Path: blob/main/contrib/bearssl/src/ssl/ssl_hs_server.c
39488 views
/* Automatically generated code; do not modify directly. */12#include <stddef.h>3#include <stdint.h>45typedef struct {6uint32_t *dp;7uint32_t *rp;8const unsigned char *ip;9} t0_context;1011static uint32_t12t0_parse7E_unsigned(const unsigned char **p)13{14uint32_t x;1516x = 0;17for (;;) {18unsigned y;1920y = *(*p) ++;21x = (x << 7) | (uint32_t)(y & 0x7F);22if (y < 0x80) {23return x;24}25}26}2728static int32_t29t0_parse7E_signed(const unsigned char **p)30{31int neg;32uint32_t x;3334neg = ((**p) >> 6) & 1;35x = (uint32_t)-neg;36for (;;) {37unsigned y;3839y = *(*p) ++;40x = (x << 7) | (uint32_t)(y & 0x7F);41if (y < 0x80) {42if (neg) {43return -(int32_t)~x - 1;44} else {45return (int32_t)x;46}47}48}49}5051#define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)52#define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)53#define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)54#define T0_INT1(x) T0_FBYTE(x, 0)55#define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)56#define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)57#define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)58#define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)5960/* static const unsigned char t0_datablock[]; */616263void br_ssl_hs_server_init_main(void *t0ctx);6465void br_ssl_hs_server_run(void *t0ctx);66676869#include <stddef.h>70#include <string.h>7172#include "inner.h"7374/*75* This macro evaluates to a pointer to the current engine context.76*/77#define ENG ((br_ssl_engine_context *)(void *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))787980818283/*84* This macro evaluates to a pointer to the server context, under that85* specific name. It must be noted that since the engine context is the86* first field of the br_ssl_server_context structure ('eng'), then87* pointers values of both types are interchangeable, modulo an88* appropriate cast. This also means that "addresses" computed as offsets89* within the structure work for both kinds of context.90*/91#define CTX ((br_ssl_server_context *)ENG)9293/*94* Decrypt the pre-master secret (RSA key exchange).95*/96static void97do_rsa_decrypt(br_ssl_server_context *ctx, int prf_id,98unsigned char *epms, size_t len)99{100uint32_t x;101unsigned char rpms[48];102103/*104* Decrypt the PMS.105*/106x = (*ctx->policy_vtable)->do_keyx(ctx->policy_vtable, epms, &len);107108/*109* Set the first two bytes to the maximum supported client110* protocol version. These bytes are used for version rollback111* detection; forceing the two bytes will make the master secret112* wrong if the bytes are not correct. This process is113* recommended by RFC 5246 (section 7.4.7.1).114*/115br_enc16be(epms, ctx->client_max_version);116117/*118* Make a random PMS and copy it above the decrypted value if the119* decryption failed. Note that we use a constant-time conditional120* copy.121*/122br_hmac_drbg_generate(&ctx->eng.rng, rpms, sizeof rpms);123br_ccopy(x ^ 1, epms, rpms, sizeof rpms);124125/*126* Compute master secret.127*/128br_ssl_engine_compute_master(&ctx->eng, prf_id, epms, 48);129130/*131* Clear the pre-master secret from RAM: it is normally a buffer132* in the context, hence potentially long-lived.133*/134memset(epms, 0, len);135}136137/*138* Common part for ECDH and ECDHE.139*/140static void141ecdh_common(br_ssl_server_context *ctx, int prf_id,142unsigned char *xcoor, size_t xcoor_len, uint32_t ctl)143{144unsigned char rpms[80];145146if (xcoor_len > sizeof rpms) {147xcoor_len = sizeof rpms;148ctl = 0;149}150151/*152* Make a random PMS and copy it above the decrypted value if the153* decryption failed. Note that we use a constant-time conditional154* copy.155*/156br_hmac_drbg_generate(&ctx->eng.rng, rpms, xcoor_len);157br_ccopy(ctl ^ 1, xcoor, rpms, xcoor_len);158159/*160* Compute master secret.161*/162br_ssl_engine_compute_master(&ctx->eng, prf_id, xcoor, xcoor_len);163164/*165* Clear the pre-master secret from RAM: it is normally a buffer166* in the context, hence potentially long-lived.167*/168memset(xcoor, 0, xcoor_len);169}170171/*172* Do the ECDH key exchange (not ECDHE).173*/174static void175do_ecdh(br_ssl_server_context *ctx, int prf_id,176unsigned char *cpoint, size_t cpoint_len)177{178uint32_t x;179180/*181* Finalise the key exchange.182*/183x = (*ctx->policy_vtable)->do_keyx(ctx->policy_vtable,184cpoint, &cpoint_len);185ecdh_common(ctx, prf_id, cpoint, cpoint_len, x);186}187188/*189* Do the full static ECDH key exchange. When this function is called,190* it has already been verified that the cipher suite uses ECDH (not ECDHE),191* and the client's public key (from its certificate) has type EC and is192* apt for key exchange.193*/194static void195do_static_ecdh(br_ssl_server_context *ctx, int prf_id)196{197unsigned char cpoint[133];198size_t cpoint_len;199const br_x509_class **xc;200const br_x509_pkey *pk;201202xc = ctx->eng.x509ctx;203pk = (*xc)->get_pkey(xc, NULL);204cpoint_len = pk->key.ec.qlen;205if (cpoint_len > sizeof cpoint) {206/*207* If the point is larger than our buffer then we need to208* restrict it. Length 2 is not a valid point length, so209* the ECDH will fail.210*/211cpoint_len = 2;212}213memcpy(cpoint, pk->key.ec.q, cpoint_len);214do_ecdh(ctx, prf_id, cpoint, cpoint_len);215}216217static size_t218hash_data(br_ssl_server_context *ctx,219void *dst, int hash_id, const void *src, size_t len)220{221const br_hash_class *hf;222br_hash_compat_context hc;223224if (hash_id == 0) {225unsigned char tmp[36];226227hf = br_multihash_getimpl(&ctx->eng.mhash, br_md5_ID);228if (hf == NULL) {229return 0;230}231hf->init(&hc.vtable);232hf->update(&hc.vtable, src, len);233hf->out(&hc.vtable, tmp);234hf = br_multihash_getimpl(&ctx->eng.mhash, br_sha1_ID);235if (hf == NULL) {236return 0;237}238hf->init(&hc.vtable);239hf->update(&hc.vtable, src, len);240hf->out(&hc.vtable, tmp + 16);241memcpy(dst, tmp, 36);242return 36;243} else {244hf = br_multihash_getimpl(&ctx->eng.mhash, hash_id);245if (hf == NULL) {246return 0;247}248hf->init(&hc.vtable);249hf->update(&hc.vtable, src, len);250hf->out(&hc.vtable, dst);251return (hf->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK;252}253}254255/*256* Do the ECDHE key exchange (part 1: generation of transient key, and257* computing of the point to send to the client). Returned value is the258* signature length (in bytes), or -x on error (with x being an error259* code). The encoded point is written in the ecdhe_point[] context buffer260* (length in ecdhe_point_len).261*/262static int263do_ecdhe_part1(br_ssl_server_context *ctx, int curve)264{265unsigned algo_id;266unsigned mask;267const unsigned char *order;268size_t olen, glen;269size_t hv_len, sig_len;270271if (!((ctx->eng.iec->supported_curves >> curve) & 1)) {272return -BR_ERR_INVALID_ALGORITHM;273}274ctx->eng.ecdhe_curve = curve;275276/*277* Generate our private key. We need a non-zero random value278* which is lower than the curve order, in a "large enough"279* range. We force the top bit to 0 and bottom bit to 1, which280* does the trick. Note that contrary to what happens in ECDSA,281* this is not a problem if we do not cover the full range of282* possible values.283*/284order = ctx->eng.iec->order(curve, &olen);285mask = 0xFF;286while (mask >= order[0]) {287mask >>= 1;288}289br_hmac_drbg_generate(&ctx->eng.rng, ctx->ecdhe_key, olen);290ctx->ecdhe_key[0] &= mask;291ctx->ecdhe_key[olen - 1] |= 0x01;292ctx->ecdhe_key_len = olen;293294/*295* Compute our ECDH point.296*/297glen = ctx->eng.iec->mulgen(ctx->eng.ecdhe_point,298ctx->ecdhe_key, olen, curve);299ctx->eng.ecdhe_point_len = glen;300301/*302* Assemble the message to be signed, and possibly hash it.303*/304memcpy(ctx->eng.pad, ctx->eng.client_random, 32);305memcpy(ctx->eng.pad + 32, ctx->eng.server_random, 32);306ctx->eng.pad[64 + 0] = 0x03;307ctx->eng.pad[64 + 1] = 0x00;308ctx->eng.pad[64 + 2] = curve;309ctx->eng.pad[64 + 3] = ctx->eng.ecdhe_point_len;310memcpy(ctx->eng.pad + 64 + 4,311ctx->eng.ecdhe_point, ctx->eng.ecdhe_point_len);312hv_len = 64 + 4 + ctx->eng.ecdhe_point_len;313algo_id = ctx->sign_hash_id;314if (algo_id >= (unsigned)0xFF00) {315hv_len = hash_data(ctx, ctx->eng.pad, algo_id & 0xFF,316ctx->eng.pad, hv_len);317if (hv_len == 0) {318return -BR_ERR_INVALID_ALGORITHM;319}320}321322sig_len = (*ctx->policy_vtable)->do_sign(ctx->policy_vtable,323algo_id, ctx->eng.pad, hv_len, sizeof ctx->eng.pad);324return sig_len ? (int)sig_len : -BR_ERR_INVALID_ALGORITHM;325}326327/*328* Do the ECDHE key exchange (part 2: computation of the shared secret329* from the point sent by the client).330*/331static void332do_ecdhe_part2(br_ssl_server_context *ctx, int prf_id,333unsigned char *cpoint, size_t cpoint_len)334{335int curve;336uint32_t ctl;337size_t xoff, xlen;338339curve = ctx->eng.ecdhe_curve;340341/*342* Finalise the key exchange.343*/344ctl = ctx->eng.iec->mul(cpoint, cpoint_len,345ctx->ecdhe_key, ctx->ecdhe_key_len, curve);346xoff = ctx->eng.iec->xoff(curve, &xlen);347ecdh_common(ctx, prf_id, cpoint + xoff, xlen, ctl);348349/*350* Clear the ECDHE private key. Forward Secrecy is achieved insofar351* as that key does not get stolen, so we'd better destroy it352* as soon as it ceases to be useful.353*/354memset(ctx->ecdhe_key, 0, ctx->ecdhe_key_len);355}356357/*358* Offset for hash value within the pad (when obtaining all hash values,359* in preparation for verification of the CertificateVerify message).360* Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value361* is used to get the total length.362*/363static const unsigned char HASH_PAD_OFF[] = { 0, 16, 36, 64, 96, 144, 208 };364365/*366* OID for hash functions in RSA signatures.367*/368static const unsigned char HASH_OID_SHA1[] = {3690x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A370};371372static const unsigned char HASH_OID_SHA224[] = {3730x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04374};375376static const unsigned char HASH_OID_SHA256[] = {3770x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01378};379380static const unsigned char HASH_OID_SHA384[] = {3810x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02382};383384static const unsigned char HASH_OID_SHA512[] = {3850x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03386};387388static const unsigned char *HASH_OID[] = {389HASH_OID_SHA1,390HASH_OID_SHA224,391HASH_OID_SHA256,392HASH_OID_SHA384,393HASH_OID_SHA512394};395396/*397* Verify the signature in CertificateVerify. Returned value is 0 on398* success, or a non-zero error code. Lack of implementation of the399* designated signature algorithm is reported as a "bad signature"400* error (because it means that the peer did not honour our advertised401* set of supported signature algorithms).402*/403static int404verify_CV_sig(br_ssl_server_context *ctx, size_t sig_len)405{406const br_x509_class **xc;407const br_x509_pkey *pk;408int id;409410id = ctx->hash_CV_id;411xc = ctx->eng.x509ctx;412pk = (*xc)->get_pkey(xc, NULL);413if (pk->key_type == BR_KEYTYPE_RSA) {414unsigned char tmp[64];415const unsigned char *hash_oid;416417if (id == 0) {418hash_oid = NULL;419} else {420hash_oid = HASH_OID[id - 2];421}422if (ctx->eng.irsavrfy == 0) {423return BR_ERR_BAD_SIGNATURE;424}425if (!ctx->eng.irsavrfy(ctx->eng.pad, sig_len,426hash_oid, ctx->hash_CV_len, &pk->key.rsa, tmp)427|| memcmp(tmp, ctx->hash_CV, ctx->hash_CV_len) != 0)428{429return BR_ERR_BAD_SIGNATURE;430}431} else {432if (ctx->eng.iecdsa == 0) {433return BR_ERR_BAD_SIGNATURE;434}435if (!ctx->eng.iecdsa(ctx->eng.iec,436ctx->hash_CV, ctx->hash_CV_len,437&pk->key.ec, ctx->eng.pad, sig_len))438{439return BR_ERR_BAD_SIGNATURE;440}441}442return 0;443}444445446447static const unsigned char t0_datablock[] = {4480x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,4490x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,4500x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,4510x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,4520x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,4530x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,4540x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,4550x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,4560x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,4570x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,4580x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,4590x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xC0, 0x9C, 0x06,4600x04, 0xC0, 0x9D, 0x07, 0x04, 0xC0, 0xA0, 0x08, 0x04, 0xC0, 0xA1, 0x09,4610x04, 0xC0, 0xAC, 0x26, 0x04, 0xC0, 0xAD, 0x27, 0x04, 0xC0, 0xAE, 0x28,4620x04, 0xC0, 0xAF, 0x29, 0x04, 0xCC, 0xA8, 0x15, 0x04, 0xCC, 0xA9, 0x25,4630x04, 0x00, 0x00464};465466static const unsigned char t0_codeblock[] = {4670x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,4680x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,4690x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,4700x01, 0x02, 0x09, 0x00, 0x00, 0x29, 0x29, 0x00, 0x00, 0x01,471T0_INT1(BR_ERR_BAD_CCS), 0x00, 0x00, 0x01,472T0_INT1(BR_ERR_BAD_FINISHED), 0x00, 0x00, 0x01,473T0_INT1(BR_ERR_BAD_FRAGLEN), 0x00, 0x00, 0x01,474T0_INT1(BR_ERR_BAD_HANDSHAKE), 0x00, 0x00, 0x01,475T0_INT1(BR_ERR_BAD_PARAM), 0x00, 0x00, 0x01,476T0_INT1(BR_ERR_BAD_SECRENEG), 0x00, 0x00, 0x01,477T0_INT1(BR_ERR_BAD_SIGNATURE), 0x00, 0x00, 0x01,478T0_INT1(BR_ERR_BAD_VERSION), 0x00, 0x00, 0x01,479T0_INT1(BR_ERR_INVALID_ALGORITHM), 0x00, 0x00, 0x01,480T0_INT1(BR_ERR_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,481T0_INT1(BR_ERR_NO_CLIENT_AUTH), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK),4820x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID), 0x00, 0x00, 0x01,483T0_INT1(BR_ERR_UNEXPECTED), 0x00, 0x00, 0x01,484T0_INT1(BR_ERR_WRONG_KEY_USAGE), 0x00, 0x00, 0x01,485T0_INT2(offsetof(br_ssl_engine_context, action)), 0x00, 0x00, 0x01,486T0_INT2(offsetof(br_ssl_engine_context, alert)), 0x00, 0x00, 0x01,487T0_INT2(offsetof(br_ssl_engine_context, application_data)), 0x00, 0x00,4880x01,489T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, cipher_suite)),4900x00, 0x00, 0x01,491T0_INT2(offsetof(br_ssl_server_context, client_max_version)), 0x00,4920x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, client_random)),4930x00, 0x00, 0x01,494T0_INT2(offsetof(br_ssl_server_context, client_suites)), 0x00, 0x00,4950x01, T0_INT2(offsetof(br_ssl_server_context, client_suites_num)),4960x00, 0x00, 0x01,497T0_INT2(offsetof(br_ssl_engine_context, close_received)), 0x00, 0x00,4980x01, T0_INT2(offsetof(br_ssl_server_context, curves)), 0x00, 0x00,4990x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point)), 0x00,5000x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point_len)),5010x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, flags)),5020x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context, hashes)),5030x00, 0x00, 0x7B, 0x01,504T0_INT2(BR_MAX_CIPHER_SUITES * sizeof(br_suite_translated)), 0x00,5050x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, log_max_frag_len)),5060x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, pad)), 0x00,5070x00, 0x01,508T0_INT2(offsetof(br_ssl_engine_context, peer_log_max_frag_len)), 0x00,5090x00, 0x01,510T0_INT2(offsetof(br_ssl_engine_context, protocol_names_num)), 0x00,5110x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, record_type_in)),5120x00, 0x00, 0x01,513T0_INT2(offsetof(br_ssl_engine_context, record_type_out)), 0x00, 0x00,5140x01, T0_INT2(offsetof(br_ssl_engine_context, reneg)), 0x00, 0x00,5150x01, T0_INT2(offsetof(br_ssl_engine_context, saved_finished)), 0x00,5160x00, 0x01,517T0_INT2(offsetof(br_ssl_engine_context, selected_protocol)), 0x00,5180x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, server_name)),5190x00, 0x00, 0x01,520T0_INT2(offsetof(br_ssl_engine_context, server_random)), 0x00, 0x00,5210x01,522T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id)),5230x00, 0x00, 0x01,524T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id_len)),5250x00, 0x00, 0x01,526T0_INT2(offsetof(br_ssl_engine_context, shutdown_recv)), 0x00, 0x00,5270x01, T0_INT2(offsetof(br_ssl_server_context, sign_hash_id)), 0x00,5280x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, suites_buf)), 0x00,5290x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, suites_num)), 0x00,5300x00, 0x01,531T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, version)),5320x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_in)),5330x00, 0x00, 0x01,534T0_INT2(offsetof(br_ssl_engine_context, version_max)), 0x00, 0x00,5350x01, T0_INT2(offsetof(br_ssl_engine_context, version_min)), 0x00,5360x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_out)),5370x00, 0x00, 0x09, 0x2A, 0x5D, 0x06, 0x02, 0x6A, 0x2B, 0x00, 0x00, 0x01,5380x01, 0x00, 0x01, 0x03, 0x00, 0x9B, 0x2A, 0x63, 0x47, 0x9F, 0x2A, 0x05,5390x04, 0x65, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x9F, 0x00,5400x63, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x6A, 0x2B, 0x00, 0x00, 0x2A, 0x8B,5410x47, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x47, 0x78, 0x2E, 0xA8, 0x1C, 0x85,5420x01, 0x0C, 0x33, 0x00, 0x00, 0x2A, 0x22, 0x01, 0x08, 0x0C, 0x47, 0x61,5430x22, 0x08, 0x00, 0x01, 0x03, 0x00, 0x77, 0x30, 0x02, 0x00, 0x38, 0x13,5440x01, 0x01, 0x0C, 0x77, 0x42, 0x2C, 0x19, 0x38, 0x06, 0x07, 0x02, 0x00,5450xD0, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00, 0xC7, 0x02, 0x00, 0x2A, 0x19,5460x13, 0x06, 0x02, 0x71, 0x2B, 0xD0, 0x04, 0x76, 0x00, 0x01, 0x00, 0x77,5470x42, 0x01, 0x16, 0x89, 0x42, 0x01, 0x00, 0x8C, 0x40, 0x36, 0xB1, 0x35,5480x06, 0x02, 0x73, 0x2B, 0x06, 0x0A, 0xD7, 0x01, 0x00, 0xD3, 0x01, 0x00,5490xAD, 0x04, 0x80, 0x46, 0xD7, 0xD4, 0x29, 0xD9, 0x50, 0x06, 0x01, 0xD5,5500xD8, 0x2C, 0x50, 0x06, 0x31, 0x01, 0x00, 0xAE, 0x2A, 0x5D, 0x06, 0x0F,5510x01, 0x02, 0xA4, 0x05, 0x02, 0x37, 0x2B, 0x29, 0xB2, 0xB0, 0x2A, 0xC9,5520x29, 0x04, 0x19, 0x2A, 0x5F, 0x06, 0x0B, 0x29, 0x01, 0x02, 0xA4, 0x05,5530x02, 0x70, 0x2B, 0xB2, 0x04, 0x0A, 0xB4, 0x2A, 0x05, 0x04, 0x29, 0xAB,5540x04, 0x02, 0xB3, 0xAF, 0x04, 0x01, 0xB2, 0x01, 0x00, 0xAD, 0x01, 0x00,5550xD3, 0x3E, 0x01, 0x01, 0x77, 0x42, 0x01, 0x17, 0x89, 0x42, 0x00, 0x00,5560x3A, 0x3A, 0x00, 0x01, 0x03, 0x00, 0x2C, 0x19, 0x38, 0x06, 0x04, 0xCF,5570x29, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00, 0xC6, 0x19, 0x38, 0x06, 0x04,5580xCF, 0x29, 0x04, 0x78, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2B, 0x00,5590x00, 0x81, 0x2F, 0x47, 0x12, 0x01, 0x01, 0x13, 0x37, 0x00, 0x00, 0x2A,5600x05, 0x04, 0x29, 0x01, 0x7F, 0x00, 0x01, 0x00, 0xA2, 0x12, 0x01, 0x01,5610x13, 0x5F, 0x06, 0x03, 0x61, 0x04, 0x75, 0x47, 0x29, 0x00, 0x00, 0x01,5620x7F, 0xA1, 0xCF, 0x2A, 0x01, 0x07, 0x13, 0x01, 0x00, 0x3A, 0x0F, 0x06,5630x0D, 0x29, 0x01, 0x10, 0x13, 0x06, 0x05, 0x01, 0x00, 0x77, 0x42, 0xC5,5640x04, 0x33, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x2A, 0x29, 0x29, 0x8A, 0x30,5650x01, 0x01, 0x0F, 0x01, 0x01, 0xA4, 0x39, 0x06, 0x18, 0xC8, 0x2C, 0x19,5660x38, 0x06, 0x04, 0xCF, 0x29, 0x04, 0x78, 0x01, 0x80, 0x64, 0xC7, 0x01,5670x01, 0x77, 0x42, 0x01, 0x17, 0x89, 0x42, 0x04, 0x03, 0x01, 0x00, 0xA1,5680x04, 0x03, 0x73, 0x2B, 0x29, 0x04, 0xFF, 0x32, 0x01, 0x2A, 0x03, 0x00,5690x09, 0x2A, 0x5D, 0x06, 0x02, 0x6A, 0x2B, 0x02, 0x00, 0x00, 0x00, 0x9C,5700x01, 0x0F, 0x13, 0x00, 0x00, 0x76, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06,5710x10, 0x29, 0x2A, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x29, 0x01, 0x02, 0x76,5720x42, 0x01, 0x00, 0x04, 0x21, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x14, 0x29,5730x01, 0x00, 0x76, 0x42, 0x2A, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01,5740x82, 0x00, 0x08, 0x2B, 0x5F, 0x04, 0x07, 0x29, 0x01, 0x82, 0x00, 0x08,5750x2B, 0x29, 0x00, 0x00, 0x01, 0x00, 0x31, 0x06, 0x05, 0x3D, 0xA9, 0x39,5760x04, 0x78, 0x2A, 0x06, 0x04, 0x01, 0x01, 0x91, 0x42, 0x00, 0x00, 0x01,5770x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x74, 0x2B, 0x78, 0x2E, 0x2A,5780xCB, 0x05, 0x02, 0x73, 0x2B, 0xA8, 0x28, 0x00, 0x02, 0x87, 0x2E, 0x05,5790x02, 0xBC, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x01, 0x7E, 0x03, 0x00, 0x2A,5800x06, 0x17, 0xC2, 0x2A, 0x03, 0x01, 0x85, 0x47, 0xB6, 0x02, 0x01, 0x51,5810x2A, 0x02, 0x00, 0x53, 0x06, 0x04, 0x03, 0x00, 0x04, 0x01, 0x29, 0x04,5820x66, 0x9D, 0x9D, 0x02, 0x00, 0x61, 0x8C, 0x40, 0x00, 0x00, 0x31, 0x06,5830x0B, 0x88, 0x30, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x73, 0x2B, 0x04, 0x11,5840xCF, 0x01, 0x07, 0x13, 0x2A, 0x01, 0x02, 0x0E, 0x06, 0x06, 0x06, 0x02,5850x73, 0x2B, 0x04, 0x70, 0x29, 0xC3, 0x01, 0x01, 0x0E, 0x35, 0x39, 0x06,5860x02, 0x66, 0x2B, 0x2A, 0x01, 0x01, 0xCA, 0x38, 0xB5, 0x00, 0x01, 0xBA,5870x01, 0x0B, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x2A, 0x01, 0x03, 0x0F, 0x06,5880x08, 0xC1, 0x06, 0x02, 0x6A, 0x2B, 0x47, 0x29, 0x00, 0x47, 0x5C, 0xC1,5890xA7, 0x2A, 0x06, 0x23, 0xC1, 0xA7, 0x2A, 0x5B, 0x2A, 0x06, 0x18, 0x2A,5900x01, 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x2A,5910x03, 0x00, 0x85, 0x02, 0x00, 0xB6, 0x02, 0x00, 0x58, 0x04, 0x65, 0x9D,5920x59, 0x04, 0x5A, 0x9D, 0x9D, 0x5A, 0x2A, 0x06, 0x02, 0x37, 0x00, 0x29,5930x2D, 0x00, 0x02, 0x2A, 0x01, 0x20, 0x13, 0x05, 0x02, 0x74, 0x2B, 0x01,5940x0F, 0x13, 0x03, 0x00, 0xB0, 0x95, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06,5950x23, 0xC0, 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x61, 0x01, 0x01, 0x12, 0x02,5960x00, 0x0F, 0x05, 0x02, 0x6C, 0x2B, 0x01, 0x08, 0x12, 0x2A, 0x01, 0x02,5970x0B, 0x3A, 0x01, 0x06, 0x10, 0x39, 0x06, 0x02, 0x6E, 0x2B, 0x04, 0x0D,5980x02, 0x00, 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00, 0x04, 0x02, 0x01,5990x02, 0x20, 0x05, 0x02, 0x6E, 0x2B, 0xC0, 0x2A, 0x03, 0x01, 0x2A, 0x01,6000x84, 0x00, 0x10, 0x06, 0x02, 0x6F, 0x2B, 0x85, 0x47, 0xB6, 0x02, 0x01,6010x55, 0x2A, 0x06, 0x01, 0x2B, 0x29, 0x9D, 0x00, 0x00, 0x1D, 0xBA, 0x01,6020x0F, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x00, 0x0A, 0xBA, 0x01, 0x01, 0x0F,6030x05, 0x02, 0x73, 0x2B, 0xC0, 0x2A, 0x03, 0x00, 0x79, 0x40, 0x7A, 0x01,6040x20, 0xB6, 0xC2, 0x2A, 0x01, 0x20, 0x10, 0x06, 0x02, 0x72, 0x2B, 0x2A,6050x90, 0x42, 0x8F, 0x47, 0xB6, 0x1A, 0x03, 0x01, 0xC0, 0xA7, 0x01, 0x00,6060x03, 0x02, 0x01, 0x00, 0x03, 0x03, 0x83, 0xA2, 0x17, 0x3A, 0x08, 0x03,6070x04, 0x03, 0x05, 0x2A, 0x06, 0x80, 0x6D, 0xC0, 0x2A, 0x03, 0x06, 0x02,6080x01, 0x06, 0x0A, 0x2A, 0x78, 0x2E, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03,6090x03, 0x2A, 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x8A, 0x30, 0x06, 0x02,6100x6B, 0x2B, 0x01, 0x7F, 0x03, 0x02, 0x2A, 0x01, 0x81, 0xAC, 0x00, 0x0F,6110x06, 0x11, 0x02, 0x00, 0x98, 0x2E, 0x11, 0x02, 0x00, 0x97, 0x2E, 0x0B,6120x13, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0xC4, 0x2A, 0x5D, 0x06, 0x03,6130x29, 0x04, 0x26, 0x01, 0x00, 0xA4, 0x06, 0x0B, 0x01, 0x02, 0x0C, 0x7B,6140x08, 0x02, 0x06, 0x47, 0x40, 0x04, 0x16, 0x29, 0x02, 0x05, 0x02, 0x04,6150x11, 0x06, 0x02, 0x69, 0x2B, 0x02, 0x06, 0x02, 0x05, 0x40, 0x02, 0x05,6160x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x29, 0x01, 0x00, 0x03,6170x07, 0xC2, 0xA7, 0x2A, 0x06, 0x09, 0xC2, 0x05, 0x04, 0x01, 0x7F, 0x03,6180x07, 0x04, 0x74, 0x9D, 0x01, 0x00, 0x8D, 0x42, 0x01, 0x88, 0x04, 0x82,6190x41, 0x01, 0x84, 0x80, 0x80, 0x00, 0x7E, 0x41, 0x2A, 0x06, 0x80, 0x4E,6200xC0, 0xA7, 0x2A, 0x06, 0x80, 0x47, 0xC0, 0x01, 0x00, 0x3A, 0x0F, 0x06,6210x04, 0x29, 0xB9, 0x04, 0x39, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29,6220xB7, 0x04, 0x2F, 0x01, 0x83, 0xFE, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29,6230xB8, 0x04, 0x23, 0x01, 0x0D, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBE, 0x04,6240x19, 0x01, 0x0A, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBF, 0x04, 0x0F, 0x01,6250x10, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xAC, 0x04, 0x05, 0x29, 0xBC, 0x01,6260x00, 0x29, 0x04, 0xFF, 0x35, 0x9D, 0x9D, 0x02, 0x01, 0x02, 0x03, 0x13,6270x03, 0x01, 0x02, 0x00, 0x5D, 0x06, 0x08, 0x79, 0x2E, 0x99, 0x40, 0x01,6280x80, 0x56, 0xA3, 0x97, 0x2E, 0x2A, 0x02, 0x00, 0x10, 0x06, 0x03, 0x29,6290x02, 0x00, 0x2A, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x6D, 0x2B, 0x02,6300x00, 0x98, 0x2E, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46, 0xA3, 0x02, 0x01,6310x06, 0x10, 0x95, 0x2E, 0x02, 0x00, 0x0D, 0x06, 0x05, 0x29, 0x95, 0x2E,6320x04, 0x04, 0x01, 0x00, 0x03, 0x01, 0x2A, 0x95, 0x40, 0x2A, 0x96, 0x40,6330x2A, 0x99, 0x40, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08, 0x02, 0x02, 0x06,6340x04, 0x01, 0x02, 0x8A, 0x42, 0x8A, 0x30, 0x05, 0x04, 0x01, 0x01, 0x8A,6350x42, 0x02, 0x07, 0x05, 0x03, 0x01, 0x28, 0xA3, 0x44, 0x29, 0x01, 0x82,6360x01, 0x07, 0x01, 0xFC, 0x80, 0x00, 0x39, 0x82, 0x2F, 0x13, 0x2A, 0x82,6370x41, 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x5E, 0x37, 0x47, 0x01, 0x08, 0x12,6380x5E, 0x01, 0x02, 0x13, 0x39, 0x01, 0x0C, 0x0C, 0x03, 0x09, 0x7E, 0x2F,6390x43, 0x13, 0x2A, 0x7E, 0x41, 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02,6400x01, 0x06, 0x03, 0x01, 0x7F, 0x00, 0x8F, 0x01, 0x20, 0x34, 0x01, 0x20,6410x90, 0x42, 0x7B, 0x2A, 0x03, 0x05, 0x2A, 0x02, 0x04, 0x0B, 0x06, 0x80,6420x49, 0x2A, 0x2E, 0x2A, 0x9C, 0x2A, 0x01, 0x0C, 0x12, 0x2A, 0x01, 0x01,6430x0F, 0x47, 0x01, 0x02, 0x0F, 0x39, 0x06, 0x0A, 0x2A, 0x02, 0x09, 0x13,6440x05, 0x04, 0x65, 0x01, 0x00, 0x2A, 0x02, 0x08, 0x05, 0x0E, 0x2A, 0x01,6450x81, 0x70, 0x13, 0x01, 0x20, 0x0E, 0x06, 0x04, 0x65, 0x01, 0x00, 0x2A,6460x2A, 0x06, 0x10, 0x02, 0x05, 0x63, 0x40, 0x02, 0x05, 0x40, 0x02, 0x05,6470x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0x01, 0x65, 0x01, 0x04, 0x08, 0x04,6480xFF, 0x30, 0x29, 0x02, 0x05, 0x7B, 0x09, 0x01, 0x02, 0x12, 0x2A, 0x05,6490x03, 0x01, 0x28, 0xA3, 0x7C, 0x42, 0x8C, 0x2E, 0x01, 0x83, 0xFF, 0x7F,6500x0F, 0x06, 0x0D, 0x01, 0x03, 0xA4, 0x06, 0x04, 0x01, 0x80, 0x78, 0xA3,6510x01, 0x00, 0x8C, 0x40, 0x18, 0x05, 0x03, 0x01, 0x28, 0xA3, 0x01, 0x00,6520x00, 0x00, 0xB4, 0xB3, 0x00, 0x04, 0x78, 0x2E, 0xCE, 0x06, 0x16, 0xC0,6530x2A, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02, 0x6F, 0x2B, 0x2A, 0x03, 0x00,6540x85, 0x47, 0xB6, 0x02, 0x00, 0x78, 0x2E, 0xA8, 0x27, 0x78, 0x2E, 0x2A,6550xCC, 0x47, 0xCB, 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x39,6560x06, 0x14, 0xC2, 0x2A, 0x03, 0x03, 0x85, 0x47, 0xB6, 0x02, 0x03, 0x78,6570x2E, 0xA8, 0x02, 0x02, 0x06, 0x03, 0x26, 0x04, 0x01, 0x24, 0x9D, 0x00,6580x00, 0xBA, 0x01, 0x10, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x00, 0x00, 0x9E,6590xBA, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x73, 0x2B, 0x85, 0x01, 0x0C, 0x08,6600x01, 0x0C, 0xB6, 0x9D, 0x85, 0x2A, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x32,6610x05, 0x02, 0x67, 0x2B, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00,6620x9A, 0x02, 0x01, 0x02, 0x00, 0x3C, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02,6630x65, 0x00, 0xD1, 0x04, 0x74, 0x00, 0xC0, 0x01, 0x01, 0x0E, 0x06, 0x02,6640x68, 0x2B, 0xC2, 0x2A, 0x2A, 0x5F, 0x47, 0x01, 0x05, 0x11, 0x39, 0x06,6650x02, 0x68, 0x2B, 0x01, 0x08, 0x08, 0x2A, 0x84, 0x30, 0x0B, 0x06, 0x0D,6660x2A, 0x01, 0x01, 0x47, 0x0C, 0x3F, 0x2A, 0x84, 0x42, 0x86, 0x42, 0x04,6670x01, 0x29, 0x00, 0x00, 0xC0, 0x8A, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06,6680x13, 0x29, 0x01, 0x01, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0xC2, 0x06, 0x02,6690x6B, 0x2B, 0x01, 0x02, 0x8A, 0x42, 0x04, 0x28, 0x01, 0x02, 0x3A, 0x0F,6700x06, 0x1F, 0x29, 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0xC2, 0x01,6710x0C, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0x85, 0x01, 0x0C, 0xB6, 0x8B, 0x85,6720x01, 0x0C, 0x32, 0x05, 0x02, 0x6B, 0x2B, 0x04, 0x03, 0x6B, 0x2B, 0x29,6730x00, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x2A, 0x06, 0x1D, 0xC2, 0x06, 0x03,6740xBC, 0x04, 0x15, 0xC0, 0x2A, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x2A,6750x8D, 0x08, 0x01, 0x00, 0x47, 0x42, 0x8D, 0x47, 0xB6, 0x04, 0x01, 0xC9,6760x04, 0x60, 0x9D, 0x9D, 0x00, 0x00, 0xBB, 0x2A, 0x5F, 0x06, 0x07, 0x29,6770x06, 0x02, 0x69, 0x2B, 0x04, 0x74, 0x00, 0x00, 0xC3, 0x01, 0x03, 0xC1,6780x47, 0x29, 0x47, 0x00, 0x00, 0xC0, 0xC9, 0x00, 0x03, 0x01, 0x00, 0x03,6790x00, 0xC0, 0xA7, 0x2A, 0x06, 0x80, 0x50, 0xC2, 0x03, 0x01, 0xC2, 0x03,6800x02, 0x02, 0x01, 0x01, 0x08, 0x0F, 0x06, 0x16, 0x02, 0x02, 0x01, 0x0F,6810x0D, 0x06, 0x0D, 0x01, 0x01, 0x02, 0x02, 0x01, 0x10, 0x08, 0x0C, 0x02,6820x00, 0x39, 0x03, 0x00, 0x04, 0x2A, 0x02, 0x01, 0x01, 0x02, 0x11, 0x02,6830x01, 0x01, 0x06, 0x0D, 0x13, 0x02, 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02,6840x01, 0x03, 0x0F, 0x39, 0x13, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02,6850x02, 0x62, 0x01, 0x02, 0x0C, 0x02, 0x01, 0x08, 0x0C, 0x39, 0x03, 0x00,6860x04, 0xFF, 0x2C, 0x9D, 0x02, 0x00, 0x00, 0x00, 0xC0, 0xA7, 0xBD, 0x82,6870x41, 0x9D, 0x00, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x01, 0x00, 0x7E, 0x41,6880x2A, 0x06, 0x15, 0xC0, 0x2A, 0x01, 0x20, 0x0B, 0x06, 0x0B, 0x01, 0x01,6890x47, 0x0C, 0x7E, 0x2F, 0x39, 0x7E, 0x41, 0x04, 0x01, 0x29, 0x04, 0x68,6900x9D, 0x9D, 0x00, 0x00, 0x01, 0x02, 0x9A, 0xC3, 0x01, 0x08, 0x0C, 0xC3,6910x08, 0x00, 0x00, 0x01, 0x03, 0x9A, 0xC3, 0x01, 0x08, 0x0C, 0xC3, 0x08,6920x01, 0x08, 0x0C, 0xC3, 0x08, 0x00, 0x00, 0x01, 0x01, 0x9A, 0xC3, 0x00,6930x00, 0x3D, 0x2A, 0x5D, 0x05, 0x01, 0x00, 0x29, 0xD1, 0x04, 0x76, 0x02,6940x03, 0x00, 0x94, 0x30, 0x03, 0x01, 0x01, 0x00, 0x2A, 0x02, 0x01, 0x0B,6950x06, 0x10, 0x2A, 0x01, 0x01, 0x0C, 0x93, 0x08, 0x2E, 0x02, 0x00, 0x0F,6960x06, 0x01, 0x00, 0x61, 0x04, 0x6A, 0x29, 0x01, 0x7F, 0x00, 0x00, 0x2C,6970x19, 0x38, 0x06, 0x04, 0xCF, 0x29, 0x04, 0x78, 0x01, 0x16, 0x89, 0x42,6980x01, 0x00, 0xE2, 0x01, 0x00, 0xE1, 0x2C, 0x01, 0x17, 0x89, 0x42, 0x00,6990x00, 0x01, 0x15, 0x89, 0x42, 0x47, 0x57, 0x29, 0x57, 0x29, 0x2C, 0x00,7000x00, 0x01, 0x01, 0x47, 0xC6, 0x00, 0x00, 0xBB, 0x01, 0x01, 0x0F, 0x05,7010x02, 0x73, 0x2B, 0x2A, 0xC9, 0x29, 0x00, 0x00, 0x47, 0x3A, 0x9A, 0x47,7020x2A, 0x06, 0x05, 0xC3, 0x29, 0x62, 0x04, 0x78, 0x29, 0x00, 0x02, 0x03,7030x00, 0x78, 0x2E, 0x9C, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x13, 0x02,7040x01, 0x01, 0x04, 0x12, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x08, 0x12,7050x01, 0x0F, 0x13, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x00,7060x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x81,7070x0D, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x01, 0x01, 0x10,7080x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x80, 0x77, 0x01,7090x02, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00,7100x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x80, 0x61, 0x01, 0x03, 0x3A,7110x0F, 0x06, 0x0F, 0x29, 0x29, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x4A,7120x04, 0x01, 0x4B, 0x04, 0x80, 0x4C, 0x01, 0x04, 0x3A, 0x0F, 0x06, 0x0E,7130x29, 0x29, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x4A, 0x04, 0x01, 0x4B,7140x04, 0x38, 0x01, 0x05, 0x3A, 0x0F, 0x06, 0x0C, 0x29, 0x29, 0x02, 0x00,7150x06, 0x03, 0x4E, 0x04, 0x01, 0x4F, 0x04, 0x26, 0x2A, 0x01, 0x09, 0x10,7160x06, 0x02, 0x6A, 0x2B, 0x47, 0x29, 0x2A, 0x01, 0x01, 0x13, 0x01, 0x04,7170x0C, 0x01, 0x10, 0x08, 0x47, 0x01, 0x08, 0x13, 0x01, 0x10, 0x47, 0x09,7180x02, 0x00, 0x06, 0x03, 0x48, 0x04, 0x01, 0x49, 0x00, 0x29, 0x00, 0x00,7190x9C, 0x01, 0x0C, 0x12, 0x01, 0x02, 0x10, 0x00, 0x00, 0x9C, 0x01, 0x0C,7200x12, 0x2A, 0x60, 0x47, 0x01, 0x03, 0x0B, 0x13, 0x00, 0x00, 0x9C, 0x01,7210x0C, 0x12, 0x01, 0x01, 0x0F, 0x00, 0x00, 0x9C, 0x01, 0x0C, 0x12, 0x5F,7220x00, 0x00, 0x1B, 0x01, 0x00, 0x75, 0x30, 0x2A, 0x06, 0x22, 0x01, 0x01,7230x3A, 0x0F, 0x06, 0x06, 0x29, 0x01, 0x00, 0xA0, 0x04, 0x14, 0x01, 0x02,7240x3A, 0x0F, 0x06, 0x0D, 0x29, 0x77, 0x30, 0x01, 0x01, 0x0F, 0x06, 0x03,7250x01, 0x10, 0x39, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x7D, 0x30, 0x05,7260x33, 0x31, 0x06, 0x30, 0x88, 0x30, 0x01, 0x14, 0x3A, 0x0F, 0x06, 0x06,7270x29, 0x01, 0x02, 0x39, 0x04, 0x22, 0x01, 0x15, 0x3A, 0x0F, 0x06, 0x09,7280x29, 0xAA, 0x06, 0x03, 0x01, 0x7F, 0xA0, 0x04, 0x13, 0x01, 0x16, 0x3A,7290x0F, 0x06, 0x06, 0x29, 0x01, 0x01, 0x39, 0x04, 0x07, 0x29, 0x01, 0x04,7300x39, 0x01, 0x00, 0x29, 0x19, 0x06, 0x03, 0x01, 0x08, 0x39, 0x00, 0x00,7310x1B, 0x2A, 0x05, 0x13, 0x31, 0x06, 0x10, 0x88, 0x30, 0x01, 0x15, 0x0F,7320x06, 0x08, 0x29, 0xAA, 0x01, 0x00, 0x77, 0x42, 0x04, 0x01, 0x23, 0x00,7330x00, 0xCF, 0x01, 0x07, 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x73, 0x2B,7340x00, 0x01, 0x03, 0x00, 0x2C, 0x19, 0x06, 0x05, 0x02, 0x00, 0x89, 0x42,7350x00, 0xCF, 0x29, 0x04, 0x74, 0x00, 0x01, 0x14, 0xD2, 0x01, 0x01, 0xE2,7360x2C, 0x2A, 0x01, 0x00, 0xCA, 0x01, 0x16, 0xD2, 0xD6, 0x2C, 0x00, 0x00,7370x01, 0x0B, 0xE2, 0x52, 0x2A, 0x2A, 0x01, 0x03, 0x08, 0xE1, 0xE1, 0x14,7380x2A, 0x5D, 0x06, 0x02, 0x29, 0x00, 0xE1, 0x1E, 0x2A, 0x06, 0x05, 0x85,7390x47, 0xDA, 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xDC, 0x95,7400x2E, 0x01, 0x86, 0x03, 0x11, 0x06, 0x05, 0x63, 0x01, 0x00, 0xDD, 0x08,7410x50, 0x08, 0x01, 0x03, 0x08, 0x01, 0x0D, 0xE2, 0xE1, 0x01, 0x00, 0xDC,7420xE2, 0x01, 0x01, 0xDC, 0x29, 0x95, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06,7430x08, 0x01, 0x00, 0xDD, 0xE0, 0x01, 0x01, 0xDD, 0x29, 0x50, 0xE0, 0x16,7440x15, 0x2A, 0x5D, 0x06, 0x02, 0x29, 0x00, 0xE0, 0x1F, 0x2A, 0x06, 0x05,7450x85, 0x47, 0xDA, 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x9E, 0x01, 0x14,7460xE2, 0x01, 0x0C, 0xE1, 0x85, 0x01, 0x0C, 0xDA, 0x00, 0x04, 0x03, 0x00,7470x01, 0x02, 0xE2, 0x01, 0x80, 0x46, 0x8A, 0x30, 0x01, 0x02, 0x0F, 0x06,7480x0C, 0x02, 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04,7490x02, 0x01, 0x00, 0x03, 0x01, 0x86, 0x30, 0x06, 0x04, 0x01, 0x05, 0x04,7500x02, 0x01, 0x00, 0x03, 0x02, 0x8C, 0x2E, 0x2A, 0x06, 0x05, 0x62, 0x21,7510x01, 0x07, 0x08, 0x03, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03,7520x08, 0x2A, 0x06, 0x03, 0x01, 0x02, 0x08, 0x08, 0xE1, 0x95, 0x2E, 0xE0,7530x8E, 0x01, 0x04, 0x17, 0x8E, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x34, 0x8E,7540x01, 0x20, 0xDA, 0x01, 0x20, 0xE2, 0x8F, 0x01, 0x20, 0xDA, 0x78, 0x2E,7550xE0, 0x01, 0x00, 0xE2, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08,7560x2A, 0x06, 0x80, 0x40, 0xE0, 0x02, 0x01, 0x2A, 0x06, 0x10, 0x01, 0x83,7570xFE, 0x01, 0xE0, 0x01, 0x04, 0x09, 0x2A, 0xE0, 0x62, 0x8B, 0x47, 0xDB,7580x04, 0x01, 0x29, 0x02, 0x02, 0x06, 0x0C, 0x01, 0x01, 0xE0, 0x01, 0x01,7590xE0, 0x86, 0x30, 0x01, 0x08, 0x09, 0xE2, 0x02, 0x03, 0x2A, 0x06, 0x11,7600x01, 0x10, 0xE0, 0x01, 0x04, 0x09, 0x2A, 0xE0, 0x64, 0x2A, 0xE0, 0x62,7610x85, 0x47, 0xDB, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x00, 0x00, 0x01,7620x0E, 0xE2, 0x01, 0x00, 0xE1, 0x00, 0x03, 0x78, 0x2E, 0xCC, 0x05, 0x01,7630x00, 0x7E, 0x2F, 0x2A, 0x01, 0x82, 0x80, 0x80, 0x80, 0x00, 0x13, 0x06,7640x05, 0x29, 0x01, 0x1D, 0x04, 0x0E, 0x2A, 0x01, 0x83, 0xC0, 0x80, 0x80,7650x00, 0x13, 0x2A, 0x06, 0x01, 0x47, 0x29, 0xA5, 0x03, 0x00, 0x02, 0x00,7660x25, 0x2A, 0x5D, 0x06, 0x02, 0x37, 0x2B, 0x03, 0x01, 0x95, 0x2E, 0x01,7670x86, 0x03, 0x11, 0x03, 0x02, 0x01, 0x0C, 0xE2, 0x02, 0x01, 0x80, 0x30,7680x08, 0x02, 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0xE1, 0x01,7690x03, 0xE2, 0x02, 0x00, 0xE0, 0x7F, 0x80, 0x30, 0xDB, 0x02, 0x02, 0x06,7700x1C, 0x92, 0x2E, 0x2A, 0x01, 0x83, 0xFE, 0x00, 0x0B, 0x06, 0x03, 0xE0,7710x04, 0x0F, 0x01, 0x81, 0x7F, 0x13, 0xE2, 0x78, 0x2E, 0xCD, 0x01, 0x01,7720x0C, 0x01, 0x03, 0x08, 0xE2, 0x02, 0x01, 0xE0, 0x85, 0x02, 0x01, 0xDA,7730x00, 0x00, 0x56, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x65, 0x00, 0xCF,7740x29, 0x04, 0x73, 0x00, 0x2A, 0xE2, 0xDA, 0x00, 0x00, 0x01, 0x00, 0x78,7750x2E, 0xCB, 0x06, 0x0C, 0x63, 0x3A, 0x06, 0x08, 0x01, 0x80, 0x41, 0xE2,7760x01, 0x80, 0x42, 0xE2, 0x46, 0x06, 0x07, 0x61, 0x3A, 0x06, 0x03, 0x01,7770x01, 0xE2, 0x45, 0x06, 0x08, 0x61, 0x3A, 0x06, 0x04, 0x01, 0x80, 0x40,7780xE2, 0x47, 0x29, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00, 0x46, 0x45, 0x39,7790x05, 0x14, 0x01, 0x01, 0x01, 0x80, 0x7C, 0xDE, 0x03, 0x00, 0x01, 0x03,7800x01, 0x80, 0x7C, 0xDE, 0x02, 0x00, 0x08, 0x47, 0x29, 0x00, 0x46, 0x06,7810x07, 0x01, 0x01, 0x44, 0x29, 0xDE, 0x03, 0x00, 0x45, 0x06, 0x0A, 0x01,7820x03, 0x44, 0x29, 0xDE, 0x02, 0x00, 0x08, 0x03, 0x00, 0x29, 0x02, 0x00,7830x00, 0x00, 0x01, 0x00, 0x01, 0x04, 0xDF, 0x01, 0x05, 0xDF, 0x01, 0x06,7840xDF, 0x01, 0x03, 0xDF, 0x01, 0x02, 0xDF, 0x0A, 0x65, 0x00, 0x01, 0x03,7850x00, 0x3A, 0x01, 0x01, 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x63,7860x01, 0x03, 0x3B, 0x06, 0x07, 0x02, 0x00, 0xE2, 0x01, 0x02, 0x3B, 0xE2,7870x00, 0x00, 0x2A, 0x01, 0x08, 0x54, 0xE2, 0xE2, 0x00, 0x00, 0x2A, 0x01,7880x10, 0x54, 0xE2, 0xE0, 0x00, 0x00, 0x2A, 0x57, 0x06, 0x02, 0x29, 0x00,7890xCF, 0x29, 0x04, 0x76790};791792static const uint16_t t0_caddr[] = {7930,7945,79510,79615,79720,79825,79930,80035,80140,80244,80348,80452,80556,80660,80764,80868,80972,81076,81180,81284,81388,81492,81596,816100,817104,818109,819114,820119,821124,822129,823134,824139,825144,826149,827154,828159,829164,830169,831174,832180,833185,834190,835195,836200,837205,838210,839215,840220,841225,842230,843235,844240,845245,846250,847255,848260,849265,850270,851275,852280,853285,854290,855299,856303,857328,858334,859353,860364,861405,862516,863520,864553,865563,866587,867669,868683,869689,870748,871767,872789,873838,874887,875963,8761065,8771076,8781670,8791674,8801741,8811751,8821782,8831806,8841852,8851922,8861962,8871976,8881985,8891989,8902084,8912092,8922128,8932139,8942155,8952161,8962172,8972207,8982233,8992245,9002251,9012264,9022279,9032472,9042481,9052494,9062503,9072510,9082616,9092641,9102654,9112670,9122688,9132720,9142793,9152806,9162987,9172995,9183122,9193136,9203141,9213185,9223242,9233263,9243290,9253298,9263306927};928929#define T0_INTERPRETED 93930931#define T0_ENTER(ip, rp, slot) do { \932const unsigned char *t0_newip; \933uint32_t t0_lnum; \934t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \935t0_lnum = t0_parse7E_unsigned(&t0_newip); \936(rp) += t0_lnum; \937*((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \938(ip) = t0_newip; \939} while (0)940941#define T0_DEFENTRY(name, slot) \942void \943name(void *ctx) \944{ \945t0_context *t0ctx = ctx; \946t0ctx->ip = &t0_codeblock[0]; \947T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \948}949950T0_DEFENTRY(br_ssl_hs_server_init_main, 166)951952#define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)953954void955br_ssl_hs_server_run(void *t0ctx)956{957uint32_t *dp, *rp;958const unsigned char *ip;959960#define T0_LOCAL(x) (*(rp - 2 - (x)))961#define T0_POP() (*-- dp)962#define T0_POPi() (*(int32_t *)(-- dp))963#define T0_PEEK(x) (*(dp - 1 - (x)))964#define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))965#define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)966#define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)967#define T0_RPOP() (*-- rp)968#define T0_RPOPi() (*(int32_t *)(-- rp))969#define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)970#define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)971#define T0_ROLL(x) do { \972size_t t0len = (size_t)(x); \973uint32_t t0tmp = *(dp - 1 - t0len); \974memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \975*(dp - 1) = t0tmp; \976} while (0)977#define T0_SWAP() do { \978uint32_t t0tmp = *(dp - 2); \979*(dp - 2) = *(dp - 1); \980*(dp - 1) = t0tmp; \981} while (0)982#define T0_ROT() do { \983uint32_t t0tmp = *(dp - 3); \984*(dp - 3) = *(dp - 2); \985*(dp - 2) = *(dp - 1); \986*(dp - 1) = t0tmp; \987} while (0)988#define T0_NROT() do { \989uint32_t t0tmp = *(dp - 1); \990*(dp - 1) = *(dp - 2); \991*(dp - 2) = *(dp - 3); \992*(dp - 3) = t0tmp; \993} while (0)994#define T0_PICK(x) do { \995uint32_t t0depth = (x); \996T0_PUSH(T0_PEEK(t0depth)); \997} while (0)998#define T0_CO() do { \999goto t0_exit; \1000} while (0)1001#define T0_RET() goto t0_next10021003dp = ((t0_context *)t0ctx)->dp;1004rp = ((t0_context *)t0ctx)->rp;1005ip = ((t0_context *)t0ctx)->ip;1006goto t0_next;1007for (;;) {1008uint32_t t0x;10091010t0_next:1011t0x = T0_NEXT(&ip);1012if (t0x < T0_INTERPRETED) {1013switch (t0x) {1014int32_t t0off;10151016case 0: /* ret */1017t0x = T0_RPOP();1018rp -= (t0x >> 16);1019t0x &= 0xFFFF;1020if (t0x == 0) {1021ip = NULL;1022goto t0_exit;1023}1024ip = &t0_codeblock[t0x];1025break;1026case 1: /* literal constant */1027T0_PUSHi(t0_parse7E_signed(&ip));1028break;1029case 2: /* read local */1030T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));1031break;1032case 3: /* write local */1033T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();1034break;1035case 4: /* jump */1036t0off = t0_parse7E_signed(&ip);1037ip += t0off;1038break;1039case 5: /* jump if */1040t0off = t0_parse7E_signed(&ip);1041if (T0_POP()) {1042ip += t0off;1043}1044break;1045case 6: /* jump if not */1046t0off = t0_parse7E_signed(&ip);1047if (!T0_POP()) {1048ip += t0off;1049}1050break;1051case 7: {1052/* * */10531054uint32_t b = T0_POP();1055uint32_t a = T0_POP();1056T0_PUSH(a * b);10571058}1059break;1060case 8: {1061/* + */10621063uint32_t b = T0_POP();1064uint32_t a = T0_POP();1065T0_PUSH(a + b);10661067}1068break;1069case 9: {1070/* - */10711072uint32_t b = T0_POP();1073uint32_t a = T0_POP();1074T0_PUSH(a - b);10751076}1077break;1078case 10: {1079/* -rot */1080T0_NROT();1081}1082break;1083case 11: {1084/* < */10851086int32_t b = T0_POPi();1087int32_t a = T0_POPi();1088T0_PUSH(-(uint32_t)(a < b));10891090}1091break;1092case 12: {1093/* << */10941095int c = (int)T0_POPi();1096uint32_t x = T0_POP();1097T0_PUSH(x << c);10981099}1100break;1101case 13: {1102/* <= */11031104int32_t b = T0_POPi();1105int32_t a = T0_POPi();1106T0_PUSH(-(uint32_t)(a <= b));11071108}1109break;1110case 14: {1111/* <> */11121113uint32_t b = T0_POP();1114uint32_t a = T0_POP();1115T0_PUSH(-(uint32_t)(a != b));11161117}1118break;1119case 15: {1120/* = */11211122uint32_t b = T0_POP();1123uint32_t a = T0_POP();1124T0_PUSH(-(uint32_t)(a == b));11251126}1127break;1128case 16: {1129/* > */11301131int32_t b = T0_POPi();1132int32_t a = T0_POPi();1133T0_PUSH(-(uint32_t)(a > b));11341135}1136break;1137case 17: {1138/* >= */11391140int32_t b = T0_POPi();1141int32_t a = T0_POPi();1142T0_PUSH(-(uint32_t)(a >= b));11431144}1145break;1146case 18: {1147/* >> */11481149int c = (int)T0_POPi();1150int32_t x = T0_POPi();1151T0_PUSHi(x >> c);11521153}1154break;1155case 19: {1156/* and */11571158uint32_t b = T0_POP();1159uint32_t a = T0_POP();1160T0_PUSH(a & b);11611162}1163break;1164case 20: {1165/* begin-cert */11661167if (ENG->chain_len == 0) {1168T0_PUSHi(-1);1169} else {1170ENG->cert_cur = ENG->chain->data;1171ENG->cert_len = ENG->chain->data_len;1172ENG->chain ++;1173ENG->chain_len --;1174T0_PUSH(ENG->cert_len);1175}11761177}1178break;1179case 21: {1180/* begin-ta-name */11811182const br_x500_name *dn;1183if (CTX->cur_dn_index >= CTX->num_tas) {1184T0_PUSHi(-1);1185} else {1186if (CTX->ta_names == NULL) {1187dn = &CTX->tas[CTX->cur_dn_index].dn;1188} else {1189dn = &CTX->ta_names[CTX->cur_dn_index];1190}1191CTX->cur_dn_index ++;1192CTX->cur_dn = dn->data;1193CTX->cur_dn_len = dn->len;1194T0_PUSH(CTX->cur_dn_len);1195}11961197}1198break;1199case 22: {1200/* begin-ta-name-list */12011202CTX->cur_dn_index = 0;12031204}1205break;1206case 23: {1207/* bzero */12081209size_t len = (size_t)T0_POP();1210void *addr = (unsigned char *)ENG + (size_t)T0_POP();1211memset(addr, 0, len);12121213}1214break;1215case 24: {1216/* call-policy-handler */12171218int x;1219br_ssl_server_choices choices;12201221x = (*CTX->policy_vtable)->choose(1222CTX->policy_vtable, CTX, &choices);1223ENG->session.cipher_suite = choices.cipher_suite;1224CTX->sign_hash_id = choices.algo_id;1225ENG->chain = choices.chain;1226ENG->chain_len = choices.chain_len;1227T0_PUSHi(-(x != 0));12281229}1230break;1231case 25: {1232/* can-output? */12331234T0_PUSHi(-(ENG->hlen_out > 0));12351236}1237break;1238case 26: {1239/* check-resume */12401241if (ENG->session.session_id_len == 321242&& CTX->cache_vtable != NULL && (*CTX->cache_vtable)->load(1243CTX->cache_vtable, CTX, &ENG->session))1244{1245T0_PUSHi(-1);1246} else {1247T0_PUSH(0);1248}12491250}1251break;1252case 27: {1253/* co */1254T0_CO();1255}1256break;1257case 28: {1258/* compute-Finished-inner */12591260int prf_id = T0_POP();1261int from_client = T0_POPi();1262unsigned char tmp[48];1263br_tls_prf_seed_chunk seed;12641265br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id);1266seed.data = tmp;1267if (ENG->session.version >= BR_TLS12) {1268seed.len = br_multihash_out(&ENG->mhash, prf_id, tmp);1269} else {1270br_multihash_out(&ENG->mhash, br_md5_ID, tmp);1271br_multihash_out(&ENG->mhash, br_sha1_ID, tmp + 16);1272seed.len = 36;1273}1274prf(ENG->pad, 12, ENG->session.master_secret,1275sizeof ENG->session.master_secret,1276from_client ? "client finished" : "server finished",12771, &seed);12781279}1280break;1281case 29: {1282/* compute-hash-CV */12831284int i;12851286for (i = 1; i <= 6; i ++) {1287br_multihash_out(&ENG->mhash, i,1288ENG->pad + HASH_PAD_OFF[i - 1]);1289}12901291}1292break;1293case 30: {1294/* copy-cert-chunk */12951296size_t clen;12971298clen = ENG->cert_len;1299if (clen > sizeof ENG->pad) {1300clen = sizeof ENG->pad;1301}1302memcpy(ENG->pad, ENG->cert_cur, clen);1303ENG->cert_cur += clen;1304ENG->cert_len -= clen;1305T0_PUSH(clen);13061307}1308break;1309case 31: {1310/* copy-dn-chunk */13111312size_t clen;13131314clen = CTX->cur_dn_len;1315if (clen > sizeof ENG->pad) {1316clen = sizeof ENG->pad;1317}1318memcpy(ENG->pad, CTX->cur_dn, clen);1319CTX->cur_dn += clen;1320CTX->cur_dn_len -= clen;1321T0_PUSH(clen);13221323}1324break;1325case 32: {1326/* copy-hash-CV */13271328int id = T0_POP();1329size_t off, len;13301331if (id == 0) {1332off = 0;1333len = 36;1334} else {1335if (br_multihash_getimpl(&ENG->mhash, id) == 0) {1336T0_PUSH(0);1337T0_RET();1338}1339off = HASH_PAD_OFF[id - 1];1340len = HASH_PAD_OFF[id] - off;1341}1342memcpy(CTX->hash_CV, ENG->pad + off, len);1343CTX->hash_CV_len = len;1344CTX->hash_CV_id = id;1345T0_PUSHi(-1);13461347}1348break;1349case 33: {1350/* copy-protocol-name */13511352size_t idx = T0_POP();1353size_t len = strlen(ENG->protocol_names[idx]);1354memcpy(ENG->pad, ENG->protocol_names[idx], len);1355T0_PUSH(len);13561357}1358break;1359case 34: {1360/* data-get8 */13611362size_t addr = T0_POP();1363T0_PUSH(t0_datablock[addr]);13641365}1366break;1367case 35: {1368/* discard-input */13691370ENG->hlen_in = 0;13711372}1373break;1374case 36: {1375/* do-ecdh */13761377int prf_id = T0_POPi();1378size_t len = T0_POP();1379do_ecdh(CTX, prf_id, ENG->pad, len);13801381}1382break;1383case 37: {1384/* do-ecdhe-part1 */13851386int curve = T0_POPi();1387T0_PUSHi(do_ecdhe_part1(CTX, curve));13881389}1390break;1391case 38: {1392/* do-ecdhe-part2 */13931394int prf_id = T0_POPi();1395size_t len = T0_POP();1396do_ecdhe_part2(CTX, prf_id, ENG->pad, len);13971398}1399break;1400case 39: {1401/* do-rsa-decrypt */14021403int prf_id = T0_POPi();1404size_t len = T0_POP();1405do_rsa_decrypt(CTX, prf_id, ENG->pad, len);14061407}1408break;1409case 40: {1410/* do-static-ecdh */14111412do_static_ecdh(CTX, T0_POP());14131414}1415break;1416case 41: {1417/* drop */1418(void)T0_POP();1419}1420break;1421case 42: {1422/* dup */1423T0_PUSH(T0_PEEK(0));1424}1425break;1426case 43: {1427/* fail */14281429br_ssl_engine_fail(ENG, (int)T0_POPi());1430T0_CO();14311432}1433break;1434case 44: {1435/* flush-record */14361437br_ssl_engine_flush_record(ENG);14381439}1440break;1441case 45: {1442/* get-key-type-usages */14431444const br_x509_class *xc;1445const br_x509_pkey *pk;1446unsigned usages;14471448xc = *(ENG->x509ctx);1449pk = xc->get_pkey(ENG->x509ctx, &usages);1450if (pk == NULL) {1451T0_PUSH(0);1452} else {1453T0_PUSH(pk->key_type | usages);1454}14551456}1457break;1458case 46: {1459/* get16 */14601461size_t addr = (size_t)T0_POP();1462T0_PUSH(*(uint16_t *)(void *)((unsigned char *)ENG + addr));14631464}1465break;1466case 47: {1467/* get32 */14681469size_t addr = (size_t)T0_POP();1470T0_PUSH(*(uint32_t *)(void *)((unsigned char *)ENG + addr));14711472}1473break;1474case 48: {1475/* get8 */14761477size_t addr = (size_t)T0_POP();1478T0_PUSH(*((unsigned char *)ENG + addr));14791480}1481break;1482case 49: {1483/* has-input? */14841485T0_PUSHi(-(ENG->hlen_in != 0));14861487}1488break;1489case 50: {1490/* memcmp */14911492size_t len = (size_t)T0_POP();1493void *addr2 = (unsigned char *)ENG + (size_t)T0_POP();1494void *addr1 = (unsigned char *)ENG + (size_t)T0_POP();1495int x = memcmp(addr1, addr2, len);1496T0_PUSH((uint32_t)-(x == 0));14971498}1499break;1500case 51: {1501/* memcpy */15021503size_t len = (size_t)T0_POP();1504void *src = (unsigned char *)ENG + (size_t)T0_POP();1505void *dst = (unsigned char *)ENG + (size_t)T0_POP();1506memcpy(dst, src, len);15071508}1509break;1510case 52: {1511/* mkrand */15121513size_t len = (size_t)T0_POP();1514void *addr = (unsigned char *)ENG + (size_t)T0_POP();1515br_hmac_drbg_generate(&ENG->rng, addr, len);15161517}1518break;1519case 53: {1520/* more-incoming-bytes? */15211522T0_PUSHi(ENG->hlen_in != 0 || !br_ssl_engine_recvrec_finished(ENG));15231524}1525break;1526case 54: {1527/* multihash-init */15281529br_multihash_init(&ENG->mhash);15301531}1532break;1533case 55: {1534/* neg */15351536uint32_t a = T0_POP();1537T0_PUSH(-a);15381539}1540break;1541case 56: {1542/* not */15431544uint32_t a = T0_POP();1545T0_PUSH(~a);15461547}1548break;1549case 57: {1550/* or */15511552uint32_t b = T0_POP();1553uint32_t a = T0_POP();1554T0_PUSH(a | b);15551556}1557break;1558case 58: {1559/* over */1560T0_PUSH(T0_PEEK(1));1561}1562break;1563case 59: {1564/* pick */1565T0_PICK(T0_POP());1566}1567break;1568case 60: {1569/* read-chunk-native */15701571size_t clen = ENG->hlen_in;1572if (clen > 0) {1573uint32_t addr, len;15741575len = T0_POP();1576addr = T0_POP();1577if ((size_t)len < clen) {1578clen = (size_t)len;1579}1580memcpy((unsigned char *)ENG + addr, ENG->hbuf_in, clen);1581if (ENG->record_type_in == BR_SSL_HANDSHAKE) {1582br_multihash_update(&ENG->mhash, ENG->hbuf_in, clen);1583}1584T0_PUSH(addr + (uint32_t)clen);1585T0_PUSH(len - (uint32_t)clen);1586ENG->hbuf_in += clen;1587ENG->hlen_in -= clen;1588}15891590}1591break;1592case 61: {1593/* read8-native */15941595if (ENG->hlen_in > 0) {1596unsigned char x;15971598x = *ENG->hbuf_in ++;1599if (ENG->record_type_in == BR_SSL_HANDSHAKE) {1600br_multihash_update(&ENG->mhash, &x, 1);1601}1602T0_PUSH(x);1603ENG->hlen_in --;1604} else {1605T0_PUSHi(-1);1606}16071608}1609break;1610case 62: {1611/* save-session */16121613if (CTX->cache_vtable != NULL) {1614(*CTX->cache_vtable)->save(1615CTX->cache_vtable, CTX, &ENG->session);1616}16171618}1619break;1620case 63: {1621/* set-max-frag-len */16221623size_t max_frag_len = T0_POP();16241625br_ssl_engine_new_max_frag_len(ENG, max_frag_len);16261627/*1628* We must adjust our own output limit. Since we call this only1629* after receiving a ClientHello and before beginning to send1630* the ServerHello, the next output record should be empty at1631* that point, so we can use max_frag_len as a limit.1632*/1633if (ENG->hlen_out > max_frag_len) {1634ENG->hlen_out = max_frag_len;1635}16361637}1638break;1639case 64: {1640/* set16 */16411642size_t addr = (size_t)T0_POP();1643*(uint16_t *)(void *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP();16441645}1646break;1647case 65: {1648/* set32 */16491650size_t addr = (size_t)T0_POP();1651*(uint32_t *)(void *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP();16521653}1654break;1655case 66: {1656/* set8 */16571658size_t addr = (size_t)T0_POP();1659*((unsigned char *)ENG + addr) = (unsigned char)T0_POP();16601661}1662break;1663case 67: {1664/* supported-curves */16651666uint32_t x = ENG->iec == NULL ? 0 : ENG->iec->supported_curves;1667T0_PUSH(x);16681669}1670break;1671case 68: {1672/* supported-hash-functions */16731674int i;1675unsigned x, num;16761677x = 0;1678num = 0;1679for (i = br_sha1_ID; i <= br_sha512_ID; i ++) {1680if (br_multihash_getimpl(&ENG->mhash, i)) {1681x |= 1U << i;1682num ++;1683}1684}1685T0_PUSH(x);1686T0_PUSH(num);16871688}1689break;1690case 69: {1691/* supports-ecdsa? */16921693T0_PUSHi(-(ENG->iecdsa != 0));16941695}1696break;1697case 70: {1698/* supports-rsa-sign? */16991700T0_PUSHi(-(ENG->irsavrfy != 0));17011702}1703break;1704case 71: {1705/* swap */1706T0_SWAP();1707}1708break;1709case 72: {1710/* switch-aesccm-in */17111712int is_client, prf_id;1713unsigned cipher_key_len, tag_len;17141715tag_len = T0_POP();1716cipher_key_len = T0_POP();1717prf_id = T0_POP();1718is_client = T0_POP();1719br_ssl_engine_switch_ccm_in(ENG, is_client, prf_id,1720ENG->iaes_ctrcbc, cipher_key_len, tag_len);17211722}1723break;1724case 73: {1725/* switch-aesccm-out */17261727int is_client, prf_id;1728unsigned cipher_key_len, tag_len;17291730tag_len = T0_POP();1731cipher_key_len = T0_POP();1732prf_id = T0_POP();1733is_client = T0_POP();1734br_ssl_engine_switch_ccm_out(ENG, is_client, prf_id,1735ENG->iaes_ctrcbc, cipher_key_len, tag_len);17361737}1738break;1739case 74: {1740/* switch-aesgcm-in */17411742int is_client, prf_id;1743unsigned cipher_key_len;17441745cipher_key_len = T0_POP();1746prf_id = T0_POP();1747is_client = T0_POP();1748br_ssl_engine_switch_gcm_in(ENG, is_client, prf_id,1749ENG->iaes_ctr, cipher_key_len);17501751}1752break;1753case 75: {1754/* switch-aesgcm-out */17551756int is_client, prf_id;1757unsigned cipher_key_len;17581759cipher_key_len = T0_POP();1760prf_id = T0_POP();1761is_client = T0_POP();1762br_ssl_engine_switch_gcm_out(ENG, is_client, prf_id,1763ENG->iaes_ctr, cipher_key_len);17641765}1766break;1767case 76: {1768/* switch-cbc-in */17691770int is_client, prf_id, mac_id, aes;1771unsigned cipher_key_len;17721773cipher_key_len = T0_POP();1774aes = T0_POP();1775mac_id = T0_POP();1776prf_id = T0_POP();1777is_client = T0_POP();1778br_ssl_engine_switch_cbc_in(ENG, is_client, prf_id, mac_id,1779aes ? ENG->iaes_cbcdec : ENG->ides_cbcdec, cipher_key_len);17801781}1782break;1783case 77: {1784/* switch-cbc-out */17851786int is_client, prf_id, mac_id, aes;1787unsigned cipher_key_len;17881789cipher_key_len = T0_POP();1790aes = T0_POP();1791mac_id = T0_POP();1792prf_id = T0_POP();1793is_client = T0_POP();1794br_ssl_engine_switch_cbc_out(ENG, is_client, prf_id, mac_id,1795aes ? ENG->iaes_cbcenc : ENG->ides_cbcenc, cipher_key_len);17961797}1798break;1799case 78: {1800/* switch-chapol-in */18011802int is_client, prf_id;18031804prf_id = T0_POP();1805is_client = T0_POP();1806br_ssl_engine_switch_chapol_in(ENG, is_client, prf_id);18071808}1809break;1810case 79: {1811/* switch-chapol-out */18121813int is_client, prf_id;18141815prf_id = T0_POP();1816is_client = T0_POP();1817br_ssl_engine_switch_chapol_out(ENG, is_client, prf_id);18181819}1820break;1821case 80: {1822/* ta-names-total-length */18231824size_t u, len;18251826len = 0;1827if (CTX->ta_names != NULL) {1828for (u = 0; u < CTX->num_tas; u ++) {1829len += CTX->ta_names[u].len + 2;1830}1831} else if (CTX->tas != NULL) {1832for (u = 0; u < CTX->num_tas; u ++) {1833len += CTX->tas[u].dn.len + 2;1834}1835}1836T0_PUSH(len);18371838}1839break;1840case 81: {1841/* test-protocol-name */18421843size_t len = T0_POP();1844size_t u;18451846for (u = 0; u < ENG->protocol_names_num; u ++) {1847const char *name;18481849name = ENG->protocol_names[u];1850if (len == strlen(name) && memcmp(ENG->pad, name, len) == 0) {1851T0_PUSH(u);1852T0_RET();1853}1854}1855T0_PUSHi(-1);18561857}1858break;1859case 82: {1860/* total-chain-length */18611862size_t u;1863uint32_t total;18641865total = 0;1866for (u = 0; u < ENG->chain_len; u ++) {1867total += 3 + (uint32_t)ENG->chain[u].data_len;1868}1869T0_PUSH(total);18701871}1872break;1873case 83: {1874/* u< */18751876uint32_t b = T0_POP();1877uint32_t a = T0_POP();1878T0_PUSH(-(uint32_t)(a < b));18791880}1881break;1882case 84: {1883/* u>> */18841885int c = (int)T0_POPi();1886uint32_t x = T0_POP();1887T0_PUSH(x >> c);18881889}1890break;1891case 85: {1892/* verify-CV-sig */18931894int err;18951896err = verify_CV_sig(CTX, T0_POP());1897T0_PUSHi(err);18981899}1900break;1901case 86: {1902/* write-blob-chunk */19031904size_t clen = ENG->hlen_out;1905if (clen > 0) {1906uint32_t addr, len;19071908len = T0_POP();1909addr = T0_POP();1910if ((size_t)len < clen) {1911clen = (size_t)len;1912}1913memcpy(ENG->hbuf_out, (unsigned char *)ENG + addr, clen);1914if (ENG->record_type_out == BR_SSL_HANDSHAKE) {1915br_multihash_update(&ENG->mhash, ENG->hbuf_out, clen);1916}1917T0_PUSH(addr + (uint32_t)clen);1918T0_PUSH(len - (uint32_t)clen);1919ENG->hbuf_out += clen;1920ENG->hlen_out -= clen;1921}19221923}1924break;1925case 87: {1926/* write8-native */19271928unsigned char x;19291930x = (unsigned char)T0_POP();1931if (ENG->hlen_out > 0) {1932if (ENG->record_type_out == BR_SSL_HANDSHAKE) {1933br_multihash_update(&ENG->mhash, &x, 1);1934}1935*ENG->hbuf_out ++ = x;1936ENG->hlen_out --;1937T0_PUSHi(-1);1938} else {1939T0_PUSHi(0);1940}19411942}1943break;1944case 88: {1945/* x509-append */19461947const br_x509_class *xc;1948size_t len;19491950xc = *(ENG->x509ctx);1951len = T0_POP();1952xc->append(ENG->x509ctx, ENG->pad, len);19531954}1955break;1956case 89: {1957/* x509-end-cert */19581959const br_x509_class *xc;19601961xc = *(ENG->x509ctx);1962xc->end_cert(ENG->x509ctx);19631964}1965break;1966case 90: {1967/* x509-end-chain */19681969const br_x509_class *xc;19701971xc = *(ENG->x509ctx);1972T0_PUSH(xc->end_chain(ENG->x509ctx));19731974}1975break;1976case 91: {1977/* x509-start-cert */19781979const br_x509_class *xc;19801981xc = *(ENG->x509ctx);1982xc->start_cert(ENG->x509ctx, T0_POP());19831984}1985break;1986case 92: {1987/* x509-start-chain */19881989const br_x509_class *xc;1990uint32_t bc;19911992bc = T0_POP();1993xc = *(ENG->x509ctx);1994xc->start_chain(ENG->x509ctx, bc ? ENG->server_name : NULL);19951996}1997break;1998}19992000} else {2001T0_ENTER(ip, rp, t0x);2002}2003}2004t0_exit:2005((t0_context *)t0ctx)->dp = dp;2006((t0_context *)t0ctx)->rp = rp;2007((t0_context *)t0ctx)->ip = ip;2008}200920102011