: { /* or */ uint32_t b = T0_POP(); @@ -1177,12 +1502,12 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 40: { + case 56: { /* over */ T0_PUSH(T0_PEEK(1)); } break; - case 41: { + case 57: { /* read-chunk-native */ size_t clen = ENG->hlen_in; @@ -1206,7 +1531,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 42: { + case 58: { /* read8-native */ if (ENG->hlen_in > 0) { @@ -1224,15 +1549,36 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 43: { + case 59: { + /* set-server-curve */ + + const br_x509_class *xc; + const br_x509_pkey *pk; + + xc = *(ENG->x509ctx); + pk = xc->get_pkey(ENG->x509ctx, NULL); + CTX->server_curve = + (pk->key_type == BR_KEYTYPE_EC) ? pk->key.ec.curve : 0; + + } + break; + case 60: { /* set16 */ size_t addr = (size_t)T0_POP(); - *(uint16_t *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP(); + *(uint16_t *)(void *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP(); } break; - case 44: { + case 61: { + /* set32 */ + + size_t addr = (size_t)T0_POP(); + *(uint32_t *)(void *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP(); + + } + break; + case 62: { /* set8 */ size_t addr = (size_t)T0_POP(); @@ -1240,7 +1586,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 45: { + case 63: { /* strlen */ void *str = (unsigned char *)ENG + (size_t)T0_POP(); @@ -1248,7 +1594,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 46: { + case 64: { /* supported-curves */ uint32_t x = ENG->iec == NULL ? 0 : ENG->iec->supported_curves; @@ -1256,7 +1602,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 47: { + case 65: { /* supported-hash-functions */ int i; @@ -1275,26 +1621,56 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 48: { + case 66: { /* supports-ecdsa? */ - T0_PUSHi(-(CTX->iecdsa != 0)); + T0_PUSHi(-(ENG->iecdsa != 0)); } break; - case 49: { + case 67: { /* supports-rsa-sign? */ - T0_PUSHi(-(CTX->irsavrfy != 0)); + T0_PUSHi(-(ENG->irsavrfy != 0)); } break; - case 50: { + case 68: { /* swap */ T0_SWAP(); } break; - case 51: { + case 69: { + /* switch-aesccm-in */ + + int is_client, prf_id; + unsigned cipher_key_len, tag_len; + + tag_len = T0_POP(); + cipher_key_len = T0_POP(); + prf_id = T0_POP(); + is_client = T0_POP(); + br_ssl_engine_switch_ccm_in(ENG, is_client, prf_id, + ENG->iaes_ctrcbc, cipher_key_len, tag_len); + + } + break; + case 70: { + /* switch-aesccm-out */ + + int is_client, prf_id; + unsigned cipher_key_len, tag_len; + + tag_len = T0_POP(); + cipher_key_len = T0_POP(); + prf_id = T0_POP(); + is_client = T0_POP(); + br_ssl_engine_switch_ccm_out(ENG, is_client, prf_id, + ENG->iaes_ctrcbc, cipher_key_len, tag_len); + + } + break; + case 71: { /* switch-aesgcm-in */ int is_client, prf_id; @@ -1308,7 +1684,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 52: { + case 72: { /* switch-aesgcm-out */ int is_client, prf_id; @@ -1322,7 +1698,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 53: { + case 73: { /* switch-cbc-in */ int is_client, prf_id, mac_id, aes; @@ -1338,7 +1714,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 54: { + case 74: { /* switch-cbc-out */ int is_client, prf_id, mac_id, aes; @@ -1354,7 +1730,62 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 55: { + case 75: { + /* switch-chapol-in */ + + int is_client, prf_id; + + prf_id = T0_POP(); + is_client = T0_POP(); + br_ssl_engine_switch_chapol_in(ENG, is_client, prf_id); + + } + break; + case 76: { + /* switch-chapol-out */ + + int is_client, prf_id; + + prf_id = T0_POP(); + is_client = T0_POP(); + br_ssl_engine_switch_chapol_out(ENG, is_client, prf_id); + + } + break; + case 77: { + /* test-protocol-name */ + + size_t len = T0_POP(); + size_t u; + + for (u = 0; u < ENG->protocol_names_num; u ++) { + const char *name; + + name = ENG->protocol_names[u]; + if (len == strlen(name) && memcmp(ENG->pad, name, len) == 0) { + T0_PUSH(u); + T0_RET(); + } + } + T0_PUSHi(-1); + + } + break; + case 78: { + /* total-chain-length */ + + size_t u; + uint32_t total; + + total = 0; + for (u = 0; u < ENG->chain_len; u ++) { + total += 3 + (uint32_t)ENG->chain[u].data_len; + } + T0_PUSH(total); + + } + break; + case 79: { /* u>> */ int c = (int)T0_POPi(); @@ -1363,7 +1794,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 56: { + case 80: { /* verify-SKE-sig */ size_t sig_len = T0_POP(); @@ -1374,7 +1805,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 57: { + case 81: { /* write-blob-chunk */ size_t clen = ENG->hlen_out; @@ -1398,7 +1829,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 58: { + case 82: { /* write8-native */ unsigned char x; @@ -1417,7 +1848,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 59: { + case 83: { /* x509-append */ const br_x509_class *xc; @@ -1429,7 +1860,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 60: { + case 84: { /* x509-end-cert */ const br_x509_class *xc; @@ -1439,7 +1870,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 61: { + case 85: { /* x509-end-chain */ const br_x509_class *xc; @@ -1449,7 +1880,7 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 62: { + case 86: { /* x509-start-cert */ const br_x509_class *xc; @@ -1459,13 +1890,15 @@ br_ssl_hs_client_run(void *t0ctx) } break; - case 63: { + case 87: { /* x509-start-chain */ const br_x509_class *xc; + uint32_t bc; + bc = T0_POP(); xc = *(ENG->x509ctx); - xc->start_chain(ENG->x509ctx, T0_POP(), ENG->server_name); + xc->start_chain(ENG->x509ctx, bc ? ENG->server_name : NULL); } break;