1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 /* static const unsigned char t0_datablock[]; */
64 void br_ssl_hs_server_init_main(void *t0ctx
);
66 void br_ssl_hs_server_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_server_context *)ENG)
95 * Decrypt the pre-master secret (RSA key exchange).
98 do_rsa_decrypt(br_ssl_server_context
*ctx
, int prf_id
,
99 unsigned char *epms
, size_t len
)
102 unsigned char rpms
[48];
107 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
, epms
, &len
);
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
116 br_enc16be(epms
, ctx
->client_max_version
);
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
123 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, sizeof rpms
);
124 br_ccopy(x
^ 1, epms
, rpms
, sizeof rpms
);
127 * Compute master secret.
129 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, epms
, 48);
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
135 memset(epms
, 0, len
);
139 * Common part for ECDH and ECDHE.
142 ecdh_common(br_ssl_server_context
*ctx
, int prf_id
,
143 unsigned char *xcoor
, size_t xcoor_len
, uint32_t ctl
)
145 unsigned char rpms
[80];
147 if (xcoor_len
> sizeof rpms
) {
148 xcoor_len
= sizeof rpms
;
153 * Make a random PMS and copy it above the decrypted value if the
154 * decryption failed. Note that we use a constant-time conditional
157 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, xcoor_len
);
158 br_ccopy(ctl
^ 1, xcoor
, rpms
, xcoor_len
);
161 * Compute master secret.
163 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, xcoor
, xcoor_len
);
166 * Clear the pre-master secret from RAM: it is normally a buffer
167 * in the context, hence potentially long-lived.
169 memset(xcoor
, 0, xcoor_len
);
173 * Do the ECDH key exchange (not ECDHE).
176 do_ecdh(br_ssl_server_context
*ctx
, int prf_id
,
177 unsigned char *cpoint
, size_t cpoint_len
)
182 * Finalise the key exchange.
184 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
,
185 cpoint
, &cpoint_len
);
186 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
190 * Do the full static ECDH key exchange. When this function is called,
191 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
192 * and the client's public key (from its certificate) has type EC and is
193 * apt for key exchange.
196 do_static_ecdh(br_ssl_server_context
*ctx
, int prf_id
)
198 unsigned char cpoint
[133];
200 const br_x509_class
**xc
;
201 const br_x509_pkey
*pk
;
203 xc
= ctx
->eng
.x509ctx
;
204 pk
= (*xc
)->get_pkey(xc
, NULL
);
205 cpoint_len
= pk
->key
.ec
.qlen
;
206 if (cpoint_len
> sizeof cpoint
) {
208 * If the point is larger than our buffer then we need to
209 * restrict it. Length 2 is not a valid point length, so
210 * the ECDH will fail.
214 memcpy(cpoint
, pk
->key
.ec
.q
, cpoint_len
);
215 do_ecdh(ctx
, prf_id
, cpoint
, cpoint_len
);
219 hash_data(br_ssl_server_context
*ctx
,
220 void *dst
, int hash_id
, const void *src
, size_t len
)
222 const br_hash_class
*hf
;
223 br_hash_compat_context hc
;
226 unsigned char tmp
[36];
228 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, br_md5_ID
);
232 hf
->init(&hc
.vtable
);
233 hf
->update(&hc
.vtable
, src
, len
);
234 hf
->out(&hc
.vtable
, tmp
);
235 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, br_sha1_ID
);
239 hf
->init(&hc
.vtable
);
240 hf
->update(&hc
.vtable
, src
, len
);
241 hf
->out(&hc
.vtable
, tmp
+ 16);
242 memcpy(dst
, tmp
, 36);
245 hf
= br_multihash_getimpl(&ctx
->eng
.mhash
, hash_id
);
249 hf
->init(&hc
.vtable
);
250 hf
->update(&hc
.vtable
, src
, len
);
251 hf
->out(&hc
.vtable
, dst
);
252 return (hf
->desc
>> BR_HASHDESC_OUT_OFF
) & BR_HASHDESC_OUT_MASK
;
257 * Do the ECDHE key exchange (part 1: generation of transient key, and
258 * computing of the point to send to the client). Returned value is the
259 * signature length (in bytes), or -x on error (with x being an error
260 * code). The encoded point is written in the ecdhe_point[] context buffer
261 * (length in ecdhe_point_len).
264 do_ecdhe_part1(br_ssl_server_context
*ctx
, int curve
)
268 const unsigned char *order
;
270 size_t hv_len
, sig_len
;
272 if (!((ctx
->eng
.iec
->supported_curves
>> curve
) & 1)) {
273 return -BR_ERR_INVALID_ALGORITHM
;
275 ctx
->eng
.ecdhe_curve
= curve
;
278 * Generate our private key. We need a non-zero random value
279 * which is lower than the curve order, in a "large enough"
280 * range. We force the top bit to 0 and bottom bit to 1, which
281 * does the trick. Note that contrary to what happens in ECDSA,
282 * this is not a problem if we do not cover the full range of
285 order
= ctx
->eng
.iec
->order(curve
, &olen
);
287 while (mask
>= order
[0]) {
290 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->ecdhe_key
, olen
);
291 ctx
->ecdhe_key
[0] &= mask
;
292 ctx
->ecdhe_key
[olen
- 1] |= 0x01;
293 ctx
->ecdhe_key_len
= olen
;
296 * Compute our ECDH point.
298 glen
= ctx
->eng
.iec
->mulgen(ctx
->eng
.ecdhe_point
,
299 ctx
->ecdhe_key
, olen
, curve
);
300 ctx
->eng
.ecdhe_point_len
= glen
;
303 * Assemble the message to be signed, and possibly hash it.
305 memcpy(ctx
->eng
.pad
, ctx
->eng
.client_random
, 32);
306 memcpy(ctx
->eng
.pad
+ 32, ctx
->eng
.server_random
, 32);
307 ctx
->eng
.pad
[64 + 0] = 0x03;
308 ctx
->eng
.pad
[64 + 1] = 0x00;
309 ctx
->eng
.pad
[64 + 2] = curve
;
310 ctx
->eng
.pad
[64 + 3] = ctx
->eng
.ecdhe_point_len
;
311 memcpy(ctx
->eng
.pad
+ 64 + 4,
312 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
313 hv_len
= 64 + 4 + ctx
->eng
.ecdhe_point_len
;
314 algo_id
= ctx
->sign_hash_id
;
315 if (algo_id
>= (unsigned)0xFF00) {
316 hv_len
= hash_data(ctx
, ctx
->eng
.pad
, algo_id
& 0xFF,
317 ctx
->eng
.pad
, hv_len
);
319 return -BR_ERR_INVALID_ALGORITHM
;
323 sig_len
= (*ctx
->policy_vtable
)->do_sign(ctx
->policy_vtable
,
324 algo_id
, ctx
->eng
.pad
, hv_len
, sizeof ctx
->eng
.pad
);
325 return sig_len
? (int)sig_len
: -BR_ERR_INVALID_ALGORITHM
;
329 * Do the ECDHE key exchange (part 2: computation of the shared secret
330 * from the point sent by the client).
333 do_ecdhe_part2(br_ssl_server_context
*ctx
, int prf_id
,
334 unsigned char *cpoint
, size_t cpoint_len
)
340 curve
= ctx
->eng
.ecdhe_curve
;
343 * Finalise the key exchange.
345 ctl
= ctx
->eng
.iec
->mul(cpoint
, cpoint_len
,
346 ctx
->ecdhe_key
, ctx
->ecdhe_key_len
, curve
);
347 xoff
= ctx
->eng
.iec
->xoff(curve
, &xlen
);
348 ecdh_common(ctx
, prf_id
, cpoint
+ xoff
, xlen
, ctl
);
351 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
352 * as that key does not get stolen, so we'd better destroy it
353 * as soon as it ceases to be useful.
355 memset(ctx
->ecdhe_key
, 0, ctx
->ecdhe_key_len
);
359 * Offset for hash value within the pad (when obtaining all hash values,
360 * in preparation for verification of the CertificateVerify message).
361 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
362 * is used to get the total length.
364 static const unsigned char HASH_PAD_OFF
[] = { 0, 16, 36, 64, 96, 144, 208 };
367 * OID for hash functions in RSA signatures.
369 static const unsigned char HASH_OID_SHA1
[] = {
370 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
373 static const unsigned char HASH_OID_SHA224
[] = {
374 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
377 static const unsigned char HASH_OID_SHA256
[] = {
378 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
381 static const unsigned char HASH_OID_SHA384
[] = {
382 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
385 static const unsigned char HASH_OID_SHA512
[] = {
386 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
389 static const unsigned char *HASH_OID
[] = {
398 * Verify the signature in CertificateVerify. Returned value is 0 on
399 * success, or a non-zero error code. Lack of implementation of the
400 * designated signature algorithm is reported as a "bad signature"
401 * error (because it means that the peer did not honour our advertised
402 * set of supported signature algorithms).
405 verify_CV_sig(br_ssl_server_context
*ctx
, size_t sig_len
)
407 const br_x509_class
**xc
;
408 const br_x509_pkey
*pk
;
411 id
= ctx
->hash_CV_id
;
412 xc
= ctx
->eng
.x509ctx
;
413 pk
= (*xc
)->get_pkey(xc
, NULL
);
414 if (pk
->key_type
== BR_KEYTYPE_RSA
) {
415 unsigned char tmp
[64];
416 const unsigned char *hash_oid
;
421 hash_oid
= HASH_OID
[id
- 2];
423 if (ctx
->eng
.irsavrfy
== 0) {
424 return BR_ERR_BAD_SIGNATURE
;
426 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
427 hash_oid
, ctx
->hash_CV_len
, &pk
->key
.rsa
, tmp
)
428 || memcmp(tmp
, ctx
->hash_CV
, ctx
->hash_CV_len
) != 0)
430 return BR_ERR_BAD_SIGNATURE
;
433 if (ctx
->eng
.iecdsa
== 0) {
434 return BR_ERR_BAD_SIGNATURE
;
436 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
,
437 ctx
->hash_CV
, ctx
->hash_CV_len
,
438 &pk
->key
.ec
, ctx
->eng
.pad
, sig_len
))
440 return BR_ERR_BAD_SIGNATURE
;
448 static const unsigned char t0_datablock
[] = {
449 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
450 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
451 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
452 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
453 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
454 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
455 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
456 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
457 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
458 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
459 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
460 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
461 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
464 static const unsigned char t0_codeblock
[] = {
465 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
466 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
467 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
468 0x01, 0x02, 0x09, 0x00, 0x00, 0x29, 0x29, 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_BAD_SIGNATURE
), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_BAD_VERSION
), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_NO_CLIENT_AUTH
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
480 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
483 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
484 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
485 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
487 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
489 T0_INT2(offsetof(br_ssl_server_context
, client_max_version
)), 0x00,
490 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, client_random
)),
492 T0_INT2(offsetof(br_ssl_server_context
, client_suites
)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(br_ssl_server_context
, client_suites_num
)),
495 T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_server_context
, curves
)), 0x00, 0x00,
497 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00,
498 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)),
499 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)),
500 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context
, hashes
)),
501 0x00, 0x00, 0x79, 0x01,
502 T0_INT2(BR_MAX_CIPHER_SUITES
* sizeof(br_suite_translated
)), 0x00,
503 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
504 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00,
506 T0_INT2(offsetof(br_ssl_engine_context
, peer_log_max_frag_len
)), 0x00,
508 T0_INT2(offsetof(br_ssl_engine_context
, protocol_names_num
)), 0x00,
509 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)),
511 T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)), 0x00, 0x00,
512 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)), 0x00, 0x00,
513 0x01, T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00,
515 T0_INT2(offsetof(br_ssl_engine_context
, selected_protocol
)), 0x00,
516 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)),
518 T0_INT2(offsetof(br_ssl_engine_context
, server_random
)), 0x00, 0x00,
520 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
522 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
524 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
525 0x01, T0_INT2(offsetof(br_ssl_server_context
, sign_hash_id
)), 0x00,
526 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00,
527 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00,
529 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
530 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
532 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
533 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
534 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
535 0x00, 0x00, 0x09, 0x2A, 0x5B, 0x06, 0x02, 0x68, 0x2B, 0x00, 0x00, 0x01,
536 0x01, 0x00, 0x01, 0x03, 0x00, 0x99, 0x2A, 0x61, 0x47, 0x9D, 0x2A, 0x05,
537 0x04, 0x63, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x9D, 0x00,
538 0x61, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x68, 0x2B, 0x00, 0x00, 0x2A, 0x89,
539 0x47, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x47, 0x76, 0x2E, 0xA6, 0x1C, 0x83,
540 0x01, 0x0C, 0x33, 0x00, 0x00, 0x2A, 0x22, 0x01, 0x08, 0x0C, 0x47, 0x5F,
541 0x22, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01, 0x00, 0x75, 0x42, 0x2C, 0x19,
542 0x38, 0x06, 0x07, 0x02, 0x00, 0xCD, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00,
543 0xC5, 0x02, 0x00, 0x2A, 0x19, 0x13, 0x06, 0x02, 0x6F, 0x2B, 0xCD, 0x04,
544 0x76, 0x00, 0x01, 0x00, 0x75, 0x42, 0x01, 0x16, 0x87, 0x42, 0x01, 0x00,
545 0x8A, 0x40, 0x36, 0xAF, 0x35, 0x06, 0x02, 0x71, 0x2B, 0x06, 0x0A, 0xD4,
546 0x01, 0x00, 0xD0, 0x01, 0x00, 0xAB, 0x04, 0x80, 0x46, 0xD4, 0xD1, 0x29,
547 0xD6, 0x4E, 0x06, 0x01, 0xD2, 0xD5, 0x2C, 0x4E, 0x06, 0x31, 0x01, 0x00,
548 0xAC, 0x2A, 0x5B, 0x06, 0x0F, 0x01, 0x02, 0xA2, 0x05, 0x02, 0x37, 0x2B,
549 0x29, 0xB0, 0xAE, 0x2A, 0xC6, 0x29, 0x04, 0x19, 0x2A, 0x5D, 0x06, 0x0B,
550 0x29, 0x01, 0x02, 0xA2, 0x05, 0x02, 0x6E, 0x2B, 0xB0, 0x04, 0x0A, 0xB2,
551 0x2A, 0x05, 0x04, 0x29, 0xA9, 0x04, 0x02, 0xB1, 0xAD, 0x04, 0x01, 0xB0,
552 0x01, 0x00, 0xAB, 0x01, 0x00, 0xD0, 0x3E, 0x01, 0x01, 0x75, 0x42, 0x01,
553 0x17, 0x87, 0x42, 0x00, 0x00, 0x3A, 0x3A, 0x00, 0x01, 0x03, 0x00, 0x2C,
554 0x19, 0x38, 0x06, 0x04, 0xCC, 0x29, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00,
555 0xC4, 0x19, 0x38, 0x06, 0x04, 0xCC, 0x29, 0x04, 0x78, 0x02, 0x00, 0x01,
556 0x84, 0x00, 0x08, 0x2B, 0x00, 0x00, 0x7F, 0x2F, 0x47, 0x12, 0x01, 0x01,
557 0x13, 0x37, 0x00, 0x00, 0x2A, 0x05, 0x04, 0x29, 0x01, 0x7F, 0x00, 0x01,
558 0x00, 0xA0, 0x12, 0x01, 0x01, 0x13, 0x5D, 0x06, 0x03, 0x5F, 0x04, 0x75,
559 0x47, 0x29, 0x00, 0x00, 0x01, 0x7F, 0x9F, 0xCC, 0x2A, 0x01, 0x07, 0x13,
560 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x09, 0x29, 0x01, 0x10, 0x13, 0x06, 0x01,
561 0xC3, 0x04, 0x2A, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x21, 0x29, 0x29, 0x88,
562 0x30, 0x01, 0x01, 0x0F, 0x01, 0x01, 0xA2, 0x39, 0x06, 0x0F, 0x2C, 0x19,
563 0x38, 0x06, 0x04, 0xCC, 0x29, 0x04, 0x78, 0x01, 0x80, 0x64, 0xC5, 0x04,
564 0x03, 0x01, 0x00, 0x9F, 0x04, 0x03, 0x71, 0x2B, 0x29, 0x04, 0x40, 0x01,
565 0x2A, 0x03, 0x00, 0x09, 0x2A, 0x5B, 0x06, 0x02, 0x68, 0x2B, 0x02, 0x00,
566 0x00, 0x00, 0x9A, 0x01, 0x0F, 0x13, 0x00, 0x00, 0x74, 0x30, 0x01, 0x00,
567 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x2A, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x29,
568 0x01, 0x02, 0x74, 0x42, 0x01, 0x00, 0x04, 0x21, 0x01, 0x01, 0x3A, 0x0F,
569 0x06, 0x14, 0x29, 0x01, 0x00, 0x74, 0x42, 0x2A, 0x01, 0x80, 0x64, 0x0F,
570 0x06, 0x05, 0x01, 0x82, 0x00, 0x08, 0x2B, 0x5D, 0x04, 0x07, 0x29, 0x01,
571 0x82, 0x00, 0x08, 0x2B, 0x29, 0x00, 0x00, 0x01, 0x00, 0x31, 0x06, 0x05,
572 0x3D, 0xA7, 0x39, 0x04, 0x78, 0x2A, 0x06, 0x04, 0x01, 0x01, 0x8F, 0x42,
573 0x00, 0x00, 0x01, 0x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x72, 0x2B,
574 0x76, 0x2E, 0x2A, 0xC8, 0x05, 0x02, 0x71, 0x2B, 0xA6, 0x28, 0x00, 0x02,
575 0x85, 0x2E, 0x05, 0x02, 0xBA, 0x00, 0xBE, 0xA5, 0xBE, 0xA5, 0x01, 0x7E,
576 0x03, 0x00, 0x2A, 0x06, 0x17, 0xC0, 0x2A, 0x03, 0x01, 0x83, 0x47, 0xB4,
577 0x02, 0x01, 0x4F, 0x2A, 0x02, 0x00, 0x51, 0x06, 0x04, 0x03, 0x00, 0x04,
578 0x01, 0x29, 0x04, 0x66, 0x9B, 0x9B, 0x02, 0x00, 0x5F, 0x8A, 0x40, 0x00,
579 0x00, 0x31, 0x06, 0x0B, 0x86, 0x30, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x71,
580 0x2B, 0x04, 0x11, 0xCC, 0x01, 0x07, 0x13, 0x2A, 0x01, 0x02, 0x0E, 0x06,
581 0x06, 0x06, 0x02, 0x71, 0x2B, 0x04, 0x70, 0x29, 0xC1, 0x01, 0x01, 0x0E,
582 0x35, 0x39, 0x06, 0x02, 0x64, 0x2B, 0x2A, 0x01, 0x01, 0xC7, 0x38, 0xB3,
583 0x00, 0x01, 0xB8, 0x01, 0x0B, 0x0F, 0x05, 0x02, 0x71, 0x2B, 0x2A, 0x01,
584 0x03, 0x0F, 0x06, 0x08, 0xBF, 0x06, 0x02, 0x68, 0x2B, 0x47, 0x29, 0x00,
585 0x47, 0x5A, 0xBF, 0xA5, 0x2A, 0x06, 0x23, 0xBF, 0xA5, 0x2A, 0x59, 0x2A,
586 0x06, 0x18, 0x2A, 0x01, 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00,
587 0x04, 0x01, 0x2A, 0x03, 0x00, 0x83, 0x02, 0x00, 0xB4, 0x02, 0x00, 0x56,
588 0x04, 0x65, 0x9B, 0x57, 0x04, 0x5A, 0x9B, 0x9B, 0x58, 0x2A, 0x06, 0x02,
589 0x37, 0x00, 0x29, 0x2D, 0x00, 0x02, 0x2A, 0x01, 0x20, 0x13, 0x05, 0x02,
590 0x72, 0x2B, 0x01, 0x0F, 0x13, 0x03, 0x00, 0xAE, 0x93, 0x2E, 0x01, 0x86,
591 0x03, 0x11, 0x06, 0x23, 0xBE, 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x5F, 0x01,
592 0x01, 0x12, 0x02, 0x00, 0x0F, 0x05, 0x02, 0x6A, 0x2B, 0x01, 0x08, 0x12,
593 0x2A, 0x01, 0x02, 0x0B, 0x3A, 0x01, 0x06, 0x10, 0x39, 0x06, 0x02, 0x6C,
594 0x2B, 0x04, 0x0D, 0x02, 0x00, 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00,
595 0x04, 0x02, 0x01, 0x02, 0x20, 0x05, 0x02, 0x6C, 0x2B, 0xBE, 0x2A, 0x03,
596 0x01, 0x2A, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02, 0x6D, 0x2B, 0x83, 0x47,
597 0xB4, 0x02, 0x01, 0x53, 0x2A, 0x06, 0x01, 0x2B, 0x29, 0x9B, 0x00, 0x00,
598 0x1D, 0xB8, 0x01, 0x0F, 0x0F, 0x05, 0x02, 0x71, 0x2B, 0x00, 0x0A, 0xB8,
599 0x01, 0x01, 0x0F, 0x05, 0x02, 0x71, 0x2B, 0xBE, 0x2A, 0x03, 0x00, 0x77,
600 0x40, 0x78, 0x01, 0x20, 0xB4, 0xC0, 0x2A, 0x01, 0x20, 0x10, 0x06, 0x02,
601 0x70, 0x2B, 0x2A, 0x8E, 0x42, 0x8D, 0x47, 0xB4, 0x1A, 0x03, 0x01, 0xBE,
602 0xA5, 0x01, 0x00, 0x03, 0x02, 0x01, 0x00, 0x03, 0x03, 0x81, 0xA0, 0x17,
603 0x3A, 0x08, 0x03, 0x04, 0x03, 0x05, 0x2A, 0x06, 0x80, 0x6D, 0xBE, 0x2A,
604 0x03, 0x06, 0x02, 0x01, 0x06, 0x0A, 0x2A, 0x76, 0x2E, 0x0F, 0x06, 0x04,
605 0x01, 0x7F, 0x03, 0x03, 0x2A, 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x88,
606 0x30, 0x06, 0x02, 0x69, 0x2B, 0x01, 0x7F, 0x03, 0x02, 0x2A, 0x01, 0x81,
607 0xAC, 0x00, 0x0F, 0x06, 0x11, 0x02, 0x00, 0x96, 0x2E, 0x11, 0x02, 0x00,
608 0x95, 0x2E, 0x0B, 0x13, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0xC2, 0x2A,
609 0x5B, 0x06, 0x03, 0x29, 0x04, 0x26, 0x01, 0x00, 0xA2, 0x06, 0x0B, 0x01,
610 0x02, 0x0C, 0x79, 0x08, 0x02, 0x06, 0x47, 0x40, 0x04, 0x16, 0x29, 0x02,
611 0x05, 0x02, 0x04, 0x11, 0x06, 0x02, 0x67, 0x2B, 0x02, 0x06, 0x02, 0x05,
612 0x40, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x29,
613 0x01, 0x00, 0x03, 0x07, 0xC0, 0xA5, 0x2A, 0x06, 0x09, 0xC0, 0x05, 0x04,
614 0x01, 0x7F, 0x03, 0x07, 0x04, 0x74, 0x9B, 0x01, 0x00, 0x8B, 0x42, 0x01,
615 0x88, 0x04, 0x80, 0x41, 0x01, 0x84, 0x80, 0x80, 0x00, 0x7C, 0x41, 0x2A,
616 0x06, 0x80, 0x4E, 0xBE, 0xA5, 0x2A, 0x06, 0x80, 0x47, 0xBE, 0x01, 0x00,
617 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xB7, 0x04, 0x39, 0x01, 0x01, 0x3A, 0x0F,
618 0x06, 0x04, 0x29, 0xB5, 0x04, 0x2F, 0x01, 0x83, 0xFE, 0x01, 0x3A, 0x0F,
619 0x06, 0x04, 0x29, 0xB6, 0x04, 0x23, 0x01, 0x0D, 0x3A, 0x0F, 0x06, 0x04,
620 0x29, 0xBC, 0x04, 0x19, 0x01, 0x0A, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBD,
621 0x04, 0x0F, 0x01, 0x10, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xAA, 0x04, 0x05,
622 0x29, 0xBA, 0x01, 0x00, 0x29, 0x04, 0xFF, 0x35, 0x9B, 0x9B, 0x02, 0x01,
623 0x02, 0x03, 0x13, 0x03, 0x01, 0x02, 0x00, 0x5B, 0x06, 0x08, 0x77, 0x2E,
624 0x97, 0x40, 0x01, 0x80, 0x56, 0xA1, 0x95, 0x2E, 0x2A, 0x02, 0x00, 0x10,
625 0x06, 0x03, 0x29, 0x02, 0x00, 0x2A, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02,
626 0x6B, 0x2B, 0x02, 0x00, 0x96, 0x2E, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46,
627 0xA1, 0x02, 0x01, 0x06, 0x10, 0x93, 0x2E, 0x02, 0x00, 0x0D, 0x06, 0x05,
628 0x29, 0x93, 0x2E, 0x04, 0x04, 0x01, 0x00, 0x03, 0x01, 0x2A, 0x93, 0x40,
629 0x2A, 0x94, 0x40, 0x2A, 0x97, 0x40, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08,
630 0x02, 0x02, 0x06, 0x04, 0x01, 0x02, 0x88, 0x42, 0x02, 0x07, 0x05, 0x03,
631 0x01, 0x28, 0xA1, 0x44, 0x29, 0x01, 0x82, 0x01, 0x07, 0x01, 0xFC, 0x80,
632 0x00, 0x39, 0x80, 0x2F, 0x13, 0x2A, 0x80, 0x41, 0x2A, 0x01, 0x81, 0x7F,
633 0x13, 0x5C, 0x37, 0x47, 0x01, 0x08, 0x12, 0x5C, 0x01, 0x02, 0x13, 0x39,
634 0x01, 0x0C, 0x0C, 0x03, 0x09, 0x7C, 0x2F, 0x43, 0x13, 0x2A, 0x7C, 0x41,
635 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02, 0x01, 0x06, 0x03, 0x01, 0x7F,
636 0x00, 0x8D, 0x01, 0x20, 0x34, 0x01, 0x20, 0x8E, 0x42, 0x79, 0x2A, 0x03,
637 0x05, 0x2A, 0x02, 0x04, 0x0B, 0x06, 0x80, 0x49, 0x2A, 0x2E, 0x2A, 0x9A,
638 0x2A, 0x01, 0x0C, 0x12, 0x2A, 0x01, 0x01, 0x0F, 0x47, 0x01, 0x02, 0x0F,
639 0x39, 0x06, 0x0A, 0x2A, 0x02, 0x09, 0x13, 0x05, 0x04, 0x63, 0x01, 0x00,
640 0x2A, 0x02, 0x08, 0x05, 0x0E, 0x2A, 0x01, 0x81, 0x70, 0x13, 0x01, 0x20,
641 0x0E, 0x06, 0x04, 0x63, 0x01, 0x00, 0x2A, 0x2A, 0x06, 0x10, 0x02, 0x05,
642 0x61, 0x40, 0x02, 0x05, 0x40, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05,
643 0x04, 0x01, 0x63, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x30, 0x29, 0x02, 0x05,
644 0x79, 0x09, 0x01, 0x02, 0x12, 0x2A, 0x05, 0x03, 0x01, 0x28, 0xA1, 0x7A,
645 0x42, 0x8A, 0x2E, 0x01, 0x83, 0xFF, 0x7F, 0x0F, 0x06, 0x0D, 0x01, 0x03,
646 0xA2, 0x06, 0x04, 0x01, 0x80, 0x78, 0xA1, 0x01, 0x00, 0x8A, 0x40, 0x18,
647 0x05, 0x03, 0x01, 0x28, 0xA1, 0x01, 0x00, 0x00, 0x00, 0xB2, 0xB1, 0x00,
648 0x04, 0x76, 0x2E, 0xCB, 0x06, 0x16, 0xBE, 0x2A, 0x01, 0x84, 0x00, 0x10,
649 0x06, 0x02, 0x6D, 0x2B, 0x2A, 0x03, 0x00, 0x83, 0x47, 0xB4, 0x02, 0x00,
650 0x76, 0x2E, 0xA6, 0x27, 0x76, 0x2E, 0x2A, 0xC9, 0x47, 0xC8, 0x03, 0x01,
651 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x39, 0x06, 0x14, 0xC0, 0x2A, 0x03,
652 0x03, 0x83, 0x47, 0xB4, 0x02, 0x03, 0x76, 0x2E, 0xA6, 0x02, 0x02, 0x06,
653 0x03, 0x26, 0x04, 0x01, 0x24, 0x9B, 0x00, 0x00, 0xB8, 0x01, 0x10, 0x0F,
654 0x05, 0x02, 0x71, 0x2B, 0x00, 0x00, 0x9C, 0xB8, 0x01, 0x14, 0x0E, 0x06,
655 0x02, 0x71, 0x2B, 0x83, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0xB4, 0x9B, 0x83,
656 0x2A, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x32, 0x05, 0x02, 0x65, 0x2B, 0x00,
657 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00, 0x98, 0x02, 0x01, 0x02, 0x00,
658 0x3C, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x63, 0x00, 0xCE, 0x04, 0x74,
659 0x00, 0xBE, 0x01, 0x01, 0x0E, 0x06, 0x02, 0x66, 0x2B, 0xC0, 0x2A, 0x2A,
660 0x5D, 0x47, 0x01, 0x05, 0x11, 0x39, 0x06, 0x02, 0x66, 0x2B, 0x01, 0x08,
661 0x08, 0x2A, 0x82, 0x30, 0x0B, 0x06, 0x0D, 0x2A, 0x01, 0x01, 0x47, 0x0C,
662 0x3F, 0x2A, 0x82, 0x42, 0x84, 0x42, 0x04, 0x01, 0x29, 0x00, 0x00, 0xBE,
663 0x88, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x13, 0x29, 0x01, 0x01, 0x0F,
664 0x05, 0x02, 0x69, 0x2B, 0xC0, 0x06, 0x02, 0x69, 0x2B, 0x01, 0x02, 0x88,
665 0x42, 0x04, 0x28, 0x01, 0x02, 0x3A, 0x0F, 0x06, 0x1F, 0x29, 0x01, 0x0D,
666 0x0F, 0x05, 0x02, 0x69, 0x2B, 0xC0, 0x01, 0x0C, 0x0F, 0x05, 0x02, 0x69,
667 0x2B, 0x83, 0x01, 0x0C, 0xB4, 0x89, 0x83, 0x01, 0x0C, 0x32, 0x05, 0x02,
668 0x69, 0x2B, 0x04, 0x03, 0x69, 0x2B, 0x29, 0x00, 0x00, 0xBE, 0xA5, 0xBE,
669 0xA5, 0x2A, 0x06, 0x1D, 0xC0, 0x06, 0x03, 0xBA, 0x04, 0x15, 0xBE, 0x2A,
670 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x2A, 0x8B, 0x08, 0x01, 0x00, 0x47,
671 0x42, 0x8B, 0x47, 0xB4, 0x04, 0x01, 0xC6, 0x04, 0x60, 0x9B, 0x9B, 0x00,
672 0x00, 0xB9, 0x2A, 0x5D, 0x06, 0x07, 0x29, 0x06, 0x02, 0x67, 0x2B, 0x04,
673 0x74, 0x00, 0x00, 0xC1, 0x01, 0x03, 0xBF, 0x47, 0x29, 0x47, 0x00, 0x00,
674 0xBE, 0xC6, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, 0xBE, 0xA5, 0x2A, 0x06,
675 0x80, 0x50, 0xC0, 0x03, 0x01, 0xC0, 0x03, 0x02, 0x02, 0x01, 0x01, 0x08,
676 0x0F, 0x06, 0x16, 0x02, 0x02, 0x01, 0x0F, 0x0D, 0x06, 0x0D, 0x01, 0x01,
677 0x02, 0x02, 0x01, 0x10, 0x08, 0x0C, 0x02, 0x00, 0x39, 0x03, 0x00, 0x04,
678 0x2A, 0x02, 0x01, 0x01, 0x02, 0x11, 0x02, 0x01, 0x01, 0x06, 0x0D, 0x13,
679 0x02, 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02, 0x01, 0x03, 0x0F, 0x39, 0x13,
680 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x60, 0x01, 0x02, 0x0C,
681 0x02, 0x01, 0x08, 0x0C, 0x39, 0x03, 0x00, 0x04, 0xFF, 0x2C, 0x9B, 0x02,
682 0x00, 0x00, 0x00, 0xBE, 0xA5, 0xBB, 0x80, 0x41, 0x9B, 0x00, 0x00, 0xBE,
683 0xA5, 0xBE, 0xA5, 0x01, 0x00, 0x7C, 0x41, 0x2A, 0x06, 0x15, 0xBE, 0x2A,
684 0x01, 0x20, 0x0B, 0x06, 0x0B, 0x01, 0x01, 0x47, 0x0C, 0x7C, 0x2F, 0x39,
685 0x7C, 0x41, 0x04, 0x01, 0x29, 0x04, 0x68, 0x9B, 0x9B, 0x00, 0x00, 0x01,
686 0x02, 0x98, 0xC1, 0x01, 0x08, 0x0C, 0xC1, 0x08, 0x00, 0x00, 0x01, 0x03,
687 0x98, 0xC1, 0x01, 0x08, 0x0C, 0xC1, 0x08, 0x01, 0x08, 0x0C, 0xC1, 0x08,
688 0x00, 0x00, 0x01, 0x01, 0x98, 0xC1, 0x00, 0x00, 0x3D, 0x2A, 0x5B, 0x05,
689 0x01, 0x00, 0x29, 0xCE, 0x04, 0x76, 0x02, 0x03, 0x00, 0x92, 0x30, 0x03,
690 0x01, 0x01, 0x00, 0x2A, 0x02, 0x01, 0x0B, 0x06, 0x10, 0x2A, 0x01, 0x01,
691 0x0C, 0x91, 0x08, 0x2E, 0x02, 0x00, 0x0F, 0x06, 0x01, 0x00, 0x5F, 0x04,
692 0x6A, 0x29, 0x01, 0x7F, 0x00, 0x00, 0x2C, 0x19, 0x38, 0x06, 0x04, 0xCC,
693 0x29, 0x04, 0x78, 0x01, 0x16, 0x87, 0x42, 0x01, 0x00, 0xDF, 0x01, 0x00,
694 0xDE, 0x2C, 0x01, 0x17, 0x87, 0x42, 0x00, 0x00, 0x01, 0x15, 0x87, 0x42,
695 0x47, 0x55, 0x29, 0x55, 0x29, 0x2C, 0x00, 0x00, 0x01, 0x01, 0x47, 0xC4,
696 0x00, 0x00, 0x47, 0x3A, 0x98, 0x47, 0x2A, 0x06, 0x05, 0xC1, 0x29, 0x60,
697 0x04, 0x78, 0x29, 0x00, 0x02, 0x03, 0x00, 0x76, 0x2E, 0x9A, 0x03, 0x01,
698 0x02, 0x01, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x04, 0x12, 0x01, 0x0F,
699 0x13, 0x02, 0x01, 0x01, 0x08, 0x12, 0x01, 0x0F, 0x13, 0x01, 0x00, 0x3A,
700 0x0F, 0x06, 0x10, 0x29, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03,
701 0x4A, 0x04, 0x01, 0x4B, 0x04, 0x80, 0x68, 0x01, 0x01, 0x3A, 0x0F, 0x06,
702 0x10, 0x29, 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x4A, 0x04,
703 0x01, 0x4B, 0x04, 0x80, 0x52, 0x01, 0x02, 0x3A, 0x0F, 0x06, 0x0F, 0x29,
704 0x01, 0x01, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x4A, 0x04, 0x01, 0x4B,
705 0x04, 0x3D, 0x01, 0x03, 0x3A, 0x0F, 0x06, 0x0E, 0x29, 0x29, 0x01, 0x10,
706 0x02, 0x00, 0x06, 0x03, 0x48, 0x04, 0x01, 0x49, 0x04, 0x29, 0x01, 0x04,
707 0x3A, 0x0F, 0x06, 0x0E, 0x29, 0x29, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03,
708 0x48, 0x04, 0x01, 0x49, 0x04, 0x15, 0x01, 0x05, 0x3A, 0x0F, 0x06, 0x0C,
709 0x29, 0x29, 0x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x03,
710 0x68, 0x2B, 0x29, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x01, 0x02, 0x10,
711 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x2A, 0x5E, 0x47, 0x01, 0x03, 0x0B,
712 0x13, 0x00, 0x00, 0x9A, 0x01, 0x0C, 0x12, 0x01, 0x01, 0x0F, 0x00, 0x00,
713 0x9A, 0x01, 0x0C, 0x12, 0x5D, 0x00, 0x00, 0x1B, 0x01, 0x00, 0x73, 0x30,
714 0x2A, 0x06, 0x1F, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x06, 0x29, 0x01, 0x00,
715 0x9E, 0x04, 0x11, 0x01, 0x02, 0x3A, 0x0F, 0x06, 0x0A, 0x29, 0x75, 0x30,
716 0x06, 0x03, 0x01, 0x10, 0x39, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x7B,
717 0x30, 0x05, 0x33, 0x31, 0x06, 0x30, 0x86, 0x30, 0x01, 0x14, 0x3A, 0x0F,
718 0x06, 0x06, 0x29, 0x01, 0x02, 0x39, 0x04, 0x22, 0x01, 0x15, 0x3A, 0x0F,
719 0x06, 0x09, 0x29, 0xA8, 0x06, 0x03, 0x01, 0x7F, 0x9E, 0x04, 0x13, 0x01,
720 0x16, 0x3A, 0x0F, 0x06, 0x06, 0x29, 0x01, 0x01, 0x39, 0x04, 0x07, 0x29,
721 0x01, 0x04, 0x39, 0x01, 0x00, 0x29, 0x19, 0x06, 0x03, 0x01, 0x08, 0x39,
722 0x00, 0x00, 0x1B, 0x2A, 0x05, 0x0F, 0x31, 0x06, 0x0C, 0x86, 0x30, 0x01,
723 0x15, 0x0F, 0x06, 0x04, 0x29, 0xA8, 0x04, 0x01, 0x23, 0x00, 0x00, 0xCC,
724 0x01, 0x07, 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x71, 0x2B, 0x00, 0x01,
725 0x03, 0x00, 0x2C, 0x19, 0x06, 0x05, 0x02, 0x00, 0x87, 0x42, 0x00, 0xCC,
726 0x29, 0x04, 0x74, 0x00, 0x01, 0x14, 0xCF, 0x01, 0x01, 0xDF, 0x2C, 0x2A,
727 0x01, 0x00, 0xC7, 0x01, 0x16, 0xCF, 0xD3, 0x2C, 0x00, 0x00, 0x01, 0x0B,
728 0xDF, 0x50, 0x2A, 0x2A, 0x01, 0x03, 0x08, 0xDE, 0xDE, 0x14, 0x2A, 0x5B,
729 0x06, 0x02, 0x29, 0x00, 0xDE, 0x1E, 0x2A, 0x06, 0x05, 0x83, 0x47, 0xD7,
730 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xD9, 0x93, 0x2E, 0x01,
731 0x86, 0x03, 0x11, 0x06, 0x05, 0x61, 0x01, 0x00, 0xDA, 0x08, 0x4E, 0x08,
732 0x01, 0x03, 0x08, 0x01, 0x0D, 0xDF, 0xDE, 0x01, 0x00, 0xD9, 0xDF, 0x01,
733 0x01, 0xD9, 0x29, 0x93, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06, 0x08, 0x01,
734 0x00, 0xDA, 0xDD, 0x01, 0x01, 0xDA, 0x29, 0x4E, 0xDD, 0x16, 0x15, 0x2A,
735 0x5B, 0x06, 0x02, 0x29, 0x00, 0xDD, 0x1F, 0x2A, 0x06, 0x05, 0x83, 0x47,
736 0xD7, 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x9C, 0x01, 0x14, 0xDF, 0x01,
737 0x0C, 0xDE, 0x83, 0x01, 0x0C, 0xD7, 0x00, 0x04, 0x03, 0x00, 0x01, 0x02,
738 0xDF, 0x01, 0x80, 0x46, 0x88, 0x30, 0x01, 0x02, 0x0F, 0x06, 0x0C, 0x02,
739 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02, 0x01,
740 0x00, 0x03, 0x01, 0x84, 0x30, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01,
741 0x00, 0x03, 0x02, 0x8A, 0x2E, 0x2A, 0x06, 0x05, 0x60, 0x21, 0x01, 0x07,
742 0x08, 0x03, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08, 0x2A,
743 0x06, 0x03, 0x01, 0x02, 0x08, 0x08, 0xDE, 0x93, 0x2E, 0xDD, 0x8C, 0x01,
744 0x04, 0x17, 0x8C, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x34, 0x8C, 0x01, 0x20,
745 0xD7, 0x01, 0x20, 0xDF, 0x8D, 0x01, 0x20, 0xD7, 0x76, 0x2E, 0xDD, 0x01,
746 0x00, 0xDF, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08, 0x2A, 0x06,
747 0x80, 0x40, 0xDD, 0x02, 0x01, 0x2A, 0x06, 0x10, 0x01, 0x83, 0xFE, 0x01,
748 0xDD, 0x01, 0x04, 0x09, 0x2A, 0xDD, 0x60, 0x89, 0x47, 0xD8, 0x04, 0x01,
749 0x29, 0x02, 0x02, 0x06, 0x0C, 0x01, 0x01, 0xDD, 0x01, 0x01, 0xDD, 0x84,
750 0x30, 0x01, 0x08, 0x09, 0xDF, 0x02, 0x03, 0x2A, 0x06, 0x11, 0x01, 0x10,
751 0xDD, 0x01, 0x04, 0x09, 0x2A, 0xDD, 0x62, 0x2A, 0xDD, 0x60, 0x83, 0x47,
752 0xD8, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x00, 0x00, 0x01, 0x0E, 0xDF,
753 0x01, 0x00, 0xDE, 0x00, 0x03, 0x76, 0x2E, 0xC9, 0x05, 0x01, 0x00, 0x7C,
754 0x2F, 0x2A, 0x01, 0x82, 0x80, 0x80, 0x80, 0x00, 0x13, 0x06, 0x05, 0x29,
755 0x01, 0x1D, 0x04, 0x0E, 0x2A, 0x01, 0x83, 0xC0, 0x80, 0x80, 0x00, 0x13,
756 0x2A, 0x06, 0x01, 0x47, 0x29, 0xA3, 0x03, 0x00, 0x02, 0x00, 0x25, 0x2A,
757 0x5B, 0x06, 0x02, 0x37, 0x2B, 0x03, 0x01, 0x93, 0x2E, 0x01, 0x86, 0x03,
758 0x11, 0x03, 0x02, 0x01, 0x0C, 0xDF, 0x02, 0x01, 0x7E, 0x30, 0x08, 0x02,
759 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0xDE, 0x01, 0x03, 0xDF,
760 0x02, 0x00, 0xDD, 0x7D, 0x7E, 0x30, 0xD8, 0x02, 0x02, 0x06, 0x1C, 0x90,
761 0x2E, 0x2A, 0x01, 0x83, 0xFE, 0x00, 0x0B, 0x06, 0x03, 0xDD, 0x04, 0x0F,
762 0x01, 0x81, 0x7F, 0x13, 0xDF, 0x76, 0x2E, 0xCA, 0x01, 0x01, 0x0C, 0x01,
763 0x03, 0x08, 0xDF, 0x02, 0x01, 0xDD, 0x83, 0x02, 0x01, 0xD7, 0x00, 0x00,
764 0x54, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x63, 0x00, 0xCC, 0x29, 0x04,
765 0x73, 0x00, 0x2A, 0xDF, 0xD7, 0x00, 0x00, 0x01, 0x00, 0x76, 0x2E, 0xC8,
766 0x06, 0x0C, 0x61, 0x3A, 0x06, 0x08, 0x01, 0x80, 0x41, 0xDF, 0x01, 0x80,
767 0x42, 0xDF, 0x46, 0x06, 0x07, 0x5F, 0x3A, 0x06, 0x03, 0x01, 0x01, 0xDF,
768 0x45, 0x06, 0x08, 0x5F, 0x3A, 0x06, 0x04, 0x01, 0x80, 0x40, 0xDF, 0x47,
769 0x29, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00, 0x46, 0x45, 0x39, 0x05, 0x14,
770 0x01, 0x01, 0x01, 0x80, 0x7C, 0xDB, 0x03, 0x00, 0x01, 0x03, 0x01, 0x80,
771 0x7C, 0xDB, 0x02, 0x00, 0x08, 0x47, 0x29, 0x00, 0x46, 0x06, 0x07, 0x01,
772 0x01, 0x44, 0x29, 0xDB, 0x03, 0x00, 0x45, 0x06, 0x0A, 0x01, 0x03, 0x44,
773 0x29, 0xDB, 0x02, 0x00, 0x08, 0x03, 0x00, 0x29, 0x02, 0x00, 0x00, 0x00,
774 0x01, 0x00, 0x01, 0x04, 0xDC, 0x01, 0x05, 0xDC, 0x01, 0x06, 0xDC, 0x01,
775 0x03, 0xDC, 0x01, 0x02, 0xDC, 0x0A, 0x63, 0x00, 0x01, 0x03, 0x00, 0x3A,
776 0x01, 0x01, 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x61, 0x01, 0x03,
777 0x3B, 0x06, 0x07, 0x02, 0x00, 0xDF, 0x01, 0x02, 0x3B, 0xDF, 0x00, 0x00,
778 0x2A, 0x01, 0x08, 0x52, 0xDF, 0xDF, 0x00, 0x00, 0x2A, 0x01, 0x10, 0x52,
779 0xDF, 0xDD, 0x00, 0x00, 0x2A, 0x55, 0x06, 0x02, 0x29, 0x00, 0xCC, 0x29,
783 static const uint16_t t0_caddr
[] = {
919 #define T0_INTERPRETED 91
921 #define T0_ENTER(ip, rp, slot) do { \
922 const unsigned char *t0_newip; \
924 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
925 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
927 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
931 #define T0_DEFENTRY(name, slot) \
935 t0_context *t0ctx = ctx; \
936 t0ctx->ip = &t0_codeblock[0]; \
937 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
940 T0_DEFENTRY(br_ssl_hs_server_init_main
, 164)
942 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
945 br_ssl_hs_server_run(void *t0ctx
)
948 const unsigned char *ip
;
950 #define T0_LOCAL(x) (*(rp - 2 - (x)))
951 #define T0_POP() (*-- dp)
952 #define T0_POPi() (*(int32_t *)(-- dp))
953 #define T0_PEEK(x) (*(dp - 1 - (x)))
954 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
955 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
956 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
957 #define T0_RPOP() (*-- rp)
958 #define T0_RPOPi() (*(int32_t *)(-- rp))
959 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
960 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
961 #define T0_ROLL(x) do { \
962 size_t t0len = (size_t)(x); \
963 uint32_t t0tmp = *(dp - 1 - t0len); \
964 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
967 #define T0_SWAP() do { \
968 uint32_t t0tmp = *(dp - 2); \
969 *(dp - 2) = *(dp - 1); \
972 #define T0_ROT() do { \
973 uint32_t t0tmp = *(dp - 3); \
974 *(dp - 3) = *(dp - 2); \
975 *(dp - 2) = *(dp - 1); \
978 #define T0_NROT() do { \
979 uint32_t t0tmp = *(dp - 1); \
980 *(dp - 1) = *(dp - 2); \
981 *(dp - 2) = *(dp - 3); \
984 #define T0_PICK(x) do { \
985 uint32_t t0depth = (x); \
986 T0_PUSH(T0_PEEK(t0depth)); \
988 #define T0_CO() do { \
991 #define T0_RET() goto t0_next
993 dp
= ((t0_context
*)t0ctx
)->dp
;
994 rp
= ((t0_context
*)t0ctx
)->rp
;
995 ip
= ((t0_context
*)t0ctx
)->ip
;
1002 if (t0x
< T0_INTERPRETED
) {
1014 ip
= &t0_codeblock
[t0x
];
1016 case 1: /* literal constant */
1017 T0_PUSHi(t0_parse7E_signed(&ip
));
1019 case 2: /* read local */
1020 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
1022 case 3: /* write local */
1023 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
1026 t0off
= t0_parse7E_signed(&ip
);
1029 case 5: /* jump if */
1030 t0off
= t0_parse7E_signed(&ip
);
1035 case 6: /* jump if not */
1036 t0off
= t0_parse7E_signed(&ip
);
1044 uint32_t b
= T0_POP();
1045 uint32_t a
= T0_POP();
1053 uint32_t b
= T0_POP();
1054 uint32_t a
= T0_POP();
1062 uint32_t b
= T0_POP();
1063 uint32_t a
= T0_POP();
1076 int32_t b
= T0_POPi();
1077 int32_t a
= T0_POPi();
1078 T0_PUSH(-(uint32_t)(a
< b
));
1085 int c
= (int)T0_POPi();
1086 uint32_t x
= T0_POP();
1094 int32_t b
= T0_POPi();
1095 int32_t a
= T0_POPi();
1096 T0_PUSH(-(uint32_t)(a
<= b
));
1103 uint32_t b
= T0_POP();
1104 uint32_t a
= T0_POP();
1105 T0_PUSH(-(uint32_t)(a
!= b
));
1112 uint32_t b
= T0_POP();
1113 uint32_t a
= T0_POP();
1114 T0_PUSH(-(uint32_t)(a
== b
));
1121 int32_t b
= T0_POPi();
1122 int32_t a
= T0_POPi();
1123 T0_PUSH(-(uint32_t)(a
> b
));
1130 int32_t b
= T0_POPi();
1131 int32_t a
= T0_POPi();
1132 T0_PUSH(-(uint32_t)(a
>= b
));
1139 int c
= (int)T0_POPi();
1140 int32_t x
= T0_POPi();
1148 uint32_t b
= T0_POP();
1149 uint32_t a
= T0_POP();
1157 if (ENG
->chain_len
== 0) {
1160 ENG
->cert_cur
= ENG
->chain
->data
;
1161 ENG
->cert_len
= ENG
->chain
->data_len
;
1164 T0_PUSH(ENG
->cert_len
);
1172 const br_x500_name
*dn
;
1173 if (CTX
->cur_dn_index
>= CTX
->num_tas
) {
1176 if (CTX
->ta_names
== NULL
) {
1177 dn
= &CTX
->tas
[CTX
->cur_dn_index
].dn
;
1179 dn
= &CTX
->ta_names
[CTX
->cur_dn_index
];
1181 CTX
->cur_dn_index
++;
1182 CTX
->cur_dn
= dn
->data
;
1183 CTX
->cur_dn_len
= dn
->len
;
1184 T0_PUSH(CTX
->cur_dn_len
);
1190 /* begin-ta-name-list */
1192 CTX
->cur_dn_index
= 0;
1199 size_t len
= (size_t)T0_POP();
1200 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1201 memset(addr
, 0, len
);
1206 /* call-policy-handler */
1209 br_ssl_server_choices choices
;
1211 x
= (*CTX
->policy_vtable
)->choose(
1212 CTX
->policy_vtable
, CTX
, &choices
);
1213 ENG
->session
.cipher_suite
= choices
.cipher_suite
;
1214 CTX
->sign_hash_id
= choices
.algo_id
;
1215 ENG
->chain
= choices
.chain
;
1216 ENG
->chain_len
= choices
.chain_len
;
1217 T0_PUSHi(-(x
!= 0));
1224 T0_PUSHi(-(ENG
->hlen_out
> 0));
1231 if (ENG
->session
.session_id_len
== 32
1232 && CTX
->cache_vtable
!= NULL
&& (*CTX
->cache_vtable
)->load(
1233 CTX
->cache_vtable
, CTX
, &ENG
->session
))
1248 /* compute-Finished-inner */
1250 int prf_id
= T0_POP();
1251 int from_client
= T0_POPi();
1252 unsigned char seed
[48];
1255 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1256 if (ENG
->session
.version
>= BR_TLS12
) {
1257 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1259 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1260 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1263 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1264 sizeof ENG
->session
.master_secret
,
1265 from_client
? "client finished" : "server finished",
1271 /* compute-hash-CV */
1275 for (i
= 1; i
<= 6; i
++) {
1276 br_multihash_out(&ENG
->mhash
, i
,
1277 ENG
->pad
+ HASH_PAD_OFF
[i
- 1]);
1283 /* copy-cert-chunk */
1287 clen
= ENG
->cert_len
;
1288 if (clen
> sizeof ENG
->pad
) {
1289 clen
= sizeof ENG
->pad
;
1291 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1292 ENG
->cert_cur
+= clen
;
1293 ENG
->cert_len
-= clen
;
1303 clen
= CTX
->cur_dn_len
;
1304 if (clen
> sizeof ENG
->pad
) {
1305 clen
= sizeof ENG
->pad
;
1307 memcpy(ENG
->pad
, CTX
->cur_dn
, clen
);
1308 CTX
->cur_dn
+= clen
;
1309 CTX
->cur_dn_len
-= clen
;
1324 if (br_multihash_getimpl(&ENG
->mhash
, id
) == 0) {
1328 off
= HASH_PAD_OFF
[id
- 1];
1329 len
= HASH_PAD_OFF
[id
] - off
;
1331 memcpy(CTX
->hash_CV
, ENG
->pad
+ off
, len
);
1332 CTX
->hash_CV_len
= len
;
1333 CTX
->hash_CV_id
= id
;
1339 /* copy-protocol-name */
1341 size_t idx
= T0_POP();
1342 size_t len
= strlen(ENG
->protocol_names
[idx
]);
1343 memcpy(ENG
->pad
, ENG
->protocol_names
[idx
], len
);
1351 size_t addr
= T0_POP();
1352 T0_PUSH(t0_datablock
[addr
]);
1366 int prf_id
= T0_POPi();
1367 size_t len
= T0_POP();
1368 do_ecdh(CTX
, prf_id
, ENG
->pad
, len
);
1373 /* do-ecdhe-part1 */
1375 int curve
= T0_POPi();
1376 T0_PUSHi(do_ecdhe_part1(CTX
, curve
));
1381 /* do-ecdhe-part2 */
1383 int prf_id
= T0_POPi();
1384 size_t len
= T0_POP();
1385 do_ecdhe_part2(CTX
, prf_id
, ENG
->pad
, len
);
1390 /* do-rsa-decrypt */
1392 int prf_id
= T0_POPi();
1393 size_t len
= T0_POP();
1394 do_rsa_decrypt(CTX
, prf_id
, ENG
->pad
, len
);
1399 /* do-static-ecdh */
1401 do_static_ecdh(CTX
, T0_POP());
1412 T0_PUSH(T0_PEEK(0));
1418 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1426 br_ssl_engine_flush_record(ENG
);
1431 /* get-key-type-usages */
1433 const br_x509_class
*xc
;
1434 const br_x509_pkey
*pk
;
1437 xc
= *(ENG
->x509ctx
);
1438 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1442 T0_PUSH(pk
->key_type
| usages
);
1450 size_t addr
= (size_t)T0_POP();
1451 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1458 size_t addr
= (size_t)T0_POP();
1459 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1466 size_t addr
= (size_t)T0_POP();
1467 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1474 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1481 size_t len
= (size_t)T0_POP();
1482 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1483 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1484 int x
= memcmp(addr1
, addr2
, len
);
1485 T0_PUSH((uint32_t)-(x
== 0));
1492 size_t len
= (size_t)T0_POP();
1493 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1494 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1495 memcpy(dst
, src
, len
);
1502 size_t len
= (size_t)T0_POP();
1503 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1504 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1509 /* more-incoming-bytes? */
1511 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1516 /* multihash-init */
1518 br_multihash_init(&ENG
->mhash
);
1525 uint32_t a
= T0_POP();
1533 uint32_t a
= T0_POP();
1541 uint32_t b
= T0_POP();
1542 uint32_t a
= T0_POP();
1549 T0_PUSH(T0_PEEK(1));
1558 /* read-chunk-native */
1560 size_t clen
= ENG
->hlen_in
;
1566 if ((size_t)len
< clen
) {
1569 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1570 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1571 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1573 T0_PUSH(addr
+ (uint32_t)clen
);
1574 T0_PUSH(len
- (uint32_t)clen
);
1575 ENG
->hbuf_in
+= clen
;
1576 ENG
->hlen_in
-= clen
;
1584 if (ENG
->hlen_in
> 0) {
1587 x
= *ENG
->hbuf_in
++;
1588 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1589 br_multihash_update(&ENG
->mhash
, &x
, 1);
1602 if (CTX
->cache_vtable
!= NULL
) {
1603 (*CTX
->cache_vtable
)->save(
1604 CTX
->cache_vtable
, CTX
, &ENG
->session
);
1610 /* set-max-frag-len */
1612 size_t max_frag_len
= T0_POP();
1614 br_ssl_engine_new_max_frag_len(ENG
, max_frag_len
);
1617 * We must adjust our own output limit. Since we call this only
1618 * after receiving a ClientHello and before beginning to send
1619 * the ServerHello, the next output record should be empty at
1620 * that point, so we can use max_frag_len as a limit.
1622 if (ENG
->hlen_out
> max_frag_len
) {
1623 ENG
->hlen_out
= max_frag_len
;
1631 size_t addr
= (size_t)T0_POP();
1632 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1639 size_t addr
= (size_t)T0_POP();
1640 *(uint32_t *)((unsigned char *)ENG
+ addr
) = (uint32_t)T0_POP();
1647 size_t addr
= (size_t)T0_POP();
1648 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1653 /* supported-curves */
1655 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1661 /* supported-hash-functions */
1668 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1669 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1680 /* supports-ecdsa? */
1682 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1687 /* supports-rsa-sign? */
1689 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1699 /* switch-aesgcm-in */
1701 int is_client
, prf_id
;
1702 unsigned cipher_key_len
;
1704 cipher_key_len
= T0_POP();
1706 is_client
= T0_POP();
1707 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1708 ENG
->iaes_ctr
, cipher_key_len
);
1713 /* switch-aesgcm-out */
1715 int is_client
, prf_id
;
1716 unsigned cipher_key_len
;
1718 cipher_key_len
= T0_POP();
1720 is_client
= T0_POP();
1721 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1722 ENG
->iaes_ctr
, cipher_key_len
);
1729 int is_client
, prf_id
, mac_id
, aes
;
1730 unsigned cipher_key_len
;
1732 cipher_key_len
= T0_POP();
1736 is_client
= T0_POP();
1737 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1738 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1743 /* switch-cbc-out */
1745 int is_client
, prf_id
, mac_id
, aes
;
1746 unsigned cipher_key_len
;
1748 cipher_key_len
= T0_POP();
1752 is_client
= T0_POP();
1753 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1754 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1759 /* switch-chapol-in */
1761 int is_client
, prf_id
;
1764 is_client
= T0_POP();
1765 br_ssl_engine_switch_chapol_in(ENG
, is_client
, prf_id
);
1770 /* switch-chapol-out */
1772 int is_client
, prf_id
;
1775 is_client
= T0_POP();
1776 br_ssl_engine_switch_chapol_out(ENG
, is_client
, prf_id
);
1781 /* ta-names-total-length */
1786 if (CTX
->ta_names
!= NULL
) {
1787 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1788 len
+= CTX
->ta_names
[u
].len
+ 2;
1790 } else if (CTX
->tas
!= NULL
) {
1791 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1792 len
+= CTX
->tas
[u
].dn
.len
+ 2;
1800 /* test-protocol-name */
1802 size_t len
= T0_POP();
1805 for (u
= 0; u
< ENG
->protocol_names_num
; u
++) {
1808 name
= ENG
->protocol_names
[u
];
1809 if (len
== strlen(name
) && memcmp(ENG
->pad
, name
, len
) == 0) {
1819 /* total-chain-length */
1825 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1826 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1835 uint32_t b
= T0_POP();
1836 uint32_t a
= T0_POP();
1837 T0_PUSH(-(uint32_t)(a
< b
));
1844 int c
= (int)T0_POPi();
1845 uint32_t x
= T0_POP();
1855 err
= verify_CV_sig(CTX
, T0_POP());
1861 /* write-blob-chunk */
1863 size_t clen
= ENG
->hlen_out
;
1869 if ((size_t)len
< clen
) {
1872 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1873 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1874 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1876 T0_PUSH(addr
+ (uint32_t)clen
);
1877 T0_PUSH(len
- (uint32_t)clen
);
1878 ENG
->hbuf_out
+= clen
;
1879 ENG
->hlen_out
-= clen
;
1889 x
= (unsigned char)T0_POP();
1890 if (ENG
->hlen_out
> 0) {
1891 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1892 br_multihash_update(&ENG
->mhash
, &x
, 1);
1894 *ENG
->hbuf_out
++ = x
;
1906 const br_x509_class
*xc
;
1909 xc
= *(ENG
->x509ctx
);
1911 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1918 const br_x509_class
*xc
;
1920 xc
= *(ENG
->x509ctx
);
1921 xc
->end_cert(ENG
->x509ctx
);
1926 /* x509-end-chain */
1928 const br_x509_class
*xc
;
1930 xc
= *(ENG
->x509ctx
);
1931 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1936 /* x509-start-cert */
1938 const br_x509_class
*xc
;
1940 xc
= *(ENG
->x509ctx
);
1941 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1946 /* x509-start-chain */
1948 const br_x509_class
*xc
;
1952 xc
= *(ENG
->x509ctx
);
1953 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1960 T0_ENTER(ip
, rp
, t0x
);
1964 ((t0_context
*)t0ctx
)->dp
= dp
;
1965 ((t0_context
*)t0ctx
)->rp
= rp
;
1966 ((t0_context
*)t0ctx
)->ip
= ip
;