1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_ssl_hs_server_init_main(void *t0ctx
);
66 void br_ssl_hs_server_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_server_context *)ENG)
95 * Decrypt the pre-master secret (RSA key exchange).
98 do_rsa_decrypt(br_ssl_server_context
*ctx
, int prf_id
,
99 unsigned char *epms
, size_t len
)
102 unsigned char rpms
[48];
107 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
, epms
, len
);
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
116 br_enc16be(epms
, ctx
->client_max_version
);
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
123 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, sizeof rpms
);
124 br_ccopy(x
^ 1, epms
, rpms
, sizeof rpms
);
127 * Compute master secret.
129 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, epms
, 48);
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
135 memset(epms
, 0, len
);
139 * Common part for ECDH and ECDHE.
142 ecdh_common(br_ssl_server_context
*ctx
, int prf_id
,
143 unsigned char *cpoint
, size_t cpoint_len
, uint32_t ctl
)
145 unsigned char rpms
[80];
149 * The point length is supposed to be 1+2*Xlen, where Xlen is
150 * the length (in bytes) of the X coordinate, i.e. the pre-master
151 * secret. If the provided point is too large, then it is
152 * obviously incorrect (i.e. everybody can see that it is
153 * incorrect), so leaking that fact is not a problem.
155 pms_len
= cpoint_len
>> 1;
156 if (pms_len
> sizeof rpms
) {
157 pms_len
= sizeof rpms
;
162 * Make a random PMS and copy it above the decrypted value if the
163 * decryption failed. Note that we use a constant-time conditional
166 br_hmac_drbg_generate(&ctx
->eng
.rng
, rpms
, pms_len
);
167 br_ccopy(ctl
^ 1, cpoint
+ 1, rpms
, pms_len
);
170 * Compute master secret.
172 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, cpoint
+ 1, pms_len
);
175 * Clear the pre-master secret from RAM: it is normally a buffer
176 * in the context, hence potentially long-lived.
178 memset(cpoint
, 0, cpoint_len
);
182 * Do the ECDH key exchange (not ECDHE).
185 do_ecdh(br_ssl_server_context
*ctx
, int prf_id
,
186 unsigned char *cpoint
, size_t cpoint_len
)
191 * Finalise the key exchange.
193 x
= (*ctx
->policy_vtable
)->do_keyx(ctx
->policy_vtable
,
195 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
199 * Do the full static ECDH key exchange. When this function is called,
200 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
201 * and the client's public key (from its certificate) has type EC and is
202 * apt for key exchange.
205 do_static_ecdh(br_ssl_server_context
*ctx
, int prf_id
)
207 unsigned char cpoint
[133];
209 const br_x509_class
**xc
;
210 const br_x509_pkey
*pk
;
212 xc
= ctx
->eng
.x509ctx
;
213 pk
= (*xc
)->get_pkey(xc
, NULL
);
214 cpoint_len
= pk
->key
.ec
.qlen
;
215 if (cpoint_len
> sizeof cpoint
) {
217 * If the point is larger than our buffer then we need to
218 * restrict it. Length 2 is not a valid point length, so
219 * the ECDH will fail.
223 memcpy(cpoint
, pk
->key
.ec
.q
, cpoint_len
);
224 do_ecdh(ctx
, prf_id
, cpoint
, cpoint_len
);
228 * Do the ECDHE key exchange (part 1: generation of transient key, and
229 * computing of the point to send to the client). Returned value is the
230 * signature length (in bytes), or -x on error (with x being an error
231 * code). The encoded point is written in the ecdhe_point[] context buffer
232 * (length in ecdhe_point_len).
235 do_ecdhe_part1(br_ssl_server_context
*ctx
, int curve
)
239 const unsigned char *order
, *generator
;
241 br_multihash_context mhc
;
242 unsigned char head
[4];
243 size_t hv_len
, sig_len
;
245 if (!((ctx
->eng
.iec
->supported_curves
>> curve
) & 1)) {
246 return -BR_ERR_INVALID_ALGORITHM
;
248 ctx
->eng
.ecdhe_curve
= curve
;
251 * Generate our private key. We need a non-zero random value
252 * which is lower than the curve order, in a "large enough"
253 * range. We force the top bit to 0 and bottom bit to 1, which
254 * does the trick. Note that contrary to what happens in ECDSA,
255 * this is not a problem if we do not cover the full range of
258 order
= ctx
->eng
.iec
->order(curve
, &olen
);
260 while (mask
>= order
[0]) {
263 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->ecdhe_key
, olen
);
264 ctx
->ecdhe_key
[0] &= mask
;
265 ctx
->ecdhe_key
[olen
- 1] |= 0x01;
266 ctx
->ecdhe_key_len
= olen
;
269 * Compute our ECDH point.
271 generator
= ctx
->eng
.iec
->generator(curve
, &glen
);
272 memcpy(ctx
->eng
.ecdhe_point
, generator
, glen
);
273 ctx
->eng
.ecdhe_point_len
= glen
;
274 if (!ctx
->eng
.iec
->mul(ctx
->eng
.ecdhe_point
, glen
,
275 ctx
->ecdhe_key
, olen
, curve
))
277 return -BR_ERR_INVALID_ALGORITHM
;
281 * Compute the signature.
283 br_multihash_zero(&mhc
);
284 br_multihash_copyimpl(&mhc
, &ctx
->eng
.mhash
);
285 br_multihash_init(&mhc
);
286 br_multihash_update(&mhc
,
287 ctx
->eng
.client_random
, sizeof ctx
->eng
.client_random
);
288 br_multihash_update(&mhc
,
289 ctx
->eng
.server_random
, sizeof ctx
->eng
.server_random
);
293 head
[3] = ctx
->eng
.ecdhe_point_len
;
294 br_multihash_update(&mhc
, head
, sizeof head
);
295 br_multihash_update(&mhc
,
296 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
297 hash
= ctx
->sign_hash_id
;
299 hv_len
= br_multihash_out(&mhc
, hash
, ctx
->eng
.pad
);
301 return -BR_ERR_INVALID_ALGORITHM
;
304 if (!br_multihash_out(&mhc
, br_md5_ID
, ctx
->eng
.pad
)
305 || !br_multihash_out(&mhc
,
306 br_sha1_ID
, ctx
->eng
.pad
+ 16))
308 return -BR_ERR_INVALID_ALGORITHM
;
312 sig_len
= (*ctx
->policy_vtable
)->do_sign(ctx
->policy_vtable
,
313 hash
, hv_len
, ctx
->eng
.pad
, sizeof ctx
->eng
.pad
);
314 return sig_len
? (int)sig_len
: -BR_ERR_INVALID_ALGORITHM
;
318 * Do the ECDHE key exchange (part 2: computation of the shared secret
319 * from the point sent by the client).
322 do_ecdhe_part2(br_ssl_server_context
*ctx
, int prf_id
,
323 unsigned char *cpoint
, size_t cpoint_len
)
328 curve
= ctx
->eng
.ecdhe_curve
;
331 * Finalise the key exchange.
333 x
= ctx
->eng
.iec
->mul(cpoint
, cpoint_len
,
334 ctx
->ecdhe_key
, ctx
->ecdhe_key_len
, curve
);
335 ecdh_common(ctx
, prf_id
, cpoint
, cpoint_len
, x
);
338 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
339 * as that key does not get stolen, so we'd better destroy it
340 * as soon as it ceases to be useful.
342 memset(ctx
->ecdhe_key
, 0, ctx
->ecdhe_key_len
);
346 * Offset for hash value within the pad (when obtaining all hash values,
347 * in preparation for verification of the CertificateVerify message).
348 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
349 * is used to get the total length.
351 static const unsigned char HASH_PAD_OFF
[] = { 0, 16, 36, 64, 96, 144, 208 };
354 * OID for hash functions in RSA signatures.
356 static const unsigned char HASH_OID_SHA1
[] = {
357 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
360 static const unsigned char HASH_OID_SHA224
[] = {
361 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
364 static const unsigned char HASH_OID_SHA256
[] = {
365 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
368 static const unsigned char HASH_OID_SHA384
[] = {
369 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
372 static const unsigned char HASH_OID_SHA512
[] = {
373 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
376 static const unsigned char *HASH_OID
[] = {
385 * Verify the signature in CertificateVerify. Returned value is 0 on
386 * success, or a non-zero error code. Lack of implementation of the
387 * designated signature algorithm is reported as a "bad signature"
388 * error (because it means that the peer did not honour our advertised
389 * set of supported signature algorithms).
392 verify_CV_sig(br_ssl_server_context
*ctx
, size_t sig_len
)
394 const br_x509_class
**xc
;
395 const br_x509_pkey
*pk
;
398 id
= ctx
->hash_CV_id
;
399 xc
= ctx
->eng
.x509ctx
;
400 pk
= (*xc
)->get_pkey(xc
, NULL
);
401 if (pk
->key_type
== BR_KEYTYPE_RSA
) {
402 unsigned char tmp
[64];
403 const unsigned char *hash_oid
;
408 hash_oid
= HASH_OID
[id
- 2];
410 if (ctx
->eng
.irsavrfy
== 0) {
411 return BR_ERR_BAD_SIGNATURE
;
413 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
414 hash_oid
, ctx
->hash_CV_len
, &pk
->key
.rsa
, tmp
)
415 || memcmp(tmp
, ctx
->hash_CV
, ctx
->hash_CV_len
) != 0)
417 return BR_ERR_BAD_SIGNATURE
;
420 if (ctx
->eng
.iecdsa
== 0) {
421 return BR_ERR_BAD_SIGNATURE
;
423 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
,
424 ctx
->hash_CV
, ctx
->hash_CV_len
,
425 &pk
->key
.ec
, ctx
->eng
.pad
, sig_len
))
427 return BR_ERR_BAD_SIGNATURE
;
435 static const uint8_t t0_datablock
[] = {
436 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
437 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
438 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
439 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
440 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
441 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
442 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
443 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
444 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
445 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
446 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
447 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
448 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
451 static const uint8_t t0_codeblock
[] = {
452 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
453 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
454 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
455 0x28, 0x28, 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00,
456 0x01, T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_BAD_SIGNATURE
), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_BAD_VERSION
), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_NO_CLIENT_AUTH
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
466 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
469 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
470 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
471 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
473 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
475 T0_INT2(offsetof(br_ssl_server_context
, client_max_version
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, client_random
)),
478 T0_INT2(offsetof(br_ssl_server_context
, client_suites
)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(br_ssl_server_context
, client_suites_num
)),
481 T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(br_ssl_server_context
, curves
)), 0x00, 0x00,
483 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00,
484 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)),
485 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)),
486 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context
, hashes
)),
487 0x00, 0x00, 0x75, 0x01,
488 T0_INT2(BR_MAX_CIPHER_SUITES
* sizeof(br_suite_translated
)), 0x00,
489 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
490 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00,
492 T0_INT2(offsetof(br_ssl_engine_context
, peer_log_max_frag_len
)), 0x00,
493 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)),
495 T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)), 0x00, 0x00,
497 0x01, T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00,
498 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)),
500 T0_INT2(offsetof(br_ssl_engine_context
, server_random
)), 0x00, 0x00,
502 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
504 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
506 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
507 0x01, T0_INT2(offsetof(br_ssl_server_context
, sign_hash_id
)), 0x00,
508 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00,
509 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00,
511 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
512 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
514 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
515 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
516 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
517 0x00, 0x00, 0x09, 0x29, 0x58, 0x06, 0x02, 0x64, 0x2A, 0x00, 0x00, 0x01,
518 0x01, 0x00, 0x01, 0x03, 0x00, 0x93, 0x29, 0x5E, 0x46, 0x97, 0x29, 0x05,
519 0x04, 0x5F, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x97, 0x00,
520 0x5E, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x64, 0x2A, 0x00, 0x00, 0x29, 0x84,
521 0x46, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x46, 0x72, 0x2D, 0x9F, 0x1C, 0x7F,
522 0x01, 0x0C, 0x32, 0x00, 0x00, 0x29, 0x21, 0x01, 0x08, 0x0C, 0x46, 0x5C,
523 0x21, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01, 0x00, 0x71, 0x41, 0x2B, 0x19,
524 0x37, 0x06, 0x07, 0x02, 0x00, 0xC5, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00,
525 0xBD, 0x02, 0x00, 0x29, 0x19, 0x13, 0x06, 0x02, 0x6B, 0x2A, 0xC5, 0x04,
526 0x76, 0x00, 0x01, 0x00, 0x71, 0x41, 0x01, 0x16, 0x82, 0x41, 0x35, 0xA7,
527 0x34, 0x06, 0x02, 0x6D, 0x2A, 0x06, 0x0A, 0xCC, 0x01, 0x00, 0xC8, 0x01,
528 0x00, 0xA3, 0x04, 0x80, 0x46, 0xCC, 0xC9, 0x28, 0xCE, 0x4D, 0x06, 0x01,
529 0xCA, 0xCD, 0x2B, 0x4D, 0x06, 0x31, 0x01, 0x00, 0xA4, 0x29, 0x58, 0x06,
530 0x0F, 0x01, 0x02, 0x9C, 0x05, 0x02, 0x36, 0x2A, 0x28, 0xA8, 0xA6, 0x29,
531 0xBE, 0x28, 0x04, 0x19, 0x29, 0x5A, 0x06, 0x0B, 0x28, 0x01, 0x02, 0x9C,
532 0x05, 0x02, 0x6A, 0x2A, 0xA8, 0x04, 0x0A, 0xAA, 0x29, 0x05, 0x04, 0x28,
533 0xA2, 0x04, 0x02, 0xA9, 0xA5, 0x04, 0x01, 0xA8, 0x01, 0x00, 0xA3, 0x01,
534 0x00, 0xC8, 0x3D, 0x01, 0x01, 0x71, 0x41, 0x01, 0x17, 0x82, 0x41, 0x00,
535 0x00, 0x39, 0x39, 0x00, 0x01, 0x03, 0x00, 0x2B, 0x19, 0x37, 0x06, 0x04,
536 0xC4, 0x28, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00, 0xBC, 0x19, 0x37, 0x06,
537 0x04, 0xC4, 0x28, 0x04, 0x78, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2A,
538 0x00, 0x00, 0x7B, 0x2E, 0x46, 0x12, 0x01, 0x01, 0x13, 0x36, 0x00, 0x00,
539 0x01, 0x7F, 0x99, 0xC4, 0x29, 0x01, 0x07, 0x13, 0x01, 0x00, 0x39, 0x0F,
540 0x06, 0x09, 0x28, 0x01, 0x10, 0x13, 0x06, 0x01, 0xBB, 0x04, 0x2A, 0x01,
541 0x01, 0x39, 0x0F, 0x06, 0x21, 0x28, 0x28, 0x83, 0x2F, 0x01, 0x01, 0x0F,
542 0x01, 0x01, 0x9C, 0x38, 0x06, 0x0F, 0x2B, 0x19, 0x37, 0x06, 0x04, 0xC4,
543 0x28, 0x04, 0x78, 0x01, 0x80, 0x64, 0xBD, 0x04, 0x03, 0x01, 0x00, 0x99,
544 0x04, 0x03, 0x6D, 0x2A, 0x28, 0x04, 0x40, 0x01, 0x29, 0x03, 0x00, 0x09,
545 0x29, 0x58, 0x06, 0x02, 0x64, 0x2A, 0x02, 0x00, 0x00, 0x00, 0x94, 0x01,
546 0x0F, 0x13, 0x00, 0x00, 0x70, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x10,
547 0x28, 0x29, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x28, 0x01, 0x02, 0x70, 0x41,
548 0x01, 0x00, 0x04, 0x22, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x15, 0x28, 0x01,
549 0x00, 0x70, 0x41, 0x29, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01, 0x82,
550 0x00, 0x08, 0x2A, 0x5A, 0x00, 0x04, 0x07, 0x28, 0x01, 0x82, 0x00, 0x08,
551 0x2A, 0x28, 0x00, 0x00, 0x01, 0x00, 0x30, 0x06, 0x05, 0x3C, 0xA0, 0x38,
552 0x04, 0x78, 0x29, 0x06, 0x04, 0x01, 0x01, 0x89, 0x41, 0x00, 0x00, 0x01,
553 0x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x6E, 0x2A, 0x72, 0x2D, 0x29,
554 0xC0, 0x05, 0x02, 0x6D, 0x2A, 0x9F, 0x27, 0x00, 0x00, 0x30, 0x06, 0x0B,
555 0x81, 0x2F, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x6D, 0x2A, 0x04, 0x11, 0xC4,
556 0x01, 0x07, 0x13, 0x29, 0x01, 0x02, 0x0E, 0x06, 0x06, 0x06, 0x02, 0x6D,
557 0x2A, 0x04, 0x70, 0x28, 0xB9, 0x01, 0x01, 0x0E, 0x34, 0x38, 0x06, 0x02,
558 0x60, 0x2A, 0x29, 0x01, 0x01, 0xBF, 0x37, 0xAB, 0x00, 0x01, 0xB0, 0x01,
559 0x0B, 0x0F, 0x05, 0x02, 0x6D, 0x2A, 0x29, 0x01, 0x03, 0x0F, 0x06, 0x08,
560 0xB7, 0x06, 0x02, 0x64, 0x2A, 0x46, 0x28, 0x00, 0x46, 0x57, 0xB7, 0x9E,
561 0x29, 0x06, 0x23, 0xB7, 0x9E, 0x29, 0x56, 0x29, 0x06, 0x18, 0x29, 0x01,
562 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x29, 0x03,
563 0x00, 0x7F, 0x02, 0x00, 0xAC, 0x02, 0x00, 0x53, 0x04, 0x65, 0x95, 0x54,
564 0x04, 0x5A, 0x95, 0x95, 0x55, 0x29, 0x06, 0x02, 0x36, 0x00, 0x28, 0x2C,
565 0x00, 0x02, 0x29, 0x01, 0x20, 0x13, 0x05, 0x02, 0x6E, 0x2A, 0x01, 0x0F,
566 0x13, 0x03, 0x00, 0xA6, 0x8D, 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x23,
567 0xB6, 0x29, 0x01, 0x81, 0x7F, 0x13, 0x5C, 0x01, 0x01, 0x12, 0x02, 0x00,
568 0x0F, 0x05, 0x02, 0x66, 0x2A, 0x01, 0x08, 0x12, 0x29, 0x01, 0x02, 0x0B,
569 0x39, 0x01, 0x06, 0x10, 0x38, 0x06, 0x02, 0x68, 0x2A, 0x04, 0x0D, 0x02,
570 0x00, 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00, 0x04, 0x02, 0x01, 0x02,
571 0x20, 0x05, 0x02, 0x68, 0x2A, 0xB6, 0x29, 0x03, 0x01, 0x29, 0x01, 0x84,
572 0x00, 0x10, 0x06, 0x02, 0x69, 0x2A, 0x7F, 0x46, 0xAC, 0x02, 0x01, 0x50,
573 0x29, 0x06, 0x01, 0x2A, 0x28, 0x95, 0x00, 0x00, 0x1D, 0xB0, 0x01, 0x0F,
574 0x0F, 0x05, 0x02, 0x6D, 0x2A, 0x00, 0x0A, 0xB0, 0x01, 0x01, 0x0F, 0x05,
575 0x02, 0x6D, 0x2A, 0xB6, 0x29, 0x03, 0x00, 0x73, 0x3F, 0x74, 0x01, 0x20,
576 0xAC, 0xB8, 0x29, 0x01, 0x20, 0x10, 0x06, 0x02, 0x6C, 0x2A, 0x29, 0x88,
577 0x41, 0x87, 0x46, 0xAC, 0x1A, 0x03, 0x01, 0xB6, 0x9E, 0x01, 0x00, 0x03,
578 0x02, 0x01, 0x00, 0x03, 0x03, 0x7D, 0x9A, 0x17, 0x39, 0x08, 0x03, 0x04,
579 0x03, 0x05, 0x29, 0x06, 0x80, 0x6D, 0xB6, 0x29, 0x03, 0x06, 0x02, 0x01,
580 0x06, 0x0A, 0x29, 0x72, 0x2D, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x03,
581 0x29, 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x83, 0x2F, 0x06, 0x02, 0x65,
582 0x2A, 0x01, 0x7F, 0x03, 0x02, 0x29, 0x01, 0x81, 0xAC, 0x00, 0x0F, 0x06,
583 0x11, 0x02, 0x00, 0x90, 0x2D, 0x11, 0x02, 0x00, 0x8F, 0x2D, 0x0B, 0x13,
584 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0xBA, 0x29, 0x58, 0x06, 0x03, 0x28,
585 0x04, 0x26, 0x01, 0x00, 0x9C, 0x06, 0x0B, 0x01, 0x02, 0x0C, 0x75, 0x08,
586 0x02, 0x06, 0x46, 0x3F, 0x04, 0x16, 0x28, 0x02, 0x05, 0x02, 0x04, 0x11,
587 0x06, 0x02, 0x63, 0x2A, 0x02, 0x06, 0x02, 0x05, 0x3F, 0x02, 0x05, 0x01,
588 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x28, 0x01, 0x00, 0x03, 0x07,
589 0xB8, 0x9E, 0x29, 0x06, 0x09, 0xB8, 0x05, 0x04, 0x01, 0x7F, 0x03, 0x07,
590 0x04, 0x74, 0x95, 0x01, 0x00, 0x85, 0x41, 0x01, 0x88, 0x04, 0x7C, 0x3F,
591 0x01, 0x84, 0x80, 0x80, 0x00, 0x78, 0x40, 0x29, 0x06, 0x80, 0x42, 0xB6,
592 0x9E, 0x29, 0x06, 0x3C, 0xB6, 0x01, 0x00, 0x39, 0x0F, 0x06, 0x04, 0x28,
593 0xAF, 0x04, 0x2F, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xAD, 0x04,
594 0x25, 0x01, 0x83, 0xFE, 0x01, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xAE, 0x04,
595 0x19, 0x01, 0x0D, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xB4, 0x04, 0x0F, 0x01,
596 0x0A, 0x39, 0x0F, 0x06, 0x04, 0x28, 0xB5, 0x04, 0x05, 0x28, 0xB2, 0x01,
597 0x00, 0x28, 0x04, 0x41, 0x95, 0x95, 0x02, 0x01, 0x02, 0x03, 0x13, 0x03,
598 0x01, 0x02, 0x00, 0x58, 0x06, 0x08, 0x73, 0x2D, 0x91, 0x3F, 0x01, 0x80,
599 0x56, 0x9B, 0x8F, 0x2D, 0x29, 0x02, 0x00, 0x10, 0x06, 0x03, 0x28, 0x02,
600 0x00, 0x29, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x67, 0x2A, 0x02, 0x00,
601 0x90, 0x2D, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46, 0x9B, 0x02, 0x01, 0x06,
602 0x10, 0x8D, 0x2D, 0x02, 0x00, 0x0D, 0x06, 0x05, 0x28, 0x8D, 0x2D, 0x04,
603 0x04, 0x01, 0x00, 0x03, 0x01, 0x29, 0x8D, 0x3F, 0x29, 0x8E, 0x3F, 0x29,
604 0x91, 0x3F, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08, 0x02, 0x02, 0x06, 0x04,
605 0x01, 0x02, 0x83, 0x41, 0x02, 0x07, 0x05, 0x03, 0x01, 0x28, 0x9B, 0x43,
606 0x28, 0x01, 0x82, 0x01, 0x07, 0x7C, 0x2D, 0x13, 0x29, 0x7C, 0x3F, 0x29,
607 0x01, 0x81, 0x7F, 0x13, 0x59, 0x36, 0x46, 0x01, 0x08, 0x12, 0x59, 0x01,
608 0x02, 0x13, 0x38, 0x01, 0x0C, 0x0C, 0x03, 0x09, 0x78, 0x2E, 0x42, 0x13,
609 0x29, 0x78, 0x40, 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02, 0x01, 0x06,
610 0x03, 0x01, 0x7F, 0x00, 0x87, 0x01, 0x20, 0x33, 0x01, 0x20, 0x88, 0x41,
611 0x75, 0x29, 0x03, 0x05, 0x29, 0x02, 0x04, 0x0B, 0x06, 0x80, 0x49, 0x29,
612 0x2D, 0x29, 0x94, 0x29, 0x01, 0x0C, 0x12, 0x29, 0x01, 0x01, 0x0F, 0x46,
613 0x01, 0x02, 0x0F, 0x38, 0x06, 0x0A, 0x29, 0x02, 0x09, 0x13, 0x05, 0x04,
614 0x5F, 0x01, 0x00, 0x29, 0x02, 0x08, 0x05, 0x0E, 0x29, 0x01, 0x81, 0x70,
615 0x13, 0x01, 0x20, 0x0E, 0x06, 0x04, 0x5F, 0x01, 0x00, 0x29, 0x29, 0x06,
616 0x10, 0x02, 0x05, 0x5E, 0x3F, 0x02, 0x05, 0x3F, 0x02, 0x05, 0x01, 0x04,
617 0x08, 0x03, 0x05, 0x04, 0x01, 0x5F, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x30,
618 0x28, 0x02, 0x05, 0x75, 0x09, 0x01, 0x02, 0x12, 0x29, 0x05, 0x03, 0x01,
619 0x28, 0x9B, 0x76, 0x41, 0x18, 0x05, 0x03, 0x01, 0x28, 0x9B, 0x01, 0x00,
620 0x00, 0x00, 0xAA, 0xA9, 0x00, 0x04, 0x72, 0x2D, 0xC3, 0x06, 0x16, 0xB6,
621 0x29, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02, 0x69, 0x2A, 0x29, 0x03, 0x00,
622 0x7F, 0x46, 0xAC, 0x02, 0x00, 0x72, 0x2D, 0x9F, 0x26, 0x72, 0x2D, 0x29,
623 0xC1, 0x46, 0xC0, 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x38,
624 0x06, 0x14, 0xB8, 0x29, 0x03, 0x03, 0x7F, 0x46, 0xAC, 0x02, 0x03, 0x72,
625 0x2D, 0x9F, 0x02, 0x02, 0x06, 0x03, 0x25, 0x04, 0x01, 0x23, 0x95, 0x00,
626 0x00, 0xB0, 0x01, 0x10, 0x0F, 0x05, 0x02, 0x6D, 0x2A, 0x00, 0x00, 0x96,
627 0xB0, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x6D, 0x2A, 0x7F, 0x01, 0x0C, 0x08,
628 0x01, 0x0C, 0xAC, 0x95, 0x7F, 0x29, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x31,
629 0x05, 0x02, 0x61, 0x2A, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00,
630 0x92, 0x02, 0x01, 0x02, 0x00, 0x3B, 0x29, 0x01, 0x00, 0x0F, 0x06, 0x02,
631 0x5F, 0x00, 0xC6, 0x04, 0x74, 0x00, 0xB6, 0x01, 0x01, 0x0E, 0x06, 0x02,
632 0x62, 0x2A, 0xB8, 0x29, 0x29, 0x5A, 0x46, 0x01, 0x05, 0x11, 0x38, 0x06,
633 0x02, 0x62, 0x2A, 0x01, 0x08, 0x08, 0x29, 0x7E, 0x2F, 0x0B, 0x06, 0x0D,
634 0x29, 0x01, 0x01, 0x46, 0x0C, 0x3E, 0x29, 0x7E, 0x41, 0x80, 0x41, 0x04,
635 0x01, 0x28, 0x00, 0x00, 0xB6, 0x83, 0x2F, 0x01, 0x00, 0x39, 0x0F, 0x06,
636 0x13, 0x28, 0x01, 0x01, 0x0F, 0x05, 0x02, 0x65, 0x2A, 0xB8, 0x06, 0x02,
637 0x65, 0x2A, 0x01, 0x02, 0x83, 0x41, 0x04, 0x28, 0x01, 0x02, 0x39, 0x0F,
638 0x06, 0x1F, 0x28, 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x65, 0x2A, 0xB8, 0x01,
639 0x0C, 0x0F, 0x05, 0x02, 0x65, 0x2A, 0x7F, 0x01, 0x0C, 0xAC, 0x84, 0x7F,
640 0x01, 0x0C, 0x31, 0x05, 0x02, 0x65, 0x2A, 0x04, 0x03, 0x65, 0x2A, 0x28,
641 0x00, 0x00, 0xB6, 0x9E, 0xB6, 0x9E, 0x29, 0x06, 0x1D, 0xB8, 0x06, 0x03,
642 0xB2, 0x04, 0x15, 0xB6, 0x29, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x29,
643 0x85, 0x08, 0x01, 0x00, 0x46, 0x41, 0x85, 0x46, 0xAC, 0x04, 0x01, 0xBE,
644 0x04, 0x60, 0x95, 0x95, 0x00, 0x00, 0xB1, 0x29, 0x5A, 0x06, 0x07, 0x28,
645 0x06, 0x02, 0x63, 0x2A, 0x04, 0x74, 0x00, 0x00, 0xB9, 0x01, 0x03, 0xB7,
646 0x46, 0x28, 0x46, 0x00, 0x00, 0xB6, 0xBE, 0x00, 0x03, 0x01, 0x00, 0x03,
647 0x00, 0xB6, 0x9E, 0x29, 0x06, 0x32, 0xB8, 0x03, 0x01, 0xB8, 0x03, 0x02,
648 0x02, 0x01, 0x01, 0x02, 0x11, 0x02, 0x01, 0x01, 0x06, 0x0D, 0x13, 0x02,
649 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02, 0x01, 0x03, 0x0F, 0x38, 0x13, 0x06,
650 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x5D, 0x01, 0x02, 0x0C, 0x02,
651 0x01, 0x08, 0x0C, 0x38, 0x03, 0x00, 0x04, 0x4B, 0x95, 0x02, 0x00, 0x00,
652 0x00, 0xB6, 0x9E, 0xB3, 0x7C, 0x3F, 0x95, 0x00, 0x00, 0xB6, 0x9E, 0xB6,
653 0x9E, 0x01, 0x00, 0x78, 0x40, 0x29, 0x06, 0x15, 0xB6, 0x29, 0x01, 0x20,
654 0x0B, 0x06, 0x0B, 0x01, 0x01, 0x46, 0x0C, 0x78, 0x2E, 0x38, 0x78, 0x40,
655 0x04, 0x01, 0x28, 0x04, 0x68, 0x95, 0x95, 0x00, 0x00, 0x01, 0x02, 0x92,
656 0xB9, 0x01, 0x08, 0x0C, 0xB9, 0x08, 0x00, 0x00, 0x01, 0x03, 0x92, 0xB9,
657 0x01, 0x08, 0x0C, 0xB9, 0x08, 0x01, 0x08, 0x0C, 0xB9, 0x08, 0x00, 0x00,
658 0x01, 0x01, 0x92, 0xB9, 0x00, 0x00, 0x3C, 0x29, 0x58, 0x05, 0x01, 0x00,
659 0x28, 0xC6, 0x04, 0x76, 0x02, 0x03, 0x00, 0x8C, 0x2F, 0x03, 0x01, 0x01,
660 0x00, 0x29, 0x02, 0x01, 0x0B, 0x06, 0x10, 0x29, 0x01, 0x01, 0x0C, 0x8B,
661 0x08, 0x2D, 0x02, 0x00, 0x0F, 0x06, 0x01, 0x00, 0x5C, 0x04, 0x6A, 0x28,
662 0x01, 0x7F, 0x00, 0x00, 0x2B, 0x19, 0x37, 0x06, 0x04, 0xC4, 0x28, 0x04,
663 0x78, 0x01, 0x16, 0x82, 0x41, 0x01, 0x00, 0xD7, 0x01, 0x00, 0xD6, 0x2B,
664 0x01, 0x17, 0x82, 0x41, 0x00, 0x00, 0x01, 0x15, 0x82, 0x41, 0x46, 0x52,
665 0x28, 0x52, 0x28, 0x2B, 0x00, 0x00, 0x01, 0x01, 0x46, 0xBC, 0x00, 0x00,
666 0x46, 0x39, 0x92, 0x46, 0x29, 0x06, 0x05, 0xB9, 0x28, 0x5D, 0x04, 0x78,
667 0x28, 0x00, 0x02, 0x03, 0x00, 0x72, 0x2D, 0x94, 0x03, 0x01, 0x02, 0x01,
668 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x04, 0x12, 0x01, 0x0F, 0x13, 0x02,
669 0x01, 0x01, 0x08, 0x12, 0x01, 0x0F, 0x13, 0x01, 0x00, 0x39, 0x0F, 0x06,
670 0x10, 0x28, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04,
671 0x01, 0x4A, 0x04, 0x80, 0x68, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x10, 0x28,
672 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A,
673 0x04, 0x80, 0x52, 0x01, 0x02, 0x39, 0x0F, 0x06, 0x0F, 0x28, 0x01, 0x01,
674 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x49, 0x04, 0x01, 0x4A, 0x04, 0x3D,
675 0x01, 0x03, 0x39, 0x0F, 0x06, 0x0E, 0x28, 0x28, 0x01, 0x10, 0x02, 0x00,
676 0x06, 0x03, 0x47, 0x04, 0x01, 0x48, 0x04, 0x29, 0x01, 0x04, 0x39, 0x0F,
677 0x06, 0x0E, 0x28, 0x28, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x47, 0x04,
678 0x01, 0x48, 0x04, 0x15, 0x01, 0x05, 0x39, 0x0F, 0x06, 0x0C, 0x28, 0x28,
679 0x02, 0x00, 0x06, 0x03, 0x4B, 0x04, 0x01, 0x4C, 0x04, 0x03, 0x64, 0x2A,
680 0x28, 0x00, 0x00, 0x94, 0x01, 0x0C, 0x12, 0x01, 0x02, 0x10, 0x00, 0x00,
681 0x94, 0x01, 0x0C, 0x12, 0x29, 0x5B, 0x46, 0x01, 0x03, 0x0B, 0x13, 0x00,
682 0x00, 0x94, 0x01, 0x0C, 0x12, 0x01, 0x01, 0x0F, 0x00, 0x00, 0x94, 0x01,
683 0x0C, 0x12, 0x5A, 0x00, 0x00, 0x1B, 0x01, 0x00, 0x6F, 0x2F, 0x29, 0x06,
684 0x1F, 0x01, 0x01, 0x39, 0x0F, 0x06, 0x06, 0x28, 0x01, 0x00, 0x98, 0x04,
685 0x11, 0x01, 0x02, 0x39, 0x0F, 0x06, 0x0A, 0x28, 0x71, 0x2F, 0x06, 0x03,
686 0x01, 0x10, 0x38, 0x04, 0x01, 0x28, 0x04, 0x01, 0x28, 0x77, 0x2F, 0x05,
687 0x33, 0x30, 0x06, 0x30, 0x81, 0x2F, 0x01, 0x14, 0x39, 0x0F, 0x06, 0x06,
688 0x28, 0x01, 0x02, 0x38, 0x04, 0x22, 0x01, 0x15, 0x39, 0x0F, 0x06, 0x09,
689 0x28, 0xA1, 0x06, 0x03, 0x01, 0x7F, 0x98, 0x04, 0x13, 0x01, 0x16, 0x39,
690 0x0F, 0x06, 0x06, 0x28, 0x01, 0x01, 0x38, 0x04, 0x07, 0x28, 0x01, 0x04,
691 0x38, 0x01, 0x00, 0x28, 0x19, 0x06, 0x03, 0x01, 0x08, 0x38, 0x00, 0x00,
692 0x1B, 0x29, 0x05, 0x0F, 0x30, 0x06, 0x0C, 0x81, 0x2F, 0x01, 0x15, 0x0F,
693 0x06, 0x04, 0x28, 0xA1, 0x04, 0x01, 0x22, 0x00, 0x00, 0xC4, 0x01, 0x07,
694 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x6D, 0x2A, 0x00, 0x01, 0x03, 0x00,
695 0x2B, 0x19, 0x06, 0x05, 0x02, 0x00, 0x82, 0x41, 0x00, 0xC4, 0x28, 0x04,
696 0x74, 0x00, 0x01, 0x14, 0xC7, 0x01, 0x01, 0xD7, 0x2B, 0x29, 0x01, 0x00,
697 0xBF, 0x01, 0x16, 0xC7, 0xCB, 0x2B, 0x00, 0x00, 0x01, 0x0B, 0xD7, 0x4E,
698 0x29, 0x29, 0x01, 0x03, 0x08, 0xD6, 0xD6, 0x14, 0x29, 0x58, 0x06, 0x02,
699 0x28, 0x00, 0xD6, 0x1E, 0x29, 0x06, 0x05, 0x7F, 0x46, 0xCF, 0x04, 0x77,
700 0x28, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xD1, 0x8D, 0x2D, 0x01, 0x86, 0x03,
701 0x11, 0x06, 0x05, 0x5E, 0x01, 0x00, 0xD2, 0x08, 0x4D, 0x08, 0x01, 0x03,
702 0x08, 0x01, 0x0D, 0xD7, 0xD6, 0x01, 0x00, 0xD1, 0xD7, 0x01, 0x01, 0xD1,
703 0x28, 0x8D, 0x2D, 0x01, 0x86, 0x03, 0x11, 0x06, 0x08, 0x01, 0x00, 0xD2,
704 0xD5, 0x01, 0x01, 0xD2, 0x28, 0x4D, 0xD5, 0x16, 0x15, 0x29, 0x58, 0x06,
705 0x02, 0x28, 0x00, 0xD5, 0x1F, 0x29, 0x06, 0x05, 0x7F, 0x46, 0xCF, 0x04,
706 0x77, 0x28, 0x04, 0x6C, 0x00, 0x96, 0x01, 0x14, 0xD7, 0x01, 0x0C, 0xD6,
707 0x7F, 0x01, 0x0C, 0xCF, 0x00, 0x03, 0x03, 0x00, 0x01, 0x02, 0xD7, 0x01,
708 0x80, 0x46, 0x83, 0x2F, 0x01, 0x02, 0x0F, 0x06, 0x0C, 0x02, 0x00, 0x06,
709 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02, 0x01, 0x00, 0x03,
710 0x01, 0x80, 0x2F, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x00, 0x03,
711 0x02, 0x02, 0x01, 0x02, 0x02, 0x08, 0x29, 0x06, 0x03, 0x01, 0x02, 0x08,
712 0x08, 0xD6, 0x8D, 0x2D, 0xD5, 0x86, 0x01, 0x04, 0x17, 0x86, 0x01, 0x04,
713 0x08, 0x01, 0x1C, 0x33, 0x86, 0x01, 0x20, 0xCF, 0x01, 0x20, 0xD7, 0x87,
714 0x01, 0x20, 0xCF, 0x72, 0x2D, 0xD5, 0x01, 0x00, 0xD7, 0x02, 0x01, 0x02,
715 0x02, 0x08, 0x29, 0x06, 0x29, 0xD5, 0x02, 0x01, 0x29, 0x06, 0x10, 0x01,
716 0x83, 0xFE, 0x01, 0xD5, 0x01, 0x04, 0x09, 0x29, 0xD5, 0x5D, 0x84, 0x46,
717 0xD0, 0x04, 0x01, 0x28, 0x02, 0x02, 0x06, 0x0C, 0x01, 0x01, 0xD5, 0x01,
718 0x01, 0xD5, 0x80, 0x2F, 0x01, 0x08, 0x09, 0xD7, 0x04, 0x01, 0x28, 0x00,
719 0x00, 0x01, 0x0E, 0xD7, 0x01, 0x00, 0xD6, 0x00, 0x03, 0x72, 0x2D, 0xC1,
720 0x05, 0x01, 0x00, 0x78, 0x2E, 0x01, 0x00, 0x9A, 0x12, 0x01, 0x01, 0x13,
721 0x5A, 0x06, 0x03, 0x5C, 0x04, 0x75, 0x03, 0x00, 0x28, 0x02, 0x00, 0x24,
722 0x29, 0x58, 0x06, 0x02, 0x36, 0x2A, 0x03, 0x01, 0x8D, 0x2D, 0x01, 0x86,
723 0x03, 0x11, 0x03, 0x02, 0x01, 0x0C, 0xD7, 0x02, 0x01, 0x7A, 0x2F, 0x08,
724 0x02, 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0xD6, 0x01, 0x03,
725 0xD7, 0x02, 0x00, 0xD5, 0x79, 0x7A, 0x2F, 0xD0, 0x02, 0x02, 0x06, 0x0D,
726 0x8A, 0x2F, 0xD7, 0x72, 0x2D, 0xC2, 0x01, 0x01, 0x0C, 0x01, 0x03, 0x08,
727 0xD7, 0x02, 0x01, 0xD5, 0x7F, 0x02, 0x01, 0xCF, 0x00, 0x00, 0x51, 0x29,
728 0x01, 0x00, 0x0F, 0x06, 0x02, 0x5F, 0x00, 0xC4, 0x28, 0x04, 0x73, 0x00,
729 0x29, 0xD7, 0xCF, 0x00, 0x00, 0x01, 0x00, 0x72, 0x2D, 0xC0, 0x06, 0x0C,
730 0x5E, 0x39, 0x06, 0x08, 0x01, 0x80, 0x41, 0xD7, 0x01, 0x80, 0x42, 0xD7,
731 0x45, 0x06, 0x07, 0x5C, 0x39, 0x06, 0x03, 0x01, 0x01, 0xD7, 0x44, 0x06,
732 0x08, 0x5C, 0x39, 0x06, 0x04, 0x01, 0x80, 0x40, 0xD7, 0x46, 0x28, 0x00,
733 0x01, 0x01, 0x00, 0x03, 0x00, 0x45, 0x44, 0x38, 0x05, 0x14, 0x01, 0x01,
734 0x01, 0x80, 0x7C, 0xD3, 0x03, 0x00, 0x01, 0x03, 0x01, 0x80, 0x7C, 0xD3,
735 0x02, 0x00, 0x08, 0x46, 0x28, 0x00, 0x45, 0x06, 0x07, 0x01, 0x01, 0x43,
736 0x28, 0xD3, 0x03, 0x00, 0x44, 0x06, 0x0A, 0x01, 0x03, 0x43, 0x28, 0xD3,
737 0x02, 0x00, 0x08, 0x03, 0x00, 0x28, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00,
738 0x01, 0x04, 0xD4, 0x01, 0x05, 0xD4, 0x01, 0x06, 0xD4, 0x01, 0x03, 0xD4,
739 0x01, 0x02, 0xD4, 0x0A, 0x5F, 0x00, 0x01, 0x03, 0x00, 0x39, 0x01, 0x01,
740 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x5E, 0x01, 0x03, 0x3A, 0x06,
741 0x07, 0x02, 0x00, 0xD7, 0x01, 0x02, 0x3A, 0xD7, 0x00, 0x00, 0x29, 0x01,
742 0x08, 0x4F, 0xD7, 0xD7, 0x00, 0x00, 0x29, 0x01, 0x10, 0x4F, 0xD7, 0xD5,
743 0x00, 0x00, 0x29, 0x52, 0x06, 0x02, 0x28, 0x00, 0xC4, 0x28, 0x04, 0x76
746 static const uint16_t t0_caddr
[] = {
877 #define T0_INTERPRETED 88
879 #define T0_ENTER(ip, rp, slot) do { \
880 const unsigned char *t0_newip; \
882 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
883 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
885 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
889 #define T0_DEFENTRY(name, slot) \
893 t0_context *t0ctx = ctx; \
894 t0ctx->ip = &t0_codeblock[0]; \
895 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
898 T0_DEFENTRY(br_ssl_hs_server_init_main
, 157)
900 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
903 br_ssl_hs_server_run(void *t0ctx
)
906 const unsigned char *ip
;
908 #define T0_LOCAL(x) (*(rp - 2 - (x)))
909 #define T0_POP() (*-- dp)
910 #define T0_POPi() (*(int32_t *)(-- dp))
911 #define T0_PEEK(x) (*(dp - 1 - (x)))
912 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
913 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
914 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
915 #define T0_RPOP() (*-- rp)
916 #define T0_RPOPi() (*(int32_t *)(-- rp))
917 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
918 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
919 #define T0_ROLL(x) do { \
920 size_t t0len = (size_t)(x); \
921 uint32_t t0tmp = *(dp - 1 - t0len); \
922 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
925 #define T0_SWAP() do { \
926 uint32_t t0tmp = *(dp - 2); \
927 *(dp - 2) = *(dp - 1); \
930 #define T0_ROT() do { \
931 uint32_t t0tmp = *(dp - 3); \
932 *(dp - 3) = *(dp - 2); \
933 *(dp - 2) = *(dp - 1); \
936 #define T0_NROT() do { \
937 uint32_t t0tmp = *(dp - 1); \
938 *(dp - 1) = *(dp - 2); \
939 *(dp - 2) = *(dp - 3); \
942 #define T0_PICK(x) do { \
943 uint32_t t0depth = (x); \
944 T0_PUSH(T0_PEEK(t0depth)); \
946 #define T0_CO() do { \
949 #define T0_RET() goto t0_next
951 dp
= ((t0_context
*)t0ctx
)->dp
;
952 rp
= ((t0_context
*)t0ctx
)->rp
;
953 ip
= ((t0_context
*)t0ctx
)->ip
;
960 if (t0x
< T0_INTERPRETED
) {
972 ip
= &t0_codeblock
[t0x
];
974 case 1: /* literal constant */
975 T0_PUSHi(t0_parse7E_signed(&ip
));
977 case 2: /* read local */
978 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
980 case 3: /* write local */
981 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
984 t0off
= t0_parse7E_signed(&ip
);
987 case 5: /* jump if */
988 t0off
= t0_parse7E_signed(&ip
);
993 case 6: /* jump if not */
994 t0off
= t0_parse7E_signed(&ip
);
1002 uint32_t b
= T0_POP();
1003 uint32_t a
= T0_POP();
1011 uint32_t b
= T0_POP();
1012 uint32_t a
= T0_POP();
1020 uint32_t b
= T0_POP();
1021 uint32_t a
= T0_POP();
1034 int32_t b
= T0_POPi();
1035 int32_t a
= T0_POPi();
1036 T0_PUSH(-(uint32_t)(a
< b
));
1043 int c
= (int)T0_POPi();
1044 uint32_t x
= T0_POP();
1052 int32_t b
= T0_POPi();
1053 int32_t a
= T0_POPi();
1054 T0_PUSH(-(uint32_t)(a
<= b
));
1061 uint32_t b
= T0_POP();
1062 uint32_t a
= T0_POP();
1063 T0_PUSH(-(uint32_t)(a
!= b
));
1070 uint32_t b
= T0_POP();
1071 uint32_t a
= T0_POP();
1072 T0_PUSH(-(uint32_t)(a
== b
));
1079 int32_t b
= T0_POPi();
1080 int32_t a
= T0_POPi();
1081 T0_PUSH(-(uint32_t)(a
> b
));
1088 int32_t b
= T0_POPi();
1089 int32_t a
= T0_POPi();
1090 T0_PUSH(-(uint32_t)(a
>= b
));
1097 int c
= (int)T0_POPi();
1098 int32_t x
= T0_POPi();
1106 uint32_t b
= T0_POP();
1107 uint32_t a
= T0_POP();
1115 if (ENG
->chain_len
== 0) {
1118 ENG
->cert_cur
= ENG
->chain
->data
;
1119 ENG
->cert_len
= ENG
->chain
->data_len
;
1122 T0_PUSH(ENG
->cert_len
);
1130 const br_x500_name
*dn
;
1131 if (CTX
->cur_dn_index
>= CTX
->num_tas
) {
1134 if (CTX
->ta_names
== NULL
) {
1135 dn
= &CTX
->tas
[CTX
->cur_dn_index
].dn
;
1137 dn
= &CTX
->ta_names
[CTX
->cur_dn_index
];
1139 CTX
->cur_dn_index
++;
1140 CTX
->cur_dn
= dn
->data
;
1141 CTX
->cur_dn_len
= dn
->len
;
1142 T0_PUSH(CTX
->cur_dn_len
);
1148 /* begin-ta-name-list */
1150 CTX
->cur_dn_index
= 0;
1157 size_t len
= (size_t)T0_POP();
1158 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1159 memset(addr
, 0, len
);
1164 /* call-policy-handler */
1167 br_ssl_server_choices choices
;
1169 x
= (*CTX
->policy_vtable
)->choose(
1170 CTX
->policy_vtable
, CTX
, &choices
);
1171 ENG
->session
.cipher_suite
= choices
.cipher_suite
;
1172 CTX
->sign_hash_id
= choices
.hash_id
;
1173 ENG
->chain
= choices
.chain
;
1174 ENG
->chain_len
= choices
.chain_len
;
1175 T0_PUSHi(-(x
!= 0));
1182 T0_PUSHi(-(ENG
->hlen_out
> 0));
1189 if (ENG
->session
.session_id_len
== 32
1190 && CTX
->cache_vtable
!= NULL
&& (*CTX
->cache_vtable
)->load(
1191 CTX
->cache_vtable
, CTX
, &ENG
->session
))
1206 /* compute-Finished-inner */
1208 int prf_id
= T0_POP();
1209 int from_client
= T0_POPi();
1210 unsigned char seed
[48];
1213 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1214 if (ENG
->session
.version
>= BR_TLS12
) {
1215 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1217 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1218 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1221 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1222 sizeof ENG
->session
.master_secret
,
1223 from_client
? "client finished" : "server finished",
1229 /* compute-hash-CV */
1233 for (i
= 1; i
<= 6; i
++) {
1234 br_multihash_out(&ENG
->mhash
, i
,
1235 ENG
->pad
+ HASH_PAD_OFF
[i
- 1]);
1241 /* copy-cert-chunk */
1245 clen
= ENG
->cert_len
;
1246 if (clen
> sizeof ENG
->pad
) {
1247 clen
= sizeof ENG
->pad
;
1249 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1250 ENG
->cert_cur
+= clen
;
1251 ENG
->cert_len
-= clen
;
1261 clen
= CTX
->cur_dn_len
;
1262 if (clen
> sizeof ENG
->pad
) {
1263 clen
= sizeof ENG
->pad
;
1265 memcpy(ENG
->pad
, CTX
->cur_dn
, clen
);
1266 CTX
->cur_dn
+= clen
;
1267 CTX
->cur_dn_len
-= clen
;
1282 if (br_multihash_getimpl(&ENG
->mhash
, id
) == 0) {
1286 off
= HASH_PAD_OFF
[id
- 1];
1287 len
= HASH_PAD_OFF
[id
] - off
;
1289 memcpy(CTX
->hash_CV
, ENG
->pad
+ off
, len
);
1290 CTX
->hash_CV_len
= len
;
1291 CTX
->hash_CV_id
= id
;
1299 size_t addr
= T0_POP();
1300 T0_PUSH(t0_datablock
[addr
]);
1314 int prf_id
= T0_POPi();
1315 size_t len
= T0_POP();
1316 do_ecdh(CTX
, prf_id
, ENG
->pad
, len
);
1321 /* do-ecdhe-part1 */
1323 int curve
= T0_POPi();
1324 T0_PUSHi(do_ecdhe_part1(CTX
, curve
));
1329 /* do-ecdhe-part2 */
1331 int prf_id
= T0_POPi();
1332 size_t len
= T0_POP();
1333 do_ecdhe_part2(CTX
, prf_id
, ENG
->pad
, len
);
1338 /* do-rsa-decrypt */
1340 int prf_id
= T0_POPi();
1341 size_t len
= T0_POP();
1342 do_rsa_decrypt(CTX
, prf_id
, ENG
->pad
, len
);
1347 /* do-static-ecdh */
1349 do_static_ecdh(CTX
, T0_POP());
1360 T0_PUSH(T0_PEEK(0));
1366 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1374 br_ssl_engine_flush_record(ENG
);
1379 /* get-key-type-usages */
1381 const br_x509_class
*xc
;
1382 const br_x509_pkey
*pk
;
1385 xc
= *(ENG
->x509ctx
);
1386 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1390 T0_PUSH(pk
->key_type
| usages
);
1398 size_t addr
= (size_t)T0_POP();
1399 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1406 size_t addr
= (size_t)T0_POP();
1407 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1414 size_t addr
= (size_t)T0_POP();
1415 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1422 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1429 size_t len
= (size_t)T0_POP();
1430 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1431 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1432 int x
= memcmp(addr1
, addr2
, len
);
1433 T0_PUSH((uint32_t)-(x
== 0));
1440 size_t len
= (size_t)T0_POP();
1441 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1442 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1443 memcpy(dst
, src
, len
);
1450 size_t len
= (size_t)T0_POP();
1451 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1452 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1457 /* more-incoming-bytes? */
1459 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1464 /* multihash-init */
1466 br_multihash_init(&ENG
->mhash
);
1473 uint32_t a
= T0_POP();
1481 uint32_t a
= T0_POP();
1489 uint32_t b
= T0_POP();
1490 uint32_t a
= T0_POP();
1497 T0_PUSH(T0_PEEK(1));
1506 /* read-chunk-native */
1508 size_t clen
= ENG
->hlen_in
;
1514 if ((size_t)len
< clen
) {
1517 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1518 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1519 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1521 T0_PUSH(addr
+ (uint32_t)clen
);
1522 T0_PUSH(len
- (uint32_t)clen
);
1523 ENG
->hbuf_in
+= clen
;
1524 ENG
->hlen_in
-= clen
;
1532 if (ENG
->hlen_in
> 0) {
1535 x
= *ENG
->hbuf_in
++;
1536 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1537 br_multihash_update(&ENG
->mhash
, &x
, 1);
1550 if (CTX
->cache_vtable
!= NULL
) {
1551 (*CTX
->cache_vtable
)->save(
1552 CTX
->cache_vtable
, CTX
, &ENG
->session
);
1558 /* set-max-frag-len */
1560 size_t max_frag_len
= T0_POP();
1562 br_ssl_engine_new_max_frag_len(ENG
, max_frag_len
);
1565 * We must adjust our own output limit. Since we call this only
1566 * after receiving a ClientHello and before beginning to send
1567 * the ServerHello, the next output record should be empty at
1568 * that point, so we can use max_frag_len as a limit.
1570 if (ENG
->hlen_out
> max_frag_len
) {
1571 ENG
->hlen_out
= max_frag_len
;
1579 size_t addr
= (size_t)T0_POP();
1580 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1587 size_t addr
= (size_t)T0_POP();
1588 *(uint32_t *)((unsigned char *)ENG
+ addr
) = (uint32_t)T0_POP();
1595 size_t addr
= (size_t)T0_POP();
1596 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1601 /* supported-curves */
1603 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1609 /* supported-hash-functions */
1616 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1617 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1628 /* supports-ecdsa? */
1630 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1635 /* supports-rsa-sign? */
1637 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1647 /* switch-aesgcm-in */
1649 int is_client
, prf_id
;
1650 unsigned cipher_key_len
;
1652 cipher_key_len
= T0_POP();
1654 is_client
= T0_POP();
1655 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1656 ENG
->iaes_ctr
, cipher_key_len
);
1661 /* switch-aesgcm-out */
1663 int is_client
, prf_id
;
1664 unsigned cipher_key_len
;
1666 cipher_key_len
= T0_POP();
1668 is_client
= T0_POP();
1669 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1670 ENG
->iaes_ctr
, cipher_key_len
);
1677 int is_client
, prf_id
, mac_id
, aes
;
1678 unsigned cipher_key_len
;
1680 cipher_key_len
= T0_POP();
1684 is_client
= T0_POP();
1685 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1686 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1691 /* switch-cbc-out */
1693 int is_client
, prf_id
, mac_id
, aes
;
1694 unsigned cipher_key_len
;
1696 cipher_key_len
= T0_POP();
1700 is_client
= T0_POP();
1701 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1702 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1707 /* switch-chapol-in */
1709 int is_client
, prf_id
;
1712 is_client
= T0_POP();
1713 br_ssl_engine_switch_chapol_in(ENG
, is_client
, prf_id
);
1718 /* switch-chapol-out */
1720 int is_client
, prf_id
;
1723 is_client
= T0_POP();
1724 br_ssl_engine_switch_chapol_out(ENG
, is_client
, prf_id
);
1729 /* ta-names-total-length */
1734 if (CTX
->ta_names
!= NULL
) {
1735 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1736 len
+= CTX
->ta_names
[u
].len
+ 2;
1738 } else if (CTX
->tas
!= NULL
) {
1739 for (u
= 0; u
< CTX
->num_tas
; u
++) {
1740 len
+= CTX
->tas
[u
].dn
.len
+ 2;
1748 /* total-chain-length */
1754 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1755 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1764 int c
= (int)T0_POPi();
1765 uint32_t x
= T0_POP();
1775 err
= verify_CV_sig(CTX
, T0_POP());
1781 /* write-blob-chunk */
1783 size_t clen
= ENG
->hlen_out
;
1789 if ((size_t)len
< clen
) {
1792 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1793 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1794 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1796 T0_PUSH(addr
+ (uint32_t)clen
);
1797 T0_PUSH(len
- (uint32_t)clen
);
1798 ENG
->hbuf_out
+= clen
;
1799 ENG
->hlen_out
-= clen
;
1809 x
= (unsigned char)T0_POP();
1810 if (ENG
->hlen_out
> 0) {
1811 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1812 br_multihash_update(&ENG
->mhash
, &x
, 1);
1814 *ENG
->hbuf_out
++ = x
;
1826 const br_x509_class
*xc
;
1829 xc
= *(ENG
->x509ctx
);
1831 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1838 const br_x509_class
*xc
;
1840 xc
= *(ENG
->x509ctx
);
1841 xc
->end_cert(ENG
->x509ctx
);
1846 /* x509-end-chain */
1848 const br_x509_class
*xc
;
1850 xc
= *(ENG
->x509ctx
);
1851 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1856 /* x509-start-cert */
1858 const br_x509_class
*xc
;
1860 xc
= *(ENG
->x509ctx
);
1861 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1866 /* x509-start-chain */
1868 const br_x509_class
*xc
;
1872 xc
= *(ENG
->x509ctx
);
1873 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1880 T0_ENTER(ip
, rp
, t0x
);
1884 ((t0_context
*)t0ctx
)->dp
= dp
;
1885 ((t0_context
*)t0ctx
)->rp
= rp
;
1886 ((t0_context
*)t0ctx
)->ip
= ip
;