From 4b2372e150412b4102d2847428c08f77fbc8c382 Mon Sep 17 00:00:00 2001 From: wiidev Date: Sun, 1 Aug 2021 18:00:22 +0100 Subject: [PATCH] Update wolfSSL --- source/libs/libwolfssl/callbacks.h | 2 +- source/libs/libwolfssl/certs_test.h | 3253 +++++++++-------- source/libs/libwolfssl/crl.h | 2 +- source/libs/libwolfssl/error-ssl.h | 5 +- source/libs/libwolfssl/internal.h | 369 +- source/libs/libwolfssl/libwolfssl.a | Bin 432872 -> 439038 bytes source/libs/libwolfssl/ocsp.h | 3 +- source/libs/libwolfssl/openssl/aes.h | 10 +- source/libs/libwolfssl/openssl/asn1.h | 2 +- source/libs/libwolfssl/openssl/asn1t.h | 2 +- source/libs/libwolfssl/openssl/bio.h | 3 +- source/libs/libwolfssl/openssl/bn.h | 2 +- source/libs/libwolfssl/openssl/buffer.h | 2 +- source/libs/libwolfssl/openssl/conf.h | 9 +- source/libs/libwolfssl/openssl/crypto.h | 54 +- source/libs/libwolfssl/openssl/des.h | 2 +- source/libs/libwolfssl/openssl/dh.h | 11 +- source/libs/libwolfssl/openssl/dsa.h | 32 +- source/libs/libwolfssl/openssl/ec.h | 25 +- source/libs/libwolfssl/openssl/ec25519.h | 2 +- source/libs/libwolfssl/openssl/ec448.h | 2 +- source/libs/libwolfssl/openssl/ecdh.h | 2 +- source/libs/libwolfssl/openssl/ecdsa.h | 2 +- source/libs/libwolfssl/openssl/ed25519.h | 2 +- source/libs/libwolfssl/openssl/ed448.h | 2 +- source/libs/libwolfssl/openssl/engine.h | 4 +- source/libs/libwolfssl/openssl/err.h | 2 +- source/libs/libwolfssl/openssl/evp.h | 105 +- source/libs/libwolfssl/openssl/hmac.h | 25 +- source/libs/libwolfssl/openssl/lhash.h | 2 +- source/libs/libwolfssl/openssl/md4.h | 2 +- source/libs/libwolfssl/openssl/md5.h | 5 +- source/libs/libwolfssl/openssl/obj_mac.h | 4 +- source/libs/libwolfssl/openssl/objects.h | 2 +- source/libs/libwolfssl/openssl/ocsp.h | 3 +- source/libs/libwolfssl/openssl/opensslv.h | 11 +- source/libs/libwolfssl/openssl/ossl_typ.h | 2 +- source/libs/libwolfssl/openssl/pem.h | 2 +- source/libs/libwolfssl/openssl/pkcs12.h | 2 +- source/libs/libwolfssl/openssl/pkcs7.h | 12 +- source/libs/libwolfssl/openssl/rand.h | 4 +- source/libs/libwolfssl/openssl/rc4.h | 2 +- source/libs/libwolfssl/openssl/ripemd.h | 2 +- source/libs/libwolfssl/openssl/rsa.h | 41 +- source/libs/libwolfssl/openssl/sha.h | 41 +- source/libs/libwolfssl/openssl/sha3.h | 2 +- source/libs/libwolfssl/openssl/srp.h | 2 +- source/libs/libwolfssl/openssl/ssl.h | 164 +- source/libs/libwolfssl/openssl/stack.h | 2 +- source/libs/libwolfssl/openssl/tls1.h | 2 +- source/libs/libwolfssl/openssl/x509_vfy.h | 2 +- source/libs/libwolfssl/openssl/x509v3.h | 2 +- source/libs/libwolfssl/sniffer.h | 33 +- source/libs/libwolfssl/sniffer_error.h | 9 +- source/libs/libwolfssl/ssl.h | 597 ++- source/libs/libwolfssl/version.h | 6 +- source/libs/libwolfssl/wolfcrypt/aes.h | 45 +- source/libs/libwolfssl/wolfcrypt/arc4.h | 2 +- source/libs/libwolfssl/wolfcrypt/asn.h | 130 +- source/libs/libwolfssl/wolfcrypt/asn_public.h | 65 +- .../libs/libwolfssl/wolfcrypt/blake2-impl.h | 4 +- source/libs/libwolfssl/wolfcrypt/blake2-int.h | 6 +- source/libs/libwolfssl/wolfcrypt/blake2.h | 2 +- source/libs/libwolfssl/wolfcrypt/camellia.h | 2 +- source/libs/libwolfssl/wolfcrypt/chacha.h | 2 +- .../libwolfssl/wolfcrypt/chacha20_poly1305.h | 2 +- source/libs/libwolfssl/wolfcrypt/cmac.h | 18 +- source/libs/libwolfssl/wolfcrypt/coding.h | 4 +- source/libs/libwolfssl/wolfcrypt/compress.h | 2 +- source/libs/libwolfssl/wolfcrypt/cpuid.h | 7 +- source/libs/libwolfssl/wolfcrypt/cryptocb.h | 118 +- source/libs/libwolfssl/wolfcrypt/curve25519.h | 7 +- source/libs/libwolfssl/wolfcrypt/curve448.h | 2 +- source/libs/libwolfssl/wolfcrypt/des3.h | 2 +- source/libs/libwolfssl/wolfcrypt/dh.h | 11 +- source/libs/libwolfssl/wolfcrypt/dsa.h | 18 +- source/libs/libwolfssl/wolfcrypt/ecc.h | 102 +- source/libs/libwolfssl/wolfcrypt/ed25519.h | 45 +- source/libs/libwolfssl/wolfcrypt/ed448.h | 45 +- .../libs/libwolfssl/wolfcrypt/error-crypt.h | 8 +- source/libs/libwolfssl/wolfcrypt/fe_448.h | 36 +- .../libs/libwolfssl/wolfcrypt/fe_operations.h | 20 +- source/libs/libwolfssl/wolfcrypt/fips_test.h | 2 +- source/libs/libwolfssl/wolfcrypt/ge_448.h | 6 +- .../libs/libwolfssl/wolfcrypt/ge_operations.h | 10 +- source/libs/libwolfssl/wolfcrypt/hash.h | 9 +- source/libs/libwolfssl/wolfcrypt/hc128.h | 2 +- source/libs/libwolfssl/wolfcrypt/hmac.h | 2 +- source/libs/libwolfssl/wolfcrypt/idea.h | 2 +- source/libs/libwolfssl/wolfcrypt/integer.h | 16 +- source/libs/libwolfssl/wolfcrypt/logging.h | 2 +- source/libs/libwolfssl/wolfcrypt/md2.h | 2 +- source/libs/libwolfssl/wolfcrypt/md4.h | 2 +- source/libs/libwolfssl/wolfcrypt/md5.h | 12 +- source/libs/libwolfssl/wolfcrypt/mem_track.h | 2 +- source/libs/libwolfssl/wolfcrypt/memory.h | 2 +- source/libs/libwolfssl/wolfcrypt/misc.h | 2 +- source/libs/libwolfssl/wolfcrypt/mpi_class.h | 2 +- .../libwolfssl/wolfcrypt/mpi_superclass.h | 2 +- source/libs/libwolfssl/wolfcrypt/pkcs11.h | 2 +- source/libs/libwolfssl/wolfcrypt/pkcs12.h | 2 +- source/libs/libwolfssl/wolfcrypt/pkcs7.h | 12 +- source/libs/libwolfssl/wolfcrypt/poly1305.h | 14 +- .../wolfcrypt/port/Espressif/esp32-crypt.h | 4 +- .../port/Renesas/renesas-tsip-crypt.h | 2 +- .../wolfcrypt/port/af_alg/afalg_hash.h | 2 +- .../wolfcrypt/port/af_alg/wc_afalg.h | 2 +- .../wolfcrypt/port/arm/cryptoCell.h | 2 +- .../libwolfssl/wolfcrypt/port/atmel/atmel.h | 4 +- .../wolfcrypt/port/caam/caam_driver.h | 298 +- .../libwolfssl/wolfcrypt/port/caam/caam_qnx.h | 75 + .../libwolfssl/wolfcrypt/port/caam/wolfcaam.h | 111 +- .../wolfcrypt/port/caam/wolfcaam_cmac.h | 36 + .../wolfcrypt/port/caam/wolfcaam_ecdsa.h | 42 + .../wolfcrypt/port/caam/wolfcaam_qnx.h | 84 + .../wolfcrypt/port/caam/wolfcaam_sha.h | 2 +- .../port/cavium/cavium_octeon_sync.h | 6 +- .../wolfcrypt/port/cypress/psoc6_crypto.h | 24 +- .../wolfcrypt/port/devcrypto/wc_devcrypto.h | 2 +- .../wolfcrypt/port/intel/quickassist_sync.h | 6 +- source/libs/libwolfssl/wolfcrypt/port/nrf51.h | 2 +- .../libwolfssl/wolfcrypt/port/nxp/dcp_port.h | 43 +- .../libwolfssl/wolfcrypt/port/nxp/ksdk_port.h | 3 +- .../wolfcrypt/port/pic32/pic32mz-crypt.h | 2 +- .../wolfcrypt/port/silabs/silabs_aes.h | 2 +- .../wolfcrypt/port/silabs/silabs_ecc.h | 2 +- .../wolfcrypt/port/silabs/silabs_hash.h | 2 +- .../wolfcrypt/port/silabs/silabs_random.h | 2 +- .../libs/libwolfssl/wolfcrypt/port/st/stm32.h | 2 +- .../libwolfssl/wolfcrypt/port/st/stsafe.h | 2 +- .../libwolfssl/wolfcrypt/port/ti/ti-ccm.h | 2 +- .../libwolfssl/wolfcrypt/port/ti/ti-hash.h | 2 +- .../wolfcrypt/port/xilinx/xil-sha3.h | 2 +- source/libs/libwolfssl/wolfcrypt/pwdbased.h | 2 +- source/libs/libwolfssl/wolfcrypt/rabbit.h | 2 +- source/libs/libwolfssl/wolfcrypt/random.h | 2 +- source/libs/libwolfssl/wolfcrypt/ripemd.h | 2 +- source/libs/libwolfssl/wolfcrypt/rsa.h | 17 +- source/libs/libwolfssl/wolfcrypt/selftest.h | 2 +- source/libs/libwolfssl/wolfcrypt/settings.h | 173 +- source/libs/libwolfssl/wolfcrypt/sha.h | 19 +- source/libs/libwolfssl/wolfcrypt/sha256.h | 34 +- source/libs/libwolfssl/wolfcrypt/sha3.h | 2 +- source/libs/libwolfssl/wolfcrypt/sha512.h | 26 +- source/libs/libwolfssl/wolfcrypt/signature.h | 2 +- source/libs/libwolfssl/wolfcrypt/sp.h | 176 +- source/libs/libwolfssl/wolfcrypt/sp_int.h | 237 +- source/libs/libwolfssl/wolfcrypt/srp.h | 4 +- source/libs/libwolfssl/wolfcrypt/tfm.h | 40 +- source/libs/libwolfssl/wolfcrypt/types.h | 162 +- source/libs/libwolfssl/wolfcrypt/visibility.h | 8 +- source/libs/libwolfssl/wolfcrypt/wc_encrypt.h | 18 +- source/libs/libwolfssl/wolfcrypt/wc_pkcs11.h | 2 +- source/libs/libwolfssl/wolfcrypt/wc_port.h | 165 +- source/libs/libwolfssl/wolfcrypt/wolfevent.h | 2 +- source/libs/libwolfssl/wolfcrypt/wolfmath.h | 18 +- source/libs/libwolfssl/wolfio.h | 73 +- 157 files changed, 5188 insertions(+), 2476 deletions(-) create mode 100644 source/libs/libwolfssl/wolfcrypt/port/caam/caam_qnx.h create mode 100644 source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h create mode 100644 source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h create mode 100644 source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h diff --git a/source/libs/libwolfssl/callbacks.h b/source/libs/libwolfssl/callbacks.h index d9d91ac8..3aa12638 100644 --- a/source/libs/libwolfssl/callbacks.h +++ b/source/libs/libwolfssl/callbacks.h @@ -1,6 +1,6 @@ /* callbacks.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/certs_test.h b/source/libs/libwolfssl/certs_test.h index d201a40f..ad7a6105 100644 --- a/source/libs/libwolfssl/certs_test.h +++ b/source/libs/libwolfssl/certs_test.h @@ -98,112 +98,110 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024); /* ./certs/1024/client-cert.der, 1024-bit */ static const unsigned char client_cert_der_1024[] = { - 0x30, 0x82, 0x04, 0x18, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x77, 0x1A, 0x0F, 0xB4, 0xD6, - 0x66, 0x91, 0xF9, 0xEB, 0xD6, 0x69, 0xE9, 0x5E, 0x55, 0x74, - 0xF3, 0x4B, 0xD7, 0x74, 0x8A, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, - 0x81, 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, - 0xA2, 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, - 0xC8, 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, - 0x37, 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, - 0xDF, 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, - 0xE8, 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, - 0x77, 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, - 0x38, 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, - 0xAA, 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, - 0xDC, 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, - 0xBA, 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, - 0x8A, 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, - 0x3C, 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, - 0xA9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, - 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, - 0xDD, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, - 0x75, 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xDE, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, - 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, - 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, - 0xEC, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, - 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, - 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x77, 0x1A, 0x0F, 0xB4, 0xD6, 0x66, 0x91, 0xF9, 0xEB, 0xD6, - 0x69, 0xE9, 0x5E, 0x55, 0x74, 0xF3, 0x4B, 0xD7, 0x74, 0x8A, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x81, 0x81, 0x00, 0xA8, 0x13, 0x2C, 0xFC, 0x43, 0xE9, - 0xDB, 0x59, 0xC7, 0x7E, 0x32, 0x8B, 0x32, 0xBA, 0xA3, 0x5C, - 0x2F, 0x60, 0xAB, 0xA1, 0xEF, 0x9A, 0x64, 0x36, 0x4E, 0xCE, - 0x05, 0x6D, 0xBC, 0x63, 0xB0, 0x8F, 0x91, 0xF7, 0x76, 0xBB, - 0x92, 0xB4, 0xB6, 0x78, 0xDB, 0x2E, 0x7F, 0x7F, 0x9C, 0xE7, - 0x58, 0x4B, 0x73, 0x89, 0x0F, 0xD1, 0x13, 0x61, 0xA4, 0x2A, - 0x2F, 0x6E, 0xC7, 0xB1, 0x19, 0xBB, 0x14, 0x00, 0xD7, 0x0E, - 0xDD, 0x7E, 0x2F, 0x66, 0xE7, 0x5F, 0xF9, 0x0F, 0x39, 0x90, - 0xF6, 0x6B, 0xD3, 0x84, 0x1E, 0xD0, 0x09, 0x23, 0x22, 0x27, - 0xF5, 0xC9, 0x96, 0xED, 0x45, 0xD7, 0x78, 0x3C, 0xEB, 0xA7, - 0xD5, 0x8A, 0xF5, 0xF4, 0xDD, 0x99, 0x27, 0xD2, 0x4C, 0x86, - 0x6E, 0x63, 0x7D, 0xA8, 0x93, 0x62, 0x71, 0xC1, 0xCB, 0x93, - 0xF4, 0x81, 0x3E, 0x95, 0xB3, 0xA8, 0xE5, 0xA6, 0x23, 0x51, - 0x4A, 0xB5 + 0x30, 0x82, 0x04, 0x02, 0x30, 0x82, 0x03, 0x6B, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC5, 0x19, 0x90, 0xA1, + 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, + 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, + 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, + 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, + 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, + 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, + 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, + 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, + 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, + 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, + 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, + 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, + 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, + 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, + 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, + 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, + 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, + 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, + 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, + 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, + 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xC5, 0x19, 0x90, 0xA1, 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, + 0x81, 0x00, 0x30, 0xCE, 0x46, 0x43, 0x6D, 0x70, 0xE1, 0x6D, + 0xBB, 0x8F, 0x4A, 0x05, 0x64, 0xF7, 0x2C, 0x8D, 0x0E, 0xD6, + 0xF9, 0x1E, 0xB6, 0x2A, 0x8E, 0xED, 0x52, 0xE1, 0x7C, 0x44, + 0xBF, 0x59, 0x54, 0xDA, 0x2D, 0x31, 0x4D, 0xE6, 0x79, 0xD2, + 0xD0, 0xD8, 0xB4, 0xCF, 0x5B, 0x16, 0x0A, 0x16, 0xA1, 0xBE, + 0x62, 0x9F, 0x6C, 0x24, 0x46, 0x7B, 0xB8, 0xDD, 0xB8, 0x8D, + 0x7F, 0xFE, 0xF1, 0xAC, 0x62, 0x94, 0xE0, 0x34, 0xCE, 0x4C, + 0x59, 0x3A, 0xC5, 0x5A, 0xE6, 0x40, 0xD5, 0x60, 0x7E, 0x20, + 0x5D, 0xED, 0x43, 0x92, 0xD3, 0xF3, 0xEA, 0xE0, 0xD1, 0x57, + 0xC8, 0xCE, 0x41, 0x79, 0xDB, 0x81, 0x41, 0xC6, 0xF0, 0x0E, + 0x35, 0xD4, 0x6F, 0x92, 0x58, 0x2D, 0xD6, 0xB2, 0xEC, 0xF1, + 0x88, 0xFF, 0x6D, 0xCA, 0x63, 0xD6, 0x4A, 0x8D, 0x10, 0xA6, + 0x23, 0x06, 0x77, 0x9A, 0xD5, 0xAB, 0x9D, 0x64, 0x46, 0x02 + }; static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); @@ -416,70 +414,29 @@ static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024); /* ./certs/1024/ca-cert.der, 1024-bit */ static const unsigned char ca_cert_der_1024[] = { - 0x30, 0x82, 0x04, 0x09, 0x30, 0x82, 0x03, 0x72, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, - 0xEF, 0x4B, 0x66, 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, - 0x8E, 0x7E, 0xE3, 0xB5, 0x07, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, - 0x68, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, - 0x6E, 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, - 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, - 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, - 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, - 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, - 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, - 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, - 0x81, 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, - 0x24, 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, - 0x16, 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, - 0x04, 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, - 0x50, 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, - 0x24, 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, - 0xA8, 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, - 0xA2, 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, - 0x54, 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, - 0x72, 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, - 0x9B, 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, - 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, - 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, - 0x09, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, - 0x30, 0x82, 0x01, 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, - 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, - 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xD9, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, - 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, - 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, - 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, + 0x30, 0x82, 0x03, 0xF3, 0x30, 0x82, 0x03, 0x5C, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, + 0xE8, 0x40, 0x6E, 0x95, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, + 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, @@ -495,31 +452,70 @@ static const unsigned char ca_cert_der_1024[] = 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, - 0xEF, 0x4B, 0x66, 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, - 0x8E, 0x7E, 0xE3, 0xB5, 0x07, 0x30, 0x0C, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, - 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, - 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, - 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, - 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, - 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x32, - 0xED, 0x94, 0x35, 0x3D, 0x4A, 0x76, 0xD7, 0x6E, 0xA9, 0x75, - 0xE9, 0xF5, 0x7A, 0x7F, 0x64, 0x31, 0x50, 0x6A, 0x28, 0xD5, - 0x92, 0x21, 0xD5, 0x88, 0xD2, 0x51, 0x82, 0xC5, 0xBB, 0x1A, - 0xF9, 0x26, 0xFA, 0xD8, 0x4B, 0x83, 0xB6, 0x09, 0xD4, 0x62, - 0x19, 0xE0, 0x55, 0x84, 0x97, 0x55, 0xBA, 0x5D, 0x21, 0x48, - 0x27, 0x10, 0xF0, 0xF3, 0x5C, 0x33, 0xB8, 0x38, 0x9B, 0xFB, - 0x57, 0x4C, 0xD8, 0x1C, 0x5B, 0xAB, 0xD3, 0x1C, 0x21, 0xEE, - 0x3E, 0x2E, 0xB8, 0xC6, 0x3A, 0x92, 0x5C, 0x38, 0x3C, 0x25, - 0x40, 0x2F, 0x05, 0xC6, 0xC9, 0x85, 0xFF, 0x27, 0xF3, 0xEE, - 0xFA, 0x10, 0x58, 0xDB, 0x5C, 0xA6, 0x8E, 0xE0, 0xD9, 0x70, - 0x93, 0xCD, 0xBE, 0x7E, 0x68, 0x33, 0x08, 0xC2, 0x28, 0xD6, - 0x5C, 0xB3, 0x15, 0x19, 0xAF, 0x0C, 0xF7, 0xBA, 0xF0, 0xBC, - 0xA1, 0xCF, 0x30, 0x4E, 0x38, 0xE6, 0x4D + 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, + 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, + 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, + 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, + 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, + 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, + 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, + 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, + 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, + 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, + 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, + 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, + 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, + 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, + 0x82, 0x01, 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, + 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, + 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, + 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, + 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, + 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, + 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, + 0x40, 0x6E, 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, + 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, + 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, + 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x4E, 0xB1, 0x39, + 0x6A, 0x23, 0xA3, 0x65, 0x17, 0x14, 0xB6, 0x52, 0x2E, 0x86, + 0x46, 0xD5, 0x4F, 0x7C, 0xD5, 0x6C, 0xBB, 0xFA, 0x66, 0xB1, + 0x71, 0x54, 0xA1, 0xAD, 0x0E, 0xA2, 0xB7, 0xBA, 0x59, 0x65, + 0x8B, 0xD5, 0x87, 0x5D, 0x51, 0xD0, 0x65, 0xDE, 0x74, 0x04, + 0x80, 0x7C, 0xDA, 0x3A, 0x52, 0x57, 0x7A, 0x1D, 0x5D, 0x46, + 0x7A, 0x06, 0x79, 0x75, 0xE5, 0x31, 0xDD, 0x1D, 0xF6, 0x54, + 0x77, 0xFC, 0x40, 0x13, 0xA1, 0x5B, 0xFD, 0x9E, 0x7D, 0x1C, + 0xFD, 0x04, 0x4F, 0x7C, 0xEE, 0x92, 0xA2, 0x80, 0x55, 0x3C, + 0x3F, 0x2A, 0x1C, 0xBD, 0x3A, 0x37, 0x12, 0x0E, 0xFD, 0x52, + 0x60, 0x66, 0x19, 0xD5, 0x4B, 0xF6, 0x35, 0x50, 0xA3, 0x59, + 0xD3, 0x7F, 0x6D, 0x95, 0xD7, 0x56, 0x10, 0xC6, 0x86, 0x28, + 0xF4, 0x6E, 0x6D, 0xDA, 0x4E, 0x1C, 0xB4, 0xE9, 0x0B, 0x4C, + 0xED, 0x62, 0x0F, 0x64, 0x06 }; static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024); @@ -593,7 +589,7 @@ static const int sizeof_server_key_der_1024 = sizeof(server_key_der_1024); /* ./certs/1024/server-cert.der, 1024-bit */ static const unsigned char server_cert_der_1024[] = { - 0x30, 0x82, 0x03, 0xF2, 0x30, 0x82, 0x03, 0x5B, 0xA0, 0x03, + 0x30, 0x82, 0x03, 0xE7, 0x30, 0x82, 0x03, 0x50, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -612,9 +608,9 @@ static const unsigned char server_cert_der_1024[] = 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, - 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, - 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, + 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, + 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -646,12 +642,12 @@ static const unsigned char server_cert_der_1024[] = 0xAD, 0xFD, 0x5C, 0x86, 0x73, 0xAA, 0x6B, 0x47, 0xD8, 0x8B, 0x2E, 0x58, 0x4B, 0x69, 0x12, 0x82, 0x26, 0x55, 0xE6, 0x14, 0xBF, 0x55, 0x70, 0x88, 0xFE, 0xF9, 0x75, 0xE1, 0x02, 0x03, - 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, 0x30, 0x82, 0x01, - 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, 0x82, 0x01, + 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD9, 0x3C, 0x35, 0xEA, 0x74, 0x0E, 0x23, 0xBE, 0x9C, 0xFC, 0xFA, 0x29, 0x90, 0x09, 0xC1, 0xE7, 0x84, 0x16, - 0x9F, 0x7C, 0x30, 0x81, 0xD9, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, 0x14, 0xD3, 0x22, + 0x9F, 0x7C, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, @@ -670,31 +666,30 @@ static const unsigned char server_cert_der_1024[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x31, 0x42, 0xB4, 0x2B, 0x87, 0xEF, 0x4B, 0x66, - 0x93, 0xAF, 0x44, 0xDE, 0x45, 0x80, 0xD8, 0x8E, 0x7E, 0xE3, - 0xB5, 0x07, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x56, 0x14, 0x19, 0x1A, - 0x4F, 0x09, 0x91, 0xCD, 0xF5, 0xA7, 0xC5, 0x69, 0xE4, 0xEA, - 0x1A, 0xFD, 0x56, 0xC3, 0x55, 0xFE, 0xC8, 0xCC, 0xED, 0x56, - 0xA8, 0x5F, 0x86, 0xFB, 0xAB, 0x9F, 0x76, 0x8A, 0xDB, 0xB3, - 0xCC, 0x68, 0xCE, 0x99, 0xFB, 0xA4, 0x5E, 0x70, 0xA8, 0x3C, - 0xA8, 0xB6, 0x85, 0x7C, 0xCB, 0x31, 0xFE, 0x4B, 0x01, 0x0C, - 0xAC, 0xF0, 0x19, 0x04, 0x98, 0xD0, 0xE7, 0xA5, 0xA2, 0x51, - 0xE2, 0x52, 0xA3, 0xF7, 0x42, 0xD4, 0xE2, 0x2D, 0xF2, 0x72, - 0xB5, 0xE7, 0x95, 0xD0, 0xB4, 0xE3, 0xD3, 0xC1, 0x34, 0xA4, - 0x2F, 0x7C, 0x3C, 0xEF, 0xF0, 0x45, 0x14, 0x32, 0x2F, 0xC8, - 0xBF, 0x9F, 0xDA, 0x97, 0x6A, 0xDA, 0xCB, 0x3F, 0xEF, 0x1F, - 0xCA, 0xDC, 0x7A, 0x13, 0x1B, 0x5A, 0x45, 0x41, 0xF8, 0xF0, - 0x34, 0x49, 0x9D, 0x58, 0x23, 0x85, 0x3D, 0x99, 0xAB, 0x34, - 0xDE, 0x51, 0x32, 0x76 + 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, 0x40, 0x6E, + 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, + 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, + 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, + 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, + 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, + 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, + 0x00, 0x03, 0x81, 0x81, 0x00, 0x27, 0x0A, 0x4E, 0x08, 0x8C, + 0xBA, 0x73, 0xD0, 0x05, 0xF2, 0xEA, 0xF9, 0x51, 0x8C, 0x7E, + 0x29, 0x14, 0x23, 0x8E, 0x9E, 0x9A, 0xFC, 0x46, 0x6F, 0x10, + 0x68, 0x59, 0xD9, 0xA0, 0xEA, 0x53, 0x19, 0xBD, 0x28, 0x89, + 0xE1, 0x97, 0x1E, 0x4C, 0xB8, 0x1E, 0xBE, 0x0F, 0x4D, 0x9D, + 0x1D, 0x76, 0x57, 0x17, 0x31, 0x95, 0xC2, 0x80, 0xBE, 0x04, + 0xD0, 0xC2, 0xE9, 0x5C, 0xE0, 0xF4, 0x81, 0x3F, 0xC4, 0xB0, + 0xC5, 0x86, 0xAE, 0x58, 0x68, 0xB9, 0xAE, 0x0F, 0x88, 0xE8, + 0x63, 0x6F, 0xB9, 0x08, 0xF1, 0x1B, 0x56, 0x90, 0xFB, 0x1F, + 0x2E, 0xCC, 0xE5, 0x69, 0x1F, 0x7C, 0x02, 0x4F, 0xED, 0xB0, + 0x45, 0x7C, 0x2D, 0xA8, 0x59, 0x11, 0xA5, 0x95, 0x51, 0xC7, + 0x50, 0xD8, 0x89, 0xC2, 0x90, 0x63, 0x68, 0xA8, 0x41, 0x6F, + 0xD0, 0x37, 0x26, 0x6F, 0xC8, 0x0E, 0xB5, 0xA0, 0x15, 0x9D, + 0xA5, 0xE6, 0xD2 }; static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024); @@ -867,84 +862,10 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048); /* ./certs/client-cert.der, 2048-bit */ static const unsigned char client_cert_der_2048[] = { - 0x30, 0x82, 0x05, 0x1D, 0x30, 0x82, 0x04, 0x05, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x45, 0x45, 0x81, 0x82, 0xE6, - 0x3A, 0xBD, 0xA2, 0xE3, 0x06, 0x0E, 0xBA, 0x2C, 0x45, 0x74, - 0x4B, 0xBE, 0xC0, 0x39, 0x11, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, - 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, - 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, - 0x2B, 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, - 0x2B, 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, - 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, - 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, - 0x2D, 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, - 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, - 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, - 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, - 0x89, 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, - 0x67, 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, - 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, - 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, - 0xF1, 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, - 0x7E, 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, - 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, - 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, - 0x83, 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, - 0x24, 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, - 0x6C, 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, - 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, - 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, - 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, - 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, - 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, - 0x15, 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, - 0xA1, 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, - 0x01, 0x4F, 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, - 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, - 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xDE, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, - 0xD3, 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, - 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, - 0x85, 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, + 0x30, 0x82, 0x05, 0x07, 0x30, 0x82, 0x03, 0xEF, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, + 0x66, 0x3D, 0x96, 0x04, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -961,44 +882,116 @@ static const unsigned char client_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x45, 0x45, 0x81, 0x82, 0xE6, 0x3A, 0xBD, 0xA2, - 0xE3, 0x06, 0x0E, 0xBA, 0x2C, 0x45, 0x74, 0x4B, 0xBE, 0xC0, - 0x39, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xC1, 0x06, 0x39, - 0xC8, 0xCE, 0xF5, 0x81, 0x49, 0x55, 0xE1, 0x3A, 0x55, 0xAA, - 0x91, 0x5D, 0x64, 0xF1, 0x4B, 0xDC, 0x33, 0x1E, 0x31, 0x15, - 0xE7, 0x10, 0x71, 0x16, 0x0D, 0xB5, 0x00, 0xDC, 0xBB, 0x22, - 0x0D, 0x81, 0xD9, 0x12, 0x5C, 0x0C, 0xDD, 0x61, 0xE1, 0xAF, - 0xB5, 0xE2, 0xF7, 0x7D, 0x8B, 0xE6, 0x61, 0xFD, 0xCA, 0x45, - 0x3A, 0x61, 0xE7, 0x18, 0x56, 0x2C, 0x26, 0xF2, 0xDF, 0x14, - 0xF1, 0xE0, 0x3D, 0x7F, 0x62, 0x12, 0x5F, 0xD8, 0x04, 0x44, - 0x06, 0x0C, 0x72, 0xB1, 0x8A, 0x50, 0x72, 0x67, 0x77, 0x74, - 0x01, 0xFF, 0x79, 0x64, 0x11, 0x6E, 0xB3, 0x84, 0x51, 0x19, - 0x22, 0xB6, 0x43, 0x10, 0x06, 0x0D, 0x39, 0x46, 0x5A, 0xC6, - 0x57, 0x0A, 0x43, 0xA1, 0x94, 0x02, 0x28, 0x0A, 0x12, 0x38, - 0x85, 0x04, 0x0E, 0x78, 0x52, 0x48, 0x28, 0x7E, 0x6C, 0xD9, - 0xF0, 0x4B, 0x04, 0x55, 0x7C, 0x39, 0x01, 0xC1, 0xB4, 0x5F, - 0x50, 0x06, 0xCF, 0xDA, 0x6F, 0x20, 0xB8, 0x94, 0xF7, 0x51, - 0x1A, 0x23, 0xCB, 0x30, 0xE3, 0x21, 0xB4, 0xA3, 0x73, 0xAD, - 0x48, 0xFB, 0x96, 0x69, 0xEF, 0x2E, 0x50, 0xB6, 0x67, 0xBC, - 0x64, 0xEE, 0x27, 0x76, 0x43, 0x7A, 0x34, 0x59, 0x8E, 0xB4, - 0x57, 0x53, 0x7D, 0x95, 0x7E, 0x50, 0x7E, 0x64, 0x4C, 0x29, - 0x68, 0xFE, 0x81, 0x4F, 0x73, 0x21, 0x24, 0xB5, 0xA9, 0xA2, - 0x49, 0x5F, 0x54, 0x7F, 0x0D, 0xC2, 0x96, 0xC7, 0xF5, 0x36, - 0x81, 0x8E, 0xC0, 0x00, 0xAF, 0xB4, 0x10, 0x6B, 0x0E, 0xBC, - 0x1A, 0x3A, 0xF1, 0xA6, 0xDD, 0xFD, 0x8E, 0x63, 0x21, 0x33, - 0xD4, 0x32, 0x31, 0x1F, 0xBE, 0xA3, 0x7C, 0x52, 0x85, 0x26, - 0xC8, 0x6E, 0x50, 0x6C, 0xAC, 0x3D, 0x2E, 0xC0, 0xF9, 0x50, - 0xED, 0xC8, 0x4D, 0xCD, 0x13, 0x50, 0xCE, 0x5E, 0xDE, 0x15, - 0x89, 0xD1, 0xFB + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, + 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, + 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, + 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, + 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, + 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, + 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, + 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, + 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, + 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, + 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, + 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, + 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, + 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, + 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, + 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, + 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, + 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, + 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, + 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, + 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, + 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, + 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, + 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, + 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, + 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, + 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, + 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, + 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, + 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, 0x66, 0x3D, 0x96, 0x04, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x01, 0x00, 0xBA, 0x2B, 0x48, 0xD1, 0xA8, + 0xE3, 0xC2, 0x84, 0x42, 0x96, 0xA1, 0x7C, 0xE5, 0xF1, 0x46, + 0xBA, 0x4C, 0xF7, 0x87, 0x57, 0xC7, 0x78, 0xC8, 0xC1, 0x32, + 0xC4, 0x69, 0xFF, 0x85, 0xBB, 0x5D, 0x6A, 0xDD, 0xC9, 0x87, + 0x7E, 0xFE, 0xBB, 0xF4, 0xFD, 0x15, 0x0A, 0x4C, 0x94, 0x95, + 0x80, 0x30, 0x90, 0x45, 0x03, 0xF8, 0x33, 0x87, 0xCA, 0x5F, + 0x74, 0x38, 0xA4, 0xD0, 0x5A, 0xC7, 0x65, 0x38, 0xC3, 0xB0, + 0xE8, 0x87, 0xB1, 0x49, 0x32, 0xB9, 0xAC, 0xE9, 0xFB, 0xD3, + 0x08, 0x1D, 0xA4, 0x51, 0x7B, 0xD7, 0xD9, 0x4B, 0x79, 0x35, + 0xA2, 0x3A, 0x0B, 0xE4, 0x0C, 0xA0, 0x02, 0x9C, 0xA1, 0x68, + 0xE1, 0x5D, 0x6C, 0x8E, 0x2E, 0x3A, 0x24, 0xDE, 0xBB, 0xD6, + 0x1C, 0xA7, 0xAC, 0x2E, 0xCD, 0x57, 0x44, 0x48, 0xF6, 0x72, + 0xE0, 0xC7, 0x5B, 0x93, 0xDC, 0x7D, 0x5B, 0x64, 0x0E, 0x17, + 0x84, 0x68, 0x2C, 0x95, 0x1D, 0x2C, 0x86, 0xD6, 0xB0, 0x74, + 0x67, 0x51, 0x6E, 0x7B, 0xF4, 0xD5, 0x61, 0x38, 0x51, 0xB3, + 0x18, 0xE3, 0x10, 0x16, 0x73, 0x4B, 0x36, 0x8A, 0x8A, 0x62, + 0x05, 0xF5, 0x56, 0x8A, 0xBE, 0x21, 0xE1, 0x78, 0x7D, 0xBF, + 0xAD, 0x45, 0xF9, 0x0B, 0xF5, 0xAF, 0xA0, 0x62, 0x01, 0xFD, + 0x3F, 0x49, 0xDF, 0x39, 0x3C, 0xFF, 0x46, 0xE8, 0x0A, 0xFE, + 0x5C, 0x6B, 0xBB, 0x41, 0xA5, 0x64, 0xF1, 0x5C, 0x9B, 0x51, + 0x4C, 0xBC, 0x6D, 0x9F, 0xA3, 0x20, 0xED, 0xE9, 0x48, 0xE1, + 0xA9, 0xBE, 0x08, 0x2D, 0x85, 0x42, 0x59, 0xD6, 0x43, 0x7D, + 0x47, 0x22, 0xA5, 0xFA, 0x1F, 0xA2, 0x58, 0x76, 0x0B, 0x70, + 0x1C, 0x1D, 0x59, 0x1D, 0xAA, 0xBE, 0x5D, 0x2D, 0x25, 0x7C, + 0xB1, 0x06, 0xB6, 0xC0, 0xAA, 0x28, 0xAA, 0x93, 0x7C, 0xD0, + 0xBD, 0x43, 0xAD, 0x91, 0x50, 0x1C, 0x7B, 0x4D, 0xF3, 0xE4, + 0xD7 }; static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); @@ -1035,6 +1028,159 @@ static const unsigned char dh_key_der_2048[] = }; static const int sizeof_dh_key_der_2048 = sizeof(dh_key_der_2048); +/* ./certs/dh-pubkey-2048.der, 2048-bit */ +static const unsigned char dh_pub_key_der_2048[] = +{ + 0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x03, 0x01, 0x30, + 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xD3, 0xB2, + 0x99, 0x84, 0x5C, 0x0A, 0x4C, 0xE7, 0x37, 0xCC, 0xFC, 0x18, + 0x37, 0x01, 0x2F, 0x5D, 0xC1, 0x4C, 0xF4, 0x5C, 0xC9, 0x82, + 0x8D, 0xB7, 0xF3, 0xD4, 0xA9, 0x8A, 0x9D, 0x34, 0xD7, 0x76, + 0x57, 0xE5, 0xE5, 0xC3, 0xE5, 0x16, 0x85, 0xCA, 0x4D, 0xD6, + 0x5B, 0xC1, 0xF8, 0xCF, 0x89, 0x26, 0xD0, 0x38, 0x8A, 0xEE, + 0xF3, 0xCD, 0x33, 0xE5, 0x56, 0xBB, 0x90, 0x83, 0x9F, 0x97, + 0x8E, 0x71, 0xFB, 0x27, 0xE4, 0x35, 0x15, 0x45, 0x86, 0x09, + 0x71, 0xA8, 0x9A, 0xB9, 0x3E, 0x0F, 0x51, 0x8A, 0xC2, 0x75, + 0x51, 0x23, 0x12, 0xFB, 0x94, 0x31, 0x44, 0xBF, 0xCE, 0xF6, + 0xED, 0xA6, 0x3A, 0xB7, 0x92, 0xCE, 0x16, 0xA9, 0x14, 0xB3, + 0x88, 0xB7, 0x13, 0x81, 0x71, 0x83, 0x88, 0xCD, 0xB1, 0xA2, + 0x37, 0xE1, 0x59, 0x5C, 0xD0, 0xDC, 0xCA, 0x82, 0x87, 0xFA, + 0x43, 0x44, 0xDD, 0x78, 0x3F, 0xCA, 0x27, 0x7E, 0xE1, 0x6B, + 0x93, 0x19, 0x7C, 0xD9, 0xA6, 0x96, 0x47, 0x0D, 0x12, 0xC1, + 0x13, 0xD7, 0xB9, 0x0A, 0x40, 0xD9, 0x1F, 0xFF, 0xB8, 0xB4, + 0x00, 0xC8, 0xAA, 0x5E, 0xD2, 0x66, 0x4A, 0x05, 0x8E, 0x9E, + 0xF5, 0x34, 0xE7, 0xD7, 0x09, 0x7B, 0x15, 0x49, 0x1D, 0x76, + 0x31, 0xD6, 0x71, 0xEC, 0x13, 0x4E, 0x89, 0x8C, 0x09, 0x22, + 0xD8, 0xE7, 0xA3, 0xE9, 0x7D, 0x21, 0x51, 0x26, 0x6E, 0x9F, + 0x30, 0x8A, 0xBB, 0xBC, 0x74, 0xC1, 0xC3, 0x27, 0x6A, 0xCE, + 0xA3, 0x12, 0x60, 0x68, 0x01, 0xD2, 0x34, 0x07, 0x80, 0xCC, + 0x2D, 0x7F, 0x5C, 0xAE, 0xA2, 0x97, 0x40, 0xC8, 0x3C, 0xAC, + 0xDB, 0x6F, 0xFE, 0x6C, 0x6D, 0xD2, 0x06, 0x1C, 0x43, 0xA2, + 0xB2, 0x2B, 0x82, 0xB7, 0xD0, 0xAB, 0x3F, 0x2C, 0xE7, 0x9C, + 0x19, 0x16, 0xD1, 0x5E, 0x26, 0x86, 0xC7, 0x92, 0xF9, 0x16, + 0x0B, 0xFA, 0x66, 0x83, 0x02, 0x01, 0x02, 0x03, 0x82, 0x01, + 0x05, 0x00, 0x02, 0x82, 0x01, 0x00, 0x34, 0x41, 0xBF, 0xE9, + 0xF2, 0x11, 0xBF, 0x05, 0xDB, 0xB2, 0x72, 0xA8, 0x29, 0xCC, + 0xBD, 0x93, 0xEB, 0x14, 0x5D, 0x2C, 0x6B, 0x84, 0x4E, 0x96, + 0x12, 0xB3, 0x38, 0xBA, 0x8A, 0x46, 0x7C, 0x36, 0xCB, 0xE9, + 0x97, 0x70, 0xC5, 0xC3, 0x85, 0xB5, 0x51, 0xA5, 0x8B, 0x39, + 0xA8, 0xEA, 0x47, 0xD3, 0xD5, 0x11, 0xC0, 0x6D, 0xE3, 0xE3, + 0x9E, 0x00, 0x4C, 0x65, 0x41, 0x9B, 0xF6, 0xD0, 0xAC, 0x26, + 0x88, 0x01, 0xFC, 0x3C, 0x26, 0x5F, 0x67, 0xF7, 0x77, 0xD7, + 0xAC, 0xC5, 0xCA, 0xBB, 0xD8, 0x70, 0x58, 0x41, 0xF5, 0xF1, + 0x21, 0x3B, 0x15, 0xD5, 0x31, 0xF2, 0xC4, 0x8E, 0x0C, 0x38, + 0x01, 0x93, 0xD3, 0x64, 0x63, 0x57, 0xDC, 0x31, 0xE5, 0xFD, + 0x9C, 0x2B, 0xA6, 0xDE, 0x15, 0xB2, 0xC8, 0x8D, 0x65, 0x71, + 0x2E, 0xED, 0xF9, 0x1D, 0x2D, 0xA1, 0x17, 0xDD, 0xA3, 0xDA, + 0xF3, 0x10, 0x81, 0x40, 0xFA, 0x4F, 0x49, 0xB0, 0xDA, 0x16, + 0x64, 0xBE, 0x6F, 0xC5, 0x05, 0xCE, 0xC4, 0x4F, 0x67, 0x80, + 0xB3, 0x8A, 0x81, 0x17, 0xEB, 0xF9, 0x6F, 0x6D, 0x9F, 0x7F, + 0xDE, 0xEE, 0x08, 0xB8, 0xFA, 0x81, 0x68, 0x66, 0xD6, 0xC6, + 0x08, 0x50, 0xAB, 0xF0, 0x29, 0xDE, 0x6B, 0x1D, 0x50, 0x13, + 0x7F, 0x54, 0x31, 0x53, 0x89, 0x5F, 0x48, 0x72, 0x24, 0xD4, + 0xD2, 0x1D, 0x27, 0x7D, 0x74, 0xCF, 0x51, 0x17, 0xF0, 0xC5, + 0x6D, 0x3C, 0x3D, 0x6D, 0x0A, 0x8B, 0xDB, 0xEF, 0x02, 0xD8, + 0xC3, 0xCB, 0xCA, 0x21, 0xCA, 0xD6, 0x9C, 0x18, 0x9E, 0x92, + 0xBE, 0x6E, 0xE2, 0x16, 0x5E, 0x89, 0x9B, 0xAD, 0xD4, 0x04, + 0x5A, 0x24, 0x5A, 0x3F, 0x7C, 0x12, 0xAC, 0xB4, 0x71, 0x51, + 0x25, 0x58, 0x74, 0xE4, 0xB2, 0xD4, 0x45, 0xFC, 0x5F, 0xCD, + 0x81, 0x8F, 0xE7, 0x96, 0x18, 0xD9, 0xE0, 0x97, 0x08, 0x45, + 0x36, 0xC3 +}; +static const int sizeof_dh_pub_key_der_2048 = sizeof(dh_pub_key_der_2048); + +/* ./certs/dsa-pubkey-2048.der, 2048-bit */ +static const unsigned char dsa_pub_key_der_2048[] = +{ + 0x30, 0x82, 0x03, 0x47, 0x30, 0x82, 0x02, 0x39, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01, 0x30, 0x82, 0x02, + 0x2C, 0x02, 0x82, 0x01, 0x01, 0x00, 0xEB, 0x7E, 0x2C, 0x97, + 0x36, 0x67, 0x0E, 0x73, 0x9A, 0xAC, 0xFD, 0xB1, 0x19, 0x03, + 0x52, 0x61, 0x25, 0x12, 0xB2, 0x37, 0x3D, 0xEA, 0xCA, 0x80, + 0x07, 0x5D, 0x2D, 0x33, 0xA2, 0x4E, 0x6B, 0xB7, 0x62, 0xF8, + 0x87, 0x4D, 0x4B, 0x20, 0xDA, 0xEA, 0x6A, 0x96, 0x13, 0xB7, + 0xB9, 0x49, 0xC0, 0x86, 0x14, 0x71, 0xCD, 0x8C, 0x60, 0x61, + 0x94, 0x71, 0x89, 0x95, 0x1A, 0x0F, 0x38, 0xCC, 0x9C, 0x1F, + 0x20, 0xE5, 0xD0, 0x65, 0x75, 0xCD, 0xFE, 0x24, 0x29, 0xE6, + 0x60, 0x97, 0x74, 0xEC, 0x4C, 0x42, 0xE8, 0xBA, 0xE9, 0xC2, + 0xF7, 0xCB, 0x9B, 0xEA, 0x55, 0xD8, 0x40, 0x50, 0x2E, 0xCF, + 0xCD, 0x41, 0x01, 0xA9, 0xE5, 0x29, 0xCA, 0xC3, 0x36, 0x58, + 0x7E, 0x2E, 0x11, 0x96, 0x87, 0xC6, 0xFA, 0xE1, 0x27, 0x53, + 0x3D, 0x60, 0x93, 0x7B, 0xAD, 0xEE, 0xE7, 0xD4, 0xDC, 0xD6, + 0x03, 0x16, 0x92, 0xD4, 0x51, 0x0C, 0xFD, 0xA9, 0x01, 0x3E, + 0x6E, 0x27, 0x67, 0x6E, 0x9F, 0x29, 0x63, 0xFD, 0x51, 0x82, + 0x79, 0x83, 0x2B, 0xCB, 0x12, 0xCD, 0x50, 0x92, 0xAC, 0x16, + 0xC9, 0xEA, 0x9E, 0x68, 0x9E, 0x4B, 0xE1, 0x63, 0xB4, 0x80, + 0xE4, 0xDF, 0x75, 0xBC, 0x27, 0xD1, 0x76, 0x03, 0x48, 0x98, + 0x1D, 0xE3, 0x29, 0x8A, 0x99, 0x59, 0xF3, 0x75, 0x5B, 0xD9, + 0xAC, 0x59, 0x11, 0x52, 0x2F, 0xE0, 0x91, 0x55, 0xB0, 0xF2, + 0x5F, 0x0A, 0xF8, 0xD2, 0x7A, 0xDD, 0x8D, 0xE9, 0x92, 0xE2, + 0xF3, 0xF7, 0x4A, 0xB1, 0x50, 0xD7, 0xFE, 0x07, 0x8D, 0x27, + 0x7D, 0x08, 0x6F, 0x08, 0x7E, 0x25, 0x19, 0x0D, 0xDE, 0x11, + 0xD1, 0x63, 0x31, 0x84, 0x18, 0x25, 0xBE, 0x7D, 0x64, 0x77, + 0xDB, 0x4A, 0x20, 0xC5, 0x51, 0x75, 0xD8, 0xB1, 0x1B, 0xDF, + 0x91, 0x7F, 0xFC, 0x74, 0xBA, 0x9D, 0xD1, 0xFA, 0x8D, 0xBD, + 0x59, 0xFD, 0x02, 0x21, 0x00, 0xFA, 0xF7, 0x62, 0x9A, 0x62, + 0x19, 0x64, 0x6D, 0xC1, 0xF3, 0xC0, 0x9B, 0xAC, 0x90, 0x28, + 0xEA, 0xA1, 0x83, 0xF9, 0xC8, 0xED, 0x31, 0xEE, 0x33, 0x1D, + 0x35, 0x22, 0x00, 0x2B, 0x12, 0x84, 0xFF, 0x02, 0x82, 0x01, + 0x00, 0x73, 0xC9, 0xED, 0x1F, 0xBC, 0xC7, 0xC4, 0xEF, 0x46, + 0x03, 0xD1, 0x72, 0xC3, 0xE5, 0x29, 0xB0, 0x9A, 0x95, 0x13, + 0x5B, 0x4E, 0x59, 0x57, 0x0F, 0x80, 0xEB, 0x74, 0x87, 0x11, + 0x1B, 0xC8, 0x11, 0xB6, 0x97, 0x4C, 0x48, 0x50, 0x3A, 0xB8, + 0x2C, 0x28, 0xF3, 0xB0, 0x9C, 0x7C, 0x3D, 0xFF, 0x8B, 0x43, + 0x43, 0x30, 0x85, 0x5F, 0x97, 0xD2, 0x68, 0x85, 0x35, 0x2E, + 0xD4, 0x61, 0xF6, 0x3E, 0x05, 0xEC, 0xCD, 0x60, 0x13, 0xE2, + 0x16, 0x02, 0x7C, 0x8B, 0x21, 0xCE, 0x36, 0x71, 0xC4, 0xED, + 0x0B, 0x47, 0x76, 0x83, 0x23, 0x2F, 0x98, 0xA4, 0x84, 0x98, + 0x9C, 0xFB, 0xD0, 0xA8, 0xD9, 0xB9, 0xE3, 0xD7, 0x32, 0xD9, + 0xB5, 0x9E, 0x82, 0x93, 0xD0, 0x55, 0x74, 0x5F, 0xDA, 0x87, + 0x91, 0x90, 0x0F, 0x85, 0x74, 0x1A, 0x32, 0x76, 0x4F, 0xCC, + 0x2A, 0x18, 0x11, 0x5B, 0xB4, 0x78, 0x93, 0xB6, 0xE5, 0xF0, + 0xC6, 0x71, 0xE8, 0xD7, 0x31, 0x19, 0x91, 0x27, 0x71, 0x5A, + 0x02, 0x1A, 0x1A, 0x3A, 0x55, 0x95, 0xFF, 0xF8, 0xED, 0xD3, + 0xE1, 0xAE, 0x8A, 0x1D, 0xFF, 0x53, 0x63, 0x79, 0x13, 0xA1, + 0xAD, 0x0A, 0x68, 0x67, 0x43, 0xB2, 0x5B, 0xD5, 0x36, 0xD4, + 0x84, 0xD0, 0xCD, 0x34, 0x82, 0x84, 0xA4, 0x89, 0xAE, 0xA1, + 0x66, 0x57, 0x89, 0x6F, 0xDC, 0x0C, 0x3B, 0x48, 0x14, 0x7C, + 0xCC, 0x63, 0x7C, 0x83, 0x93, 0x55, 0x7D, 0xB4, 0xF3, 0x34, + 0x66, 0x72, 0x85, 0xF5, 0x8D, 0xEF, 0x90, 0x1A, 0x66, 0xF8, + 0x3B, 0xC6, 0xA4, 0x59, 0xB8, 0x25, 0x4E, 0x5D, 0x84, 0xED, + 0x7C, 0x1C, 0xDD, 0x35, 0xA6, 0xBA, 0xED, 0x3B, 0xD6, 0x49, + 0xE6, 0x5A, 0xD1, 0xF8, 0xEA, 0x96, 0x75, 0x92, 0xCF, 0x05, + 0x52, 0x05, 0x3D, 0x78, 0x09, 0xCF, 0xCD, 0xE2, 0x1A, 0x99, + 0xEB, 0x5E, 0xFA, 0x27, 0x73, 0x89, 0x15, 0x03, 0x82, 0x01, + 0x06, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x35, 0x2D, + 0xEC, 0x83, 0x83, 0x6C, 0x73, 0x13, 0x9E, 0x52, 0x7C, 0x74, + 0xC8, 0x7B, 0xEE, 0xDF, 0x39, 0xC0, 0x33, 0xCD, 0x9F, 0xB2, + 0x22, 0x64, 0x9F, 0xC5, 0xE9, 0xFF, 0xF7, 0x09, 0x47, 0x79, + 0x13, 0x96, 0x77, 0x25, 0xF3, 0x5D, 0xAA, 0x9F, 0x97, 0x67, + 0x62, 0xBC, 0x94, 0x1D, 0xAE, 0x22, 0x7E, 0x08, 0x03, 0xBD, + 0x7E, 0x34, 0x29, 0xCB, 0x62, 0xB7, 0x82, 0x1D, 0xE2, 0xFA, + 0x05, 0xC6, 0xC1, 0x68, 0xE7, 0x01, 0x27, 0x63, 0x51, 0x3E, + 0x37, 0x59, 0x42, 0x92, 0x4F, 0x99, 0x60, 0xFD, 0x63, 0x94, + 0xB7, 0xD0, 0xEE, 0xC1, 0xA0, 0xA5, 0x01, 0x74, 0x4D, 0x0E, + 0x14, 0xB2, 0xE2, 0x2C, 0xE7, 0x82, 0x0A, 0x23, 0xC7, 0x39, + 0x45, 0x40, 0xE9, 0xE9, 0x9D, 0x36, 0xE0, 0x52, 0x03, 0x99, + 0xDC, 0x87, 0x7D, 0x6A, 0x90, 0xE4, 0xDD, 0xA9, 0xC2, 0x57, + 0x90, 0xD6, 0xCA, 0xB4, 0x15, 0x80, 0xEE, 0x00, 0xCB, 0x2A, + 0xC9, 0x59, 0x4C, 0xA7, 0x7D, 0x33, 0x0A, 0x3E, 0x4A, 0x76, + 0xEA, 0x27, 0x89, 0xD8, 0x1A, 0xEA, 0x7E, 0xDB, 0x13, 0x92, + 0x93, 0x6A, 0x57, 0x9B, 0x33, 0xFD, 0xCE, 0x09, 0x0A, 0xB0, + 0x35, 0x24, 0xE4, 0x7D, 0xD8, 0x9D, 0xFF, 0x80, 0x65, 0x0F, + 0x61, 0xF7, 0xF7, 0xED, 0x8B, 0xD5, 0x8F, 0xBF, 0xB3, 0x22, + 0x20, 0x39, 0x89, 0x83, 0xB8, 0x83, 0x96, 0x32, 0x20, 0xAD, + 0xA1, 0x5D, 0x73, 0x8F, 0xE3, 0x27, 0xD9, 0x5D, 0xDB, 0x00, + 0x27, 0xF2, 0xBE, 0x89, 0x13, 0xE2, 0x97, 0x79, 0x10, 0x27, + 0x3D, 0xD8, 0x05, 0x96, 0x59, 0x6E, 0xA0, 0xC1, 0x6F, 0x99, + 0x4F, 0x28, 0xFA, 0xA6, 0x0B, 0x5C, 0x16, 0xEE, 0xB0, 0x98, + 0x8A, 0x06, 0x4A, 0xB0, 0x02, 0x2A, 0x6D, 0xCC, 0xE2, 0xC8, + 0x11, 0xF9, 0x1B, 0xF1, 0x3C, 0x68, 0xDF, 0xC2, 0xF4, 0x98, + 0x5F, 0x6C, 0xC8 +}; +static const int sizeof_dsa_pub_key_der_2048 = sizeof(dsa_pub_key_der_2048); + /* ./certs/dsa2048.der, 2048-bit */ static const unsigned char dsa_key_der_2048[] = { @@ -1380,82 +1526,10 @@ static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048); /* ./certs/ca-cert.der, 2048-bit */ static const unsigned char ca_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xFF, 0x30, 0x82, 0x03, 0xE7, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x5E, 0xBA, 0xA4, 0xF4, 0xB1, - 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, 0xDA, 0xA1, 0x13, 0xED, - 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, - 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, - 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, - 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, - 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, - 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, - 0x2D, 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, - 0x4A, 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, - 0xCA, 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, - 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, - 0x98, 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, - 0xDE, 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, - 0xBB, 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, - 0xF1, 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, - 0x41, 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, - 0x70, 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, - 0xED, 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, - 0xED, 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, - 0x38, 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, - 0x3C, 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, - 0x13, 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, - 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, - 0xDC, 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, - 0x7D, 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, - 0x67, 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, - 0x68, 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, - 0xF5, 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, - 0x17, 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, - 0xC3, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, - 0x52, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, - 0xB9, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, - 0xED, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, - 0x01, 0x45, 0x30, 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, - 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, - 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xD4, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, - 0xC9, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, - 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, - 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, + 0x30, 0x82, 0x04, 0xE9, 0x30, 0x82, 0x03, 0xD1, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, + 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -1471,83 +1545,152 @@ static const unsigned char ca_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x14, 0x5E, 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, - 0xE3, 0x5F, 0x9B, 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, - 0x67, 0x15, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, - 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, - 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, - 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xB9, 0xED, 0x94, - 0x3E, 0x00, 0x73, 0x2D, 0xA5, 0xD1, 0x04, 0xB3, 0xFB, 0xDC, - 0xF0, 0xB7, 0x0D, 0x3D, 0xAD, 0x96, 0x74, 0x4C, 0x92, 0x67, - 0xAD, 0x6D, 0x7C, 0xE2, 0x99, 0x6A, 0x33, 0xCA, 0xB2, 0x0F, - 0x04, 0x5A, 0xA5, 0x67, 0xF8, 0xE3, 0x0B, 0x3D, 0xF5, 0xD0, - 0x5B, 0x1E, 0x20, 0x52, 0x12, 0x92, 0x28, 0xEA, 0x31, 0xA3, - 0x51, 0x9E, 0x8B, 0xD2, 0x39, 0xE4, 0x25, 0xEA, 0x61, 0x61, - 0x41, 0x16, 0x2D, 0x54, 0x50, 0xD3, 0xFB, 0xD0, 0x34, 0x00, - 0x10, 0xF1, 0x7B, 0xBC, 0xF0, 0x08, 0xA7, 0xF5, 0x27, 0x5E, - 0x7E, 0x40, 0x9D, 0x99, 0xB0, 0xD3, 0x31, 0x11, 0xC3, 0x9D, - 0xA9, 0x51, 0xA0, 0x17, 0xCF, 0x83, 0x2C, 0x55, 0x84, 0xE0, - 0xD5, 0x92, 0xA0, 0x05, 0x3A, 0x9F, 0xB8, 0x75, 0xF8, 0x1B, - 0xE5, 0xF7, 0xA4, 0x6C, 0xE9, 0xAA, 0x25, 0x8B, 0x19, 0x93, - 0x46, 0x1F, 0x3F, 0x33, 0xAF, 0x47, 0x29, 0xCF, 0x7B, 0x8B, - 0x59, 0x27, 0xEB, 0xD7, 0x4F, 0xCB, 0x33, 0x19, 0xFA, 0x5F, - 0xEE, 0xD8, 0x13, 0xE9, 0x0C, 0x07, 0xAD, 0x3B, 0xC0, 0x7F, - 0x10, 0xD7, 0xE4, 0xED, 0xE8, 0xDB, 0x16, 0xE1, 0x1F, 0xA4, - 0x7F, 0x16, 0x3C, 0xBD, 0xD7, 0x11, 0xF2, 0xD4, 0x3A, 0xA9, - 0x9B, 0x95, 0xE1, 0x39, 0x51, 0x99, 0xEB, 0x5B, 0x65, 0x46, - 0xEF, 0x63, 0x84, 0x73, 0x95, 0x23, 0xB8, 0xBF, 0xB5, 0xF6, - 0x4D, 0x12, 0x71, 0xF7, 0xFF, 0x33, 0xAA, 0x4A, 0x8C, 0x65, - 0x73, 0x73, 0x89, 0x69, 0xDF, 0xA6, 0xDC, 0xA4, 0x91, 0xFF, - 0xAE, 0xC7, 0x28, 0x93, 0xB5, 0x1A, 0xDE, 0xA9, 0x8F, 0x2B, - 0x30, 0x85, 0x83, 0x8B, 0x99, 0x82, 0xCA, 0xB3, 0x7C, 0x11, - 0x10, 0x88, 0x9D, 0x8E, 0x6C, 0x2C, 0xF3, 0x05, 0x6F, 0xCB, - 0x80, 0x85, 0x16, 0xB7, 0xED, 0xE4, 0x68, 0xFB, 0xB6, 0xB6, - 0x31, 0x8A, 0x7D + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, + 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, + 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, + 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, + 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, + 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, + 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, + 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, + 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, + 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, + 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, + 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, + 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, + 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, + 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, + 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, + 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, + 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, + 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, + 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, + 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, + 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, + 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, + 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, + 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, + 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, + 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, + 0x3A, 0x30, 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, + 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, + 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, + 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, + 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, + 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, + 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, + 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, + 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, + 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x01, 0x00, 0x62, 0x98, 0xC8, 0x58, 0xCF, + 0x56, 0x03, 0x86, 0x5B, 0x1B, 0x71, 0x49, 0x7D, 0x05, 0x03, + 0x5D, 0xE0, 0x08, 0x86, 0xAD, 0xDB, 0x4A, 0xDE, 0xAB, 0x22, + 0x96, 0xA8, 0xC3, 0x59, 0x68, 0xC1, 0x37, 0x90, 0x40, 0xDF, + 0xBD, 0x89, 0xD0, 0xBC, 0xDA, 0x8E, 0xEF, 0x87, 0xB2, 0xC2, + 0x62, 0x52, 0xE1, 0x1A, 0x29, 0x17, 0x6A, 0x96, 0x99, 0xC8, + 0x4E, 0xD8, 0x32, 0xFE, 0xB8, 0xD1, 0x5C, 0x3B, 0x0A, 0xC2, + 0x3C, 0x5F, 0xA1, 0x1E, 0x98, 0x7F, 0xCE, 0x89, 0x26, 0x21, + 0x1F, 0x64, 0x9C, 0x15, 0x7A, 0x9C, 0xEF, 0xFB, 0x1D, 0x85, + 0x6A, 0xFA, 0x98, 0xCE, 0xA8, 0xA9, 0xAB, 0xC3, 0xA2, 0xC0, + 0xEB, 0x87, 0xED, 0xBC, 0x21, 0xDF, 0xF3, 0x07, 0x5B, 0xAE, + 0xFD, 0x40, 0xD4, 0xAE, 0x20, 0xD0, 0x76, 0x8A, 0x31, 0x0A, + 0xA2, 0x62, 0x7C, 0x61, 0x0D, 0xCE, 0x5D, 0x9A, 0x1E, 0xE4, + 0x20, 0x88, 0x51, 0x49, 0xFB, 0x77, 0xA9, 0xCD, 0x4D, 0xC6, + 0xBF, 0x54, 0x99, 0x33, 0xEF, 0x4B, 0xA0, 0x73, 0x70, 0x6D, + 0x2E, 0xD9, 0x3D, 0x08, 0xF6, 0x12, 0x39, 0x31, 0x68, 0xC6, + 0x61, 0x5C, 0x41, 0xB5, 0x1B, 0xF4, 0x38, 0x7D, 0xFC, 0xBE, + 0x73, 0x66, 0x2D, 0xF7, 0xCA, 0x5B, 0x2C, 0x5B, 0x31, 0xAA, + 0xCF, 0xF6, 0x7F, 0x30, 0xE4, 0x12, 0x2C, 0x8E, 0xD6, 0x38, + 0x51, 0xE6, 0x45, 0xEE, 0xD5, 0xDA, 0xC3, 0x83, 0xD6, 0xED, + 0x5E, 0xEC, 0xD6, 0xB6, 0x14, 0xB3, 0x93, 0x59, 0xE1, 0x55, + 0x4A, 0x7F, 0x04, 0xDF, 0xCE, 0x65, 0xD4, 0xDF, 0x18, 0x4F, + 0xDD, 0xB4, 0x45, 0x7F, 0xA6, 0x56, 0x30, 0xC4, 0x05, 0x44, + 0x98, 0x9D, 0x4F, 0x26, 0x6D, 0x84, 0x80, 0xA0, 0x5E, 0xED, + 0x23, 0xD1, 0x48, 0x87, 0x0E, 0x05, 0x06, 0x91, 0x3B, 0xB0, + 0x3C, 0xBB, 0x8C, 0x8F, 0x3C, 0x7B, 0x4C, 0x4F, 0xA1, 0xCA, + 0x98 }; static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); /* ./certs/ca-cert-chain.der, 2048-bit */ static const unsigned char ca_cert_chain_der[] = { - 0x30, 0x82, 0x03, 0xB5, 0x30, 0x82, 0x03, 0x1E, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xDA, 0xFB, 0x6A, 0x0D, - 0xFE, 0xCF, 0x9B, 0x47, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x30, 0x82, 0x03, 0xE4, 0x30, 0x82, 0x03, 0x4D, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE9, 0x2F, 0xDA, 0xA8, + 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, - 0x38, 0x30, 0x34, 0x31, 0x33, 0x31, 0x35, 0x32, 0x33, 0x31, - 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, - 0x31, 0x35, 0x32, 0x33, 0x31, 0x30, 0x5A, 0x30, 0x81, 0x99, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, - 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, - 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, - 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, @@ -1569,168 +1712,54 @@ static const unsigned char ca_cert_chain_der[] = 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x01, 0x30, - 0x81, 0xFE, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, - 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, - 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, - 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, - 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, - 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, - 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, - 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, 0x6E, - 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, 0x30, - 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x82, 0x09, 0x00, 0xDA, 0xFB, 0x6A, 0x0D, 0xFE, 0xCF, - 0x9B, 0x47, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, - 0x00, 0x03, 0x81, 0x81, 0x00, 0x1D, 0x48, 0xF6, 0x40, 0x41, - 0x04, 0x06, 0xF2, 0xE4, 0x72, 0x2F, 0xEA, 0xFF, 0xC1, 0x67, - 0x6B, 0x15, 0xBB, 0x0A, 0x28, 0x23, 0x28, 0x07, 0xC6, 0xD7, - 0x13, 0x2C, 0xBE, 0x00, 0x00, 0xAC, 0x1D, 0xF7, 0xF4, 0x92, - 0xD3, 0x2B, 0xAF, 0x23, 0xEB, 0x9F, 0x1A, 0xE2, 0x11, 0x3C, - 0x2D, 0x97, 0xF2, 0x0F, 0xAC, 0xAE, 0x97, 0x86, 0x0A, 0xFB, - 0xA8, 0x4F, 0x74, 0x1B, 0xDE, 0x19, 0x51, 0xDB, 0xCD, 0xE2, - 0x11, 0x38, 0xC1, 0xA4, 0x9D, 0x56, 0xAB, 0x47, 0x5C, 0xDE, - 0xBA, 0xEB, 0x27, 0xDF, 0x6D, 0xC8, 0x7E, 0x3A, 0xBD, 0x2E, - 0x9B, 0x2A, 0xAD, 0x22, 0x3B, 0x95, 0xA9, 0xF2, 0x28, 0x03, - 0xBC, 0xE5, 0xEC, 0xCC, 0xF2, 0x08, 0xD4, 0xC8, 0x2F, 0xDB, - 0xEA, 0xFB, 0x2E, 0x52, 0x16, 0x8C, 0x42, 0x02, 0xA4, 0x59, - 0x6D, 0x4C, 0x33, 0xB4, 0x9A, 0xD2, 0x73, 0x4A, 0x1E, 0x9F, - 0xD9, 0xC8, 0x83, 0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, - 0x92, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x86, - 0xFF, 0xF5, 0x8E, 0x10, 0xDE, 0xB8, 0xFB, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, - 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, - 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, - 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x38, 0x30, - 0x34, 0x31, 0x33, 0x31, 0x35, 0x32, 0x33, 0x30, 0x39, 0x5A, - 0x17, 0x0D, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, 0x35, - 0x32, 0x33, 0x30, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, - 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, - 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, - 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, - 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, - 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, - 0x0C, 0xCA, 0x2D, 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, - 0x38, 0x1F, 0x4A, 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, - 0x9F, 0xDF, 0xCA, 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, - 0x66, 0xEE, 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, - 0x0B, 0x10, 0x98, 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, - 0xCC, 0x4F, 0xDE, 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, - 0xCA, 0x90, 0xBB, 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, - 0x95, 0xC5, 0xF1, 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, - 0xA4, 0x10, 0x41, 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, - 0xB0, 0xD2, 0x70, 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, - 0x2C, 0x7C, 0xED, 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, - 0xAC, 0xC7, 0xED, 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, - 0x49, 0x5C, 0x38, 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, - 0x53, 0x94, 0x3C, 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, - 0xD3, 0x1D, 0x13, 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, - 0xCC, 0xB8, 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, - 0xD8, 0x21, 0xDC, 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, - 0x1A, 0xFC, 0x7D, 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, - 0x7C, 0x05, 0x67, 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, - 0x8C, 0xB5, 0x68, 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, - 0xA0, 0x63, 0xF5, 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, - 0xB1, 0x5A, 0x17, 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, - 0x6F, 0xFE, 0xC3, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, - 0x67, 0x00, 0x52, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, - 0x45, 0x1D, 0xB9, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, - 0x4B, 0xBD, 0xED, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, - 0xA3, 0x81, 0xFC, 0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, - 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, - 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, - 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, - 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, - 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, - 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x09, 0x00, 0x86, 0xFF, 0xF5, 0x8E, 0x10, 0xDE, 0xB8, - 0xFB, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, - 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0x9E, 0x28, 0x88, 0x72, 0x00, - 0xCA, 0xE6, 0xE7, 0x97, 0xCA, 0xC1, 0xF1, 0x1F, 0x9E, 0x12, - 0xB2, 0xB8, 0xC7, 0x51, 0xEA, 0x28, 0xE1, 0x36, 0xB5, 0x2D, - 0xE6, 0x2F, 0x08, 0x23, 0xCB, 0xA9, 0x4A, 0x87, 0x25, 0xC6, - 0x5D, 0x89, 0x45, 0xEA, 0xF5, 0x00, 0x98, 0xAC, 0x76, 0xFB, - 0x1B, 0xAF, 0xF0, 0xCE, 0x64, 0x9E, 0xDA, 0x08, 0xBF, 0xB6, - 0xEB, 0xB4, 0xB5, 0x0C, 0xA0, 0xE7, 0xF6, 0x47, 0x59, 0x1C, - 0x61, 0xCF, 0x2E, 0x0E, 0x58, 0xA4, 0x82, 0xAC, 0x0F, 0x3F, - 0xEC, 0xC4, 0xAE, 0x80, 0xF7, 0xB0, 0x8A, 0x1E, 0x85, 0x41, - 0xE8, 0xFF, 0xFE, 0xFE, 0x4F, 0x1A, 0x24, 0xD5, 0x49, 0xFA, - 0xFB, 0xFE, 0x5E, 0xE5, 0xD3, 0x91, 0x0E, 0x4F, 0x4E, 0x0C, - 0x21, 0x51, 0x71, 0x83, 0x04, 0x6B, 0x62, 0x7B, 0x4F, 0x59, - 0x76, 0x48, 0x81, 0x1E, 0xB4, 0xF7, 0x04, 0x47, 0x8A, 0x91, - 0x57, 0xA3, 0x11, 0xA9, 0xF2, 0x20, 0xB4, 0x78, 0x33, 0x62, - 0x3D, 0xB0, 0x5E, 0x0D, 0xF9, 0x86, 0x38, 0x82, 0xDA, 0xA1, - 0x98, 0x8D, 0x19, 0x06, 0x87, 0x21, 0x39, 0xB7, 0x02, 0xF7, - 0xDA, 0x7D, 0x58, 0xBA, 0x52, 0x15, 0xD8, 0x3B, 0xC9, 0x7B, - 0x58, 0x34, 0xA0, 0xC7, 0xE2, 0x7C, 0xA9, 0x83, 0x13, 0xE1, - 0xB6, 0xEC, 0x01, 0xBF, 0x52, 0x33, 0x0B, 0xC4, 0xFE, 0x43, - 0xD3, 0xC6, 0xA4, 0x8E, 0x2F, 0x87, 0x7F, 0x7A, 0x44, 0xEA, - 0xCA, 0x53, 0x6C, 0x85, 0xED, 0x65, 0x76, 0x73, 0x31, 0x03, - 0x4E, 0xEA, 0xBD, 0x35, 0x54, 0x13, 0xF3, 0x64, 0x87, 0x6B, - 0xDF, 0x34, 0xDD, 0x34, 0xA1, 0x88, 0x3B, 0xDB, 0x4D, 0xAF, - 0x1B, 0x64, 0x90, 0x92, 0x71, 0x30, 0x8E, 0xC8, 0xCC, 0xE5, - 0x60, 0x24, 0xAF, 0x31, 0x16, 0x39, 0x33, 0x91, 0x50, 0xF9, - 0xAB, 0x68, 0x42, 0x74, 0x7A, 0x35, 0xD9, 0xDD, 0xC8, 0xC4, - 0x52 + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, + 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, + 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, + 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, + 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xE9, 0x2F, 0xDA, 0xA8, 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, + 0x81, 0x00, 0xB3, 0xE9, 0x88, 0x6A, 0xEA, 0x5F, 0x35, 0x7C, + 0x6C, 0xFD, 0x93, 0xFE, 0x9A, 0x98, 0xE7, 0x1C, 0xBC, 0xD1, + 0xC8, 0x7A, 0x15, 0xC5, 0x69, 0xE1, 0xFB, 0x35, 0x1B, 0xEC, + 0x92, 0x3F, 0xD1, 0x3E, 0x69, 0x2A, 0x11, 0x95, 0x44, 0x3D, + 0x3F, 0x7C, 0xFF, 0xF6, 0x64, 0xD8, 0xE4, 0x1D, 0xEC, 0x86, + 0x95, 0x69, 0x48, 0x3D, 0x5B, 0x6D, 0x39, 0xE7, 0x7E, 0x51, + 0x12, 0x15, 0x4B, 0x90, 0xA8, 0xFA, 0x1E, 0xAA, 0x81, 0x53, + 0xDE, 0x85, 0x29, 0x4D, 0x79, 0x6C, 0x08, 0xC2, 0xC4, 0x5E, + 0x4D, 0x39, 0xA6, 0x09, 0xA4, 0x67, 0xAC, 0xDC, 0xF0, 0xCD, + 0xB7, 0x4E, 0xE5, 0xF9, 0x72, 0xC3, 0x25, 0x1C, 0x8D, 0xE0, + 0x03, 0x30, 0x19, 0x5A, 0xA5, 0x63, 0xA6, 0xBA, 0xEC, 0x12, + 0x87, 0xEF, 0x6D, 0x56, 0x22, 0xA7, 0x42, 0x4A, 0x8F, 0x3B, + 0xFD, 0x20, 0xAB, 0xEF, 0x29, 0x5E, 0x3D, 0x16, 0xD7, 0xAC + }; static const int sizeof_ca_cert_chain_der = sizeof(ca_cert_chain_der); @@ -1863,7 +1892,7 @@ static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048); /* ./certs/server-cert.der, 2048-bit */ static const unsigned char server_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xE8, 0x30, 0x82, 0x03, 0xD0, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0xDD, 0x30, 0x82, 0x03, 0xC5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -1881,10 +1910,10 @@ static const unsigned char server_cert_der_2048[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -1928,12 +1957,12 @@ static const unsigned char server_cert_der_2048[] = 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x45, 0x30, - 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, - 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, + 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -1951,45 +1980,43 @@ static const unsigned char server_cert_der_2048[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5E, - 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, - 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, - 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, - 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, - 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, - 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, - 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0x35, 0x91, 0xE6, 0x72, 0xCC, 0x0B, - 0xF1, 0x47, 0x8F, 0x3D, 0xE3, 0x5D, 0x52, 0x2F, 0x83, 0xB8, - 0xB1, 0x3B, 0x6D, 0xD6, 0xAC, 0x13, 0x79, 0x74, 0x14, 0xFF, - 0x07, 0x8D, 0xEE, 0x74, 0x77, 0x64, 0xFF, 0xB8, 0x83, 0x1D, - 0x81, 0x80, 0x84, 0xBB, 0x38, 0xFA, 0x8F, 0xF3, 0x75, 0x29, - 0x23, 0xCE, 0xE5, 0x09, 0xA8, 0x13, 0x85, 0x14, 0xB6, 0x6A, - 0x35, 0x30, 0x2C, 0x1C, 0xC4, 0x0F, 0x23, 0x67, 0xEA, 0xED, - 0xCB, 0x91, 0xC4, 0x05, 0xE3, 0xEC, 0x6B, 0xBE, 0x11, 0xBF, - 0xD9, 0x9A, 0xAB, 0x93, 0x17, 0x9F, 0xE4, 0x9A, 0x59, 0xD4, - 0xE7, 0xCC, 0xCE, 0xDC, 0x83, 0x10, 0xF5, 0xCD, 0xDE, 0xD7, - 0x35, 0x75, 0x4B, 0xAA, 0x7A, 0x7A, 0xBA, 0x02, 0xA0, 0xB0, - 0xB5, 0xC1, 0x8A, 0x6B, 0xB1, 0x72, 0xCF, 0x64, 0x59, 0x4E, - 0xD3, 0xA4, 0xA1, 0x6C, 0x64, 0x4B, 0x14, 0xCF, 0xA3, 0xD6, - 0x37, 0x0A, 0xE6, 0xF9, 0x5B, 0x21, 0xBE, 0xDE, 0x0C, 0xC1, - 0xCF, 0x43, 0xE1, 0x18, 0x0B, 0x19, 0x13, 0x6B, 0x8E, 0x3D, - 0xDF, 0x0F, 0xA7, 0x43, 0xFB, 0x35, 0x67, 0x4A, 0x50, 0xE8, - 0x09, 0x46, 0x34, 0xBD, 0xF4, 0xAB, 0x1A, 0x8F, 0xBD, 0x4D, - 0x1C, 0x6B, 0x20, 0xBE, 0x1C, 0x8C, 0xCA, 0x66, 0x98, 0xBA, - 0x03, 0x67, 0xF2, 0x1C, 0x3C, 0x1E, 0x01, 0xF0, 0x4D, 0xC6, - 0x85, 0x82, 0x6F, 0xA9, 0x49, 0xF7, 0x1B, 0x7D, 0x6B, 0xDB, - 0x76, 0x84, 0x73, 0xBB, 0x16, 0xC5, 0x6E, 0x74, 0xAB, 0x7B, - 0xFB, 0x1C, 0xE9, 0x91, 0xBB, 0x29, 0x73, 0x1C, 0xDE, 0x27, - 0xB4, 0x67, 0x3B, 0x10, 0x51, 0xF4, 0x17, 0xEB, 0xB8, 0x38, - 0xA0, 0x9A, 0xEB, 0x37, 0x5B, 0x76, 0x8F, 0x39, 0x12, 0x39, - 0x35, 0xD1, 0xCA, 0xFE, 0xC0, 0x26, 0xFB, 0x73, 0x50, 0x1E, - 0x2D, 0xB9, 0xD2, 0xBA, 0xE5, 0x4C, 0x35, 0xBD, 0xED, 0x7B - + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x1B, 0x0D, 0xA6, 0x44, 0x93, 0x0D, 0x0E, + 0x0C, 0x35, 0x28, 0x26, 0x40, 0x31, 0xD2, 0xEB, 0x26, 0x4C, + 0x47, 0x5B, 0x19, 0xFB, 0xAD, 0xFE, 0x3A, 0xF5, 0x30, 0x3A, + 0x28, 0xD7, 0xAA, 0x69, 0xA4, 0x15, 0xE7, 0x26, 0x6E, 0xB7, + 0x33, 0x56, 0xAC, 0x8F, 0x34, 0x3D, 0xF3, 0x21, 0x2F, 0x53, + 0x58, 0x91, 0xD0, 0x3E, 0xB4, 0x39, 0x48, 0xBF, 0x93, 0x11, + 0x74, 0x36, 0xD3, 0x87, 0x49, 0xC3, 0x34, 0x0D, 0x30, 0x30, + 0xAB, 0xF4, 0x4C, 0x27, 0x19, 0xD5, 0xC4, 0x0C, 0xAD, 0x49, + 0xBD, 0x91, 0xF8, 0xDA, 0x9E, 0xC8, 0x2D, 0x2A, 0xAC, 0xE2, + 0x75, 0x8E, 0xAA, 0x08, 0xD9, 0xBF, 0x65, 0xFF, 0xA3, 0xB1, + 0x4F, 0xF0, 0x60, 0x6F, 0x4D, 0x95, 0xC4, 0x06, 0x7F, 0xAF, + 0x66, 0x6A, 0x23, 0x3B, 0x3A, 0xA4, 0x61, 0xB6, 0x6C, 0xCA, + 0xBE, 0xE1, 0xB0, 0x77, 0xF3, 0xEC, 0x83, 0xD5, 0x8C, 0x1D, + 0x85, 0x7F, 0x8D, 0x74, 0xC8, 0xEC, 0x1E, 0x49, 0xEC, 0x57, + 0x4A, 0xCC, 0xFD, 0xE2, 0x3A, 0x3E, 0x54, 0x50, 0xAE, 0x67, + 0xCD, 0x17, 0xB0, 0x67, 0xA5, 0x53, 0x7F, 0xC3, 0x0E, 0x3E, + 0xA7, 0x58, 0xE8, 0xDF, 0xD5, 0x0C, 0xF2, 0x64, 0xF3, 0xAD, + 0x12, 0x70, 0xE3, 0xB9, 0x42, 0xBC, 0x08, 0x60, 0x76, 0xD5, + 0x0C, 0xA5, 0x31, 0x77, 0x50, 0xE0, 0xC8, 0xF3, 0x3A, 0x3D, + 0x45, 0xCF, 0x32, 0x75, 0xEF, 0x10, 0xDD, 0xB5, 0xED, 0x6E, + 0xD2, 0x2D, 0x57, 0x82, 0x95, 0x38, 0xBC, 0x7D, 0x54, 0xC4, + 0x84, 0x5E, 0xFB, 0x7E, 0x83, 0xF5, 0xF1, 0x2D, 0x9C, 0x98, + 0xAC, 0x73, 0xE3, 0xA7, 0xD2, 0x02, 0x30, 0xD6, 0x1F, 0x06, + 0x1E, 0xD0, 0xDC, 0x3A, 0xAC, 0xF4, 0xC2, 0xC2, 0xBE, 0x72, + 0x40, 0x9A, 0xEA, 0xCF, 0x35, 0x21, 0x3B, 0x56, 0x6D, 0xE1, + 0x52, 0xF2, 0x80, 0xD7, 0x35, 0x83, 0x97, 0x07, 0xCC }; static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); @@ -2592,163 +2619,161 @@ static const int sizeof_client_keypub_der_3072 = sizeof(client_keypub_der_3072); /* ./certs/3072/client-cert.der, 3072-bit */ static const unsigned char client_cert_der_3072[] = { - 0x30, 0x82, 0x06, 0x1D, 0x30, 0x82, 0x04, 0x85, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x53, 0x82, 0x30, 0x49, 0xE8, - 0xBE, 0x64, 0x59, 0x2E, 0x35, 0x41, 0xAC, 0x31, 0x0D, 0x4D, - 0x25, 0x21, 0x54, 0x90, 0xA4, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, - 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, - 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, - 0x68, 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, - 0x9C, 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, - 0x55, 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, - 0x5F, 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, - 0xEE, 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, - 0xC7, 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, - 0x5C, 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, - 0x3D, 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, - 0x22, 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, - 0x31, 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, - 0x69, 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, - 0xC8, 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, - 0xFF, 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, - 0x2C, 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, - 0x11, 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, - 0x85, 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, - 0x3E, 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, - 0x87, 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, - 0xC3, 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, - 0x35, 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, - 0x03, 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, - 0x6D, 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, - 0x2F, 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, - 0xD6, 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, - 0x32, 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, - 0xA9, 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, - 0x5A, 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, - 0xCD, 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, - 0xCE, 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, - 0x01, 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, - 0xEF, 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, - 0xAD, 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, - 0x68, 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, - 0xD7, 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, - 0x88, 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, - 0x08, 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, - 0xF9, 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, - 0xC4, 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, - 0x93, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, - 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, - 0xB0, 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, - 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xDE, 0x06, 0x03, - 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, - 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, - 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, - 0xA8, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, - 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, - 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, - 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x53, 0x82, 0x30, 0x49, 0xE8, 0xBE, 0x64, 0x59, 0x2E, 0x35, - 0x41, 0xAC, 0x31, 0x0D, 0x4D, 0x25, 0x21, 0x54, 0x90, 0xA4, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x81, 0x00, 0x9E, 0xC9, 0x99, 0xB8, 0x8C, - 0xC1, 0xA2, 0xDB, 0xCB, 0x78, 0x73, 0x5A, 0x8A, 0x8D, 0x3B, - 0xF3, 0x0A, 0x2A, 0x2F, 0xEF, 0x30, 0x09, 0x18, 0x49, 0xE1, - 0xF7, 0x9F, 0x8A, 0xA2, 0x33, 0xCE, 0x7C, 0xEC, 0x88, 0xA3, - 0x3D, 0x81, 0x50, 0x76, 0x4B, 0x2C, 0x20, 0x82, 0xBC, 0x99, - 0x30, 0x82, 0x7F, 0x0E, 0x33, 0x9C, 0xC8, 0x02, 0x9B, 0x3C, - 0xDE, 0x3E, 0x65, 0x78, 0x2D, 0x6E, 0x27, 0x39, 0x4F, 0xC4, - 0x18, 0xD3, 0x96, 0x23, 0xA3, 0x2D, 0x91, 0x57, 0x90, 0x52, - 0xBD, 0x7D, 0x12, 0x3D, 0xBF, 0x7D, 0xB1, 0x35, 0x2E, 0xA6, - 0xBE, 0x26, 0x95, 0x3C, 0x04, 0x5C, 0x20, 0x6C, 0xD8, 0xE5, - 0x36, 0xB2, 0xE1, 0x7B, 0x0F, 0xA1, 0x2C, 0x1F, 0x28, 0x3C, - 0x19, 0xCB, 0xC4, 0x69, 0xBB, 0x59, 0xB4, 0x99, 0x13, 0xF2, - 0xE5, 0xF5, 0x6C, 0x23, 0xD3, 0x69, 0x3B, 0x01, 0xB7, 0x5A, - 0xA1, 0xBE, 0xF6, 0x70, 0x00, 0x6C, 0x9C, 0x2E, 0x2F, 0x22, - 0xEA, 0x4C, 0x7C, 0x72, 0xE3, 0x99, 0x21, 0xA9, 0xDD, 0xBA, - 0x8D, 0x16, 0x5C, 0x88, 0xF7, 0xC0, 0x99, 0xC2, 0x8E, 0x83, - 0x10, 0x3D, 0xEA, 0xC8, 0x11, 0x77, 0x6A, 0xE5, 0x78, 0x47, - 0x92, 0x33, 0xEC, 0xAA, 0x35, 0x8C, 0x13, 0xF0, 0x4C, 0x9D, - 0xDD, 0x35, 0x56, 0x42, 0x35, 0x36, 0xCE, 0xD8, 0x46, 0xD8, - 0xD7, 0xD4, 0x84, 0xA1, 0x17, 0xBC, 0x57, 0x09, 0xCB, 0xDA, - 0x56, 0xD2, 0x76, 0xAC, 0x6A, 0xC0, 0xB3, 0x71, 0xA3, 0x1C, - 0xD3, 0x2C, 0xEA, 0xF6, 0x4C, 0x9A, 0x4D, 0xDD, 0x3A, 0xCE, - 0x10, 0x33, 0xF0, 0x82, 0x34, 0x70, 0x71, 0x5D, 0x6F, 0x77, - 0x8F, 0xEC, 0xA2, 0x77, 0x7D, 0x1C, 0x9E, 0x7F, 0x55, 0x6B, - 0xE5, 0xD3, 0x29, 0x49, 0x3D, 0x77, 0xFD, 0x5F, 0xBB, 0xCA, - 0x7A, 0xB9, 0x80, 0xB5, 0x81, 0x69, 0xA3, 0x38, 0xA3, 0xC6, - 0x96, 0xD2, 0x21, 0x1D, 0x85, 0x08, 0x47, 0x59, 0xA9, 0xD4, - 0x92, 0x8E, 0x94, 0x3F, 0x5A, 0xA1, 0x36, 0xD7, 0x92, 0xB7, - 0x2F, 0xCE, 0xF0, 0xA8, 0x40, 0x50, 0xAE, 0x3F, 0xD0, 0x20, - 0x39, 0x86, 0xA6, 0xA1, 0x7C, 0x4F, 0x23, 0x5C, 0x9C, 0x5F, - 0xDA, 0x93, 0x75, 0xD6, 0x93, 0xB1, 0x5F, 0x30, 0x25, 0x76, - 0x6C, 0x77, 0x8F, 0xF8, 0x8E, 0x15, 0xAE, 0x66, 0x5B, 0x7D, - 0xEE, 0xD3, 0x49, 0xAE, 0xC6, 0x1C, 0xB0, 0x90, 0x96, 0x5D, - 0x36, 0x9E, 0x12, 0x4C, 0x98, 0x4A, 0xF1, 0xD1, 0x6B, 0xA4, - 0x7F, 0x76, 0xCB, 0x51, 0xF9, 0xF2, 0x52, 0x07, 0xE4, 0x60, - 0x6F, 0x67, 0x6F, 0xE3, 0xA3, 0x84, 0xC0, 0x43, 0x0D, 0xFD, - 0xF6, 0x25, 0x9E, 0x3C, 0xD3, 0x41, 0xE9, 0x44, 0xC5, 0xF7, - 0xB9, 0x11, 0x3B, 0x0F, 0xDC, 0x9C, 0xE3, 0xDD, 0xF2, 0xAC, - 0x06, 0xB3, 0x20, 0x14, 0x2D, 0x6C, 0xDB, 0x8E, 0x78 + 0x30, 0x82, 0x06, 0x07, 0x30, 0x82, 0x04, 0x6F, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA4, 0xE0, 0xAA, 0xF3, + 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, + 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, 0x01, + 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, 0x68, + 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, 0x9C, + 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, 0x55, + 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, 0x5F, + 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, 0xEE, + 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, 0xC7, + 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, 0x5C, + 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, 0x3D, + 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, 0x22, + 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, 0x31, + 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, 0x69, + 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, 0xC8, + 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, 0xFF, + 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, 0x2C, + 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, 0x11, + 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, 0x85, + 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, 0x3E, + 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, 0x87, + 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, 0xC3, + 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, 0x35, + 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, 0x03, + 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, 0x6D, + 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, 0x2F, + 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, 0xD6, + 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, 0x32, + 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, 0xA9, + 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, 0x5A, + 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, 0xCD, + 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, 0xCE, + 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, 0x01, + 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, 0xEF, + 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, 0xAD, + 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, 0x68, + 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, 0xD7, + 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, 0x88, + 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, 0x08, + 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, 0xF9, + 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, 0xC4, + 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, 0x93, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, + 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, + 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, + 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, + 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, 0x74, + 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, + 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, + 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, + 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xA4, 0xE0, 0xAA, 0xF3, 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x81, 0x00, 0x57, 0x21, 0xC0, 0xAD, 0x6E, 0x16, 0x74, + 0xD5, 0xB1, 0x8B, 0x19, 0x55, 0x49, 0x7A, 0xA4, 0x5E, 0xD6, + 0x18, 0xF9, 0x03, 0x80, 0x4B, 0xC2, 0x71, 0xD1, 0x04, 0x47, + 0x9C, 0xB3, 0x73, 0x9C, 0x4F, 0x62, 0x4A, 0x3A, 0x9A, 0xD4, + 0x48, 0xE4, 0x81, 0xDB, 0x8D, 0x15, 0xDF, 0x5D, 0x0F, 0x08, + 0x13, 0x28, 0x28, 0xD7, 0x05, 0x44, 0xC1, 0xB9, 0x6D, 0xF1, + 0x75, 0x60, 0x74, 0xD0, 0x44, 0xAE, 0x91, 0x0F, 0x3A, 0x7C, + 0xF4, 0xEE, 0xEA, 0x6F, 0x06, 0x3A, 0x41, 0xAE, 0x6B, 0x5C, + 0x8A, 0x0D, 0x85, 0x6B, 0xB3, 0xFB, 0xB1, 0x5F, 0x70, 0xF7, + 0x9B, 0x32, 0x57, 0xFB, 0xC4, 0x6B, 0xCE, 0x90, 0x86, 0x0C, + 0x96, 0x8A, 0x41, 0x4E, 0x61, 0xF3, 0xA1, 0x3F, 0x55, 0xE8, + 0x94, 0x56, 0x12, 0x6D, 0x9E, 0x46, 0x2C, 0x31, 0xBD, 0x3F, + 0x8A, 0x70, 0xC8, 0x20, 0xA4, 0xFB, 0xFA, 0xC6, 0x53, 0x58, + 0xBB, 0x05, 0x28, 0xBA, 0x89, 0x0C, 0xB1, 0x5F, 0x21, 0xAC, + 0x1E, 0xF1, 0x35, 0xFD, 0x6B, 0x14, 0xC1, 0x69, 0x08, 0xE9, + 0x37, 0x14, 0xD8, 0x76, 0x50, 0x2A, 0xFC, 0xAA, 0x94, 0x7F, + 0x39, 0x52, 0x3A, 0xA7, 0x3C, 0x0A, 0x53, 0x5E, 0xE0, 0x13, + 0x1A, 0x00, 0xCA, 0xAC, 0xAA, 0x7E, 0xF7, 0x09, 0x68, 0x78, + 0x60, 0x11, 0x73, 0xAB, 0x7D, 0x58, 0xFE, 0x03, 0x9F, 0xE6, + 0x84, 0xEA, 0x51, 0x58, 0x40, 0x82, 0xA5, 0xFF, 0xA7, 0x2C, + 0xEA, 0x42, 0xA5, 0x4C, 0xB6, 0x3B, 0x5C, 0x6B, 0xAB, 0xCF, + 0x56, 0x8A, 0x8C, 0xEC, 0x3C, 0xF0, 0xAE, 0xD3, 0xCA, 0x0E, + 0x09, 0x71, 0xCF, 0x79, 0x96, 0x72, 0x63, 0x4B, 0x24, 0x7A, + 0xF3, 0x79, 0xCA, 0x69, 0x75, 0xC9, 0xB2, 0xA4, 0x54, 0xB8, + 0x84, 0x40, 0x2B, 0x8F, 0x24, 0x27, 0x6A, 0xED, 0x8F, 0x53, + 0xE0, 0x55, 0x9B, 0x35, 0x91, 0x18, 0x11, 0xCF, 0xB0, 0x3B, + 0xB8, 0x65, 0x3C, 0xC6, 0xEF, 0xB0, 0x78, 0x7C, 0x43, 0x26, + 0xF1, 0x12, 0x84, 0x6B, 0x2B, 0xF0, 0x7D, 0x3C, 0x7F, 0xDC, + 0x67, 0xA4, 0x17, 0x89, 0x75, 0x00, 0x86, 0x1A, 0xEA, 0xCD, + 0x1A, 0xCF, 0xDA, 0x11, 0x64, 0xCC, 0xBD, 0x10, 0x26, 0xEF, + 0x6B, 0x1B, 0x93, 0xB3, 0x37, 0x14, 0x7F, 0x12, 0x80, 0x81, + 0xB6, 0xFD, 0x8A, 0x8A, 0xD8, 0x95, 0x5F, 0xF9, 0x1E, 0xA5, + 0x1E, 0x65, 0x5F, 0x75, 0x8D, 0x90, 0x2A, 0x0D, 0xB1, 0xAB, + 0x26, 0x16, 0x31, 0xB2, 0x06, 0x64, 0x6F, 0x2B, 0x7E, 0x4A, + 0xF4, 0xDE, 0xE9, 0x7A, 0xEC, 0x67, 0x35, 0xF3, 0x40, 0x71, + 0x75, 0x37, 0xB3, 0xE1, 0x1D, 0xEF, 0x7D, 0xE2, 0x92, 0xEC, + 0xD5, 0xE5, 0xBB, 0x99, 0x79, 0x50, 0x11, 0xB2, 0x8A, 0x57, + 0x1B, 0x30, 0x2E, 0xB7, 0x16, 0x4C, 0xC8, 0xA6, 0x99, 0xB1, + 0x01, 0x34, 0x08, 0x9D, 0xD8, 0xDF, 0xAF }; static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072); @@ -3062,189 +3087,187 @@ static const int sizeof_client_keypub_der_4096 = sizeof(client_keypub_der_4096); /* ./certs/4096/client-cert.der, 4096-bit */ static const unsigned char client_cert_der_4096[] = { - 0x30, 0x82, 0x07, 0x1D, 0x30, 0x82, 0x05, 0x05, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x36, 0x8A, 0xA6, 0x8A, 0x3D, - 0x0A, 0x72, 0xFF, 0xDD, 0xE4, 0x4F, 0x56, 0xBD, 0x89, 0x24, - 0x23, 0x3C, 0x0B, 0xB6, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, - 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, - 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, - 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, - 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, - 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, - 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, - 0x02, 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, - 0xE4, 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, - 0xFC, 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, - 0x71, 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, - 0x13, 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, - 0xAF, 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, - 0x12, 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, - 0x74, 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, - 0x2E, 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, - 0xBE, 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, - 0xC5, 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, - 0xC1, 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, - 0x13, 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, - 0xD5, 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, - 0x05, 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, - 0x48, 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, - 0xCD, 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, - 0x3F, 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, - 0x18, 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, - 0xF4, 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, - 0xC2, 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, - 0x80, 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, - 0x51, 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, - 0x81, 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, - 0x8E, 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, - 0xAA, 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, - 0x8E, 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, - 0xFD, 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, - 0x8B, 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, - 0x9C, 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, - 0x88, 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, - 0x0B, 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, - 0x47, 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, - 0xB1, 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, - 0xD6, 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, - 0x85, 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, - 0x51, 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, - 0x94, 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, - 0x62, 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, - 0xE8, 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, - 0xC4, 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, - 0xBD, 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, - 0x9B, 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, - 0xEE, 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, - 0x44, 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, - 0x26, 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, - 0xB2, 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, - 0x7B, 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, - 0xAE, 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, - 0x17, 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, - 0xC9, 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, - 0x0E, 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, - 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82, - 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, - 0x31, 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, - 0x16, 0xA5, 0x6E, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0xFA, - 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, - 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, - 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, - 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, - 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, - 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x36, 0x8A, - 0xA6, 0x8A, 0x3D, 0x0A, 0x72, 0xFF, 0xDD, 0xE4, 0x4F, 0x56, - 0xBD, 0x89, 0x24, 0x23, 0x3C, 0x0B, 0xB6, 0x40, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x02, 0x01, 0x00, 0x64, 0xD8, 0x59, 0x19, 0xC0, 0xB5, 0x79, - 0x9E, 0x58, 0x63, 0xAE, 0x8B, 0x28, 0x64, 0x81, 0xD9, 0xD2, - 0xCD, 0xE8, 0x26, 0x1F, 0x04, 0x09, 0x7B, 0x52, 0x0A, 0x7A, - 0x16, 0x70, 0xEE, 0x37, 0x8A, 0x6D, 0x7C, 0x74, 0x67, 0x51, - 0x2F, 0xCF, 0x97, 0xA1, 0xD6, 0x54, 0xA2, 0xA3, 0x93, 0xDD, - 0x2B, 0x63, 0x5E, 0x9F, 0x13, 0x56, 0x7F, 0x8C, 0xE5, 0x9B, - 0x49, 0x19, 0x78, 0xDB, 0x3D, 0x75, 0xFE, 0xB7, 0xB8, 0x57, - 0x92, 0x58, 0xFF, 0x84, 0x8B, 0xD1, 0x2F, 0xF4, 0xB0, 0x22, - 0xD2, 0xF9, 0xBB, 0x00, 0xDD, 0x3B, 0xD2, 0x7A, 0xB9, 0xD9, - 0x50, 0xE5, 0x90, 0x70, 0x2D, 0x77, 0xF2, 0x74, 0xC2, 0x40, - 0x2F, 0x39, 0x25, 0x5D, 0x8E, 0xDE, 0x11, 0xE1, 0xCF, 0xA7, - 0x8F, 0x8E, 0xBD, 0x2A, 0xAA, 0x2E, 0xA1, 0x14, 0x3D, 0x06, - 0x70, 0xC7, 0xC9, 0x58, 0x86, 0x9E, 0x4C, 0x86, 0x65, 0x9E, - 0x69, 0x62, 0x3E, 0x30, 0x22, 0xEB, 0xD5, 0x00, 0xD1, 0x1E, - 0x8C, 0xBA, 0xF2, 0x7B, 0xA3, 0x39, 0x77, 0xFE, 0x90, 0x42, - 0xB7, 0xA4, 0x98, 0x28, 0xD7, 0x82, 0x4A, 0x54, 0x1B, 0x27, - 0xC9, 0xCF, 0x09, 0xB5, 0x60, 0xB6, 0x09, 0x37, 0x40, 0xE9, - 0xA5, 0xCD, 0x3E, 0x80, 0x84, 0xC4, 0xC4, 0xB6, 0x63, 0x06, - 0xEA, 0x5C, 0x63, 0xF2, 0x2B, 0xEE, 0x00, 0x31, 0x52, 0xD8, - 0x6C, 0xCD, 0x6A, 0xD2, 0x57, 0xA0, 0x6B, 0xD5, 0xA7, 0x6E, - 0x4C, 0xCE, 0x3B, 0xFF, 0x44, 0x7D, 0x99, 0xA5, 0xE3, 0xFB, - 0x23, 0x91, 0x99, 0x8C, 0x19, 0xCE, 0x1F, 0xC1, 0xA1, 0x89, - 0xE3, 0xBC, 0xE8, 0x74, 0x2C, 0x3D, 0x80, 0xBC, 0x0C, 0x6C, - 0x6A, 0x39, 0xA6, 0x50, 0x4C, 0xD1, 0x25, 0x1E, 0xA6, 0x96, - 0xF4, 0x54, 0xFD, 0x2A, 0xCE, 0x3C, 0x59, 0xAA, 0x1C, 0x05, - 0xDF, 0xDF, 0x10, 0x9A, 0x2B, 0x52, 0x9C, 0xF1, 0xA8, 0x19, - 0xAC, 0x56, 0x03, 0x56, 0x1F, 0xC9, 0xA5, 0xE4, 0xAA, 0xBC, - 0xE2, 0x90, 0xC1, 0xC9, 0xAD, 0xF5, 0x94, 0x1B, 0x72, 0xA7, - 0xC9, 0x9E, 0x90, 0x26, 0x2E, 0x70, 0x48, 0x41, 0xB5, 0x2F, - 0x6C, 0x35, 0xCA, 0x30, 0xE3, 0xCA, 0x71, 0x5B, 0x97, 0x96, - 0x15, 0x6F, 0xB5, 0x4D, 0x43, 0xD1, 0x5A, 0x02, 0xD0, 0x21, - 0x48, 0xEE, 0x2B, 0xC7, 0x8D, 0xE1, 0x60, 0x92, 0x86, 0x8C, - 0x5E, 0x8D, 0x9C, 0xA1, 0x6A, 0x99, 0xC0, 0xD0, 0x3D, 0x3A, - 0x8C, 0x7E, 0xC3, 0x87, 0xB2, 0x81, 0x8B, 0xE9, 0xBD, 0xB0, - 0xD3, 0xF3, 0x6F, 0xF2, 0x89, 0x40, 0xB9, 0xD1, 0x5C, 0xD0, - 0x1C, 0x9D, 0xBF, 0x80, 0xFC, 0x75, 0x0A, 0x66, 0xC6, 0x5A, - 0xD1, 0x41, 0x15, 0x31, 0x07, 0x55, 0xF8, 0x00, 0x96, 0x77, - 0xB4, 0xA7, 0xDC, 0xD7, 0x62, 0x15, 0xED, 0x75, 0x7A, 0x3E, - 0xCD, 0xB9, 0xE0, 0x56, 0x7D, 0x38, 0x4C, 0x2E, 0xEC, 0xEF, - 0x00, 0x70, 0x93, 0x12, 0x0D, 0x25, 0x5A, 0xE7, 0xF8, 0x02, - 0x37, 0xE8, 0xDD, 0xBB, 0x7E, 0x61, 0x9F, 0xB2, 0xA8, 0x70, - 0xDA, 0x7F, 0x94, 0x7B, 0x29, 0xE0, 0xA4, 0x58, 0x01, 0x8D, - 0x43, 0xF1, 0x25, 0x16, 0x59, 0xFE, 0xD5, 0x21, 0x42, 0xEE, - 0xAB, 0xA8, 0x03, 0x3E, 0xEE, 0x1F, 0x74, 0x1C, 0x43, 0x2D, - 0x37, 0x0F, 0x05, 0x14, 0x29, 0x0D, 0xAC, 0xE8, 0xC7, 0x72, - 0x0E, 0x10, 0xB5, 0x9E, 0xF8, 0x80, 0x41, 0xD0, 0xA2, 0xAA, - 0x6C, 0x94, 0x26, 0x49, 0x91, 0xC7, 0x2C, 0x30, 0x04, 0x2A, - 0x91, 0xF0, 0xE6, 0x7F, 0x76, 0x71, 0x80, 0x09, 0x07, 0x00, - 0x98, 0xB7, 0xF1, 0x1F, 0x3C, 0x0C, 0xDB, 0x98, 0x0A, 0x22, - 0xCC, 0xAF, 0x6F, 0xE5, 0xC7, 0x0D, 0x26, 0xA1, 0x65, 0xB3, - 0x5D, 0x37, 0x04, 0xDE, 0xF4, 0x61, 0x91, 0x06, 0x06, 0xA4, - 0x9A, 0x65, 0x51, 0x8B, 0x3E + 0x30, 0x82, 0x07, 0x07, 0x30, 0x82, 0x04, 0xEF, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA0, 0x3E, 0xDB, 0xCF, + 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, + 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, + 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, + 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, + 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02, + 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, 0xE4, + 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, 0xFC, + 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, 0x71, + 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, 0x13, + 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, 0xAF, + 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, 0x12, + 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, 0x74, + 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, 0x2E, + 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, 0xBE, + 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, 0xC5, + 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, 0xC1, + 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, 0x13, + 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, 0xD5, + 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, 0x05, + 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, 0x48, + 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, 0xCD, + 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, 0x3F, + 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, 0x18, + 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, 0xF4, + 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, 0xC2, + 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, 0x80, + 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, 0x51, + 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, 0x81, + 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, 0x8E, + 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, 0xAA, + 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, 0x8E, + 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, 0xFD, + 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, 0x8B, + 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, 0x9C, + 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, 0x88, + 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, 0x0B, + 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, 0x47, + 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, 0xB1, + 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, 0xD6, + 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, 0x85, + 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, 0x51, + 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, 0x94, + 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, 0x62, + 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, 0xE8, + 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, 0xC4, + 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, 0xBD, + 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, 0x9B, + 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, 0xEE, + 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, 0x44, + 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, 0x26, + 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, 0xB2, + 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, 0x7B, + 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, 0xAE, + 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, 0x17, + 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, 0xC9, + 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, 0x0E, + 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, 0x82, 0x01, + 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, + 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, + 0xA5, 0x6E, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, 0xFA, 0x54, + 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, 0xE7, + 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, 0x81, + 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, + 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, + 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, + 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, + 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xA0, 0x3E, + 0xDB, 0xCF, 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0C, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, + 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, + 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, + 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, + 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, + 0x00, 0x17, 0xAB, 0x22, 0x61, 0x05, 0x6D, 0x3A, 0xC0, 0x0D, + 0x6B, 0xD9, 0x15, 0x82, 0x11, 0xCF, 0xE7, 0xF8, 0x65, 0xDA, + 0xC7, 0xEF, 0xDA, 0x0F, 0x50, 0x75, 0xBD, 0x55, 0xCF, 0x3D, + 0x50, 0xDD, 0xD4, 0x0D, 0x2C, 0x04, 0x48, 0xA8, 0x25, 0x3A, + 0xB9, 0xC4, 0xCE, 0x48, 0x7E, 0xB8, 0x63, 0xCD, 0xCD, 0xCE, + 0xBC, 0x50, 0x26, 0xDC, 0x6D, 0xC2, 0x1E, 0xD1, 0x71, 0x3A, + 0x2F, 0xDB, 0xE5, 0x03, 0x6B, 0x73, 0x55, 0x23, 0x70, 0x76, + 0x1E, 0x08, 0x2A, 0x92, 0x7B, 0xD6, 0x6A, 0xEF, 0x17, 0xA0, + 0xF3, 0x8C, 0xEA, 0xEB, 0xC4, 0x2E, 0xCB, 0xD4, 0xD9, 0xD5, + 0xAB, 0xF7, 0xE6, 0x8D, 0xEC, 0xD9, 0x97, 0xA1, 0x56, 0xA7, + 0x0B, 0x5D, 0xE5, 0x3F, 0x1F, 0x5E, 0x6A, 0x7A, 0xA4, 0x64, + 0xD7, 0xB2, 0x42, 0x1A, 0x1E, 0x49, 0x37, 0x93, 0xBC, 0xBE, + 0x13, 0xA8, 0xFB, 0xB1, 0x93, 0x7B, 0xA8, 0x2B, 0x49, 0x90, + 0x43, 0x84, 0x24, 0x60, 0x44, 0xFC, 0x32, 0x74, 0x85, 0x0E, + 0x1B, 0xF8, 0x3A, 0x92, 0x3D, 0xAA, 0x25, 0x1B, 0x9F, 0x97, + 0x31, 0x95, 0x97, 0xC5, 0x3D, 0x51, 0xDD, 0xB6, 0xD5, 0x4A, + 0x7E, 0x41, 0xB3, 0x90, 0x83, 0x7C, 0x98, 0xFA, 0xCB, 0x22, + 0x33, 0xA5, 0xF4, 0x32, 0x74, 0xBD, 0x3E, 0xB1, 0x3B, 0x34, + 0xF9, 0xC3, 0x3F, 0xBE, 0xDB, 0x0E, 0xD9, 0x2F, 0x1A, 0xF9, + 0xD2, 0x4F, 0x14, 0x53, 0x63, 0xF2, 0x21, 0xA3, 0xE9, 0xC3, + 0xAD, 0x04, 0x6E, 0xE7, 0xAD, 0x1F, 0x6B, 0xCE, 0x4E, 0x35, + 0x4A, 0x61, 0x84, 0xB9, 0x61, 0x65, 0x1D, 0xA2, 0xD7, 0xA1, + 0xE6, 0x74, 0x08, 0x15, 0x38, 0x75, 0xB0, 0x23, 0x70, 0x22, + 0x15, 0x59, 0x2C, 0x48, 0xF0, 0xDA, 0x9A, 0x99, 0xD4, 0x2B, + 0x83, 0xDF, 0x9A, 0x93, 0x78, 0x45, 0xB9, 0x84, 0x5C, 0x7E, + 0x71, 0x90, 0xDA, 0x56, 0x1C, 0x9F, 0x57, 0xED, 0x76, 0xF7, + 0x17, 0xE5, 0xD2, 0x01, 0x90, 0x99, 0x5F, 0x4C, 0x07, 0x49, + 0x07, 0x82, 0x75, 0x92, 0x44, 0x7A, 0xFE, 0x9B, 0xA7, 0x4D, + 0xEC, 0xC8, 0xDC, 0x46, 0x67, 0x28, 0x04, 0x8B, 0x08, 0x17, + 0x94, 0x13, 0xE9, 0xA0, 0xD2, 0xB2, 0x26, 0x56, 0x27, 0x60, + 0x94, 0x5A, 0x50, 0x5C, 0xCF, 0x34, 0x4D, 0x3F, 0x35, 0xE7, + 0x12, 0x5D, 0xC5, 0x32, 0x00, 0x2F, 0xE0, 0x1D, 0x09, 0xE5, + 0x36, 0x8D, 0x77, 0x93, 0xF6, 0xE5, 0x62, 0xB4, 0xA3, 0x9B, + 0xC6, 0x7C, 0xE6, 0x3D, 0xD5, 0x38, 0x33, 0x5F, 0x23, 0x5B, + 0x81, 0x2E, 0x24, 0x26, 0x9E, 0x98, 0xA8, 0xAF, 0x04, 0x3D, + 0x65, 0x3F, 0x71, 0x88, 0x48, 0x44, 0x5C, 0x1A, 0x11, 0x0E, + 0x1B, 0xE1, 0x81, 0xB1, 0xB6, 0x66, 0xE6, 0x3C, 0x13, 0x67, + 0xD6, 0x6B, 0xA3, 0xF3, 0xB7, 0xF6, 0x9F, 0x14, 0xA6, 0x87, + 0x7F, 0x2B, 0x14, 0x31, 0x22, 0x7A, 0xF5, 0x0D, 0x44, 0xE6, + 0xA3, 0x1A, 0xD6, 0xD2, 0xDC, 0x88, 0x71, 0x37, 0x28, 0x11, + 0x6C, 0xEF, 0x95, 0xAB, 0x1D, 0xC5, 0xC3, 0x9A, 0xEF, 0x1A, + 0x54, 0x11, 0x92, 0x8E, 0x89, 0x43, 0x03, 0x26, 0xD0, 0xE9, + 0x63, 0x33, 0xFE, 0x79, 0x4C, 0xA6, 0x6F, 0xC4, 0x58, 0x58, + 0x2E, 0xB6, 0xAB, 0x57, 0xA0, 0x39, 0x4D, 0xFF, 0x88, 0xC0, + 0x23, 0x2C, 0x3B, 0xE3, 0x9A, 0xDF, 0x48, 0xD3, 0x17, 0x45, + 0x5D, 0x36, 0x4E, 0x00, 0x58, 0x72, 0xC3, 0xEF, 0xE7, 0x76, + 0x0B, 0xF8, 0x19, 0xA8, 0x5F, 0xF6, 0x53, 0x98, 0x49, 0x2B, + 0x52, 0xB5, 0x8E, 0xA5, 0xD8, 0x73, 0x6E, 0x3C, 0x23, 0x23, + 0x06, 0x86, 0x25, 0x6B, 0x0D, 0x3B, 0xF2, 0x9A, 0x17, 0x33, + 0xA4, 0x4E, 0xF5, 0x6B, 0xDE, 0xB3, 0x64, 0x20, 0x58, 0xC6, + 0x6D, 0x22, 0xA9, 0xAE, 0xF4, 0x09, 0x9D, 0x0D, 0x6E, 0x9F, + 0x96, 0x2A, 0x9E }; static const int sizeof_client_cert_der_4096 = sizeof(client_cert_der_4096); @@ -3349,93 +3372,91 @@ static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256); /* ./certs/client-ecc-cert.der, ECC */ static const unsigned char cliecc_cert_der_256[] = { - 0x30, 0x82, 0x03, 0x5F, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, - 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, - 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, - 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, - 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, - 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, - 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, - 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, - 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, - 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, - 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, - 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, - 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, - 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, - 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, - 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, - 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, - 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, - 0x01, 0x3E, 0x30, 0x82, 0x01, 0x3A, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, - 0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, - 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xCD, - 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC5, 0x30, 0x81, - 0xC2, 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, - 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, - 0x5C, 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, - 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, - 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, - 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, - 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, - 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x30, 0x82, 0x03, 0x49, 0x30, 0x82, 0x02, 0xEE, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, + 0x56, 0x97, 0xCA, 0xC3, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, + 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, + 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, + 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, - 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, - 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0C, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, - 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, - 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, - 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, - 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, - 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, - 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, - 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, - 0xE4, 0xA0, 0x23, 0x26, 0x2B, 0x0B, 0x42, 0x0F, 0x97, 0x37, - 0x6D, 0xCB, 0x14, 0x23, 0xC3, 0xC3, 0xE6, 0x44, 0xCF, 0x5F, - 0x4C, 0x26, 0xA3, 0x72, 0x64, 0x7A, 0x9C, 0xCB, 0x64, 0xAB, - 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6, - 0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, - 0x5F, 0x8F, 0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, - 0x10, 0x48, 0x2D, 0x53, 0x08, 0xA8, 0xB4 + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, + 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, + 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, + 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, + 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, + 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, + 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, + 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, + 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, + 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, + 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, 0x01, + 0x33, 0x30, 0x82, 0x01, 0x2F, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, 0x59, + 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, + 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xC2, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xBA, 0x30, 0x81, 0xB7, + 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, 0x3F, + 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, + 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, 0x81, + 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, + 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, + 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, + 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, + 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, 0x56, + 0x97, 0xCA, 0xC3, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, + 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, + 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, + 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, + 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, + 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, + 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xE3, 0xBB, + 0xCA, 0x0E, 0x31, 0x2D, 0x39, 0x1D, 0x94, 0x25, 0x81, 0x90, + 0xD5, 0x11, 0xF9, 0x09, 0x6D, 0x58, 0x16, 0x23, 0xBE, 0x9F, + 0xA9, 0x18, 0x64, 0x83, 0x3C, 0x25, 0x03, 0x58, 0x58, 0x39, + 0x02, 0x21, 0x00, 0xA4, 0xAA, 0xB3, 0xF0, 0x09, 0xC9, 0x0C, + 0x2F, 0xF7, 0xB1, 0xD4, 0x8E, 0x9F, 0xA6, 0xB6, 0xAB, 0x1A, + 0xC7, 0x37, 0xED, 0x70, 0x4D, 0x34, 0x04, 0xA0, 0x9B, 0x3D, + 0x84, 0x86, 0x10, 0xA0, 0xF0 }; static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256); @@ -3477,103 +3498,100 @@ static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256); /* ./certs/server-ecc-comp.der, ECC */ static const unsigned char serv_ecc_comp_der_256[] = { - 0x30, 0x82, 0x03, 0x77, 0x30, 0x82, 0x03, 0x1D, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x2C, 0x04, 0x53, 0x2F, 0xC3, - 0x1B, 0x46, 0x1C, 0xFC, 0xB7, 0x48, 0x3C, 0x25, 0xED, 0xD8, - 0xDE, 0x07, 0x8F, 0xE0, 0xAA, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, - 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, - 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, - 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, - 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, - 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, - 0x31, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, - 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, - 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, - 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, - 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, - 0x00, 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, - 0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, - 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, - 0x2C, 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x51, 0x30, 0x82, - 0x01, 0x4D, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, - 0xDF, 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, - 0xA6, 0x5A, 0x18, 0x30, 0x81, 0xE0, 0x06, 0x03, 0x55, 0x1D, - 0x23, 0x04, 0x81, 0xD8, 0x30, 0x81, 0xD5, 0x80, 0x14, 0x8C, - 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, - 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, - 0x81, 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, - 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, - 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, - 0x2C, 0x04, 0x53, 0x2F, 0xC3, 0x1B, 0x46, 0x1C, 0xFC, 0xB7, - 0x48, 0x3C, 0x25, 0xED, 0xD8, 0xDE, 0x07, 0x8F, 0xE0, 0xAA, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, - 0x30, 0x45, 0x02, 0x21, 0x00, 0xF4, 0xCC, 0x35, 0x1B, 0x98, - 0x49, 0xE9, 0xB2, 0xA5, 0x86, 0xDF, 0x32, 0xBB, 0xB4, 0x12, - 0x64, 0xAC, 0xA1, 0xDD, 0xCF, 0x09, 0x87, 0x48, 0x6A, 0x1D, - 0xA0, 0x44, 0x25, 0x12, 0x2A, 0xB6, 0x62, 0x02, 0x20, 0x2D, - 0x89, 0xDE, 0xEC, 0x20, 0x13, 0xAD, 0x22, 0x8E, 0xD1, 0xFF, - 0xF2, 0x96, 0x1D, 0xFB, 0xF5, 0xCD, 0xFD, 0x70, 0xEE, 0xAD, - 0x9B, 0x0E, 0x46, 0x1D, 0x60, 0x48, 0x23, 0xED, 0x1E, 0xCF, - 0x8C + 0x30, 0x82, 0x03, 0x61, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE5, 0xB6, 0x66, 0xE0, + 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, + 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, + 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, + 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, + 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, + 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, + 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, + 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, + 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, + 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, + 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, + 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, 0x07, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, 0x00, + 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, + 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, + 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, + 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x46, 0x30, 0x82, 0x01, + 0x42, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, + 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, + 0x5A, 0x18, 0x30, 0x81, 0xD5, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xCD, 0x30, 0x81, 0xCA, 0x80, 0x14, 0x8C, 0x38, + 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, 0xAC, + 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, 0x81, + 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, + 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, + 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, + 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xE5, 0xB6, 0x66, 0xE0, 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, + 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, + 0x02, 0x21, 0x00, 0xAE, 0x80, 0xD7, 0xF5, 0x4D, 0x76, 0x79, + 0x5C, 0x01, 0x14, 0x8B, 0xFD, 0x80, 0x79, 0xFB, 0x9B, 0xFE, + 0x8F, 0x0D, 0x9C, 0xC3, 0x7C, 0xE6, 0x80, 0x4C, 0xA6, 0x54, + 0x16, 0x3F, 0xED, 0x1D, 0x5E, 0x02, 0x20, 0x09, 0x61, 0x2D, + 0x84, 0xE9, 0x04, 0x4F, 0x79, 0x0E, 0xE7, 0xF0, 0xCC, 0x52, + 0xD3, 0x2F, 0xE0, 0x89, 0xCF, 0xBE, 0x9B, 0x9F, 0x86, 0x23, + 0x2F, 0xE4, 0xCB, 0x43, 0x16, 0xBB, 0x09, 0x8D, 0x87 }; static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256); /* ./certs/server-ecc-rsa.der, ECC */ static const unsigned char serv_ecc_rsa_der_256[] = { - 0x30, 0x82, 0x04, 0x2A, 0x30, 0x82, 0x03, 0x12, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0x1F, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -3591,10 +3609,10 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -3619,12 +3637,12 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, - 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x45, 0x30, - 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x3A, 0x30, + 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, - 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, + 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -3642,52 +3660,50 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5E, - 0xBA, 0xA4, 0xF4, 0xB1, 0xF7, 0x48, 0x25, 0xE3, 0x5F, 0x9B, - 0xDA, 0xA1, 0x13, 0xED, 0xD5, 0x2B, 0x03, 0x67, 0x15, 0x30, - 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, - 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, - 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, - 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, - 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0x69, 0x31, 0x1F, 0x55, 0xAB, 0xA3, - 0x11, 0x91, 0x89, 0xF5, 0xEE, 0x88, 0x8F, 0xC1, 0x53, 0x8B, - 0xF6, 0xEB, 0xFF, 0x14, 0x3B, 0x7A, 0x25, 0x37, 0xF0, 0x19, - 0x20, 0x35, 0x37, 0xF5, 0x27, 0x1E, 0xE9, 0xC1, 0xDB, 0x34, - 0xAC, 0x27, 0x0B, 0xEE, 0x29, 0x9F, 0x7E, 0x8B, 0x89, 0x7D, - 0xC8, 0x1F, 0xB4, 0xEC, 0x75, 0x92, 0xF1, 0x82, 0x4E, 0x22, - 0x02, 0x14, 0x7C, 0x7E, 0xE4, 0x65, 0x09, 0x34, 0x23, 0x0D, - 0x9A, 0x73, 0xBF, 0x86, 0x98, 0x0F, 0xEE, 0x16, 0x57, 0x21, - 0x65, 0x7E, 0x94, 0x96, 0x40, 0x85, 0xBF, 0x3F, 0x9E, 0x11, - 0xA8, 0x8F, 0x7E, 0x9B, 0x4B, 0x82, 0x29, 0xFE, 0xBB, 0x47, - 0xA8, 0x43, 0x9E, 0xDA, 0xFA, 0x4C, 0x40, 0xCF, 0xCA, 0xA6, - 0x98, 0x00, 0x07, 0xBB, 0xC3, 0x86, 0xA8, 0x3F, 0x15, 0xAE, - 0xF5, 0xF9, 0x69, 0x7E, 0x9E, 0x44, 0x2F, 0xC5, 0xA3, 0x33, - 0x1D, 0xDC, 0x04, 0x04, 0xDC, 0x6E, 0x25, 0xC6, 0x7F, 0x15, - 0x7A, 0xF0, 0x99, 0x93, 0x47, 0xF6, 0x8F, 0x41, 0x95, 0xC7, - 0x16, 0x78, 0xF4, 0x5E, 0x48, 0xA3, 0xFE, 0x38, 0x7A, 0x43, - 0xE1, 0x19, 0x40, 0x7E, 0x25, 0x09, 0x23, 0x67, 0xFE, 0x51, - 0x9C, 0xD5, 0xDE, 0xEF, 0xC3, 0x02, 0x23, 0x4F, 0x63, 0xBA, - 0xEC, 0xB8, 0x56, 0x17, 0x04, 0x07, 0x29, 0x09, 0x3E, 0xA8, - 0xF8, 0xD6, 0x76, 0x2B, 0xF7, 0x79, 0x56, 0x3D, 0x39, 0x0A, - 0xDF, 0x6F, 0xC5, 0x5A, 0x2F, 0x81, 0x1F, 0x63, 0x15, 0x36, - 0x51, 0x07, 0xE2, 0x8B, 0xCB, 0x6C, 0xCF, 0x6E, 0x92, 0xA7, - 0xCA, 0x3B, 0xF6, 0xC5, 0x66, 0x34, 0x84, 0x5A, 0x47, 0x20, - 0xE3, 0x63, 0x04, 0x5F, 0x38, 0x35, 0xA4, 0xD3, 0x3D, 0x3A, - 0xE1, 0x85, 0x85, 0x62, 0x85, 0x5B, 0x69, 0xAD, 0xAA, 0xE9, - 0x40, 0x28, 0xD7, 0xF9, 0x7C, 0x53, 0x48, 0xC0, 0x1B, 0xCC - + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x4B, 0xCD, 0xC5, 0x8F, 0xFC, 0xBB, 0xC3, + 0x36, 0xC5, 0xD4, 0x4D, 0x71, 0x04, 0x13, 0x53, 0xA0, 0x3C, + 0xA3, 0x4E, 0x2A, 0xDD, 0x0D, 0xD3, 0xA7, 0x62, 0x31, 0x0D, + 0xC6, 0x32, 0x07, 0x31, 0xD4, 0x6B, 0x0F, 0x8B, 0x55, 0xA2, + 0x2F, 0x2C, 0xB3, 0xAE, 0x46, 0x91, 0x8A, 0x09, 0xBE, 0x7E, + 0xFF, 0xE2, 0x67, 0x46, 0xF2, 0x7E, 0xD4, 0x6F, 0xBE, 0x5D, + 0x57, 0x42, 0xFD, 0x3A, 0x56, 0xB0, 0xE8, 0x0E, 0x4D, 0x12, + 0xFD, 0xF5, 0x00, 0xCA, 0x6F, 0xBD, 0x88, 0x0C, 0x04, 0x47, + 0x1A, 0xEC, 0x5D, 0x96, 0x3F, 0xB6, 0xA5, 0x8B, 0x9D, 0x47, + 0xA6, 0x4F, 0x82, 0x07, 0x33, 0x9D, 0x11, 0x0A, 0x3D, 0x38, + 0x1D, 0x21, 0x4F, 0xD4, 0x1E, 0x1D, 0xA6, 0xD7, 0x6B, 0x72, + 0x1C, 0x51, 0xE1, 0x7A, 0x7A, 0x6C, 0x76, 0x2C, 0x98, 0x14, + 0x48, 0xFD, 0xF1, 0xD1, 0x7C, 0x53, 0x86, 0xED, 0x8C, 0x5F, + 0x4F, 0x0F, 0x27, 0x5D, 0x45, 0xBE, 0xED, 0x26, 0x90, 0xD2, + 0x51, 0x04, 0x4D, 0x06, 0x5B, 0x64, 0x1C, 0x5E, 0x31, 0x63, + 0xCC, 0xD4, 0xD5, 0x0B, 0x28, 0xCC, 0xE2, 0x29, 0x40, 0x75, + 0x87, 0x21, 0x64, 0x8E, 0x8B, 0x87, 0xEF, 0x90, 0xBB, 0x46, + 0x91, 0x91, 0xF9, 0x63, 0xF8, 0xB0, 0xA7, 0x5E, 0x8D, 0xE8, + 0x20, 0xC6, 0xB7, 0x5A, 0xD9, 0x0E, 0x35, 0xFB, 0xBA, 0xD1, + 0x09, 0xD1, 0x98, 0xA6, 0x61, 0x25, 0xE2, 0x0D, 0x97, 0xC4, + 0x1B, 0x0F, 0xBC, 0xB6, 0xEC, 0xE7, 0x96, 0x80, 0xB8, 0xE5, + 0x55, 0x03, 0x1E, 0x7F, 0xB5, 0xFD, 0x40, 0x06, 0xCC, 0xAA, + 0x7B, 0xF0, 0xB3, 0x81, 0x2E, 0xE1, 0x4E, 0x3A, 0x52, 0xE3, + 0xF3, 0xC4, 0xD3, 0x8C, 0x78, 0x49, 0x00, 0x3A, 0x57, 0xDF, + 0x0E, 0xAA, 0x2F, 0x14, 0x52, 0x3F, 0xC8, 0xFA, 0x82, 0xB9, + 0xBF, 0x27, 0xF8, 0x9C, 0x42, 0xB7, 0x44, 0x36, 0x68 }; static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256); /* ./certs/server-ecc.der, ECC */ static const unsigned char serv_ecc_der_256[] = { - 0x30, 0x82, 0x02, 0xA0, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, + 0x30, 0x82, 0x02, 0xA1, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x03, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, @@ -3705,10 +3721,10 @@ static const unsigned char serv_ecc_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, - 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, - 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, + 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, + 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, + 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, @@ -3747,14 +3763,14 @@ static const unsigned char serv_ecc_der_256[] = 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, - 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, - 0x7C, 0xFB, 0xBB, 0x4B, 0xC0, 0xF6, 0x21, 0x84, 0x04, 0x87, - 0xF8, 0x90, 0x4D, 0xC1, 0xF6, 0xC2, 0x67, 0x95, 0xC4, 0xF3, - 0xE8, 0x8E, 0x5E, 0x43, 0xDF, 0xC2, 0x74, 0xDC, 0xFD, 0x86, - 0x6F, 0x7D, 0x02, 0x20, 0x1B, 0x4C, 0x97, 0xF0, 0x93, 0x4C, - 0x61, 0x26, 0xEA, 0xA7, 0xD9, 0x93, 0x22, 0x4E, 0x21, 0x46, - 0x14, 0x9E, 0x24, 0xBF, 0xF5, 0xD5, 0xAB, 0x3B, 0xAE, 0x69, - 0x40, 0xCF, 0x6F, 0xE0, 0xD3, 0x82 + 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, + 0x61, 0x6F, 0xE8, 0xB9, 0xAD, 0xCC, 0xC9, 0x1A, 0x81, 0x17, + 0x02, 0x64, 0x07, 0xC3, 0x18, 0x44, 0x01, 0x81, 0x76, 0x18, + 0x9D, 0x6D, 0x3D, 0x7D, 0xCB, 0xC1, 0x5A, 0x76, 0x4A, 0xAD, + 0x71, 0x55, 0x02, 0x21, 0x00, 0xCD, 0x22, 0x35, 0x04, 0x19, + 0xC2, 0x23, 0x21, 0x02, 0x88, 0x4B, 0x51, 0xDA, 0xDB, 0x51, + 0xAB, 0x54, 0x8C, 0xCB, 0x38, 0xAC, 0x8E, 0xBB, 0xEE, 0x18, + 0x07, 0xBF, 0x88, 0x36, 0x88, 0xFF, 0xD5 }; static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256); @@ -3780,73 +3796,72 @@ static const int sizeof_ca_ecc_key_der_256 = sizeof(ca_ecc_key_der_256); /* ./certs/ca-ecc-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_256[] = { - 0x30, 0x82, 0x02, 0x94, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x7E, 0xBD, 0xD9, 0xC1, 0xA5, - 0xB2, 0x60, 0xA4, 0xBA, 0xF4, 0x86, 0xCF, 0x13, 0xAC, 0x77, - 0x84, 0xBE, 0xAC, 0x07, 0xE7, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, - 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, - 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, - 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, - 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, - 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, - 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, - 0x03, 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, - 0x8E, 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, - 0x9E, 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, - 0x2A, 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, - 0x83, 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, - 0x43, 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, - 0xCB, 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, - 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, - 0x16, 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, - 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, - 0xF3, 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, - 0xF0, 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, - 0xCF, 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, - 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, - 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, - 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x06, 0xC3, - 0x0A, 0x69, 0x01, 0x57, 0x31, 0x17, 0x09, 0x3F, 0x21, 0x95, - 0x4F, 0x3F, 0xC5, 0x20, 0xE3, 0x21, 0x86, 0x75, 0x47, 0x5E, - 0x87, 0xF7, 0x48, 0x8A, 0x1E, 0x01, 0xFA, 0xD2, 0x67, 0xC8, - 0x02, 0x20, 0x7D, 0xC8, 0xE9, 0x2D, 0x5B, 0x74, 0x28, 0x87, - 0x71, 0xDB, 0xA3, 0x0E, 0x19, 0x84, 0xCC, 0xB3, 0xA6, 0x83, - 0x35, 0x75, 0xF8, 0x05, 0xDD, 0xFC, 0x5E, 0x51, 0x2B, 0x18, - 0x98, 0xC4, 0xAC, 0x95 + 0x30, 0x82, 0x02, 0x8A, 0x30, 0x82, 0x02, 0x30, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x83, 0x47, 0x7C, 0x81, + 0xD6, 0x0D, 0x1C, 0x4E, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, + 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, + 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, + 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, + 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, 0x8E, + 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, 0x9E, + 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, 0x2A, + 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, 0x83, + 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, 0x43, + 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, 0xCB, + 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, 0x30, + 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18, + 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3, + 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, + 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, + 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, + 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, + 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xC5, 0x83, + 0xFF, 0x1E, 0x51, 0xF7, 0xA1, 0xE9, 0xF1, 0x42, 0xC4, 0xBE, + 0xED, 0x38, 0xBD, 0x38, 0x32, 0x8F, 0xAE, 0x3F, 0xC7, 0x6D, + 0x11, 0x90, 0xE9, 0x99, 0xAB, 0x61, 0xA2, 0xDB, 0xA7, 0x4B, + 0x02, 0x20, 0x28, 0x40, 0xD9, 0xBA, 0x45, 0xCC, 0xA6, 0xEA, + 0xFA, 0x3F, 0x3E, 0x71, 0x44, 0x8E, 0x02, 0x03, 0x2F, 0x41, + 0x0B, 0x56, 0x78, 0x2D, 0xA6, 0xE8, 0x5E, 0xF6, 0xFF, 0xDA, + 0x62, 0x8C, 0xF9, 0xDF }; static const int sizeof_ca_ecc_cert_der_256 = sizeof(ca_ecc_cert_der_256); @@ -3876,79 +3891,78 @@ static const int sizeof_ca_ecc_key_der_384 = sizeof(ca_ecc_key_der_384); /* ./certs/ca-ecc384-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_384[] = { - 0x30, 0x82, 0x02, 0xD3, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x20, 0xDA, 0x85, 0x3F, 0x78, - 0xC9, 0x83, 0x3B, 0xAE, 0xAA, 0x5A, 0x67, 0x49, 0x27, 0x78, - 0xBA, 0x90, 0xDE, 0x66, 0x6E, 0x30, 0x0A, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, - 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, - 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, - 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, - 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, - 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, - 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, - 0x34, 0x31, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, - 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, - 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, - 0x10, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, - 0x04, 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, - 0xD7, 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, - 0x03, 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, - 0xA2, 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, - 0x9C, 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, - 0x3C, 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, - 0xDE, 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, - 0x66, 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, - 0x83, 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, - 0x35, 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, - 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, - 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, - 0x53, 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, - 0x18, 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, - 0x18, 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, - 0x92, 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, - 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, - 0x03, 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xD2, 0x4E, - 0x24, 0xAF, 0x70, 0x3E, 0x93, 0x0B, 0x2E, 0xD5, 0x7C, 0x71, - 0xF3, 0x61, 0x3E, 0x8E, 0x71, 0x6D, 0x2E, 0x60, 0xDE, 0xFB, - 0xEF, 0x3F, 0xBE, 0x02, 0xB6, 0x14, 0x45, 0x9B, 0x0A, 0x12, - 0xAF, 0xAF, 0x41, 0xD6, 0xBB, 0x79, 0xAB, 0xD1, 0x4E, 0x8D, - 0x9D, 0xDC, 0x98, 0x25, 0x4E, 0xAA, 0x02, 0x31, 0x00, 0xCF, - 0x2F, 0xB7, 0x32, 0x70, 0xE7, 0x85, 0x69, 0x17, 0xDF, 0x53, - 0x75, 0x2B, 0x36, 0x74, 0xD6, 0x1B, 0xA2, 0x62, 0xF9, 0x80, - 0x19, 0xC1, 0x3A, 0xEA, 0x9A, 0x05, 0x80, 0xB6, 0xC5, 0xF8, - 0xA2, 0xA2, 0xFF, 0xF6, 0x3D, 0xAA, 0x34, 0xD6, 0xE1, 0x1F, - 0xE3, 0x93, 0x66, 0xE7, 0x91, 0x4D, 0xFA + 0x30, 0x82, 0x02, 0xC7, 0x30, 0x82, 0x02, 0x4D, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA8, 0x60, 0xFD, 0x75, + 0x07, 0x98, 0x55, 0x6A, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, + 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, + 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, + 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, + 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, + 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, + 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, + 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, + 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, + 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, 0x10, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, + 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, + 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, 0xD7, + 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, 0x03, + 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, 0xA2, + 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, 0x9C, + 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, 0x3C, + 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, 0xDE, + 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, 0x66, + 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, 0x83, + 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, 0x35, + 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, 0x61, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, 0xBB, + 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, 0x53, + 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, + 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, + 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, + 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, + 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, + 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, 0x06, + 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x03, + 0x68, 0x00, 0x30, 0x65, 0x02, 0x30, 0x47, 0xA2, 0x36, 0x33, + 0xF4, 0x27, 0xBD, 0xD0, 0x5C, 0xE6, 0x8D, 0x3E, 0x31, 0xA9, + 0x4E, 0x51, 0x57, 0xA9, 0x93, 0x28, 0x72, 0x0A, 0x72, 0xAB, + 0x6E, 0xF9, 0x56, 0xC0, 0xF5, 0x70, 0x02, 0x9F, 0x9C, 0xB2, + 0x4A, 0x9C, 0x3E, 0x9F, 0xFB, 0xC5, 0x64, 0x26, 0x7A, 0x88, + 0xDC, 0x4A, 0x2A, 0x25, 0x02, 0x31, 0x00, 0x88, 0xF8, 0xE2, + 0xD5, 0x20, 0x82, 0xF2, 0xDE, 0x7B, 0xCB, 0x13, 0xAC, 0xCD, + 0xFF, 0xE8, 0x1E, 0x4E, 0x84, 0x3D, 0x9C, 0xAF, 0x5D, 0xF9, + 0x01, 0xE7, 0x4F, 0xD4, 0x03, 0x09, 0x84, 0x3D, 0x7B, 0x2B, + 0x83, 0xE2, 0xAE, 0x08, 0x68, 0x2E, 0x5B, 0x85, 0x6F, 0x43, + 0xF5, 0x41, 0xE0, 0xC7, 0xC9 }; static const int sizeof_ca_ecc_cert_der_384 = sizeof(ca_ecc_cert_der_384); @@ -3981,231 +3995,250 @@ static const unsigned char dh_g[] = /* ./certs/ed25519/server-ed25519.der, ED25519 */ static const unsigned char server_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x02, 0x04, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0xCD, 0xF2, 0x2F, 0xBE, - 0xDC, 0x07, 0xFA, 0xBB, 0x65, 0x03, 0xE2, 0xFF, 0xEA, 0x6A, - 0x99, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0x9D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x02, 0x43, 0x41, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, - 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, - 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, - 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, - 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x22, - 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, 0x30, 0x34, 0x31, 0x32, - 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x18, 0x0F, 0x32, - 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, 0x35, 0x32, - 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, - 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, - 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x0D, 0x30, 0x0B, - 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, 0x04, 0x4C, 0x65, 0x61, - 0x66, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x61, 0x5D, - 0xEC, 0xB7, 0x45, 0x93, 0xC9, 0x84, 0x7B, 0x68, 0x21, 0x4A, - 0x4D, 0xF4, 0x04, 0x8B, 0xBD, 0xCD, 0x6C, 0x5D, 0x3D, 0xB7, - 0x62, 0x2C, 0x2D, 0x25, 0xC3, 0x22, 0x49, 0xC8, 0x86, 0xF2, - 0xA3, 0x52, 0x30, 0x50, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xC8, 0x28, 0x63, 0x8C, - 0xF4, 0x57, 0xEE, 0x1E, 0xB0, 0xC7, 0x12, 0x12, 0x76, 0x8A, - 0x80, 0x30, 0x3A, 0xCB, 0x10, 0x30, 0x1F, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x92, 0x3F, - 0x96, 0x72, 0x02, 0xFA, 0x61, 0x1C, 0x21, 0x6D, 0x88, 0xDD, - 0xEB, 0xDD, 0x3C, 0x9B, 0x17, 0xC4, 0x9F, 0xB7, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, - 0x03, 0x02, 0x06, 0xC0, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, - 0x70, 0x03, 0x41, 0x00, 0x15, 0x88, 0x86, 0xFC, 0x66, 0xD1, - 0xE0, 0xF6, 0xCF, 0xC9, 0x09, 0x46, 0xD0, 0x50, 0xE2, 0x01, - 0x5D, 0xF7, 0xCF, 0x57, 0xB8, 0xBA, 0x90, 0x84, 0xCB, 0xF1, - 0x24, 0x4B, 0xEF, 0xA5, 0x95, 0x7D, 0x69, 0x92, 0x88, 0xA8, - 0x89, 0x63, 0xCC, 0x90, 0x40, 0xC2, 0x41, 0x3A, 0x40, 0x76, - 0xB1, 0x2D, 0xA8, 0xA8, 0x97, 0xC9, 0x73, 0xC7, 0x82, 0x30, - 0x24, 0x61, 0xB0, 0xAA, 0xCA, 0xAA, 0x68, 0x00 + 0x30, 0x82, 0x02, 0x75, 0x30, 0x82, 0x02, 0x27, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x05, 0x06, 0x03, + 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9B, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0A, 0x43, 0x41, 0x2D, 0x65, 0x64, 0x32, 0x35, 0x35, + 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x33, 0x31, + 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x17, 0x0D, + 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, 0x34, 0x39, + 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0E, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x65, + 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, + 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x23, 0xAA, 0x4D, + 0x60, 0x50, 0xE0, 0x13, 0xD3, 0x3A, 0xED, 0xAB, 0xF6, 0xA9, + 0xCC, 0x4A, 0xFE, 0xD7, 0x4D, 0x2F, 0xD2, 0x5B, 0x1A, 0x10, + 0x05, 0xEF, 0x5A, 0x41, 0x25, 0xCE, 0x1B, 0x53, 0x78, 0xA3, + 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D, 0x06, 0x03, 0x55, + 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xA3, 0x29, 0x81, 0xE7, + 0x90, 0x6F, 0xB9, 0x60, 0xF8, 0xAF, 0xCC, 0x15, 0x7A, 0xAE, + 0xD7, 0xA1, 0xF4, 0xB4, 0x86, 0xBA, 0x30, 0x1F, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x74, + 0xD5, 0x38, 0x19, 0x5E, 0x83, 0xB9, 0x03, 0xF8, 0x01, 0x8A, + 0x35, 0x35, 0xBB, 0x89, 0x4C, 0x49, 0xB4, 0x23, 0xE9, 0x30, + 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, + 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, + 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, 0x30, + 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, + 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, + 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, + 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xF3, + 0xC2, 0xEF, 0x8B, 0x55, 0x65, 0x4F, 0xBC, 0xE3, 0xDF, 0xFC, + 0xD8, 0xA1, 0xAD, 0x8E, 0x43, 0x07, 0x73, 0xC8, 0x58, 0xC3, + 0x46, 0x0A, 0xC1, 0xF1, 0x4D, 0x3F, 0xFB, 0x3D, 0x78, 0xE6, + 0x76, 0x58, 0x26, 0xCE, 0xD7, 0x59, 0x55, 0xEC, 0xC5, 0xB5, + 0xB4, 0x05, 0xED, 0xF9, 0xD4, 0x97, 0x69, 0x66, 0xD6, 0x2C, + 0x1B, 0x43, 0x5A, 0x51, 0x5C, 0xBE, 0x10, 0x28, 0x95, 0xC4, + 0x96, 0xAF, 0x00 }; static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert); /* ./certs/ed25519/server-ed25519-key.der, ED25519 */ static const unsigned char server_ed25519_key[] = { - 0x30, 0x52, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, - 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x02, 0x2F, 0xC5, 0xFF, - 0xBA, 0x8E, 0xD0, 0xD2, 0xBF, 0x03, 0x8E, 0x76, 0x8F, 0xC8, - 0x86, 0x80, 0x71, 0x87, 0x97, 0x31, 0xE2, 0x40, 0xAC, 0xDF, - 0xBB, 0x90, 0x15, 0x52, 0x6E, 0x24, 0xA1, 0x39, 0xA1, 0x22, - 0x04, 0x20, 0x61, 0x5D, 0xEC, 0xB7, 0x45, 0x93, 0xC9, 0x84, - 0x7B, 0x68, 0x21, 0x4A, 0x4D, 0xF4, 0x04, 0x8B, 0xBD, 0xCD, - 0x6C, 0x5D, 0x3D, 0xB7, 0x62, 0x2C, 0x2D, 0x25, 0xC3, 0x22, - 0x49, 0xC8, 0x86, 0xF2 + 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x21, 0x00, 0x23, 0xAA, 0x4D, 0x60, 0x50, 0xE0, 0x13, 0xD3, + 0x3A, 0xED, 0xAB, 0xF6, 0xA9, 0xCC, 0x4A, 0xFE, 0xD7, 0x4D, + 0x2F, 0xD2, 0x5B, 0x1A, 0x10, 0x05, 0xEF, 0x5A, 0x41, 0x25, + 0xCE, 0x1B, 0x53, 0x78 }; static const int sizeof_server_ed25519_key = sizeof(server_ed25519_key); /* ./certs/ed25519/ca-ed25519.der, ED25519 */ static const unsigned char ca_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x60, 0x30, 0x82, 0x02, 0x12, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0x80, 0xBA, 0x68, 0x77, - 0xEF, 0xA5, 0xE5, 0x42, 0x7D, 0xC6, 0x73, 0x2C, 0x54, 0x85, - 0xB8, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x04, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, - 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x30, 0x82, 0x02, 0x4C, 0x30, 0x82, 0x01, 0xFE, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x05, 0x06, 0x03, + 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x45, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0C, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x45, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x22, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, 0x30, 0x34, - 0x31, 0x32, 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x18, - 0x0F, 0x32, 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, 0x37, 0x31, - 0x35, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, 0x9D, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x0B, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, 0x02, 0x43, - 0x41, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, 0x65, 0xAA, - 0x7F, 0x05, 0xA4, 0x04, 0x34, 0xA0, 0xEA, 0xAD, 0x1F, 0xA9, - 0x86, 0xF0, 0xD8, 0x7F, 0x72, 0xDF, 0xA9, 0x0E, 0x13, 0xA0, - 0x38, 0x66, 0x26, 0x5E, 0xEB, 0x48, 0x30, 0x80, 0x48, 0x49, - 0xA3, 0x60, 0x30, 0x5E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, - 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1D, - 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x92, - 0x3F, 0x96, 0x72, 0x02, 0xFA, 0x61, 0x1C, 0x21, 0x6D, 0x88, - 0xDD, 0xEB, 0xDD, 0x3C, 0x9B, 0x17, 0xC4, 0x9F, 0xB7, 0x30, - 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, - 0x80, 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, 0x3E, 0x1C, - 0xB0, 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, 0x4D, 0x0A, - 0x95, 0xB8, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, - 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0xC6, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x4C, 0x40, - 0xD0, 0x7F, 0xBC, 0xFB, 0xF4, 0xA2, 0x1A, 0x58, 0xF6, 0x72, - 0xE3, 0xE8, 0xDA, 0x18, 0x0D, 0x94, 0xDC, 0x0E, 0xFD, 0xC1, - 0xE7, 0x02, 0xA5, 0x7A, 0xEE, 0xCB, 0xC2, 0x7E, 0xFA, 0xA1, - 0xFC, 0x15, 0x9A, 0xFE, 0x1E, 0xE0, 0x37, 0xDF, 0x7F, 0xAB, - 0x76, 0x50, 0x06, 0xD4, 0x3D, 0x1A, 0x65, 0x73, 0x3F, 0x92, - 0xD4, 0x44, 0x62, 0xA7, 0x4C, 0xB3, 0x2A, 0x01, 0x87, 0xE3, - 0x06, 0x06 + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, + 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, + 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, + 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, + 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, + 0x35, 0x31, 0x39, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x41, 0x2D, 0x65, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x65, 0x70, 0x03, 0x21, 0x00, 0x42, 0x3B, 0x7A, 0xF9, 0x82, + 0xCF, 0xF9, 0xDF, 0x19, 0xDD, 0xF3, 0xF0, 0x32, 0x29, 0x6D, + 0xFA, 0xFD, 0x76, 0x4F, 0x68, 0xC2, 0xC2, 0xE0, 0x6C, 0x47, + 0xAE, 0xC2, 0x55, 0x68, 0xAC, 0x0D, 0x4D, 0xA3, 0x63, 0x30, + 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0x74, 0xD5, 0x38, 0x19, 0x5E, 0x83, 0xB9, 0x03, + 0xF8, 0x01, 0x8A, 0x35, 0x35, 0xBB, 0x89, 0x4C, 0x49, 0xB4, + 0x23, 0xE9, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x18, 0x30, 0x16, 0x80, 0x14, 0xFA, 0xBA, 0x5B, 0x76, 0x1D, + 0xF1, 0x1D, 0x1D, 0x4D, 0x74, 0x48, 0xD8, 0x98, 0x3B, 0x56, + 0xEF, 0xB3, 0x14, 0xF3, 0xDE, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, + 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x05, + 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xDA, 0xFE, + 0x58, 0x53, 0x89, 0x43, 0x85, 0x98, 0x35, 0xDC, 0x13, 0x1C, + 0xA3, 0xF1, 0x1F, 0x8D, 0x26, 0xBE, 0xB6, 0xA2, 0xFC, 0xB7, + 0xFE, 0x9C, 0xB9, 0x35, 0x69, 0x31, 0x7E, 0xD4, 0xB9, 0x11, + 0x45, 0x16, 0xA2, 0x29, 0x35, 0xA9, 0x74, 0xA7, 0x97, 0xDA, + 0x7E, 0x71, 0x4F, 0xB1, 0x72, 0x5D, 0x75, 0x17, 0xAC, 0xE3, + 0xF6, 0xB8, 0xCE, 0x1E, 0xE4, 0x8A, 0x95, 0xBA, 0xCD, 0x1D, + 0xCE, 0x0D }; static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert); /* ./certs/ed25519/client-ed25519.der, ED25519 */ static const unsigned char client_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x58, 0x30, 0x82, 0x02, 0x0A, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x10, 0x00, 0x8F, 0x2F, 0x35, 0xB2, - 0x53, 0xBD, 0x4F, 0x92, 0xD1, 0xFF, 0x1D, 0x4B, 0x40, 0xA5, - 0x49, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, - 0xA1, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x06, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, - 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x22, 0x18, 0x0F, 0x32, 0x30, 0x31, 0x38, - 0x30, 0x34, 0x31, 0x32, 0x31, 0x36, 0x32, 0x32, 0x31, 0x37, - 0x5A, 0x18, 0x0F, 0x32, 0x30, 0x32, 0x31, 0x30, 0x31, 0x30, - 0x37, 0x31, 0x35, 0x32, 0x32, 0x31, 0x37, 0x5A, 0x30, 0x81, - 0xA1, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x04, 0x0C, - 0x06, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x45, 0x44, 0x32, 0x35, - 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, - 0x70, 0x03, 0x21, 0x00, 0xA2, 0xF1, 0x26, 0x40, 0x9B, 0xA2, - 0x59, 0xDA, 0xDB, 0xE6, 0x15, 0x7F, 0x9A, 0x11, 0xB5, 0x48, - 0x5F, 0x55, 0xBA, 0x5E, 0xED, 0x46, 0xF7, 0x98, 0x67, 0xBE, - 0x0C, 0x93, 0xE3, 0xA4, 0x8E, 0x18, 0xA3, 0x52, 0x30, 0x50, + 0x30, 0x82, 0x03, 0x54, 0x30, 0x82, 0x03, 0x06, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x40, 0x66, 0xC6, 0x11, 0xBC, + 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, 0xAD, 0xC1, + 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x65, 0x70, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, + 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, 0x64, + 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, + 0x30, 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, + 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, + 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, + 0x35, 0x35, 0x31, 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, + 0x74, 0x2D, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x2A, + 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x21, 0x00, + 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, 0x6B, 0xED, + 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, 0xEB, 0x02, + 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, 0xFE, 0x54, + 0x39, 0xE6, 0xA3, 0x82, 0x01, 0x50, 0x30, 0x82, 0x01, 0x4C, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, - 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, 0x3E, 0x1C, 0xB0, - 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, 0x4D, 0x0A, 0x95, - 0xB8, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, - 0x30, 0x16, 0x80, 0x14, 0xFE, 0x01, 0x46, 0x7F, 0x6F, 0x2B, - 0x3E, 0x1C, 0xB0, 0x6F, 0xE1, 0xCC, 0x4D, 0x02, 0x25, 0xF7, - 0x4D, 0x0A, 0x95, 0xB8, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, - 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x06, 0xC0, - 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, - 0x29, 0xF6, 0x69, 0xE2, 0xB9, 0x73, 0x12, 0xD1, 0x64, 0xEB, - 0x8F, 0xE9, 0x6B, 0x61, 0xDB, 0x5F, 0xE9, 0xA7, 0x62, 0x6C, - 0x10, 0x89, 0x41, 0x80, 0xE3, 0xE8, 0xFD, 0x1F, 0xD0, 0x13, - 0xAE, 0x95, 0x00, 0xAF, 0xF7, 0x77, 0xE1, 0x22, 0x32, 0xAD, - 0x46, 0x4F, 0xDC, 0x7E, 0xFE, 0xAE, 0xBC, 0x8A, 0x1F, 0x96, - 0x0A, 0xDA, 0x9F, 0xC9, 0x93, 0x52, 0x27, 0x18, 0xB0, 0x8B, - 0xDA, 0xBE, 0x81, 0x09 + 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, + 0x3E, 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, + 0x8A, 0x30, 0x81, 0xDF, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x81, 0xD7, 0x30, 0x81, 0xD4, 0x80, 0x14, 0xFE, 0x41, 0x5E, + 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, 0x47, 0x89, 0x90, + 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0xA1, 0x81, 0xA5, + 0xA4, 0x81, 0xA2, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, + 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x40, 0x66, 0xC6, + 0x11, 0xBC, 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, + 0xAD, 0xC1, 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, + 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, + 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, + 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, + 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x41, 0x00, 0xE0, 0x87, 0xE2, 0xCE, 0xD3, 0x87, 0x77, 0x9D, + 0xF7, 0x44, 0xC0, 0x73, 0x00, 0xFF, 0x07, 0x6D, 0x2E, 0x90, + 0x90, 0x5C, 0xBF, 0x30, 0x46, 0x9C, 0x75, 0xA9, 0x48, 0x50, + 0x8A, 0xDA, 0x09, 0x0F, 0xA8, 0xA8, 0x04, 0xB4, 0x33, 0xC8, + 0xF4, 0x28, 0x61, 0x9E, 0xC2, 0xA5, 0x19, 0xB7, 0x70, 0x1E, + 0x69, 0xCD, 0x49, 0x5C, 0x9A, 0xF3, 0x81, 0xE0, 0xDE, 0x38, + 0xB3, 0x37, 0xFF, 0x33, 0xBB, 0x07 }; static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert); /* ./certs/ed25519/client-ed25519-key.der, ED25519 */ static const unsigned char client_ed25519_key[] = { - 0x30, 0x52, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, - 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x27, 0xA3, 0x34, 0x2A, - 0x35, 0xD4, 0xBB, 0xB8, 0xE1, 0xDC, 0xD8, 0xEC, 0x0F, 0xC1, - 0xA0, 0xD1, 0xA2, 0x5C, 0xF9, 0x06, 0xF0, 0x44, 0x5D, 0x3B, - 0x97, 0x4D, 0xBD, 0xDF, 0x4A, 0x3B, 0xA3, 0x4E, 0xA1, 0x22, - 0x04, 0x20, 0xA2, 0xF1, 0x26, 0x40, 0x9B, 0xA2, 0x59, 0xDA, - 0xDB, 0xE6, 0x15, 0x7F, 0x9A, 0x11, 0xB5, 0x48, 0x5F, 0x55, - 0xBA, 0x5E, 0xED, 0x46, 0xF7, 0x98, 0x67, 0xBE, 0x0C, 0x93, - 0xE3, 0xA4, 0x8E, 0x18 + 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x21, 0x00, 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, + 0x6B, 0xED, 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, + 0xEB, 0x02, 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, + 0xFE, 0x54, 0x39, 0xE6 }; static const int sizeof_client_ed25519_key = sizeof(client_ed25519_key); diff --git a/source/libs/libwolfssl/crl.h b/source/libs/libwolfssl/crl.h index 4e5ba23a..9b3ec3f6 100644 --- a/source/libs/libwolfssl/crl.h +++ b/source/libs/libwolfssl/crl.h @@ -1,6 +1,6 @@ /* crl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/error-ssl.h b/source/libs/libwolfssl/error-ssl.h index 837d6c54..f2e58094 100644 --- a/source/libs/libwolfssl/error-ssl.h +++ b/source/libs/libwolfssl/error-ssl.h @@ -1,6 +1,6 @@ /* error-ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -170,6 +170,9 @@ enum wolfSSL_ErrorCodes { DTLS_SIZE_ERROR = -439, /* Trying to send too much data */ NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */ APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */ + TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */ + + SOCKET_FILTERED_E = -443, /* Session stopped by network filter */ /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ diff --git a/source/libs/libwolfssl/internal.h b/source/libs/libwolfssl/internal.h index 0ad318ec..2510ed66 100644 --- a/source/libs/libwolfssl/internal.h +++ b/source/libs/libwolfssl/internal.h @@ -1,6 +1,6 @@ /* internal.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -59,6 +59,9 @@ #ifdef HAVE_POLY1305 #include #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && defined(OPENSSL_EXTRA) + #include +#endif #ifdef HAVE_CAMELLIA #include #endif @@ -114,6 +117,15 @@ #ifdef HAVE_CURVE448 #include #endif +#ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \ + !defined(WOLFSSL_TICKET_ENC_AES128_GCM) && \ + !defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #include + #else + #include + #endif +#endif #include #include @@ -199,7 +211,11 @@ #endif #endif #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) - #include /* for close of BIO */ + #ifdef FUSION_RTOS + #include + #else + #include /* for close of BIO */ + #endif #endif #endif @@ -845,6 +861,13 @@ #endif #endif +#if !defined(WOLFCRYPT_ONLY) && defined(NO_PSK) && \ + (defined(NO_DH) || !defined(HAVE_ANON)) && \ + defined(NO_RSA) && !defined(HAVE_ECC) && \ + !defined(HAVE_ED25519) && !defined(HAVE_ED448) + #error "No cipher suites avaialble with this build" +#endif + #ifdef WOLFSSL_MULTICAST #if defined(HAVE_NULL_CIPHER) && !defined(NO_SHA256) #define BUILD_WDM_WITH_NULL_SHA256 @@ -1141,7 +1164,8 @@ enum { #endif /* WOLFSSL_MULTICAST */ #ifndef WOLFSSL_MAX_MTU - #define WOLFSSL_MAX_MTU 1500 + /* 1500 - 100 bytes to account for UDP and IP headers */ + #define WOLFSSL_MAX_MTU 1400 #endif /* WOLFSSL_MAX_MTU */ @@ -1171,8 +1195,8 @@ enum { #if (WOLFSSL_MAX_DHKEY_BITS % 8) #error DH maximum bit size must be multiple of 8 #endif -#if (WOLFSSL_MAX_DHKEY_BITS > 16000) - #error DH maximum bit size must not be greater than 16000 +#if (WOLFSSL_MAX_DHKEY_BITS > 16384) + #error DH maximum bit size must not be greater than 16384 #endif #define MAX_DHKEY_SZ (WOLFSSL_MAX_DHKEY_BITS / 8) @@ -1232,7 +1256,7 @@ enum Misc { /* pre RSA and all master */ #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \ (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS >= 16384) -#ifndef NO_PSK +#if !defined(NO_PSK) && defined(USE_FAST_MATH) ENCRYPT_LEN = (FP_MAX_BITS / 2 / 8) + MAX_PSK_ID_LEN + 2, #else ENCRYPT_LEN = 1024, /* allow 8192 bit static buffer */ @@ -1326,9 +1350,9 @@ enum Misc { DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */ DTLS_EXPORT_STATE_PRO = 166,/* wolfSSL protocol for serialized state */ DTLS_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */ - DTLS_EXPORT_OPT_SZ = 60, /* amount of bytes used from Options */ + DTLS_EXPORT_OPT_SZ = 61, /* amount of bytes used from Options */ DTLS_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */ - DTLS_EXPORT_OPT_SZ_3 = 59, /* amount of bytes used from Options */ + DTLS_EXPORT_OPT_SZ_3 = 60, /* amount of bytes used from Options */ DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2), /* max amount of bytes used from Keys */ DTLS_EXPORT_MIN_KEY_SZ = 85 + (DTLS_SEQ_SZ * 2), @@ -1336,6 +1360,9 @@ enum Misc { DTLS_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */ DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */ DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */ + DTLS_MTU_ADDITIONAL_READ_BUFFER = 100, /* Additional bytes to read so that + * we can work with a peer that has + * a slightly different MTU than us. */ MAX_EXPORT_BUFFER = 514, /* max size of buffer for exporting */ MAX_EXPORT_STATE_BUFFER = (DTLS_EXPORT_MIN_KEY_SZ) + (3 * DTLS_EXPORT_LEN), /* max size of buffer for exporting state */ @@ -1469,7 +1496,11 @@ enum Misc { MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */ #endif +#ifdef WOLFSSL_HAPROXY + MAX_X509_SIZE = 3072, /* max static x509 buffer size */ +#else MAX_X509_SIZE = 2048, /* max static x509 buffer size */ +#endif CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */ @@ -1585,6 +1616,26 @@ enum Misc { #define SESSION_TICKET_HINT_DEFAULT 300 #endif +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + /* Check chosen encryption is available. */ + #if !(defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) && \ + defined(WOLFSSL_TICKET_ENC_CHACHA20_POLY1305) + #error "ChaCha20-Poly1305 not available for default ticket encryption" + #endif + #if !defined(HAVE_AESGCM) && (defined(WOLFSSL_TICKET_ENC_AES128_GCM) || \ + defined(WOLFSSL_TICKET_ENC_AES256_GCM)) + #error "AES-GCM not available for default ticket encryption" + #endif + + #ifndef WOLFSSL_TICKET_KEY_LIFETIME + /* Default lifetime is 1 hour from issue of first ticket with key. */ + #define WOLFSSL_TICKET_KEY_LIFETIME (60 * 60) + #endif + #if WOLFSSL_TICKET_KEY_LIFETIME <= SESSION_TICKET_HINT_DEFAULT + #error "Ticket Key lifetime must be longer than ticket life hint." + #endif +#endif + /* don't use extra 3/4k stack space unless need to */ #ifdef HAVE_NTRU @@ -1648,6 +1699,21 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void); #endif #endif +struct WOLFSSL_BY_DIR_HASH { + unsigned long hash_value; + int last_suffix; +}; + +struct WOLFSSL_BY_DIR_entry { + char* dir_name; + int dir_type; + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *hashes; +}; + +struct WOLFSSL_BY_DIR { + WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *dir_entry; + wolfSSL_Mutex lock; /* dir list lock */ +}; /* wolfSSL method type */ struct WOLFSSL_METHOD { @@ -1680,7 +1746,7 @@ WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx) WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites); #ifdef WOLFSSL_TLS13 -WOLFSSL_LOCAL int FindSuite(Suites* suites, byte first, byte second); +WOLFSSL_LOCAL byte SuiteMac(byte* suite); #endif WOLFSSL_LOCAL int DoClientHello(WOLFSSL* ssl, const byte* input, word32*, word32); @@ -1837,9 +1903,10 @@ WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, int haveAnon, int tls1_2, int keySz); WOLFSSL_LOCAL void InitSuites(Suites*, ProtocolVersion, int, word16, word16, - word16, word16, word16, word16, word16, int); + word16, word16, word16, word16, word16, word16, int); WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites); WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); +WOLFSSL_LOCAL int SetSuitesHashSigAlgo(Suites*, const char* list); #ifndef PSK_TYPES_DEFINED typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, @@ -1847,11 +1914,15 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, unsigned char*, unsigned int); #ifdef WOLFSSL_TLS13 + typedef unsigned int (*wc_psk_client_cs_callback)(WOLFSSL*, const char*, + char*, unsigned int, unsigned char*, unsigned int, + const char* cipherName); typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, char*, unsigned int, unsigned char*, unsigned int, - const char**); + const char** cipherName); typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, - unsigned char*, unsigned int, const char**); + unsigned char*, unsigned int, + const char** cipherName); #endif #endif /* PSK_TYPES_DEFINED */ #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \ @@ -2030,6 +2101,11 @@ struct WOLFSSL_CERT_MANAGER { #endif #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum allowed ECC key size */ +#endif +#if defined(OPENSSL_EXTRA) + WOLFSSL_X509_STORE *x509_store_p; /* a pointer back to CTX x509 store */ + /* CTX has ownership and free this */ + /* with CTX free. */ #endif wolfSSL_Mutex refMutex; /* reference count mutex */ int refCount; /* reference count */ @@ -2248,9 +2324,9 @@ WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset); #endif -WOLFSSL_LOCAL int TLSX_ParseVersion(WOLFSSL* ssl, byte* input, word16 length, - byte msgType, int* found); -WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, +WOLFSSL_LOCAL int TLSX_ParseVersion(WOLFSSL* ssl, const byte* input, + word16 length, byte msgType, int* found); +WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, Suites *suites); #elif defined(HAVE_SNI) \ @@ -2473,6 +2549,28 @@ typedef struct SessionTicket { word16 size; } SessionTicket; +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + +/* Data passed to default SessionTicket enc/dec callback. */ +typedef struct TicketEncCbCtx { + /* Name for this context. */ + byte name[WOLFSSL_TICKET_NAME_SZ]; + /* Current keys - current and next. */ + byte key[2][WOLFSSL_TICKET_KEY_SZ]; + /* Expirary date of keys. */ + word32 expirary[2]; + /* Random number generator to use for generating name, keys and IV. */ + WC_RNG rng; +#ifndef SINGLE_THREADED + /* Mutex for access to changing keys. */ + wolfSSL_Mutex mutex; +#endif + /* Pointer back to SSL_CTX. */ + WOLFSSL_CTX* ctx; +} TicketEncCbCtx; + +#endif /* !WOLFSSL_NO_DEF_TICKET_ENC_CB && !WOLFSSL_NO_SERVER */ + WOLFSSL_LOCAL int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap); WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime, @@ -2530,7 +2628,7 @@ typedef struct Cookie { byte data; } Cookie; -WOLFSSL_LOCAL int TLSX_Cookie_Use(WOLFSSL* ssl, byte* data, word16 len, +WOLFSSL_LOCAL int TLSX_Cookie_Use(WOLFSSL* ssl, const byte* data, word16 len, byte* mac, byte macSz, int resp); @@ -2541,17 +2639,23 @@ typedef struct KeyShareEntry { word16 group; /* NamedGroup */ byte* ke; /* Key exchange data */ word32 keLen; /* Key exchange data length */ - void* key; /* Private key */ - word32 keyLen; /* Private key length */ + void* key; /* Key struct */ + word32 keyLen; /* Key size (bytes) */ byte* pubKey; /* Public key */ word32 pubKeyLen; /* Public key length */ +#ifndef NO_DH + byte* privKey; /* Private key - DH only */ +#endif +#ifdef WOLFSSL_ASYNC_CRYPT + int lastRet; +#endif struct KeyShareEntry* next; /* List pointer */ } KeyShareEntry; WOLFSSL_LOCAL int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, KeyShareEntry **kse); WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl); -WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl); +WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl, int* doHelloRetry); WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl); @@ -2584,7 +2688,7 @@ WOLFSSL_LOCAL int TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, word16* pSz); WOLFSSL_LOCAL int TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType, word16* pSz); -WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity, +WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, const byte* identity, word16 len, word32 age, byte hmac, byte cipherSuite0, byte cipherSuite, byte resumption, @@ -2625,6 +2729,10 @@ WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl); WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret); WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key); +WOLFSSL_LOCAL int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen, + const char *label, size_t labelLen, + const unsigned char *context, size_t contextLen); + /* The key update request values for KeyUpdate message. */ enum KeyUpdateRequest { update_not_requested, @@ -2649,6 +2757,13 @@ typedef struct { #endif #ifdef HAVE_ECC DerBuffer* ecKey; +#endif + /* bits */ +#ifndef NO_DH + byte weOwnDH:1; +#endif +#ifdef HAVE_ECC + byte weOwnEC:1; #endif } StaticKeyExchangeInfo_t; #endif @@ -2688,6 +2803,9 @@ struct WOLFSSL_CTX { byte privateKeyLabel:1; int privateKeySz; int privateKeyDevId; +#ifdef OPENSSL_ALL + WOLFSSL_EVP_PKEY* privateKeyPKey; +#endif WOLFSSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ #endif #ifdef KEEP_OUR_CERT @@ -2719,8 +2837,11 @@ struct WOLFSSL_CTX { byte minDowngrade; /* minimum downgrade version */ byte haveEMS:1; /* have extended master secret extension */ byte useClientOrder:1; /* Use client's cipher preference order */ +#if defined(HAVE_SESSION_TICKET) + byte noTicketTls12:1; /* TLS 1.2 server won't send ticket */ +#endif #ifdef WOLFSSL_TLS13 - byte noTicketTls13:1; /* Server won't create new Ticket */ + byte noTicketTls13:1; /* TLS 1.3 Server won't create new Ticket */ byte noPskDheKe:1; /* Don't use (EC)DHE with PSK */ #endif byte mutualAuth:1; /* Mutual authentication required */ @@ -2772,7 +2893,14 @@ struct WOLFSSL_CTX { byte sessionCtxSz; byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ CallbackInfoState* CBIS; /* used to get info about SSL state */ + WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/ #endif +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + NetworkFilterCallback_t AcceptFilter; + void *AcceptFilter_arg; + NetworkFilterCallback_t ConnectFilter; + void *ConnectFilter_arg; +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ CallbackIORecv CBIORecv; CallbackIOSend CBIOSend; #ifdef WOLFSSL_DTLS @@ -2803,6 +2931,7 @@ struct WOLFSSL_CTX { wc_psk_client_callback client_psk_cb; /* client callback */ wc_psk_server_callback server_psk_cb; /* server callback */ #ifdef WOLFSSL_TLS13 + wc_psk_client_cs_callback client_psk_cs_cb; /* client callback */ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ #endif @@ -2864,12 +2993,19 @@ struct WOLFSSL_CTX { #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */ void* ticketEncCtx; /* session encrypt context */ + #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ + || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) + ticketCompatCb ticketEncWrapCb; /* callback for OpenSSL ticket key callback */ + #endif int ticketHint; /* ticket hint in seconds */ + #ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB + TicketEncCbCtx ticketKeyCtx; + #endif + #endif #endif #ifdef HAVE_SUPPORTED_CURVES byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */ #endif -#endif #ifdef ATOMIC_USER CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ @@ -2884,31 +3020,31 @@ struct WOLFSSL_CTX { CallbackEccSign EccSignCb; /* User EccSign Callback handler */ CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */ - #ifdef HAVE_ED25519 - /* User Ed25519Sign Callback handler */ - CallbackEd25519Sign Ed25519SignCb; - /* User Ed25519Verify Callback handler */ - CallbackEd25519Verify Ed25519VerifyCb; - #endif - #ifdef HAVE_CURVE25519 - /* User X25519 KeyGen Callback Handler */ - CallbackX25519KeyGen X25519KeyGenCb; - /* User X25519 SharedSecret Callback handler */ - CallbackX25519SharedSecret X25519SharedSecretCb; - #endif - #ifdef HAVE_ED448 - /* User Ed448Sign Callback handler */ - CallbackEd448Sign Ed448SignCb; - /* User Ed448Verify Callback handler */ - CallbackEd448Verify Ed448VerifyCb; - #endif - #ifdef HAVE_CURVE448 - /* User X448 KeyGen Callback Handler */ - CallbackX448KeyGen X448KeyGenCb; - /* User X448 SharedSecret Callback handler */ - CallbackX448SharedSecret X448SharedSecretCb; - #endif #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + /* User Ed25519Sign Callback handler */ + CallbackEd25519Sign Ed25519SignCb; + /* User Ed25519Verify Callback handler */ + CallbackEd25519Verify Ed25519VerifyCb; + #endif + #ifdef HAVE_CURVE25519 + /* User X25519 KeyGen Callback Handler */ + CallbackX25519KeyGen X25519KeyGenCb; + /* User X25519 SharedSecret Callback handler */ + CallbackX25519SharedSecret X25519SharedSecretCb; + #endif + #ifdef HAVE_ED448 + /* User Ed448Sign Callback handler */ + CallbackEd448Sign Ed448SignCb; + /* User Ed448Verify Callback handler */ + CallbackEd448Verify Ed448VerifyCb; + #endif + #ifdef HAVE_CURVE448 + /* User X448 KeyGen Callback Handler */ + CallbackX448KeyGen X448KeyGenCb; + /* User X448 SharedSecret Callback handler */ + CallbackX448SharedSecret X448SharedSecretCb; + #endif #ifndef NO_DH CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */ #endif @@ -2929,7 +3065,7 @@ struct WOLFSSL_CTX { WOLF_EVENT_QUEUE event_queue; #endif /* HAVE_WOLF_EVENT */ #ifdef HAVE_EXT_CACHE - WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, unsigned char*, int, int*); + WOLFSSL_SESSION*(*get_sess_cb)(WOLFSSL*, const unsigned char*, int, int*); int (*new_sess_cb)(WOLFSSL*, WOLFSSL_SESSION*); void (*rem_sess_cb)(WOLFSSL_CTX*, WOLFSSL_SESSION*); #endif @@ -2937,6 +3073,9 @@ struct WOLFSSL_CTX { Srp* srp; /* TLS Secure Remote Password Protocol*/ byte* srp_password; #endif +#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) + wolfSSL_CTX_keylog_cb_func keyLogCb; +#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */ #ifdef WOLFSSL_STATIC_EPHEMERAL StaticKeyExchangeInfo_t staticKE; #endif @@ -2949,6 +3088,10 @@ void FreeSSL_Ctx(WOLFSSL_CTX*); WOLFSSL_LOCAL void SSL_CtxResourceFree(WOLFSSL_CTX*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +void wolfSSL_CRYPTO_cleanup_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data); +#endif + WOLFSSL_LOCAL int DeriveTlsKeys(WOLFSSL* ssl); WOLFSSL_LOCAL @@ -3215,6 +3358,9 @@ struct WOLFSSL_SESSION { wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + byte peerVerifyRet; /* cert verify error */ +#endif #ifdef WOLFSSL_TLS13 word16 namedGroup; #endif @@ -3408,7 +3554,11 @@ typedef struct Options { #ifndef NO_PSK wc_psk_client_callback client_psk_cb; wc_psk_server_callback server_psk_cb; +#ifdef OPENSSL_EXTRA + wc_psk_use_session_cb_func session_psk_cb; +#endif #ifdef WOLFSSL_TLS13 + wc_psk_client_cs_callback client_psk_cs_cb; /* client callback */ wc_psk_client_tls13_callback client_psk_tls13_cb; /* client callback */ wc_psk_server_tls13_callback server_psk_tls13_cb; /* server callback */ #endif @@ -3469,13 +3619,12 @@ typedef struct Options { #ifdef HAVE_POLY1305 word16 oldPoly:1; /* set when to use old rfc way of poly*/ #endif -#ifdef HAVE_ANON word16 haveAnon:1; /* User wants to allow Anon suites */ -#endif #ifdef HAVE_SESSION_TICKET word16 createTicket:1; /* Server to create new Ticket */ word16 useTicket:1; /* Use Ticket not session cache */ word16 rejectTicket:1; /* Callback rejected ticket */ + word16 noTicketTls12:1; /* TLS 1.2 server won't send ticket */ #ifdef WOLFSSL_TLS13 word16 noTicketTls13:1; /* Server won't create new Ticket */ #endif @@ -3587,6 +3736,9 @@ typedef struct Arrays { byte sessionIDSz; #ifdef WOLFSSL_TLS13 byte secret[SECRET_LEN]; +#endif +#ifdef HAVE_KEYING_MATERIAL + byte exporterSecret[WC_MAX_DIGEST_SIZE]; #endif byte masterSecret[SECRET_LEN]; #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \ @@ -3620,6 +3772,9 @@ typedef struct Arrays { #define STACK_TYPE_X509_NAME 9 #define STACK_TYPE_CONF_VALUE 10 #define STACK_TYPE_X509_INFO 11 +#define STACK_TYPE_BY_DIR_entry 12 +#define STACK_TYPE_BY_DIR_hash 13 +#define STACK_TYPE_X509_OBJ 14 struct WOLFSSL_STACK { unsigned long num; /* number of nodes in stack @@ -3645,6 +3800,9 @@ struct WOLFSSL_STACK { void* generic; char* string; WOLFSSL_GENERAL_NAME* gn; + WOLFSSL_BY_DIR_entry* dir_entry; + WOLFSSL_BY_DIR_HASH* dir_hash; + WOLFSSL_X509_OBJECT* x509_obj; } data; void* heap; /* memory heap hint */ WOLFSSL_STACK* next; @@ -3722,7 +3880,7 @@ struct WOLFSSL_X509 { char certPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ]; int certPoliciesNb; #endif /* WOLFSSL_CERT_EXT */ -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif @@ -3979,6 +4137,12 @@ struct WOLFSSL { #ifdef OPENSSL_EXTRA byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ #endif +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + NetworkFilterCallback_t AcceptFilter; + void *AcceptFilter_arg; + NetworkFilterCallback_t ConnectFilter; + void *ConnectFilter_arg; +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ CallbackIORecv CBIORecv; CallbackIOSend CBIOSend; #ifdef WOLFSSL_STATIC_MEMORY @@ -4247,27 +4411,27 @@ struct WOLFSSL { #endif #ifdef HAVE_PK_CALLBACKS #ifdef HAVE_ECC - void* EccKeyGenCtx; /* EccKeyGen Callback Context */ - void* EccSignCtx; /* Ecc Sign Callback Context */ - void* EccVerifyCtx; /* Ecc Verify Callback Context */ - void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ - #ifdef HAVE_ED25519 - void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ - void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE25519 - void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ - void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ - #endif - #ifdef HAVE_ED448 - void* Ed448SignCtx; /* ED448 Sign Callback Context */ - void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE448 - void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ - void* X448SharedSecretCtx; /* X448 Pms Callback Context */ - #endif + void* EccKeyGenCtx; /* EccKeyGen Callback Context */ + void* EccSignCtx; /* Ecc Sign Callback Context */ + void* EccVerifyCtx; /* Ecc Verify Callback Context */ + void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ + void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE25519 + void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ + void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ + #endif + #ifdef HAVE_ED448 + void* Ed448SignCtx; /* ED448 Sign Callback Context */ + void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE448 + void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ + void* X448SharedSecretCtx; /* X448 Pms Callback Context */ + #endif #ifndef NO_DH void* DhAgreeCtx; /* DH Pms Callback Context */ #endif /* !NO_DH */ @@ -4289,6 +4453,12 @@ struct WOLFSSL { Tls13SecretCb tls13SecretCb; void* tls13SecretCtx; #endif + #ifdef OPENSSL_EXTRA + SessionSecretCb keyLogCb; + #ifdef WOLFSSL_TLS13 + Tls13SecretCb tls13KeyLogCb; + #endif + #endif #endif /* HAVE_SECRET_CALLBACK */ #ifdef WOLFSSL_JNI void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */ @@ -4296,11 +4466,12 @@ struct WOLFSSL { #ifdef WOLFSSL_EARLY_DATA EarlyDataState earlyData; word32 earlyDataSz; + byte earlyDataStatus; #endif #ifdef OPENSSL_ALL long verifyCallbackResult; #endif -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#if defined(OPENSSL_EXTRA) WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */ WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */ #endif @@ -4623,6 +4794,8 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength); #if defined(WOLFSSL_TLS13) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) WOLFSSL_LOCAL word32 TimeNowInMilliseconds(void); + + WOLFSSL_LOCAL int FindSuiteMac(WOLFSSL* ssl, byte* suite); #endif WOLFSSL_LOCAL word32 LowResTimer(void); @@ -4651,7 +4824,8 @@ typedef struct CipherSuiteInfo { #endif byte cipherSuite0; byte cipherSuite; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ + defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX) byte minor; byte major; #endif @@ -4695,17 +4869,27 @@ WOLFSSL_LOCAL int SetDsaExternal(WOLFSSL_DSA* dsa); WOLFSSL_LOCAL int SetRsaExternal(WOLFSSL_RSA* rsa); WOLFSSL_LOCAL int SetRsaInternal(WOLFSSL_RSA* rsa); #endif + +typedef enum elem_set { + ELEMENT_P = 0x01, + ELEMENT_Q = 0x02, + ELEMENT_G = 0x04, + ELEMENT_PUB = 0x08, + ELEMENT_PRV = 0x10, +} Element_Set; +WOLFSSL_LOCAL int SetDhExternal_ex(WOLFSSL_DH *dh, int elm ); WOLFSSL_LOCAL int SetDhInternal(WOLFSSL_DH* dh); WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh); -#ifndef NO_DH +#if !defined(NO_DH) && (!defined(NO_CERTS) || !defined(NO_PSK)) WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey, byte* priv, word32* privSz, byte* pub, word32* pubSz); WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, DhKey* dhKey, const byte* priv, word32 privSz, const byte* otherPub, word32 otherPubSz, - byte* agree, word32* agreeSz); + byte* agree, word32* agreeSz, + const byte* prime, word32 primeSz); #endif /* !NO_DH */ #ifdef HAVE_ECC @@ -4738,6 +4922,43 @@ WOLFSSL_LOCAL void FreeKey(WOLFSSL* ssl, int type, void** pKey); WOLFSSL_LOCAL int wolfSSL_AsyncPush(WOLFSSL* ssl, WC_ASYNC_DEV* asyncDev); #endif +#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \ + (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ + !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) +WOLFSSL_LOCAL int LoadCertByIssuer(WOLFSSL_X509_STORE* store, + X509_NAME* issuer, int Type); +#endif +#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_BY_DIR_HASH_new(void); +WOLFSSL_LOCAL void wolfSSL_BY_DIR_HASH_free(WOLFSSL_BY_DIR_HASH* dir_hash); +WOLFSSL_LOCAL WOLFSSL_STACK* wolfSSL_sk_BY_DIR_HASH_new_null(void); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_find( + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, const WOLFSSL_BY_DIR_HASH* toFind); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_sk_BY_DIR_HASH_value( + const WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk, int i); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_HASH* wolfSSL_sk_BY_DIR_HASH_pop( + WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_HASH_pop_free(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, + void (*f) (WOLFSSL_BY_DIR_HASH*)); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_HASH_free(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH) *sk); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_HASH_push(WOLF_STACK_OF(WOLFSSL_BY_DIR_HASH)* sk, + WOLFSSL_BY_DIR_HASH* in); +/* WOLFSSL_BY_DIR_entry stuff */ +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_BY_DIR_entry_new(void); +WOLFSSL_LOCAL void wolfSSL_BY_DIR_entry_free(WOLFSSL_BY_DIR_entry* entry); +WOLFSSL_LOCAL WOLFSSL_STACK* wolfSSL_sk_BY_DIR_entry_new_null(void); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_entry_num(const WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *sk); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_sk_BY_DIR_entry_value( + const WOLF_STACK_OF(WOLFSSL_BY_DIR_entry) *sk, int i); +WOLFSSL_LOCAL WOLFSSL_BY_DIR_entry* wolfSSL_sk_BY_DIR_entry_pop( + WOLF_STACK_OF(WOLFSSL_BY_DIR_entry)* sk); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_entry_pop_free(WOLF_STACK_OF(wolfSSL_BY_DIR_entry)* sk, + void (*f) (WOLFSSL_BY_DIR_entry*)); +WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_entry_free(WOLF_STACK_OF(wolfSSL_BY_DIR_entry) *sk); +WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_entry_push(WOLF_STACK_OF(wolfSSL_BY_DIR_entry)* sk, + WOLFSSL_BY_DIR_entry* in); +#endif /* OPENSSL_ALL && !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libs/libwolfssl/libwolfssl.a b/source/libs/libwolfssl/libwolfssl.a index 0e690242d17b2504d7537ba7039b8614f2816916..2aac649d25b36cbf9a5849fae5fe75de0d9acc31 100644 GIT binary patch delta 162826 zcmdRX4|r6?)%VQZO|l6~SYRPb5@8_$5(s302pbZ@1_Fj8N|Z!UQGz5IDr%~+F1pFx zKx%`fHL%FV8bVaG*iy?|XhUtl*iv4q)JBUoR@A6zr7f)#sf~#2_d9dv?p52a9cF*wU&Y3O3 zs}dNqEM@G}g{7x)m|IdGFRH6NEG4{Xk zfc~Q-U_JX5`yc%-EMV5CUyLJxeZC*`|M?RBUrMKbZchL2FrfZhYwv*m z|Gfbq-Z=d4D5;&j}5=ek>#Eh}5KV9C-|)%V<9xBuA%!(vC?RuXlsRdaXUop;<_6Y4I0CNyt}&2?){{i>SPcdc8$3h}E~-Ce)B{+_#8c6R8?OQ!AL zxnz+gR{y%xJU`|x>*bzVGeeFYQ1(6f?%W9pQ^=|0jOHyfhp>H3;w3`fiSOhRUv5#W#iaUbR*E^lu^G(m!$c z{;cv<%J5*orablBcwQY?PsQ=(P}?=LRFC@Rhk{_#;BIda1?dHH^{GGk)!%*M zSJPkg8)1RQl=Z&HS(du!*M7D7jZ4EfFsIu5UUXOl&Rxxe>d!=3Y}@#Yb;Ql#rbJ%V zki5{}Ft3zY+7?>5ERC0kg3GdVBaEm&`IF8d7*pF$`3k#OYF?koBnY>v?+K}}P2-XK z)Ut77NM1ak6070v#;-o%_coz=s8+~bku)tjw$@4Fa<|fI**|UhT*QQGS4=JpF!?z2 z_cuVv25|2P0C+!&*8%)8B)&%`XEObdLM=VxX1vUpauPAcGS!=dQuSkAA{}8ZGX6~H zSkJgc@d(`u+Pn2oo^)w0K6VhE#aK)^!fZ1ALf|Vj`+S} zq->Qb9|-ka*Bn}M=NRp8Lt>Lcjn{t=y7LB)dWNw?OqtL_bsc8FwTvYga4Tc+28_zv zB&Wk9iHq4MdH?l;~M-Sc(B3VJy{v!H`jV>nXD~F;jbLF+s+LNIEgQjr6F0%s~SIe4MdlBT+wN81;xJW`MEb5{^Y-2Gg+)#>N@p zKC^(>%_hxQ6c$OpkFoJa`d*Z^&OpwXg~i#TV0RRZ+89j4RhbfsgGh~<#i0UYCC#{V zjJXZ?0%K{~2dAv5p|qQlZWit905qQrv%{P9=`gh*ilcC9E!-#Jy@35XO!m)FKS~p` z0`L(XCgWG^IvnQ@z5JC_t?qlu9g5ASm3Q(9N@9JeY}I6*AKLfsB*m5=>Zu2^^*z8< zq0_4-#~?dv)q0*$CMXFVq5P`JF<^>s(>!5o8s8o2zGqa@Onr_~Of=%pjM-8B#{QnF zJj=u?;m4a;YoH;;A81SS2M$m5dxLuSKu!!@323cJ8Xo25;Fphl=+`=?#5%3$PC7z$ z)h}LF-VkJygdcvMw*>ALy~2UOvs3+Bn$SC}sF|Z4Y$#eLJb3H#TsYw%-nv_5D?if% z2*=6t)tH}M+G9}o26SgpPBsrxCpvjmjLm&B94>sE^&1X2*T=@^x*5x5p~PF_;m}>T zj2rH0C@FE0(_O&Wxm+I~ubmvlQ?5MO1Xj@l?4ur_A=uV_60Y3Wj#vH|xfz%7j-y#`(SCOUSZ2-45o6(D*8TZA(qq)Z4cvhd zFbnL2o-iVY9$eX9g%~gzhH0Mm!eu}#{iseA!U9t_vH68$syDIfhL~%d>VrPtma(iF z=IcOMZEgufjCb}X=(Ul#3lFmuX`7f&Z5!|*jZM9P0q*WU`2+WtIAKd8{pz82#ZZq5 zP%jLWH{^#d?i`c5NH+2nt&Ipjbly327n>j0b*jAZ5OZhmVyv(|Tp>owYu*sPGIWtu z!5Dp-`+7cVTsYia8vgjNM5J&-_#m9H@KsbRBsv!gw!g@ShRSv=<3HZtv1>A4R7=Ji zdWUTzgN1I%ueS+fTr2FrNuL4{eXmXNgXE5ev{EXY(fg_(bBF$VlXJiQv3vPY4?-*O z!^5*et&fk^y0%zt6JiU8=z$KrT6B=Dlh74T7^mv_%|-d=P2n!5FjzS8P%t-EX0%sH$4 z+FL_nM~9|4?4hD3?^k!21F@LXCX5xR$N(+YZH@qA`=W*@V8$3T*-&+3xMD-4jS;2| z=5Gx2Y^WOzL+P=#>BCZW6qz9ZL- zA+KnN^7C}dcxJ=TPDFD7dsVc0^cplI3am{Qjote^!rn)N`Z2Qwj?D6tlcw~d(LWw8 zBYJ`Mcb#Z(HX|JEI0psKNBhk}FM|O~IE*-!z5ktq_i=vt{*}+pv?!BH~G@I(7g9QnG1KOd?(mNe#R=~Mh_%^QLpu!cV1oh_l(V@Z5{XwR`LhI*vjXz;<{ zCY-j`O>7%^LCq87^Fwd1weMf`ixYf!4%i()8hXyL!bCrPjB0N-@%YP)Rt_6gJbDUd zmv0J#y^4nnj2<7tR)n^_xRAGndS9H+PljB_$MFjxFaD;6R^V@b$dA7(Lp$&{5IT5# zPUZoT6V@o-pldlcC=4#b0$RTuH|m0nF}U!eg*!rJzs%!hp%%oi8x)VqS%aajU(OkN zP>qj*oq{;Se>Fee`J)k&f6FZYEy ze^oJj8#K_OK%^z^E-DiR<7<<9C(5tUZP+zI8(fp62(tCqX)#ZLs~Jc$K$as{JsbX+bXP%R7i58$VPOQliUa18+8C*z5@ zcyys#&SDl}4+3Nbtmrh7t-$sCDzjoDCz;Y7&a^* zqsG=-fS-zrzlX8QJW=sq1KtcgOVWpuF53sZn{bHM3N4MTBOfUf9KuXN8xpwp?>o`Q z_qV_HS7rY7E4Y-T3Sq6;44CaRSnJ|PLNk776GBE-L8#75GicC5q z)-jeNXrlfjAg)YVzzEd%asx(T1`{JrGd5d>k3`K3hDLfAn`4BRV<2w8b?EX87!{i< zVP}Oo;&IkPtytL+j}yi*#ek1tG%n#$Hq6`@@IF(d)JYgN;X;ik$}}$2%$SmL1u&2> z!okD>13rf#qJ-5kS*FpAsWKzRKq`hojRA94$PCG-eX#*Uq{g&kG75`??>6%$A2bFRsUch6LuwBEIL3<9Zzw2Hz(Kr`OTb`N>CoYk1o!DM`A~eah&1FsEp7?- z0`}=J`AtiegdtK(P{OFO<)99$KWK%u z5llYN+ALuQ;4TRt0enG+$?e5}aY|1vFD9QY)R9v_R_YPt>tX^D2Emv%3GV}ZLWjw{ z#kzHPTw7$qFLd*}6JtQ@G34*B? zLJt1~#k+&%_d;*JH{2LH&!JhKn3kFLi?>l#2tioAnR2Ul41iW49GEU$nwb!U$cWANimE15N~kvp1FnY}3=#h%1)xqv%b-@rSC z*|*#fD!7oOHnKB;qu2QHNo}v3T={Ipnt{fKglqhjwWFR5gy%XN#w~CLzvjrO_|H+# zHrY}$C@lDXYDVQE#5XVSH;rYEz;jcaQ#V5Dz$=R%epcjpGBu;g=FFh5ies;euqK;J z;FYzN5_e>TPF$F#{%55qtK#Ux&j#OjWCY%x=?uI-#UI2J0lh109)6a}2tEmVgim}` z;FX!9o((?f%4nEh;%v$UZxpu(w2&6{New;;T2Ghw8!}P9#mPI*|QZ7Km{z$^Z! z6DFb}KA}>^J2DzdX8MC~v2=P@Jb((J@ZeD=h0pg_PC|_kP?=eY!i*Z}nJRvd8X>OY zeMsjhY9us(0*_wrZ)#+ChYBvH@S~wGg;P|7HDpfk2VrXTZpfVLulP2Y$Ry2-`qvso zMWsePqOzpT3{(&n@J}^a4B8?dyxQja6M`364gnS44qd!BdE!4%EXl4Z6V-TMu!}kei4JIgGdZmbKN{5TkTXKNjl`&L*v}TAHtyzUvMy-wJ`~akI zOXag>a|Tl&8fX>{I7shEQ>JE2cmir=v|@pe5_qKzm4aKK3d)|YS@aC(^(y}Ou*{QB z4wZ;T5fQjfL@=Uz{}$odzhq=Yz9+SID^D6FI)qA{-ehtw)N5)lSa}L>(SC2`%JMh z9~C}*H@z!kkXhD6;EP_>yZ4exy?Yl*)$>$NtkmN&A4VK3O300LAY`zI-W7k6GI(Fg z039ZD^j0iS$wYKRiD(&n>0QwRk(NN@lc5S~0B~@GSNuX-9FN7wg>iiB=TO%HQ(cqi z{R1sY4ILy+{xdDn;6`dnXvfr67irDVRAIZ4{@>J8x85CmE-jIgRG~^S)X=qbLj=$c+}v^$aFDq|lIaTH#0G&oj-Ej}6* z=2NHZfw3a6^$@dCVys9y0!PW|f;gOYOEU;GgDAo(`av`j2BMVC3ZjuP-}Jx{gvIJK zD{YGlh$gj*O*Sw{BbL&|1!PT?CEAoBJShh2Y=NWN;vqaO27Ac>-Z6wvs0h5D4ETC~ z;M4+t>zm9@-xKN+n9*NS;?Fz899!mv&yE3-G^Bc~f*Mq0d`FTf;v6Xy4^N1!zPo8M_G?0o)k zPvFg2{w530Xc$Z-LqQvOPBy+}3)^{C;7@se?;peGrhbiC3wQF=sV&T&_YTWm z9>$>ehGkf>DD^kQVa4OOSnc@HRDWPcn!n;V?-W%0I<6q^ZRYbGX6KqpQQxVkFV^R_ zjAOnnH(|;z7hjfJ3Yaa|&G>(;Vr7r4VplyfpDhiBneW=ayJt6zV?}vxEc32n#ZB{B zSu56ekvVZGuV4Lq3rHGC~Y zO#*M{b=jD{HB^MkImH51J6}Ox*-&XYR*zNPpxSv6bQ^|lhe5YqsdEqMxM3x9>y^5F z3%bQ#n!qE_?Q78OZ=l=fSe5TEZ23~%R&BXas&-yPwdW^zsd4c!;0c(8b%dA zLt78XVOEyJ7N~D6^DkiGQ*!&qk!xRb&(4GR=kCHf`Sw0vI&4QZ%`DIpM^RYWbP44d}hs*bOQwwFj*}O7BL+phhc| zK~6EJG~9Qi&~v1wFFz)9|KxZ5jm@x95Xa)#G-N7=Ud!-q(>ym@oZ8+Id{QQsA+eo+ zEQ&<2rGUF{`vbF&&%~I)$==kHZJEc@ zwXTtTDbLXCPM$K#4N-8~0sum8SkLaf!^oKL-8i1_&{9Y7(lM@v>KptG*TcM0;5IH`p%mt|WjtS@1xI1L z=+Zhy@mWh;qH;cdHB~Sd1vD(NJca!ouBgpZc5E$arNSS{ zA%3BM%W7s1?3wD<+)0q@xgjwl6z=P+NaCMNz-lAb%=nesZF705V>4Tjm{EiUww;!C zWf#9u)8_JukyQ0wR0|K^gC)3bzCinrxqL$A)d_FE_2$Vpe*1dwZ(e)##IKE|&?3z0 zrR(XjW>uKj%R|$ar)pK-w^&n@>Pzy-EJ&@a)9Uj0WNg{nk;k+75$#wWFBoRA>U6NJ zurRUJqK(SulM=mp80$k=i$z%CJ=PZ3#$t1zVWt7_@GQ=}ilqt$2()6owf} z@yK#%!N+n$hE*BMh@F$?aW5a9uP@H916W7tK$^|8Pa=h9X`2i9IQ1k+OQ!fc7BHGo zN4aW9n;};EzzaEPsdqKx1mY(1Si8VPElZX0&j2R|R!F=HYZx$#Nc?{SuLf?F@vmTJ zdseO1HJ^t=r6Y%HzxDA1?$Lhd<0rJA6!HV=9&;Tk>8IG##~iOaUQdb8r@LW2q<06BS-;hEJKAtGh-7BxSO$b13qO+dS)d3ROqwA-0VB^7-JbS!_0n@=&URhtYv>{P0?l+ z@zpA_@K)F{CjT=K#bM(FPoZ~)4huU+ohY1aTG=7tGkBvI3MX5&*mRi8(vq*kWRkQE zoYIi_S%MNqUJJ2H5oC9k19}A69If_>@Y+FJb!HvYx9Z&3r=3~^&vHR?ET$Lj)lp_$ z(5e>mNlInS(u3k9?Zu{T^mRo@d!4XansHl0avayMyc zwLhtI+ZDVq<&qH38lGS^)*@!pT14lHTlsHo(Lrx?j`}h;_odFE%|6!+7iTx9kJ1NK z@P@9t`7G|x%I@YIZYDUh12wK>lDYpD!3BwDKdU4o= zcDGSKsP%r9@BJv8~x=5Ds;$ov+E4suy$&-8A8kWb~+TGoU7cJ)3n!cWgbuUxo+<>6ByxP zRN-yLc=r(Nfr>Z{wn#EaPd&X`j%66JYHTYKTaN-MVthn-FmSgof59zlerXc$1Q%ymP(k6|BH5TAJC_5D-<+SIs#r8WV_k_>(2ppL~p zUl((toB#xwVQg;nc3gwuEe!(kB|*|dW(@qWg>@qK*S|%A^5B?I_;}#wvxF^0zDSJp zYX-^#JCmJ8e&p@e%D%zx<*BHi)uo;M246M-zJndakDe3g#WNPh7qT|1KI&M2@yGSr z^IzgOX-oGg_RyW1)3v{UlV^Z}`yrUmI<4#>49x1abr13EY48B-gx>40HbD@7^vyKv zJA?2ahI&?vNy3-}4^I5(k4)RIoqC8rJ+^KYosRRbx*KQT*zI+z>hBad!^X$EYwESf zTJbUab}RSLqHp9_O;HpK*B3dG121LlXXMAtaK&jZCo7<1oQ6@5-st3Lk=R&@R^a}O zeU5Z`hPsYX#Jt6AuHsuf@blWQ#>Qr7&u!uMF>s@7v+fyrJ>V`KR;tNMZr{r9=3e0* zW8)CXj%#gOc^X99y%jEU9gbIwi>I||JeGBuBZR>Ets3?~hPXp)x9ZobL&$Jk^K>Ya z608B3N-Gj4Xmy+T*w|P*;17kzv^lqLGaaVx8;Z8^4YATU%+Y5281AC~TYQYuGShSU zkG{{RBt+uKmBd``$(iX14d0Qe{ItH)|6~3OhxWY}`Ny|k_#q8^eQmV;H=K{bZ!eiY zH6PJ*+S1lj6QHJqnFMM=<&+*9$o&+C0kcmwB`*#6Y2&)sstBJ-maiVgQHRHvolf1s zt7>7BjDF|WgCX#SUY9=}XG@De|-{N>}$eZS&&EBvck`YZefp4l0Eg%4AB zVQ1?J4Dd5OQ@1dj#Z+?ej>9`2ZyVl4cqiaphW8M>D>_fT$}QY=A=kzdsRO_+bXM4g zDS_-#e`DjLn&mgVTaAG_n~`G--Ys}@U;C$Zc^xdKvHb}+u#4%G6K2wbFl*yYA%uO} zH6LNXE$9vq_vzk2c$>tnGJf-*_<$KdRuEVRVvfeQ_7m{~fUS*(X*oCM^UN3c zis)9>ZE0fpXd@oq z7-YvEeTT*8jblpFZ011zjls3(C0659#u^q!CPUp<;RcoM4k8c>6)H{>_+UrY9RZy2 z%%^!orl67K1aJnl@n`$>E{9Hjbg&Gg3jv{OY`7!swNb+pg!L0F$EIJ#*v9cJr*JE# z3Lj%0Z;&yAPWHy|Y-;R2^>Fwg81R6rc##=%i>Prr6+m25SQ8|Hj64Fc3g~R3M0B4Hckcr94zv-WtX!E^z3#`etV^q28Y?DiheLhb=_U>miY;I0u0v zL84$Hpil9H-5_W|?e^tW343H}?pbHv0JEs!7tlj1Tn+zLyWw3vM$M*i5vs0+lWD%l z9m0pDti^01n7tFN^RPHraju$3Fe-4suN$t)X0a^(Eu!)3fYn=B>%vDhpG#6L?B|Lcp_Z5 z^weGu3UAW>aEi}~X_{{-zNd5IANac*XZ~b6L>qL|IF=4)Q=f(Y zsf^kh+GA?qvmH{FGb(7aucu06cl0y-7f`Nlm{dxi6gJfh9-aCB^ z;=+0U;CaaW2jTAA%h)uc(O|=@Ws9KGf=<&;of>rKh)hEI!u7&^b%kr^e!^l<$r!KN zfyUYY6Tg@XMD0ikXc`XEfwvn|YMIGSsx<_ks#~czd1W(tQSZ;t)=)^`&6!S8GPTvf zqZ5PzC|rFDOFbJWI9maOMvBASeQ`=F{@t0;1;!QNW+h~Af+42Fyu^^(Wxpp-+gkBvIovJiv}swUf}EK zP@0{VIY^9T|8U67-YTwg!>2*6^rcjXy9b1?qJ-W)cm+&vgMdwZu!w2xvwsr}2)&n_ zIp#=eI8Q6YN2?Tob0{s!5}t=dgOLwb9kkhFl~F^nnt<(ZH^Olu zgSKLrpp#FwpGSTF9JRSBw13d0{R2BYq_mQTq{}gIC8#7&#o%4t~Vv z^Db@RBaAAXTI%01dFc;!iS-f|44`^w;N+OWhd7`k8up=Z7C8!tCmnp-x6Bpgy3mzz zh{v}n4cn_Xv7v}RgEt0r;Zth6%jY{3PA9`gFO^DZ!K*W`BYYDY%Sp9?mRK&H*w~~n zr*`1)e6pGk@gmK|95f_x%+se9w6FuPsM7F2ad zFHQnMHmw+5!ArV~)e-VLDE|z_gMPXG;mz1{t63Y_Wh+gtu9Gb0@}6=LEd^BUL~*-^NU2KhvY9Em;@dG0Y9 zv0+#1F_2z4B^79QmbdUh42K zbbs8LV^vhkqB>)&Lqa+9JiIr$D46OtS{BAQrwGFF7H+Ux;h#OiX`~Rw zInkPd!}|Fk^@Ok8nyQ_&;WTucl?h;So27ql9|lPCmEO5;vm7h~d!XGMwXGQAB4r&d z!ur~W*J;in$`mD`Tk{RUkceR+xxr;(Wp1Ch;WJmUKl?_p4L;GRr3Mp$s{t1J%R21lzPkmlh1(8X z8`bAo&IWiL8d@U2Nn1RO@s#dTVtQb*^~EeM14OqMw%d<^v2B32f-!nO48OciFUU>i zu#cFmfw@pYzV@N@8&L)dc2GGe*hytkzc0$7!hnc@wR8sCC;}N=A~E8rrOP-!+K3CX z4HmZBM4^?L?5D-J&IpX`LCw)|D}TkCY(w+4Uo<2T1Y;zDATbgp0gsEg+t8#-pz#50 z8@RMU8`R@cw_)mer*%)`*PhVc7^l%Jgfj^pQbnc+YiW z#LyuO8Poli;_|hx+o+-@|CZzMUvvYAh3Zq-bj_uPr;^*xVN>co%6~s27k0vV9ECjrmsEmuhaKQ*K9j3Uok;9bXB2pcu zq{Ls?9Thnv60Te*)7pk9;}cP72*Bw(#Ht0sVM=C%^3|X8P-e7e2Msrn&P6y0O3%Yr zA`e+*>R_wHkku!p_c*rm6b}m}j>gX1BzKfD)4_A_6&UY9&)$`3% z3w%J4jXglbefW4H#^IIg0jH~Pl{mMIQx1mSRt_LO2XP)LE$qhms2;~fgyc|Bl7eol zhtG@tWv-jW&h=pr5%gV?sj%EWY}kVxjAiVPz|)}-{PR-XsTfL#*!t^ps!5dlEc{6T`V1WyV0C?qx!v3ruwlD>G5#w zR_8xv37s6=Y%!1trc+a8Jma z?ZeK)O>nU=S%SS}7q!HNFoef1HgC;gR!kRm1%6)q%+v?iT-5FW-r0ri7^R>`1ot~2 z_*M8|TPe8LnNJ79#JunZWS@=Ou5psVQOAX}Eo7dWd$i(IeTP0e1ygd+#3NM~6JO3i zV+l=m9tm75p5A0()}}Ok$}D8I!CO@k?!cB+xP}Ymx@({jRb0K^h5BR{YV`)6XP%Ad zA!yJ|9LO%zfwHjx1~x`d|EPkP@II#;8N`I=Gfae)BU;ZWW%RgDx~R&SjNGjk&QW-5 zZw>aw43cNMEU3g#RYyZeE`$L-QvrCwxKRFBEu~OpDRrrjAX@$Cfld5;3s|_&&_e^ns^O%8}Ob0C`yJZKTj?N|>eS6M^@yye>6JDZ_xf>^a-EXuw zeNb_(A5Mt8X}Y=v{rsWxLF)V{9p%532*Lr0W~!bje#Wp8-=TARr?#_>#(m$VDIf>n z$9#v+?P%=T?}x6^H=wXB&tucWiL*`+PgS?lSY22ZS(jUS&U93!rEzgc8|OmDcaHk& zR6^&wl+m{|UQ%4@wRgr9x5Gp<*Fu;9?Sz&6;cdcdURWQ;*3m_H)cf%7t z{^6 z@Mc@Ki#(`+hAQ?5}8ay0uQpZaE zj)n$?a0|Q6(lA7JA!kn-9oA)MyQ!B#<%6g+b~V#TMDIx`2@M|9vzw9AL4%gULuZ44 zT{MV+q5Y*aJV05Se2350%B%{+e;~U(T;)6baS-3QRp7L!H2jy%g~5;OO2Z#8?=Gd+ zm?9Q3#K(rO{eyLgTZvB@OX1-Us*vW0k*0MG5+JgyX&k;vS}%VVB0-tZksYN-L!!@9vi2e`LYdPD)@$i%Y(gqP>+frk5ZkR z84iPP74lSVPgar(KR78rT$D>cT-yFjeEP5~DL!1#RyJZMG3pDF$KZ8w!gVLJ!d+=M zBrB5?yf-E*Gr3#)QL?f^X&bINQj`VCqrcQDQk24Zk5K9O3d1)L-X}rEr*lMKW;oak z%STv|9`<)Q=Tb~i{oNi^Ew((j_DYI!+fui1vl(!+wP@;_@rHyyYKBJsj0yTO@gay# zNBz_dHc{Ibz{c>O+Mk*%BdfC?&Tn7s?!U53)n1AT@_?*W7bdfYBb$N87ULgk4&i; zslc&4_XsWZL3lQ_PaBA&f`%)KMs%TUP@y*>eN>qv;Gf{YO2aSiB@Xf4-Pti#X|W{U zvid7`-gDR5`kJD<*4}Yj=fnxh^}{0zlDdh_5tEwrb0 zdFSd33ndCGEa#~Wz5Dj$228{Zkn*UnRt}lNL*W_{dI>m z#T~PFh_X0p`)q7s?BXGMI?7#3xyRw0TRFY~aq zSZ0-P3akDHVSdS8y^KRXJ2ukLqny;vJYxa*8Ok`i8^qoxf*EdOD@=4P2wiq<@@jB9 z)GmX2u$_7zrz)Biq}@%oi*3`f;w~VN8JaKCA27CG8`7u|k}&pFGooFq_0LeUN9~YV zPz&)u8bkML88ab`eywVzGJ9?!Y=Rz6_U0uf9*G+)=`uq_MiD3>u|hkYVoAP=G_gdF z*JDvcVzW+DDF@9K<+DV|&aWFp)PsCons=5mYt$J%J42<#gQ#IvEjSBW8|Kvx%u@13 zu0)Vj!Ki+e(uxV9#E)Voiwi!jBQ2IVZN|Bn)S)0TtXGoh)>h;w<5X1GVQANbtPV27 zOYf?3q{}Qth<8yHFTJbEQ6%I4QGUppuDTJAO};5ivYUtotUut*u~|EjqkN6utgXCU zSvvl9?4xQ$WDhoZuCwjcOPi9e5jvvmZl$#|9h7Q_zVX9JTl zc>e*vF8oGI{A0i;@JrBfPVT1kJ&?bEbx6%_%z@oVIw{d_(9-QAr&H5N)XT; zl>pq+CCQNtw*WsDg~LW@b73SNUo}*T2#(ooPAW4Bd>VLf6pq6AN#I}r|EB;9{0ag6 z2(Zc;ya)W0oM&UODw@2YY;7)-<{$RiY9V)3& z34RDX9k?_a%X7dzQTWe+=SShc23{P6zXQA?3jY9jm5Eyufv*D|E3MX=jevRtNF%e( z)7IrGONSFp@i@d^>vHXME*kBvGE^Scu--8U4}e-9!uE_%sO?)fp^7cQZ4$>pLH&_r zA48fdgcQs8@5*R{{*NIglDA8bSFNbO*l;NWtS5kzybSye;3OXd{~d6Whk=7wEY-hE z78nK&t6-aTJO;{&D+0bl;v)fz$3fN)qe+pt+;~|PRjT~#>RtGB>mNc(!*x-N0kMx!r2)g zf{Jw!#i1`vYXL4#X~nGvPDW+KZ-sVX+3bicunl+*@PNe8cj}LB#BuOKm*6i*RFzgA z_a-`H;-yv+_#<#XaIeHaLg(x>aT^-XWKxMokGH{Q^hd9dEo%@ye-M5p4&Jz_{TT#c zFjLBrNVa2J6>!uF5)dk~tpnZ*k*<^YS8#_P!qChRh$aZfG~Eu|BXRg){gDhkGYIcO z`h1kne3BrV&GY~gwMZNi$+iM-llUMbvR$~8U_4q#b_c@x^z`vA@DcEeagn2_VSE7sT7efyycGBeG&6@@qxc(fJ)aNpy)yoGT+4?-4A&eF$1=Mc z>7~`j!>@Q@Gm1eUdlvHCNG~fC4;#r-AqM7`1mSq{bAZcpaPerC`Q9iTBFxW+v}L=F z|1)Fr_Mw22GCvupcyy7+zcdIxIS7Z1slLq!Tq$b^BlDdC-lO9QG5A_1ksXjY&J8Re zol8fOFoog%Hat>7321f;sq7w|p@eII_nFNw0iE5VRNyWd-vIqDrWzlU0S_^@_yTHF zE(keGfAQ!9hD^ZM zJLxn-XJ`mIpHd$fYStMVvQ$rP6gZ@25PtU{ylD`=br7yTJt%<0Egs3xi*Wm=ablxi zGK5xfN&FuM;U6$|OAo@jWqP>UTU&v9^a|L~N^b22UZmryeGGh#H7Y?ia8ij)X1D@4 zj4pz&0A2)KwgU4jc(_8JFn0I_@s(_q_y)>LVG<{1>=9gL_MJeevPOcvfSpk|NrY5l z#2*C=BZ}a^0ql;#Vbv@>3MZXsnE23Gz*z=fjllwqNIXUWaM%D7%~0ofC?vwXQStB- zj3go%8VWzbd{OxIfJs6|{2Hxop;9so{}!vf=Jtv^@xQUkSKocN_Sc2V+Ju@lYbx$6 zFI~9I+j(7)(rmHJnd$B9yFyvb(=Pd6TTAYsf0ebW#?Q>#)4i*-@<7ZO`tMtv`0rao zl*DB<^-I^(*VHeo$1KyWp&6M|H1{to7^0e)X0Gyw#wRcB%qde|Q0!*-tX0~Ds}#Ss zVW~3lU;GEJiCm>Gsw)#vKRgPAc@+ti15N~Nm2j7NU#4;dCTyfX$=KBrwrpnX8UsGZ z*fI%QSK=yM1MX+6(trm<_-HDZ(TtaoIpzRk*J|q3O4{mcW!l&aX1=&)##YJjxZR9Z z88EV~Hem2*hlw}sxNJg_Iw@6ZnQCSjE#Tp|V zc73Y>pEkqkQr&79KCF(hwFcaR;tco{W6LG%u%iL$Fa{4O%wWQSx*1G3P=JwPxD`jk zW#-{%NH-cVZ2C(EjJg?ghNIvcWcUaacAEjaO`0Q+cOCvSp?F4=nM6mR1~(ZQHb=pG zqF@L+lBO>TzF@*5!KjgDWKI;k(qw3)iW(c-jXcg+oh*1{uc^(E=NP+FhC9Kvk=_Z0 z3<){AO;I~fnvxg=uVADZRUZ|OG&h5$sQ;(|GtuZ{rm2nYH%)Ccm@rH&$!4ZWLMjY zFX_{T*y|-c#%I8&Kb;gb8uXYTWA_`0p!*1XAS%tVsPGd}FhtrY^Cst;qE23k-MB`0 zv&mfYUZgkfFHU|J!vgX`lX15H_Y%fOQSu)pj9xqWFA_$w7*zU2Avep7U7^n$NUA1WNHdroy&`m?o%$99xQb$ z@=^tcp=-l1QP3f{#}GB((8*3D{7#~$e zVFW)enOFe$JCX^4e;~u>0e)776Z}(@FSw?!vlnCp!LP{h34nhq!vT*=$EID$s2i~1 ztj7Bodq9SdhrTx$aGlwVC)gSLnhc+Syv+nt{U@Nt2GI$}&00bcw*=N>fBAD20gkNCnAqh_^Gl@=G zXSRq*JEFqD#1DmSDuMRi3XsHLH^Da}!Ew+T-zH@n)YwWg@2BE7-r)V(InsZk6~1w+QD zWU5q+Xn$FDGecH-6dW+6l68QwZ%IjH9VgMD8hElm)F^lwaHD3^qAE7c6BUjMMAFdx z^+pq#))p19&n#@(k*ETCqtZl)cbcpXF*My~8Zuo{vQsiTJ(aO`1Fkh%9O^&aZ?@6t zdyEK#4=}b%X2=F%V*rw!Vd^s57X`0l>~SMKBxl$PZND*^U-k~ho-oq%AdTVwvrn5D zJW$7dGLgp}1?NP;#h3*!(yWYv>lu5@2nQ2J!5%PScvw$VB~{OXs6;2Dn22HsQ&W+` zW;ml@=+&s@j4D&?GhmEQNhW4OLPqnO*<}u1=$4f|#{KoP9HxcSl`Dp!&8jdhd=}JX z7|yI#(+A8#1tQ_yrmf66VUDJ9AT49Op95(blE|rp{tefg1Kk+4$vGAULn=nIx!h)k zUyhdYw5;XjIZ@$Y$nc(*qm~i)oXO~HNK_a;wZGXY*r>s5WHwsF9291Zg65!r2wZOt zF6OkD;0m1jla7-cOH_C8=x65!CZvMAqIKk>uG6It*`QMQd1picqcLP2u z!wEJ9CT{_LO@_S0KX)E|K960fvNV+{X#NS%&Wce2WYx_%0cK1n^hj|3wBu9+VNN&Ae~Q z3 z#el~GrWz0-k_5p-$dCjPnxcmbLeq6v$w2r_2@@UUH^g301p71?B}sr;TF@-G1F%X3 z5VAp!pqdpt2pDex%Nmo;3jU&}5e1*s(-1u0VHPmo!`KgHVe@_Fti^n^2*beV?`7;q zGL1U_uuha}Isd0RQ31bX7B>HtsKU;fKHOJr7U0{>*nUaWcLc|O4EUtkyB6k~&9ZQT zn0ir}vJEq|i}l(Hc%4b8u+41ug<#NVmW2mQFS)>Fre6Tj8-8Lzg_(XqmDznSKwe|0 zx8NM~Z@AlqcE+BSTrbQqhsg^eMq|jlu#7Qd#Jq4t6dW`=o`ok&mt53gh8Lk=qc12z z8o?;}|Dt{~Vv*IX!6MXbjbv!iO4F?_s*eiqG1D)0N5PPy;f5E3Iir$`Aw^?SVlmXD zMi6kcS{AnWj0s;+ZtDArYLn;{0h5U8!&3T&44@1Fj;>P?YegY=Cu@3JzJp=D6bD>A&I!=zJj%v4Rq z0LnFnT$SMH2AQF<&&+Tw3O3sDwd+hquSGL6!k61jqRX43!q1rLSAc0F{fbr-R#zN| zN_5Js{dH&_hE%QtbB29f2Rn#_?}!Qq(?^^I|@b`!?;$WxkliCX+tY_N2TvJ%Uaow@*^28nDC7bbD(%57&7MX zZp=4{-WW8A-iQJWIyZJj!6(i1H(AZ}H?_z#RR5d6ks+3wz=Q#>f}RYUSk-45T9w;0 zz}3ia=ykQ%%)7cRD*RYfIOrRU-V7D15d=iwNZqFK7;TCjB*(SBj5qRD`om4fU6`7EwO3|LnaJ$p!D->fY-rM z3M2mZ%J5TwnuVL(i4s+55S!L*)AFb$fSTc*Kioz_tW(IbG7U%-0+XG!>4 zz#a)>)K1H$f+nqMdnF8sOsDly5kW+K67B|EB;l_B2Dc*3_1nLvq;$UhWo$WDha-_i zR-ZOeS&r+~rwvq=0SWg*5~vM{i}p!bQL=zn07g23M+X6S=rHY#vZ6*5PWz&)XLOkM zM8%+H6i(ZnV#=lA(B7t)dKqyNaEpZd0HbiqK--gIB@=FlAyyI^?*I%&C=Kn#jg@)R ze1P}r;k45z_PB(>Sgd3y-44Tvv+5DFy(rG3!?cYzu2zR>*H9c7qylKiP}~6t?*lBE zqn$%GNr!d~+0ykiwB46B_E6p_Zor!*Tn>0IV3i`;fE}bU3RBFltJfX(v#8 zwGPuRp!jA9=L04}NJE=@;`?>zMR_!M9;Lg9sAc<4GErad%6+jMv#1C0EX zW+CzoMIHh7Vfg5V{s~!>3S@;2(|(!6771Sf+^xg3FDCJv4$~HvVKxbafni{l=v;{! z4-4op?J5~|Qio~Bh(o5owH0uN9)9Z#5T}!1l$mykIBF#fCLEGbEr>giNu((2)jkg_v8AEJA7Id!jvwL)YhlZxXf6oSEa%y4NdHRm!LD10mOE zXG3z+!mnc43m1*W)#ElvRyifMV0sC{07{4gSCjxFZgQAsq_B32QLp?Zad-7=o^|P&uAE83(_KD;&zJyBsh$b5I0@ z`8I@)p@0DWlX%T`ztSu&G}Kz}S3Ej&BmxcGuRM`^W8hv~nT9K_aQye`sXN)c!1@$% zP*cB(3qE*=N|W=Z(Cwysfm6bI1i z=HWi7WX+@EfD0CaX;{JJJ~46D-KABl%FMAhufDrxc1}^vnmem&*aCs9T6Wvox~ppL z#TFawfT~Pd5{p?T@xX9mtvbl7(a7a6itm8eG2r7StRSfoZbABl&_ml&hY}+YF|`lw zGTH}j!wo7`xB_=yP)Un-B1r{)@zgrBuMJp-hn{;kNdnuGMhG6zNFt9IMi;YDCW$D^xT(28*8emUo^PUN@Fa+neHGTH6|x_mOJX1 zF^pmfZJ*c=6E1tv|SpD|2 z#KJ?`mmXAhj(VgOhv>xpi%mE;iL0P-r1`6zsb5#_RGjN@Y9?a=juM$SHDBAg>l?~m zE^cL3QpWdy&598a6W%YQ*Gb2_R^or6?y0loA!Q+_O_Rf<_~RgcLoGJ6N+aCnkAj16 z6EeN6FDm>Tc52J;c)NLha=Z^t!U%`<44Uy(dU|0U@pW4H7UkA4;F;I!+9iH@hlDo^ zP1k)-xkHH$=y%B{+O*(SoSEAvoL~Gttw&&6-@%(tn3 z{KVe`Pl{{Aafue&3)qH(p|}i)Rf{X7d5a4GIf`ifrt$S^DJ^=HgRo1D-jBP3I~UR#^;OMRZ`&)GeFqBJnWd8 z7Y<**y_8|xLSSuJQs!wW9+=)xQtWLg{&>1^Qx|R;=)oahd*u?x+}slQ!MG*U;T!XV zhY&WY0D+mP{qH=}8{)2UHrQBCrHvOf#LSpJBMx1_sa!`xNgf(Q*ozaw_&>dR`i8~1 zL}W#0?Lp;ujN;qbIs35ky-|EjXaBF2`7ycqP2(9|X@v{^SRLTzrc7~$mPAzrJV@th z0ati~xcNwm4OeBsf_fE?7I9`>*2Erik)t1AkT0tWMmysXcTzF4>-WRw;~8vziv+j=Lu2!5w#> zPDdlb6;KD8CNdl0#3}^42X?~gCQ`bTRs8P&x=5FUxO(mk+qbj&1`!29AZlV*I>T8-`qX*&)aS!f?v{6AI)J7Vn3q5hX*F{(0;b?CI{A#*#MgX~$eB&1O&* zH(x#;K1s?J3KL{6yez|yYMH69i39g7--LSNj)cHYy`FlhMm_29cX%I;=!fy2vCwS8C%|C_ zrN?+?y=ITI%o`mzb@Bf&_BL=;9cTXdIrkj!f~Z%$DkADdP(e|M5_5S`E`kXP>Qzxm zBoU)YNR}id)h$ggo{Q3rwrq>hW-y|`gzlQurlhgewy31Bt?9b`kuBSh)*7<0yR^%% zWmDR)4dMR2&zzY%N8A1X_kKQbo|!W*&)Yona%P^X*gbB4_U=dojb_YhgGoI2A=^35 zn4`C|{o{-**B3ry-yCO5r{|By8LJjwMAD0B;wO9HH6TLj4xaM5>cE9`)WMw#p|icn zvfai)tEVBXEg*4U)-h0rxFGf%vJ7yZmq0#XNkqB%kueMcS3$`}4;O$xKF*&d5P1Tj zkFZYqTo}OYZ5DUIqvy8)mHVIu8b0h4Xu435%@Qt?-~{S zCbKEdxI)XmGOxi1H~LuiV}>`GCp*CJ9J?ly!hOM~5Yv_O^>M~T z-PQXxI}~qxZh{{@IeLHk>E~E`K8$AY%X-|5_3^Pq#dHXJ zqE=+3D|7DhS!Q=!f+JP%(^;*bYR z866@HQi#S~5O7dD(`fmF1-!<>X&AWhpG@w<+{evAULzG3NVR*7qX7Y&rdV* zagM)W8n78+d!`x1dJa27k9syZ4G4F#wCQ*N;pxWmY00ACI`PcL063d<;MK}KB1*7? z7M5b`MO>wLQe3lu6U8$Vad1pH0}SY4B{P7>2&0s{(Fu&Wdbvtded4o*%GLduy&Rvc=kpV`iuXCf&$J`-u`SVEG4t1U6I zZY6Lb$tMZ923d6ycz}YFKzt3mo`lqG@V9|?;MOdt0XQ-XyaSfAY%J*=m^KSoo?*$! zc=WOIWMj)jP)I+Qi2-h9F`GOZlQgrzak-g&R-dn+B|ry~Q4X+~ZDTXrC|isIXw86r z`Y;L!*iI0lehv1Cll<`5aQ?N~Mv*>+oC74T!3lJE*uRFs>F_^HFV*gz7$`=(^RWH~ zc5$w;Al8eLt4mnX*Y&CFcbTr(g>hTuVf#Mi4FW1PNob>1W+l{yJjF<0|XL8 zdLKyJi|{cK#z0Qfs_CCivFk3}Ip#(JL6K`7<|EX+#Az{C0E?Smgynl6=WPO;Wr5hI zOxwxz7E!@tSm8axn$wI~R<33r$CO2V0b89>v`d`4bAhhp3yz{;#%HG^d`1-Y8p1sY zmy7UatmTlQs1)I!Aq?8&kzm*R2otZw86?Z~TWCQ!BK#u59}ouaTG$R7m{9pl;BJcW zBplxaFXR~`1C^!pBU~-sgL(4;2n${qSbCn}&IlX;xYRB7!0T zB$GxM){5}w5gtLfLxi7$tAsX3_&C;912Dfros2V@mQg|0Mx+PFmJB2PIT1dO4ijm# zJtF+3HdV_?a6~{Kv+7v+0%PfvWoID@aU#z6GnSmLu;vBE9BV~8D3S<+V|NW9zhJo$ z0W(YSUU0yig{hLFSTmtLc|`DD8v!#DVQ@$uv@gS#NSDb13yma;_H4+*lIE*et~`gZ;GhYeDDii-v zTUUqtqJ5Y*5q7@+4b%{Dx1|l~TSRy%%n)%*AP|H0x2*u_OU3)O_>cu1bqSHjJisc`jVZDBwjxaqt4lW) zO}UTC&lKrT<9p-C`LpT95q*L>R^{JW&k7b9H;)#kOgNvv*eH&%(&JGpe(r3v0tx#a zFlv<-3sSe1BGSaQt2A+)XfZPW3fAZ)Jb*(G5*~qt5HPK^i@Gc=J{{UFUzDf|0pr15 zSy_A)nv_ffk{3w03z{$B@zn~^@sQOV84tEd0>%TOOc9@uK;>IRJJ_Ba#fUGw%L*o# zin0lb3ZV%(s?Z5QT2ed#3c5s8FyVq)!IHIs z5l&X&{ zlu^MgqJJLbDx1?hR4m){yedb0onreuR3KSB@2o;PwO$cJA8}yGq8DxOX;C5iO&!_fmrmNvgt zWtiWM-Dxrr3JOSg&{5Ec(v=0EM)nH}99&#*Otq#3Kw1*E0OfBHWiIHYcw7Ip1p|&m zqpJBW^r(s#COTkLEGb@??trr$u-^ffDE(Mir7Y$`tJx8_pyaynrUM4W(!{0%i6~sE zbRxZ4rB8=qO8rQ0bHH7=idImcj`B${IsJ5GO0qEn)JSE_0M@dgj5CU*8P^=}bwyRaEL5p*bzUf;6*0tml@!yHEN$1fxS{ri>j137S%X1*E!&N2OM_5ha7N=18$Wt z=wEbJ$$k;AlghFf2u0yEg~VdN0|r7;9E&>~@C6494oQwK1}7v(GeKmoCFGHbLZdIr zRpv}kAS=jhbHEURG{c!-do(Wyknj>z5QQD(FA1u6YYEsWm0}4hi^8Z(TCOFXN1dSPuXhJ1yH`+fN4x3^?l`9^TZX){ zvSl7s*|J1c*)nkDK2gr{CXt@#U*4+h_VP1opmArXD)i1PD$Sj}YUB5cYYK@Kpi&}n z7Z8$7`mO|p#9cs0jsg8?X#Z6LBY%z>yZHm^P`Lk?+Oh2KP{{cm)cbF$iv2^XVm}a) zV$B0W@~nSeW>jQ2G=z$G2_*9NC~ES+t_Nj2kdXEu4b`IV|~&aY7w)m})tHluis?MfI+^Hcz%or(v3FIg(uq}Puo@%s7NVRe3<9JM1vC{;pN{N! z&`*1$WK#*C$;r$`$RINpJ*-$=v|q6rpBtm1DSF-!k0lr>0(|9*il7KwlwvLFfe0*t z_3CsrR$mQNrM9njAhdc=r6~qSWSZgvC9+~rCPhFLSsq7O^egG-<#7Ge zN(NM+bZkaauqIJ$l~|MQhzG@w2+pkuI^t{8370j0iv=%H@tS7sG)`9%U=hx&>o?1BAXEd!|dVF_1b zB~8Lm99ihP9yKjrcU^TzWi877mtVm`sK{I1tE^`^5Ryat^_kK1mbTun*tI^OsM%nu z$;O66HP_#eqgcJ6+!0@;7MnHzY1yZ20CI8^w4p-{QZ`&5uG{*jZMdcuhBn+(gN_X& zYM8art&rR3Rg`T^S4ZSFLNR4a*$9NBST}~$M0R7dYQ`I_t5H^H8^JCq;~*-NhA5b< zDh{GD*<6F*gtP%cP_|F7JqXI=I3RdMi7D8pkfxI|l!nv48Eo7uGH>3aGH6d*$U){-pW@0^a7DI)t=SH^K#i2PmMT$ht(Gw8-x^kKY_=YAQ~+xwDcgEOQML^f zepVp54HZj~ZA0D%Wc&*%?>5+f$(3zjyCh(HCJ>eOe|w2imhGT;l_+StgT0k5RZu0U zmjzWGQl_`EL(TOouP9bm_A0JaURSVHIe;%cqO!_S<(1%GFFqQG_)UV5yQ>Rh7z6^+kng)oTv;I~;3{bk(RT z=>AyNe2?)7&E{!iC4DS(f%^p0he6k%fFT6~jHP(`AZP?^I01ATln3$n5U3fzm&4Zp zpRr;3{%3Rvn9}qJ_&Q+lfYMv^(a%h<1N6bq%(h|r*k=+VNJQWD%oZD_Z+a#wp?Lb9 zXATRv3146QHca2~VnQ~Y2xMZ;*)aK3rCptrHwop$`XEgTBws)v$9^$89WW4~c=~D= zD+;17cCi8p`dSy;VW*)lb+NrROdsjUbsFWJ3xvj@EQ0Cd+_<0(r?>%!1>6s98rNwD z=7F{2ZVDK2v>TH$)0a56K#o4bxhw5>`T*xfC6tCfzPXW(VEXXp7Ue8JnY1~U;^~81 z9Krc&6;spw(g6PZI`0F-IU)2(_ZMcZwIvb{s zX{3ado<5`{2&CyF+61p1Pan+aTL-0ChkO%|hr<-#%3+ItC7U2J(-*f1!*(M2ST+%b zQ3m=@HW5@1OdrW6?zLh1KsFInQ#^efn+QY*rtkF=2W*%=l1&^HFzO+Nr!@4jY*LK~ z(3i4FXY3dBg=~_@Okc=6iFW*s5w-VuXSwlN*Zua{fY@*X?1}IB^~OBc{r0&4dOW`% z_WmH+M}P$zai!ccjsJGFu(tKa0@toyc7>kDGua>y_dUmEu*DmUNwK?ttfzzpHW>3_ zkNZ(VGwb;s%6>Y)nm1q@#4{*0=6lTddu$WA!mcCgw%xLK`Tew8c60kpUS$sdpRP^P zCdwN{Xm{S_)7VIbi{}r12(5b&<9qB3^jBkFB<>CatL;m*58w*EcHFfXhNfWO66@P# z_|nAAr9`i~?k(iv+f=bNX^6F-#BTO%c6F114Lv`N8GnBFMq`(YnVXFq)|zTg zVBa{Y$DiMUpsv5iTDD-r%6C~OJ&v;;dVG!z(c@m`sW8&4Pz}G0ts@J9!qrDXx;xfi z9oe$J4TllZab&6*R2+^()}PXRD}DG%TBDiR(MnIxQl!ldzzi=as}JM5Y}T`!+GOOf z*bv4p&L(X&;BB}b_5y_iU)9o)&a}S3x8tTADb?;UXRqTIB54hG<4(U)%|i*TCM38R zxk>wJQ5kNoi*yiD^p5pa80)RB#r1Uk3*GD*`gMLi@sX~^zUA)bmm=r#cWR~ibG5|$ zLM=TnqWN<*P}h­VWldb$kEGT*AV#Pz@=AAT#(rATP$bWIO@ODl(rJp6iJ<1M~1 z4m&;*X@{l7cemkUGi2H#uN9($3?$(FAAX-dWx>E6_v@*G!mscRaI|st9OA`h*T@A? z`8ibF$}4Wd4pC7i(xp?yR4=wKTFr>awzt?t!V+t6AzC@<5^h|su`gQH>T`XX3mnr> zcm*$;}NHHN#CBFTvNSRAQk|5Wdw0v9#mg(%Pwe-@SM zR4MknW}ffdW*Fli;@52>UZahh)Lf3F&}BP=zYYTqBks0KcK)aI-~Maq%Od~RhreXr zNT#KeF#Pa^NlzsA0`{?%pT^8Ozx+XC#L#E5%!iGnyx)Av8F(tv9mX2Czgu(d|25PD zTMEk}zxhDC>%gsBrSuMI60MS-(YqhA@WaL|{T0?mkH2RZ9yb0{Kg~KG!3M6+v1|0$ z#D?jS!IEq6&{+vR-aB7gV`S?V6%EVL%C}=SYL(dZi94OO+M-ihE85OF+T$zkay~@o zbr2uU?|{~0_cY(%io2X?H#N~GcAEz1erNs;J4>VS2e8wW9uTcaW$0r3ES5f1J zQs9!K{C*bu7&eI7yC^ljHQAAew&oTch;-6cQRu>j;~x|HS1gQ;gW0I1a2#?-9qj1v~H5)ZRJ>Jqlrc95Q&cwXa7ouP&ECm z2<_n3gw z4sr12ClaqAmi>gWEB0Buc=(r$Jz?aQ;WpiB=##W&1&-AAmhS_RLtNl!goKIM>%I3c zYWVOIw&QVQDf`zajAg0qq+1t1z$p}5Papc*S@jJDtURnf+R2{Kx1nFdY|)e06m?*y ztw(mThMz7A%bx{~!gBkYY@+zP14c5v%licP48l<3okHh;q2Zk=Z=ko+y9RmOUzFqO zrFc<>52hra4f9^#6_O_Az*uIP#*l?L($x`sn ze?geu*0_S*s51__a0TD)r;KNobbQ@Woz_gn_`k|;W9159)2{8c<5~REhTrw^=UB

Yl?#J%0QV+t))KbG;oJ;p%JX24_!mo;ZvV=-F{0JF_zZjb zX=Ce*hEG3FXFf_u3S9U<`a?Z#N@kNjV=P$vcQ4n|c_Sh+?+!XFG1>iJEW(EnPDJ>k2-k-jwM5=*VKd4i zzt|_@t!kKJuhaq&S>BkUd1=_hGhIbn9|skE6X#3Fz`$~0v;J|B)<>FDgaIUaAFuOh z3EtPEx8z7ruL)$njVB@f4Lk|iujTH7A0TPZiGw66aFe&GOK)m^7zN_w9^z!t0apSa z1Dy6+1%g*sWWWP}CF^csZe{X^n?CBo?lZx!KEa4ntp&%3FA zes6+^r)$g82+^cji!ivMN(R1PPx=Yb*s?`g zWs(1uJ?$}^uW-|dOO|O@s)cy(Yxe~Y>7*2)-C9mX!+ZN7mvri(I5NBo)PhtI6(r0E zZ+fDj96t`&Q2N`Dq)}2j-tpcJO6+4j*urh05BFs~AJvvL9M6iXI!YvM0UzJ}0-n&C zcN_2o-{0MbC;0vDNRRuh%Q0j(TqYcRso>FP~zrPlE-o6@7g5XCjZ9P>%Q zL4I4Tm#5u{7uKmnEzqW=9sLCwHwpmOGw}rWeSZXd+a-HRDTs}-pE(Fh#XCK8a41M{ z=!AXiHHi-6txlYGH)gR9TaB4{7;S60YjLF87umKL=iFexj=@Zue5i#(o1s&7v!wUb zQ-INX8+Xzj;p|ks(a1i0*qF+;)f;oiXYgY_R6r}M`kXOqZRj9|%R)$X;r*IP^ola7 z8z12Jj8l0Pjrp311A8XF^cnLY46oDV$PMF&MAr8uS6YzfY#^NaMw(P^10loEtw2Lq zTM#wrDbOR#Y(g(`9jm5er&7nDJ}uC*E1~z6)A^)!miUY@ckaN_*?b;DC&-L^7{?ETpil?{NEdivr5r{Vsv6pYfeSF(9oOnPr*FmeAVS= zj5+L~W@D1YwF9?}Lj78xeuv5;|FX-D)2>nuwAPmJqxN8e#~;u-9r0c{&=BvA(K~3_ zA>`ql6!9S_MGI)8E{J$zo0J2ZwTCi@uAzmxgT^=<*@h31F{_SlbBBLyFy`mJN-KT$*SL2O-UK)Y$Rt4}AgB>xPt});Q31HuMkB zLyEJ*ZLA<TOO845CRzN;C@ti*1`H7 zVTs%jS65l&XN_D`FKK7M%`S*9p;Ys0`u4XI{np{c01YEBc1y^AOB=WS#=scw`mvO7 zTcNevZy^0C_TYYF$r?XiHXnRb$ ztTpJ=>{cl{v&bG+X&G78G4yr8Fb?^F3(cXooHNTvBD$#{WtZbKn?n(e(({Q~38o5S zoy2}Ob~F0U?#6;qj=wZ^)lt`3yROZ08asCO|083Id`C#$GJAVzY_B{VTy!czcfjvq zSanF6r*(>H^cgXYZqGWz)u7cL;%F`GO4!)0`&n|M;WGp6=u`*qHIiAN(MYtQ-`8NZ zf@HO*SEL4d5hgpdj}M=y4QzvTszE|vBvBkJU?Hi}MZm7*?ggAgwDSL-_6 z#Y|J<5Y5wiF{~o{{hSz9VW5k$UOy%#+z-c3zG3UJ-jT($NqIll%)F1WZgwhi6QYSuengruRIZfJuysSP zqv7nWaoUCOo6w~nT6oc@mF|Dpo}$E#S({Zd+)=0r**Budp?k( zvTxBFEXF$D`7QJ#w-xTYB>^VRj>4l7oA3vq9Q8QoPsPoa0 z1`F-Aek{`6tMgKZi59ld$AK;u_4=bQg6gq}dH|#{7R+t-0VV0g-WU$w-RRWc!AR53rslW2SW? zxRh!ReSTmm)hw{9he8-a8Lq-y)1h4xI`4t<==*>9TeM9ahK8wviK2m`o(JsEv6bSz zkq0dB3B~ip@8X%P`M%f+eLvbs6Sd4mC^zsOEluQ2w!p(mJ~0v_dngNym&~OSf$wOE zSTOC~|J}~lxaPLv`EyO*_RV)LZ9DnSrH0@BXZ^NsPtT(dtlN%F&x5@$4Lqk)KcORE zv%L-)X|iPt!z4sP;=po-6`fMpYCYC`TLS0%`l9C|mXS zxgu2j{8%}EhlMfXXjIlOjpa~yf7+MoF=kM+gqN(bWd6cDNH3(ig9Br|C`_ZmNJ&B` z29{!MUP_`OF>y}?iesNEIxyA&nf4rCOFbyfyFVRrz$3iZyc9v#9w|ANGS)|C@X~2* zG_)L3zx;ka%L|8CYCSE2ATP+v3B7}7+}cd=$|lF z#^9Pr$UK`~g0D9u#q36>$|TeAt+296;~ZcG#E=Adz(eunuS=9Mwi`=(a&^za#$kLG2ar zY6v2}eeik~)@~5XhfV|4D&o>_8yJTv-a=x(Tz<20)oP%u1J(izZJ;Y8VEP2rc)#W) zk5Y|pKA#&@ywd!HCU`KsT}oNx_qkMk(Sc7( zQAW-At6wy>;WV??9(U*od`!@$n>2_D-9UeT((dcU9Bc41ufXga&~DP2QT~3rrRP6@ zxjyNM&_VgxCRann{rCeC+#Hb;1hH;R<$>O|!&PX|>p2)6dGXzATkbABTa=*jHRkVu zCNcNq^jwNu=bj(X%$H)qKR2S~tn@*LPjDlnS-%-s3R@13JCSqSBklr}xgtNJ=|?}| zpB6gM{M)vFy53!Y$)?7=TpS(<1iCcO(eESN9SOl2g(V5r!I41G#YinCbso7QBjTuo zG5r`M9naI)+%Fr8EV~i=$a4gg%!`H=iHq+y@0XT7qTE+ND^wB<%o4 z{6&}aDt6|}#=`Xhu`Yl)i=IxOYoG-2uxJLDbCWC^!rK7%(PTY@ucC5IP6(hIdF(k4 z*;4OU@M*h+`M+W;p1j98nHVVQid0GNu)T<$mQFgrneutX6n5?__-r-Eu7Aat71u*m zg1oEWX)(T~TM@o6i$;)6tb;VeCG*gxb1=l41Q6?X_!@$!5?sYWIQfideE#~2pE1QJW zSfpKtaNyD;(uuloG|{*_3e|a>x41Kb?*52>nDtz z3HPRHnwE$^`Zd8pNg}yBv0V!8Anzox!YNNW-UlcVe&tB#Sq;~NFY2q2dL2CY6unRG zdse?6OQ#O7jY+FzfirMn(#GoOagDW~F;=nG@h-0&9drF?-S#qN8#B;Jakw0CT(c;tlqGnLS;QCP9BckM_|nHZ=`qTBzmDBjrjK2}CnlMB&l*$p zAWJ`sy-0PelpZat=B#lKr9W#db;Y<@Kb{k4^CSPI;Xj+S$Tgk)@y{_+iXfVpI`Qfz zyx!E17^T-666T}AInH=H5w>f^wA-NG3>Ny?2j4WjTuEH_OQ$@Xov0|Lk9BTA z{3?0b$Ty5Bi(*N0=$BwW$U{qPfq)4+`au%0K~^;dJV5f;I#%(Tv2a2;z&1Mpyc`{R z%~(*pS9;8WUj9vN(cJ=ti98jRJZPtfyzO5FwowYutO5bmtJ$U3jrp(ef7-9ac#bZP}DN6MHDGD4fKrbu;W~$N!9GlMm>4H>sgue-Jc7c z14GB%6qU3fWxLMa+^bJt?^^Gm4DTT*H@L!ogGiTHe4C&?bE}|$fgAkdzw1X^UYc&z zKoLuL{nRvz?c!x~rsU0bY8U)QPVCl8Q2z08PDe-Uz@nJD-7ZUE2A4^8CNRN$%?5?b z9c&XsTz@o9B+N$SFuU1lEL#yLH9>L>8RCEl|H(M$ZCucfLYpd@IKcY9X(Y|LSKse2^!Z1(1IR}%a48-{mYf=`t07EdTs0+>uc zy+S4aRii$B2MXK`?Gm)V*Y|GJcN@q_XtHyW`+EMPIKei24^VMu1uSdKM7nO)c@CC* z=r3Q9D--@30WtxS*@>t}FEU)8TZiH zK|)CvHOF+;xG5%)wSL=3&A2Agri&*P+ArWl@$?}M&EVU{yy+8VT(WqF^b<2#@^_3! ztR@$@jp%v!qw2~-X`=~b)?mJ{?Z(?>-D%=igC>1HhUK}|~m)66RS{kS=>P+?SB${j@)eTbx$NFM{_ zWAOYV!a+RUc34N*vH`sAB%?hdrNP-HA265Tlhz}g>g90{)qywN5gi7{~iruAd z%-_3c*uZ}t3gh?z{4Uu)9sy5Qw}t0}XT<2vDIg#GUlD!J0ar;hY*$bQo|_Q9bS}2% zw)cPI40};v*cpNFvq#VT%UtX9ZLzOM!yIs3hGnS&YQh0lbkw8?G6rr-|0lS9_Je{e zw!0?-q}V^3kH(~En3G`{GjEMBd^iU(ia6<`EFGu6L8q2&^To(V82TCwL)oVi?WTB- zDZtbkN4O5*T7*l)du-yF+KF%-4_lgnnT7om82+QCd3}hn6KKW-gj*0U6$QX3c>548 z5aAEtasvE~R`6d4lORQfCR)uj(!PM5-b_W9w5guL77$;J0RPztm{@eaB@B;s(<=}o z5HR;4Oa+#U0*@jLG3dNNl=p_nF1l~?P0RzT@xDu>zo}_S$w+eyVGHu1rfUCe1Y+Ds z(21BdJ41{Q;a-FV0x<=+t(ywCDc;|PaLfaE$A6+cu%DdjNRGyQ9^p}hgHzBj2!Su+ z=wLY_5=4Q|BTOum2tXurLI~%G_n>eNAy_5CZ(%hp0Thl1A7dZDrrA2<;^jw>mj7&} zjhzq;TU-lcr$r;|FdC!%6B#n2VGhLR;rLApDin_PV$m4wpGXfSTrh+fw~b)z;|PzS z&1KsN#zO4&&k`99$q1Wev0sgbZG=wZTu(YG6kge4zjNFBf4VJv1INuSAZ}0~fM!Wv zK;Xv?g;;MB5Zj?#4JSgAwq_iB0PY!Uh)1mC8bkNStLV2;keysk;HNt{tUtp ziJ^)7Xm<9`CV1ReaH1dp0SwV{R1hN^<&A^E&V^2xvcR83({o@PWWEyb zbY!3*Z19$12JJC^+H< zg+--EdPt=IJ55{N<9OeO@J+mL6YtMP%d-*UBIJr-v&0PwOTu88FdS}lLHAri0i~h< z6t)&Diz56n!d|?uu;0hIqZM!kzg;u`Dod4st@k;?g$N@~YIQtBv;iE@(rpCd??<=*;Y1OB8sQ3ruZr*i9Pvs< zI9Y^`Xpd+c{fKB15$%BKXHIr$U}yX{?V#>QI7WMD_wJ>;wa@O}31H_F4}ErL-II?# zv3KV~^-CZ9%+tG;E|ahJJXCwztL5xew~?sd$b_ue$}+3X(}sYk!+o5ptkz?hPNln+1o^zMhAdFbgU&$s;m)gS#y zT7I00`}i$m0N*cI{|}9S25PVU$S7szkBxG6zD1wT=Kt83ax}DXV?wl|Wh-{FIdQSc z?Ds!5=CfH>jipEDrcZagzhfsW+UT0b!dHzS#Gv|Jd;T%-w&AiMvRUyqC$#{$FX1Zm z0}`%wvE~@?L}Km*os$xDA-=m~P^PrFfx3$E0INJySV$ z)PdZ5nFe|jg{xI%IuMm!$Mmo|*iQq@g);922Rw}W$kWF(mW#r$IYcG>3^Y`k*YL@@K)-q{@RY)QcJM4f*6>N?3D)x>GsDj3!GU=*tT$>}l&yjve!ER6^5pqK`Qa{{b2Mo?d z9&n?Ur|TZ-PhHbdN;6^N7%`YX^s#aA~+-qod^!eyc5Bd zXgs(QjRz;BSSOxUIyaF#iAV*Uh>B$*nhMJJNy!d4pemRI8OsVL)j8r1IpW(Cw+}TP^_5cZ4u?G}Oq&@Wx_?QC*#gZ$YD~`PVu>aA_BdR$~ z_NWY#QL(ISGN_cD)8r;)pe94E(pZu2+$h|Isi;uK$$hF7OdghHg8nH97#)j5Q+$fb zDSqX~VoFdUG^NH7A9ln835n5#GX0yq5`M`l9KgnaOu-swp514o)4 zsWdZ)O3|&)SmlTh3nxHCelZPDEko zgoKkE2qgg_OIDVIf@Eb$z)rfeO1h+wOCl--^+`jjznFzM*>}uJRAQR7M~nJSoE1`I zg;@}#&@D@w1?;2++@-I7bx05!QklEjOHhsTrxx>n_Ti0)ufZJ zJK~2ay{&)RY_L~mn4P8ynqAyjB4rmm8)B8M zX^!Pp0=K<-5cwL}>-XY~fjT|#S zERdMj2B5T)63y{P!yV8t&}vqUU?TwKc>Wy ze%29x)dBZv+LN*zASwySAp5^myvV3j?KNXm`O+g7$B&6Li!xQ$ya?iWO2#8^6b`G_ zv8Y9rxv0&N28cdQd5L~@Sx(#Qd8N6rKmu9AzX?wg9Yr3oN=&>oOoAd%|UH4jAH##`mgu#Ihkfp3}b^ za+2&?UhjZGjqJ6SqoB_Vt}MT*kXzp4fUheVFGmIYMf#jt)yd@mQMuri(*pgMy;e?# zvSK-?Od^zn%A#Cw=65H!$eR|}d?&;gg+Z8X#&;f)q6GbSf?aa;>rPZG z*>xu>i^3xcUg34X5RFW;qQU`JE3T{n#k&P3R-94Rb_EFAE$#n`VfEs!Qq`B=1*~O< zaTn4^%jE}4Wug9N2Yf{}Q9r~X`wKtvN;nrBl4V-CpkA^!7nvIcrnz9LY&Lm5l_n1r zOFNO*F4>4Ve~&WZd84W|7#4>wFX{DJbwN zgHw?1hz~g6N(YR}B&Q2HRP!sifchmh1=p3#3I-i8SSOoe0g#X|xj>G>pi-8zvQu$u zWw(M?ALw-9AT;bg_?!a606 zLX;^DU11yQm*cy_vyRN?9B`KdzN!!^guI&sHHAPzA{uZjL<1N^$cas0shT?k>Z8ro z;*OkU+YJB-sf+<25sgR1vKQMyWBRG?{pC-N47`aEg> ziyZ7-ou~?0jiw?CT^&@Ft=^+5SRGOotZsIsX?LUn7bViG`!wyaK%&?}WzxhJXR4V> zaliprDvd3MEafDm7?m~4f}quZFJV*`g?k1YrS_JTs0<~j_z_WP zNsZEj5+ETJtpwCBkZFK~6kiD{j>6Y*>6l2f2Kpg;(KTt%f4L^Vra&RF1{KQ+*6dMT z>Y64;nr>CW-Cot!$qBTy6L*&?J8^ed4NUGnCd&c+cVCkMz&90qkLiHZH0?`*f_wI= zk?uV}NK#gsqeNMXcsZykJ)@djDUg=Uue2A)Nvl+PQ&C(BIZ5hEhaK>!g4cqLa+!54 zWcd|=+*%+JjRzN{312&)Y0rr?>k<`gtqZEax)z+Ql!>l7;64SHp#oW18S*lbzN}7B zR#vYDqGb+Fl(lKv^D_Mi=N8vLt=ywNFqEe|;Js=PQ4aY@u9P2gz{gZ&!0@ZnTsCRfx_lQ&#Zz1&71eYZ%nakZ*oU@Pw0nx;E!vypLP84Az9XuHVA?|D5}9fHkgLm%r>#S->jK_`=a7Jb zghA<$cWN!*Yyo!yuC`&X4{(cs@x*1cwp&@+4n*68C^KyZGDHQm4G3l0@j%8*6ENPJ zkP4-zojvAW0aKb|0v-S?%1HzQF%UJSPf7+{AmC1@R!mR?dI5`qXm?IbhaC?PySHqZ zcHzVdDrb)Z&a~rc^G$3(z(6{-Lck%wqDdrY$D%H8xD!N#fgV zn6{3@3nZ{@M2okPu=tjd@riaK+8#1qAVFJ0#@E{MtC4X$sGtf~Bct?xTY|XpK%C<5 zxq|Ia0twpXk>I!EX@^I`AseRM90>xUb$BL_{3-LgUIb78hpz)3wqe?>F~Ke1cEF-g z+ND8z@F_j*$e2)V!?gKg!d?OU0E>!g)5Qcq{RSX30eL9zhWP~ujEF!5cDp9q@J2i* zW((La{n>umwXur@&+GGI_XF8kXULVUzVYZc|81db;}GlqtZPB+#vwHH`&rM|Vp4Gp zwD~*uq1}YNqH*uBcJh0>Bb`+s&b1>m>c)0Q5LFe}Zfx5?lbOlg*iL-38Bzj+HQMYo z>*&yDlVbORukja-dg|x7+Ur@#@1q`VbJhOp*C_#GU?8uC|zD+r%1Hfj#18c#K3 zZ1w_vOgtYxwA*-^;LxKQ={zhyjT-SBTJ3d7A04p4`8n>c6~ z9>RfTxQ_})BF6NjHCMC`D1@FHtG{f z4&$0^5^CU->1RV98{gOWoeIkxjC8oxrTzWdX$@QY-yn2mSZXZlB?n9C(9Ty0 zAJ#rCW`@<>IM)pB!?g!cQV*TvYs`r41loJU5wl`z?Ee{SpKDZaH9sD!_>U*YwvI2n z6uzv7w#L0b7KSgdt?|Df>(t>IYZvzNexP|;8nuL$H#IlPs^02;cg)`piF9K~(rBOS z1FPVzOVjsd@cK#{3zPIZq6So@H)f!9*f4wmLvOCR%tv&q`t&Mo@9Tx;bsT4`BYxru zugqpYp0!5`jdDC|AnGs`j>(a0Q{3C-cpp5xPBS*Ged*^Men1Nz-)Zh_d_XJTwDzY@ zQ=EX$Dfq{J1^+bLhT-9S)7l?DLji$xLgOl%L#J11o5@KO74&+c`7pv2c-G*#4bNIU zEAf1S5Zko2^hZacm9BLwIPRwkj`uj=%^bEk#_`7}aGJvdCHzI9Sz%LfgbI`JIt3r5 zf+-%AU;G`1ancmw#3O||aV`1CPMx^mL%0IrG=wVw*8xsPd=B6yI-Z)jwe+5@!*;|W zgtND<8#jiRdjaQc&A2qv8Dcap-zW)!A3oVX91pJHWXvd)weNEtT_uO@iJr0 zjd~9Y;c-WR+L*99H8tvBEgW9or;=vOUFgg1QI9KhM!9ys!BV!n4=UgjBR&a+}X zWXI8Jk|{ANE6v@hYoLHT;e$Rj!36ZiLURW_UoSMPa@X;2B`jyxajQ`4fm|z&?9|Te%5Z5%BU*=I z_eUfy!TN8cEBJ?xDY*AR1qYi5K6EMeHGV+$l9pWYHFtskRO}0W%WNV753h=S4al?} zejxS=9Tv}_$~Ud8<&~c1GG0MiT_Gq$rA8+Hpv6WG72vmwJ#3HL{A@}aoIF)hl;FGx zdyiAUX2q@yElfqQQMWlOrn+$_x{c&GbCwkZdrfMZU<)~cD-g%krFY#NC`-^rsMp7l zD0D42Qt0x*X9<1v?T9`GPD56o5~7XQ?zK0 z3*XRimp68WdY)}72U=E6sV zR6uS3>qG8*v!d|Ltk__5IAC(et3ZM`mRCc^EHz? zV5AQqeSsrA{JBK>Mfw7kIlz!bx!j1FD1oJccW2|-}8e|3Q znrJScoD7-!;5s!32PpvvBklP~<_g#Q|H}N6V2U4O?UO*yW9-5tbHD2bVm;X2N2TwX{T@P9Ma9$gy(r-M)+9*XbyXry3gKWrS&YAeDPpwlQ^6s04PAqw{`7G=~ z$7FN=BHevxw>~qpyL1zJJ3gGrEkv6xM4RSqnA$J3MYxtJpJJvyK6LOcICyz`D2Prk z9X>!};Jc}Ue1X8HO=9>Ue7sQqz8k(Gn$~f_9kR6lMjtnDYZY2QWI-l^OaxJ3~#t4HndO&N@Se*;!*M_Hn0~IV`s=3_q3AuAjK{mW}81NDF%Ws2oeB4*`5NSXKaK!O45w3F9akx+~6Fp=angvE$_JBYpE@wSc z%^B8B-rg^pA=DQyo9bbZbK-q7%=2I3O^*9GqO>SCQN$<6^!eTBx-Xl(C}X~iL;iOV zN4^}KaW@cmO~u`fant)Ix7U#Huw8+%Kp>tOwp_O`E?3wJ;{EYLV}UJVR~qY_ZhBd_ z7uq?(Jk!k7l;A!z187F#;ho0g7)SH55RI=9S3stNRZKG%Pk^;?wUFiDQO(m}z;59L zkPH70RQv_CM7gAn2q6g(akonDy_mlyIa`@X$`(h}R%otadX+=$ zjKm;1R*X&b1dRT;ccH+kNG+)isY%Oa6xB4tT#oMj!VGiwt^xAnj&?T0UD=4XM+zvg zP5i6v(5LC>T1SeWgCDmWkw0v|5xa^gKJmWx-$!562992)E*!qSEco^cC7O$84x;%F z!6l;GdIjEWZDiDv$^K}uZ+{NR6%d{hiV4g<_H(=47aWEhV;^) zb(nh$>Y(`^D^D_4Jpd-&=!YktkG!Ho_n?itrKg{0dpo6p75Yq!cHK^sgtQ4D9qiB( zsh&{NZ@nkp*JmC@87(jB-tz-V=7%mlc>daK7*BA$Vy=1D%+iL8e}k+xd(k6QJhhJ8 zl=ErlQ>E-+2v&8x$ zIw&~H0XFe87NXWi7=cOT(Pt9ks^Ir?DA(uFUoSN8XLUaFy#Cbr^c3?CgjjN_`8Tlc zhf;xOka^P34eVzAG}DTE3d8Z;)R0+s8agLh7%)>O??%DLXy$=wkGJkWG&l3iH}A^W zeeg}qi&v$K`Rq9|fQ+@U0C5Yg%9~j@vC5=4KZb zm`{R+^o5+1;6k&Q_v~)gy3pL2!7r(RDb%s(kR}GGF!w(`LIxwhU5f?6-ou6F11ve+ zoNFC|P zZ@tt4j-sve<%^fJG>HHiK{4@7Bc5!^_!vVS+t%*Oz^LIs>d>%d}6C;6hn zV7=mUBm8?~;7(0tA4|zF7tQ7h_j-}$DQL&td{DfDm(f(9cwkBbtI04QxsxovI{+U{ zvS>&uxNj|=M53kGy2numjSU$edC62UbCJ2Rr~(Eed0$31Ff*@Ftt$foZEJ>BLO!J- zjUF`Oy8QOB3&J*?g^M1y@J)^MdJ{Xg2%-+Mu0`gKX*9}>&I7^Z7-|$ObFo=$p~pvC zIpBg!4cmv)DOa`i#;e}NCksb0h;!$+7mntAs>Q)%#z}U+vGLNs9?m2n|&qdG{y( z*K6PU2_|5Lvcdxx{t0bGt3)9`;1}OC0>&_n3Nac=wnPibU8NcDgt><`XPUF71sl>@ zZF35SS+Bq~^-f5jE7MH99~K^MVr@^5x}+nZS=NFY9<_e;hkC)U79t(*Vu*Z@=LS5% z>KNLD#R*SQSRaNPv_83F0u_Z9J&gTxmY@#^Ikdlmw4b#t!RR4*@e2XXy8mb7j2Ti4 zXpmwIq!v@iT3&xNe72zq9p>oT*WP%Hm?DJm7d&}$6KCxIz!S=cPAfM5zQ~{R zFItg5+p47{Dw5xvOa*|U*}%Du-n}Eyd_XCl%nC9WtPvk>mg_bV0=urHXOiRor&H zwKecuqy_KWz%BF{W2M9`tlVk)PreM(@X1JiJNei9WC%|<`u=1*LQ~NfHKKY9e6Non=b9~58gqu*N+!yaj?Jlvi>a02kO{JmRZTwzMVbb1%S(a70faa~b-NkGw5_0|&+`*+{mzdCHjE_Bl94z6ZgR zPe)i4t}n9$LmE>Jf7ao#@1i}@5J5YFFbodG{U1<@rNObQc!vcvT4{?!L?fu@X_2mR zXN>K@?}gNQ5OBX3Mpwg`xd-`6hHyHG zFGKh3XPL{)EXxmb-*fPN9dk#$gtymI{WKZ7hKcJIptA+55tQaE-n(g(Lw*ja6tPOa z2a3l>K6pC&u^HAsLI~s+jV=fh0^_W0(|QTzhKwYy^`Z4iJsEz&*MV*UT5<{2fdi-N{og?4W(wg83*Hq+s^?TW>PX=ecZB$g*3n9xFuAJ33T-!@hh%GLp|2Q?noo3` z6|8-^IU}xO>pI=U0#*g+GpR!CyE1F&gnvFw%5LU`Z ziVKaa!!lCP{{h_ky{Q#o`Pp6jH7xf-b1J^JaqQ@6Ev+nazJaVidhC8;2FuPhcUY>3 zlSTkzP)}pAQMzxfP94b}3>BY5@idZ5r!0J+oS~OvrG^H{-qWeBAq=X0KoX63%tCrv z+}5Ehu*OE+O3lE?BX;6#>BAy@Zz z-Gz2&kEN#o zw#*P|>MMn2E$dl{j(mXD6y+rB#7;AeMt1Gsi)P<#^aO8T9uN(=1QK|aOCFdL1@^rp zW5*D8l`Gz*F>-_n-nuYXHLs$4va&b$yHgWyp{I}4uQKPZy#cga9cbf%-0xEFrVSohi3O@^t`0tmN25>kvrh}ndHUnb z7cghct^u8;_`FpSdaN%PdNeWkR2-l2CZJ(H#VP{kvIXD#*U+OF0lpMD3%cF5(T_2y zslce`G#19Vk$*2c8!#8li*Xk{j|o#7dTdM2#9Tbxx&eFs6Lba#v;^WI8xELvp#f$V zVb!yiRTjbC)v|DrIdA&eU-NazE`!_zW1WkCJ-~8F5i&f+hKkHGtST0)HfLqrdwQp_ z{dkJD4pXAiH+E@dXnUE!f~-QOV{JB@g;!&7_UrGk3#-i+*KGG+kBs;)Vz~Q)=7v*s zH+XafNL2!k6Y#x&<6$-*Yuu?_X~^gg;u@2Y*B5Ey@%}1`PiJk#=3L;@Rct;M`|2*} zO9jg;G3PD&dWLN)wLQ=+vAp~0{PxSnW7IlB4Zpzb{M9?To?O!ENS#@@1jYy-*X;+E zdFQhKC^5_Lc#xb?``h`-sOI10a+C9RQg|R+M?RR37rByQCR}*VM%8DGUl)|iW2XFgy<_n4_M*G}UD9xK1wOwFyK zyI0_{xSx=snjr3StRz&npT-t|MwbWcUBS>v+d=bb3{=9qTplcbJjTx4ZO)x9k#jEh zl|!>~LJdh?>WRuCXJ+zBw_ZS{yfzG~vcZyc>Okf2#zE)pMfn_!qK7n# zPR3keJ!{Qbcb-8*(2k-Dd1J150Cy#rM^aoK>wf=hxp{OQRzJ+(sCn>xvzMC{TpT$A?JzsW_RJ1>90(#l|% zvRPFb>_H9-m0=Y=n_Vk2x8UI`Hy6(@kgN?ojL)$62!^kSCZ;t7u*tDlCCLV(&_DrD02GKJK;YEJqX-+aKwF%;*A}PVWQ+6TURqgXo$Jkwaej&dngz^PgU<}f z8_au_+(0`hK|EUM*dAEiKB|I9q9z%BU-!44b|n(oG(2D}8_>m2mOhbXHZ%is zG0g<^1?V^wd+M+;J##M_J^LqiD4+;W?b&J$>vnfI&oD!Skk#>wkw?xHu+_o!w~uQ_Ovb z9>qj96f}RF5pD?Emk(XqrIo|SJKfvZgax$H0KR19_hTstFecw&R=df3RPSd$-(=1$ zhQlP#lPC2oA78wdVrD~^0AVrTi~H(=Xbf3=nuK@!RuJ6EV>SMpS2}iP!OdnCeD{Vo zn`>P+zt8?@v$<#z?oYw`L1Na6q{n0R%-n)*6$AAxNLtORx4>4{Z_QY7>G(>0+hP3i zQPw3b?Qp*F1md>Rs1C>m#7zbo;_IOBy{Gdrap>A&eg&nJS76Xu&B7H>zz}PzF#mD( zURzzYX4;SfzP%;FA?$6cXV?p~T!)9DZRTwD`c`u~I{2$wflxgg*@`B^-z>(6x@wzw zFe3=wWzstO290KVn*U3?^$Vm`pxgI428uL?!PCd;dUR;vc5~t6H1WltI{d!Y6n@d= zV-?#`{xECWZdQvmhF^GJZp6F}%0p{?Wf8`wn)y}QMmDLdRpi(O`C(P?q1010&Bb1+?Y}eiurd%XlE723=7P( zyhdfBZ!uZIeda7Ho0ixhpYFpYSlq<)@~~m-vJM3UMQz$%D38CdDde| z?a*(`oz}C#!1|Mz_F>%nvkI{yc>h8c8r3EGrJRB zkZl{?7WFZ~tr^BPnm4ij9cJq6?;^>6QWDv(=i+k(QHSpzJI?#6AlkSf_B)t7OXdCM z!kBwoFPrzVru(t=1cmX=Du@yatQ$Y^(xs1p&rrvN@0|Za9T~!{`Qfp6GUhaD<^o83 z02>@yjULs2|K%UDj-BSl`604Dyd7Qoe~i5k zTvW%k2R?WAURV%xF{@(4unHuY%_ZD~SMYY6-8-UWXhkrGP9uaFNejsuf$RU1Gg5 z2r*Fm!Kbf`U=hq$1{99tNElVG4A||J=DeG`03P3mGj)`FU#d}#_a6zsi;;5~U=OB( z9!Qddk))2YgM`&oGCIo&!+MN*8uTLNn5mt&N5L}u7}X#dJ0_#Na649eu?aR>MbkYf zKp(?+hbD8QAtXJAMskcSiA)?zb%L>sAMFnG>DDWxA4B**22^Qz*wHc1;v?8!KJt(L zjpN}l^5oo(3XZs6IrUpsNZko$2Gz75iL=1G-NTxwW8&{TqF%8zpe7@4wqUwh8^@b| zA?*qqvaS{i!)6;FV<;Tfm=eUCHg_7fz!Bl25@5jK2d(g%XII~EF0QDOGY-B3gsq)w zGC;CqxO>WR77Fe>+F*2iUE!tL>b?B2CSkQ zQ}QAhW&o=3<2TRtJ%AzOupM{+o0;8q?E{!4G}&Db;1zQ<>H+HAVy zJGb3&rVJ|&%^*M(LKZ}{q%6?KgT5GU2L0F^%|Pqqvj`Yzt=(B=E?CE>?W(m=Qgk0h z$kGiF{G?xqA!nzo1ND}S&MqE{;}-nR!2leD-RIce2h9ax&WaA?6Fbx*Ei!n|2lb!i z)qiTVpL#5GNRvqId>grux$xrS4mz;~Gx_3vk(WJ~Z-4Eol^V$+qVq^P1JQyf4aUX0ySTa|;_ca;Pr~{}3J_FQN}Z zM~)=ClHhx+jp`h1(!tti*KEUaGGFk>CnnZ8>A5qR6@I%v6n^DoFg)YCKAO<){q#Gu z-6$u4`b~DUdv> z4!w)Ba~Oab1`fR7z=R&(cJUWBG4It$?}%41F6g|1RlA$^GZMn$AVW$0Hk@ujUD6$rO1JG8o-Xq~2ou_di{>aP zuJaui22A&tXhm>KgERHeX&+Og%X{S0hc!oITjc<-4ch`Bp1#)yWP(X{Uew+(?{*v_B!LizzEZ^P znh!VYM?W3GK7ZkMya7a89iTYd|EM`_x-7bjNcy&Cx+uDbM~4udghNqdwY2bq;5a9T zgHd&lVmMa{L-41i&;(BIyD`^+uc%0-*nc|uX&&OxTEO$|=19XBr^*Zc4WU zg$X`A-UtiEyX0g@Fm_s1!lw0RF$CW#Uo|yCgnJe@+t<~Y)8S4hP-CveHc@>I2B~}O zo*L61rXiioY~%PIel!6U9l)t>Mh>E2j*-^}ax;Q&chf5aGKla?)YTdu?!`M_o{yoU zubnI&eEE(hg#JFYB24W15nide>fe?fLN*EY zPXua&9q}bfxVb-A@CvIZVT1>77tJQ|&UA;lc3};lb0P{|32pvivt+y+S$!M7rBse! z$9Ri4lyK#e?cHfk%S@)1T>JOZ%*^!Ueg}T{PGP~c>inCuvG*3E8jfafTFETgUq=&$jD`OjS88sh0ITWiz?(bOk^?R;eOhQjt{1S z_AEwj@j=olc&U%b2sdL98N+PEA*5eNsP!^K3-Y4@@^d@V44=G9)_9h)#<_`Yi5zd# zZ>}ID2^wzhLp{0rU?Cysp`0HA2|s=L5^Qd%vPEHsm(Tu_lH>S2X8drlxN-c6cPV3( z&Vvs>Tzh7OLI;8G@n93BBS`jso*zUa8fXXFq_-(!WDsbG!_L|ZV`Yk#OgjTq(jfH} z$>Go9L>`W(tATOj_)oTDUeTnwF0wdY#iuT3@U7%mj4J$Efv2$lyXyR+R>TKiF-jZ) zCy{Bv#5`nL;ivo|GOzGc^TUw%JV~74v@3oD@aW&qPzkA|l$k0K1|{#Ie0SuyooR6iCs$3)Y4)BYvN1Zyos#;e1v9t0LI%KG&lA6@i@F#7eM68LbfJ%Tv`UaIqsJ?Cr z)g=th&Fh=00R1716U!j%ba%2H&Z=|>r%qhZLC+%ML5AuOOmtge^jqB0dp|i(8BkZV zas1=sXccr=48r0h0PhQT{~%(74u=1y5mNt$!-@q*Kdn+5LFk~%Fl}Msc{sp=YPWqm z&B@^_=#&`_K&fi}nBM+KR0@^{ilt8bP@%JYs8Owu*Pem_qcno``d~`NpJs_ zdPo zgz8?ML(@EbZ#zhq&)eZqdZWsQ_cp#>hn<(fz1v={tA8J-<>HGLHQ&Tc)UkDND%5`` zZHAG^yZ!@Hfl~DB<>HtC%Q^v#K9YW>g=;<7#;EFsR#}4;By}=7KNf4Fk=e4 zV1}~XPrH2e7qUb3#}?F;e9v4Xw14_$u|i?Tu&y3PcVkdlq08}=9_$)iWP>ycpxono zQi2!@-CwHzL-5V|@7;i-d}dMo?*o^^O&Jh?74Ml72z~y>@$pTWlg6;fG%!Mp*M}R6 z0(;VK_wCsbx=ay!Hmved#HJ0C#_%F=oIa$iZwAfkKhqK*BU^jF|BX5oCuRlXmv+o=U05gKpTzknL^WN|yzt|f`W5QTFrn5uD90FY;M(7}Er=C7x@IxT_ z#8c433YZNd>W3SX1&xb4{@KleRsX0c@7C!G>`* zyeShc0w-(s+*tHxLHKQUVNYfdUs1a^QwE3MaW?r!-rD~T8>Y8@Pa_Up$k5)T_kDXp z10lQtq}o&_Z47PWD-TpA|3P+2%^O2c_r~$RpV|KdmaumwPMjhPHJuX0t4Q$)zcu*g#_{Uc zu&?b|@VTPvf^YLayBa*2R%VZnhChdn^A*-_CpTb4+KuuK@3r>V1scak>ko=UEhP5y zI4eah89E%@8~3#D`BXMcMnwikb*(Hn{0i9h{yhP`Ov#?WAdZxWfPZxMYWt`bU#*<_ zh}!}gpP0}rH3PyRusH`t1s$f3j+NtEFPgEmgqtu){t`L7A3H6MLw|hC9&9jkrw`M) zE1KBsTaP_<$ch(*7-ry`IB%bMo$LKfyKEo!AhY*jq0Fb+>wZ?ZH~j$K7h7`Qm9O?` zcNANFA6=mK!CU;%v2GmuGGQ7<@a?fqn8v-RJ$$+_)<#7~Bj=+X%<~OMcjdWHu~52n^!nKO2?|L^)24^pd^MSd0P1AQRsQ<=fuLynq(TiyeM;@J-aC zi|Uc$!apo}6Q^!*SuWvb}uk6uu>H0`y0nU=tlRk3>&%)DBN)P6^vHB z5CkuL(25X73k=@BVFyXPabni-eQB0yS3QGQ zfLX%A@!kTP_Tjz1;=B7a*~1=r246Vi6BBAoVtz?yLX9k131L?g{jQNAKLf+t8iVsf z4du~_%N}?JXFcw;5B&D{ zvu5E!FT*{x_@gIB{4ffumvDyTx798>U@n-_D}(anZ#I7MJ>>y&=^De7Vd?T0tc+v{ zD^?ViCBxJ&=#8L#`2fy}RoVU)a~}Ce;1BMg;tx_A$Lz8eoZ&!bE%>~DM8|LlJX{{T z4~cQgYp}&kofVQ4-SW2(6qN!t+qgU2x2|>jLT=+4IKsV2I062}dGdp+d{V zz{DuFho8g#YJ;8r1#`hnRUXs_e}W+F6Cmq9RQ|)M8_11(nL{IRw&yZ;Li5#JLbV|+cA-in_dJJbrH&e^rC=DfI3!N%2NA8R$? zemu)Q(~4fY*d8LH8rypik{`1R4+87As}7o}QwC+uHS!l)iy5^$4&snUY_@$CBsefL ze9&Bst#t7~)%-z`>ApJt`1NmWmmOLFFYEU`ZzdXN?CR%{*Rb9CJmm2t+b5qlXS+Ok z_J!wRVU@Od2(e9e#vv5!q+NOl;tko}9(Rh}b;z7JHBOp+#ME;buC24r9Kwk#ByJOl z+rSEXXu})YA-ko`T;qxdO&gA0*V)N0fE1B0Kvx&+`WMU_mQIku8t4fo2FRQE)&7%r z2*20DS2SA81e71ilj=noakF5-#Ht%nt9H`IIBOSr(M*dwC*oYicKwT(eO05rmGvu+ z&`?)`GAEBz7llFL{83@R$-xpmE@~y&WI$K@BY#AB=2rf!A!S0HNJFKvud~frsOO*! z(fUPre36X{;ug6QncaaeXkCd}cE4>dn^Z2NsVVoH!qK}utKFQsxD!B}g*waS=j|0T;6lREJxrBrfve(q;61>k8?KuVpt(4A|7Y+tn|dQ{$6Rwe(CXvRhs@Z*e8n z+816nm(A=F!7M0$y^JOGO4xVkZ}&|*^tH`Fdw+*n6wYyB2tw3a{Pp86L*jP;9>(7# ziEjnjIpBE`-+|TuwroV=htPG`1Fw?!SAmn*MH2re?n}==U#$Fke-D>uHh~BF&6?H5 zwD8YxQ7cr->IHrLZpLm0Khr1EgV&v{P(ho-VaefQQi;Hg2}p~0W}z?^WStDS-GNUB zj0GKwm+_Prsi{lg@x~G)3LzlY?ptl7*?)b-^vwza=MR+>@wf9I{F8X4U3{OF3E!F& z2@QzH>$2}W=}rxE%y<`yFaf3u*SW^`fkP4S`N@6z8s~vizF89gZ=MYQWF9#5Yi0rU ziFj8G@F21aNSq4FA3^V;g7POU1Lmp#i7$)7S4ZKSp};zX4af{0ii)Q={z!h<29h|} zgX@4qSIQE&UXLQ^!H8ChFsT8$+BT*E_!*gDzumFLN)7)Ob%7d&w^gnv*WZ8>S+~I5 zv5a}37_&{{QHpT;(FgZ|K2OFk1k4{HH#y=?7)3y#j4whr83ZmJ_J-ZJA)o^R4U*t) z!2I#@g1R3-|CNFO=@i-h@4!i5MgO>IZ;D_YKa*(bp$M3-830JtT`UviQzSi- z;T?cZ15J_f_wYy^Uyb+ypelWoMocV9ld=%61bPWDf54xbkJ%-0mEqe__>aJ#9bwW2 z%%4Za|5p@#88<6ahF&4Cg`Pq@qCnOn#OEQTf3j;Xb&J-uQ3MO3@a6W1D`xfv?%`cF z80&sq!Hn*TRmn`ym5E1Y(inxKCw7@hu3emGNU&$2+`-^N1KMfRh2adIWvUT&{bH6NVnMn9~u?ftck{IE3N;*3U@> zx8lNDDrCLH(W8h*rr#cgV=TEUelO~t8WtOs3_d60l>k)b{E-a59EC$;DWeEe0(>9$ znAZUhN`7dmGfx8N8b|N*tElwhKSc!)GyaGSW5o|bBtBb4D|{&~(8mNob#bw4qT<&g zz6@cNLZH}OK}Evbc7cgXkyQR&gwi%RhADEuc;I5Z$0$q=okA{`+K zq8Uzz2cGS~QJ{)E2aYPPD59}Xs(eC;V5cOUfD%B>03<(<4em(|7Sm93{F6PX>bvP`T_U z66Qw5=S1PTko64cFNypT&=cO@gZzy$8GsUtM`rj~6#i@!ei#EU8Isgs!dHMprS5vk zPgfx?N`kIJfz$k3*o82{gz-oQoFH*p6s|`{5s$uIJR*JKCdM8*jgS^0K;l-+cS0y& zmBb&9qJKu^FWY${<_8Z`GnB(?;%iX}jz{4?!ob#ou#n6EU3m?vBt{AF;nnmL%?Qqc ziBt6WF9K#o5ugrtSAk)Z$YA1zsQ6Nx2O8E@I1wclkI=}(C-Ew^k5;WRebn$i@rA;u z1V^LrZ{kb`tk`Ik48F_Q;dao-v0~y`;OFhZubO$+t$%FYBinX9QB(WiqmSJB2;25x zP1W|D>*{KERuop$R@iCXWic2+D}l4C#BZ9eW^ zmc8`ENVgg9O5Cz@`(w2a)a=}{EPG4cq5K7Yd*;{7#1nz9nSF-6xW|Z_R`9^i?c3Sz zZCeVf)>dub_E2co);lYzcb$lR%Y4r|bY*#hdH=3QwjCN;eyzLu!L5gOEShQm;+y6L zW95l&o-n67a#*@-OP&4WZ<#MpTgYH6RW>vuh)IBgQ3(;a$pLpe;6CkW)ab`7LZ)@q zX^(2IE=)93_z-3S5~lunuJV54hM8rmhym^Y#msQPmD;6_2@_Oq8%+qLd>LMZ<|F`W+BAy7=8BQuy|Bx7hU0uO6AmN{Ur1NI|- zl^{0gfQvBNOMzm`wc0(Mx|$M>v542~gkBbLOqXy;(SWxNdnJ%6b%Yoro5jewJ~RpV60t zaZM8Wf?7CVrFOmLYtSy3eeK$~e8(K&-P(Vw@1!Fy6zoy(=j{)xiHPUgsiV4-)1bO4 zDa5oqZKTtxv`@Hcbvol|O*(^V$XK~?opxNiXq|S(!Dkrx*QyMVvC>3xx+Y4#pRvbf z&z1ZfU=z~fnU3GxGVSz2%=Q&rjM<5T%XG%mYqb`qHz@un|MWHo5hPV!%cl1`!cmux zNT%23Xs>qHR%@DT8+F=iJGDQ+8ChCGGa#Jm17_3!R{j4BNTfP?kIv$M3f!r92|fC@*IWhl5u`wX1jt6R|Q z^V&h-?8_QX%aGcl@~1%+s_xU;v{k2dX_cm-1gfh}8^rk~nQ_{PcB`8X?Pw=uQW6dnML3t2OKVUAT?Tz z^I9C?-MYjXK?mHVRhoekKPCmuL}sdI%q-M=G8^>}oOuO%vFKHK`7_6Wn2bO3k=T}u z<|DBhv*$z5b{W0^f~w4LGANSS0%%2*a>1bPh_aCGW$MBWyoi|ynDPR=uon3%*O}yU z`>@PlA&jU)!i!RL_#zmNnguN?VeC~!Q>#54E*jB&z+%8k6WJ)3$}9W05)S3hMrLXP zvb0_&CjZT^%M5a|wAyn*jD1msLo2Ee$UyT=``V7Xt zA`@Q^V^o9C^=*uOS%xo%N>yoAK!pkpcyx6HvKjlTq$dx_&q;VC3hR(Z9j%2h==@v6@V!=cxKtDcs2LvTA|UsGw%>I_y5Gu9)+b5UaD{W3R$ zSAl4Mc_GHWE{XDxKuNl~Mt7O3QD@56>l&0;m3~d7F8vx*UnIOs3$eyg9cxepN{IY& zN|K$&*_3gTId2)pQ0&f&}j?KYC#Ji1m{WRzrm*^y}_@W z&<)5;NqR%0uFJJS9ljPNRt{>{wlH==YO&C(c^0DX6`#Ut7@eYlKw+iobr3=kt;qoSBBpVl`1nwN?x=UboesE1PqRu=^lYl6NUOS}+yS@fZn&fq{r`Ki1SKam(~^G8bW<5)rzOoM z*hG_p!AMQr?(}J)@66Csw>y!xS<>I>NPFjLl^4pt*`p0@bFwzH&8SOdn43cmxXJ-v z&>3$=)hOdCg+R(yN}*B3r}UVnFFlTM)&G}5qDbOPI`Lf)NF}~2+W|Y6-qod<-UTg2 z=+8Rf0nPtzrum2OhPwVus_1SoRU_ful@9of?$PcZ(oF9$9q=uBT)5{>JucjHOdIb# zy?SMR&pF1v7cb@??4HZoddpB9YC%$ljFndI1tX=>dr`{oOQG-WchEq%ei?pWwGO|p zNvFN! zs`+fKXY4-}4XpjVf?)@*3OLNRc^UhqjM%11pT*cVDlut=;6lx4n<{ZO!jUnjA-LQ@ z^N1E`+fG@S0B9c9!fkt=(vtou0(GoPv+b-_-L@gkw6cV;Ur9kLyY=2*<%k|&wnGp# zjoV)A2#0WLPO$yF4!=K~ppgeWx~V*n#n^9TW)I})G2#I*QtSH%YPHclaLkbwMtV`D zMP_P@cwh)GkY#uk_|vFJ*^UR@nKA&{Ew>?~&N zKAFMJ76(nY&TQv^uKUNza8rir|7*S4Kx$E!s${jOKUMd&XLR^3luXtAt}HF|F4)9} zQixrsPL*~SgiwO+8pg3oN%OcL^v$|r&jwu)#`n7_49853iPUZ;+ zlp$%JIO%{#^kDX60PTOXBzm$9UdAQ-lt-)jspGn2^+=$qroK{VT;JpfM`kxmKK18x z!S{Q_SS0}I)pi2W)_A(R}@^UTLjjq zkqPb75ak@|rhxZ%>IC~ydNmtv>|pFKGI8U1t?O@=qO=^d=*9tTXFj~u?6$0UrBKkJf( zX$1@(ykHa#p;cdUASCjl^0Na_-Kfm$05XUW4QYW|3Uzo(iw^&MqYnQUDv`m zlL43#hA<3id3X(A6xbCeqLVN0LS$ILMmP@0Wr?KnT~W@|SP9r8 z!*RyN@JjeGz{wIm0N5|#F9Obx@VkJsC43QZK*Ik39277eWH*X%%7jYb%01+LY?}R( zUz!==2B8rCwL+VOAuJV~6ve+%I458iWFi?UoDSg|DH4Vpls^v-0fweIjM_0|jndZ( zhU9N%0qznsVG{yUCX|2<${SD)!E~nGg=*z637I3{*kb&aNSMN_1ndD*SC4=bNci&- z9>p*HfoCG}a;HnU18_0g14Yomb9cFjn1~GAjS@ZsxLv?>R@~h$U~d9oDJUK3Hj`!e zX}}~1czOo_LmLDqA4dc@1)ZD)do+=Vi0G)ag-i&h6VR4qM5mvvG7(NEo2@1Z z_X0jHU^>BUotJP6w8sPtxmZlLfay?ij1*`_Bj8$uQ-6fQvzRVHLcU%zB5!g7%h>pL;%fxi_HNIZZ&@tC|NlzzO;|FB;Aikwb7ciYfrNf3K5FI+5 z&>&zsP&(nffP-Zi5okV2L^pH+$&qjmU}Vn2PXd-17mff19fjYBj1taBxD%EQwNf~p z&rHk~@a;&KSSeuo*e4NmL{ovZiLw9{VGt+w%ZNO{7bIK+cvQlTXdzw+w*dwN&Zq-$ zK)~1q;Gb(y_*M_#av7cixK_eQH&JFxryA)T8Za18+UgLRnpePduFnfP3a2xB-ZBY;*4rpxI%?^ zJY7g~D1*c25B>D<6uW20z0^L^9#iT%jH~oc7_(!3at0q~CENa& zVrIKu_8;o`-CX?GeY;(AV_pV-W3xR>WPiQ{KHYX7$YMHn1HQ{{{Vl#8J#zMWdz$^D z-Y?G?*T(b>K)3&W$Xhqt^)a*S ze`n71EM2i;`SR?*l0$#lHPu|YEGOrXw|%}Vw#FX*ota{H{N7w_-|>66=)>3Vm!&(T zgne@{j=twE+>^GEf2GcSrgk!4gTWF4xX`TL5zG_*1Oni{d#!!GyvHA<>l!GE8hFp9tLz5jq$V%@z1#%3liWz##EI0(%?;1QOxt ze-d{7pM(wl&oG*X@Q3)&gI~iZK;g$-1!kx~{cGfDm_w8}^iRSn?cx72x7g!*T^^(K zkpJww@N7xNeYV3Uxc@Ii1#Bt0b&1Nv|0cEXx-qK zfg4QRHT&}Ck{e0NocvZ8gZ~=?JM?FB+WP+^ed4Iu2=~0=-Mk}gmwLiviDh~p*i7=N^C<)aN9R?-)t`2ki zl!B-LNK?8R6B?2WHz7vXf>RJ(4q{4|7NNrF4lOr+dvP;KIc_F#2XW;)F8`@m{45S* z;8sGq;A8mi*@x&-8r*2}0o5{;iknkL&r3!B6SLw4BJ)7S z@X}|~@Bd|koY=nnSKJzXRV~>W!?^09+Abb8UtK>;ms-;;GPwCA9XEAX1CE0#lJ}*V z>i#sUa=Hh27^OH{201WHH(^`*72>$q8L8r#f1UeDj_kp=$y(mRQB2fw|0c_6~ zkvLLHA+ac>ncys?9sJN-R!|ujKu%9#8gbDysj$j03UJ*VF5t_VW8ma#%azz zLhl|Sh1$nIG#AH>$efScL*Tklsf~6{gqa;3?SKofi29tWvx`T}dFyguadZ<=3A9+{ zD2I~;zjY|^4%k@C+_#Q-h$Yn;FBfXguK(D)&i?s`IsJO2CrA2E&Zt_K`pT9y2BS1_ zW4{@+(?2qAN+g{aN*{LJNAR3N78r|5%Bl*!KHeH#eZ0b;LQe9alu$UUyq~{NH^P|N4FIN^&;th&yg){oR~#^SKDgDfj&mk}v+L zF0j`<5*`<~uD1A9%ASdus}6>0eXS8!N`SmG+Wv8Oi3- zl{tY!N$r`gFTw-YxcS=^&A-^&w4dEp(#Z1a8#mUq0}hlklS`#Fd1akN%u!>|w*2mXvpJ zEvu>j%#6CWXWc=-wRX>Z%V&pN)&wi>U>d8@xDh;2=CXcoz%fYBw5U~G85i3;q61+-zCCINHElU2Dg29aa0*nTHNVX3{P$W7z7Gp3)?wX}SEt zQ_EQjWzZgW^GwjxehS-322;kzRWL(MHAzMKpvcRuubZQy@n%o9Jod;$D-G_|$-Npi ze*YwEZDL{TMRy_DByRC5v}-0=3zE2r@7iGEPGMZCy2T9H-IJ`;DFHOUDt-;3pBWX1 z=B_ygCPD3Ri9X3nOC+B#xbKs0n!_dASzg2h>>{r<4?i_t>!#Hi``qpv2`(v&>80?|5I-fa?f1xNf1oh?FK3MbjoY&4Mp? z(#c?w^;jHGTuex4b_eeMsY$UgsHQ;=4U?@I(`&gEiuqRpStIV&8^XZScH;PC3+@gj zUl^>BMWoaR+D$%dMI6M0Z!Y4?JJ<_8YvY_Ps@Uj&ag`&hY@Y8fCvSilQ{Ba|@#YQg z3cGlU^;BLh%>E8YUP;x}69(CUXyMeVY5Iz(Yci%_p-pl5r#8j^b?o3Qx`UIZtdH7% zpJJs?ucwrhAq*#jbU--N*ly=cwepPuyLPJeW#gq2DbuVjBYxj3xDz_ej9v5XA17OP zd&OnvxGQj$>oTrnH0{82tJv6QKQrB0ZG6vuZ@Tq_m(uJ)DNz#7YXz>$cJZ~SelWh) z`uueeH+LL8rNOTT<*tg*9cScTWF;_nJ9UPY9WEu2s3AbB=K^6yRmJgwBjY^~wGY=2 zhNyAK%Q*RjP}&{c(>O>wRhVb9Jq`TQ_Y}~vcV5FLDSX@P%VgYxJML}t(51d|ni-IJ zV2*G9aE7(S=sz(!!+OUxvyI$@6r75y555^&UGTj7(*9ZSDe`hZZrpXBwa;H?&6^pZ z>)u!PiEg^Sj&5Cbr>`8Kalw^ir=(gN;eWF#)w;<*t*2V)Is0arJqKr*y)=go-~X$+ zz-#6)s=&R!{|@hOc-cF~OHkJ8@E3j$DxDLZ!ww*z7m7M#~QV>W?Kua{@gVz!ycGrrP<-x zR=UwChovu; zP|vzzVB%QpnFGO7tX;-6P@J7I$GSFbm=uP)S{u-NUVbCre1xm21O8NC62T63a^=9- z{U~40%FItkkdF)cXv9=IK(bRlDBCTOeAd9J{3*;>L|l;Kh(7q-cqJ|=g^N#D495Ig z{62#rxvar{BHdb)#8<*nh8)OHZJ$iH=7wDj_hlD zM|eNNX`weNs{b;jZK2*J0Cn=kGK`+43DncPHOuU$UWa;|z&?|%8Z8Nb?N4bM4E5c=w?<|B6NJS&avZ#F~CTMU|(nv^H;*|Z_{6y4Qa zv4JJLgg6+Ghw`|Z|Hm*|vloqIRA}krpzI40ctxH16b43(=i`imXRkC+dBg7aM9%{G z3VQ$H3qI$&ayIzGI~F4nx3 z-3$TOyo6tBDSY6=FN6(JSnKPIPw{GKuLj#DD;c&{;seLnha_sTFAE}}gn z!~C$oUK%-RP+GC%rTPW9m{&ZUpvZ=GKLpzjAx1`S~`C zry;vzfmNAD13$9KlcFUzuV**YV23O{aAS8f4aPO_WlCXUg22Tg->5g+ebpH016kIg zO#y5=pfjOm!T5gajay;FC~^QJ55v;5w4s^t850>f>W>Gob2JRek-q>;me z>0S)9UV6V_dly;y6Q z48V&*GD>eZF0vMf1Gq97J~CN6R`R@K+Xa6w=pb5X+$XlEt_E6=psMO98Qr^&ogLgI zj1F035h5=G2l)Kd@QVpQC&%)28A$lG`M|J2M_H4=FKm$(q( z;wTOpy9d2$T<~r5$!cAh`wkqB^^Lzs>sDe$4UM|~{TEpXZeQTKfjsia^u5djiw`MU zSOhL}AMe3jjJFChRkQ|AmXo0hq%g`r;AAf2lgM1`?xk1^6!Up6b`V**>ONKmjS*}) zRFg?k`)u9MaHIeDh<$mfwH8{;TV^eo`7VZOPh{52S`&19u^BS@B%FF4Fx z*wXdn2H|OA^#~-SP@+u?Ln}MV^ON!cFtt z-5`^WRajZMjqt~5k4U4t|hf(gi`3+DrhF1KQ z($+>XNzJ`Dk2#2!)&lMcZ+N8fxX6yudiWkM0;opoIoPs%kQ}7 zVtR2O_D%kR-!1t4tDUgIT2Sz}!WKDr+p39T!!61dquztUPZ zy>#z;-{5sbtp%=x8deQ3ckaEg&Gc2)yeT1CP2Bld{wXl@?OFYSuQ}7Tz%E~9Exzr& zaC18~LLR(7jE)@1>}27^ivHCO>ZdB$+F?& z{aaKyD6jverL5N;SY_QY6CKQ!vA6QrUoZp}AIxLzL_!-D*l=&NL%G)6$wvChAPi%@ zYd-zHwcg0En{ur?C%Wd#8BcmcJ>1(2@-`vd&mjo%Mn+v19W zEb;rc;0@J!c;4RPN;r7WdIK+ST*=79+wcw?A{}0`sP)Sjs%|0=>8=zI`bn+uw9&e9 z1J_?G;1=u|&_=E2AoNOlquoZe(}?ghujL!V_CTIBW7bISMdJgq`_6ZaVbWFStHyBP zH8^X+`gG&?dvSKkYHPvuWh?PUF#MYve8d?(J<2!##=8o&RTh35ZqGf;`1+@;@*6YR z{m8MLa&G-^R%X|)wywKYs2i48AN~bs{g})l&0DM4h{hR1Hk`a#0qp_bN3?q#@aH4RH^|A}smJbBc z*Y((=LF|-aWmCX6kE_K`Z-KS>UaV{f?g20jQ}0=6VnvhC3^8X`zm`js0dHMC)phcM`X z7W8h~?@^m3>2}px>+bmtd~8u0GuVB+%gIPhJ6}sP@3M#1TJI&^)$|$j?oFA&MfKY@ z*1h>XCdov0lMkD7#CE_JFPQtBmjT> zp#;hL>gz)5M)PKI{WY%XwnuNXzF>5pXt~|`Ds9aNO04}xk=is=F}wI)>(A08@kMZyLqXPOQ@kQX5fGg?#hO;14H8P&=%yy*!&ldEqDZq<0y$d^XE-Hac z@4^(t)dsv!($g7h{>Y0dUE5WF(6*}%3CJd;^sYlu@hFWu2Vwn^VSgl^11=m25|7Y^ z>(^2Ee^&b-UjY>;Qt9c!-0WP(Z@{iO_K3CsrIu+m681deG!;rb-~8;IkN(3lz3 zfXwfr@I@d{{7@yB@`FK(WblDZFHe%0pI(hy@lp7UD4c}lj}X8@6#h(O@zX<*l;Fo|)o3Vb6{1bpH z8?c7ae|Q`?G>|}rkqKgOkxD|A14o_GF=18bF#+J!4!jt6tAqX?!2A&fj(Gs(Pv}O7 z%HT;P=m%aTswAdOkgHBG=BqdoOajSv9PiAgn6N$vLPVkRi z4E=L|8ACE)J#Zva4C$KYNy)&aRmVODJkNoD9e6qLkWBv$@E+j35~ za!nr>2b>Bh(uY|bN;J6(0kTfxmIEIGF3(TK-3FZcg(e|T+=GDmLxzBH^l|=!e-eKt zf^z}lUWnivh&zgJ8%Tgg;)nW=>y09KFA7H;`l!UR>x@H{`6#bqAy7QB@s$CWDveJC zeiFFUXgmf+A9yH@#@_;*Y>YGzM&BHd5=}`#fNZz%`+*lZaJ(X#LRMTOGwcR_33#W( zVRYgVRTTfDC>&k&R4Q?oxLq|KgO7N;>`nsWKa{vsVf+ zWDNWf`cL@eYCI8Rv3Nv$V${f$I6o@B;A%Xac=Oc(iFd)8k0DGpiNq&>!zz`c6K&w9 zflEaveiQhhBObMw2~^QfgyJ))o0SzcaRKn`2p(n=OAt^L31Aa3>CP;7;LifDbKqYF z-U_@;n9{_51I!;$lM^Ap{B#6V%lLl)C;D=MPr^Vke;9Z+;pikLEyQ;{egw!iNZ*Pq zpagj`!DirRfSVGBfD6t7m!>rdWA%ao;3+cxFz`_a{lB95166&%q#pvLfFjUSCo$>I z2yk=)Ui72l5he0YL;NL#G>Qzo=yeuW0hd+ey%l&3a4DeoQQ*XnG5~+?0l@r`{2<`M zUIZY0m=k;h0jN{lS}hXjZj#%!mrBbY$zVXDvQzQ?J%V$3x-eBdf<6f8N;=cnPHs$#}p^$Vdw%{x7)Gl&ZiV zmI3b~pcnziCH_;u{PFVtNx#P@!30SaCtU$<0?!cilP3ZvhTNzys?7yn2H9#v_c3_| zC8kGcWb#^!s%H=%J}wC`a)?J{I2nnTHz33(GeG?=Z$lLoO8TcTZ#eIWM~6w@g{f9C z`E~5gAidcx>EA>ge`GP43Ns#d`0M7s}tK^!K!0Tv|tO9m?fJ+;g0u8LK0xtW7DGk6IflH&E0&Ny@$4^p4Q@Rk4 z0s@8i0nY%g1o$oRAaGgYDJV@L2`urcKEV7DMmBXm;zWbt(N7ejpNPc&3NU|UhUmx&`w@^OG&D_^0s=(*w0Vdh0h%M@SEK&d zQ3<8dO~c@`E*p4*B&Y$*AHiu_1LAuSpy;8(bti!zlk`;I{E-=c8y_>4A)rmhpOeu_ zpn(Js3?q;;wCf(V?vAT{xMtCkW!JCFv48rgwE>%NDK*ybCfL*Jt%de~{Hr9aM6kLybRd73F(-nLi z4tf*}U8YFb$U!|SxJcd;Pu6Rc>I(#nO5Fddh`@A?f;%0Fk-=OQjttbL62^drU0v7> zl{7BsJ6pl$G*8zEtY@i=aC^1X?hJjIyt`O4a+hdE?p7FqN(6ts;d`bkv0NDi%Qk8bq=`A zK?9z}>b}2NNG&B|vF9}Gfu!p85)ag??gFB(iEonv#rgFm<>Xf84i%n*tw#krsyGe> zQ-a2Y8?|(CsBa}TeQ_KiI-_qmkGrIWiyP5!d^tS!$;{$g^v&n-;90D~`>^+^;6ZWa zI@uqKzpN8XNY+=SPe5sIl?f6$_3h;e=wa@c;fbccD?AZZ@SqB>!u(CaO%50tD^24A zV%+yDi6$a}D)B@lP(%}vStK0Qq%<@UjFjC>LMh87pGn=?J|>}>cFAyWx;Aic9_|h2 z;V6GnvA!-lsZ6hV%oPt$PdSXm zeGJVW@Ju-h1Ztv(#=w_lW>c$m^P7qit8R5_J(j0nA+@@PoGI+i&g-hZ-Yq zVAa$4efm-%KZH0b6Zlb2DzX2xPV67hoy@Fk2VASKTAJ0N)jsQ(F668cAv7=lY*R6d ztUB$yBLP&c5~q6{Fv7nrGe}3tz9Zo|D1EPj!AJ3&Td(>Rlz%SjRWZf%Hgb>eJioq| zcV3>pa&cZOZoiRC=Rp(iD)<76TwXN~LcAx#Gf1) z{2*Aa3B}S2dUCOJ zNZ)+8tX0qRmtluN&4`v^v9B^)20_)Jl2fNg!ki9$1z*l-opBDTW>ge1%&sS?S^Nbva6>?)6)qtqpTIGCm+Rw;V!$qF|JGlY-AU(n5&Ys{dbs)uj?* z#Z+Cg6@D$miejDF3J9k%TT$M8$IfTe-*Nj$IIberM*Fal} z(Hf+^Ue@uNa$U+bs2at8O`FzGexd3mQT}|WNEt|ei;6&a2Qw_mG#}QhCYkx?nBh_3 zD80Bi5cGq3S{=lyK1R|6eR@(8OxHYvsHWqp{||QSjDw>ZE=XZUf@D+xt5$t`0W_iD z8?qg6h#8Y5{S7FL8rW_?bwpqkM#145Py#gvya6RRBonWF9;+T{2WwvhY%>0=#Wp1G zl2OF9-;`Z4!9SGra{>QY(i8l18GapL^ckEF!N23-(En5*e~=LbW80EvJP|M^mOKH$ zS7bQESUV=e0T)6@PVW)>1)QE>G-)251sHsJIKh?7P_3X4M+^+Ls3>fAM07FZI;n}m zlgvm}a4))61@}4VPcuVp!xRoOBU93>yIX1t2D%O{i!X8rMpg0&3$?#>oy=G$6Wj<~ z&4_M<;iy?GUFfC8{u@!>s&BtB$c${2Hsqk`bnrRu;M30xRe&2&_2CH9OWF<~1HbiU z3KG&OD7pb=N*`dTmBVKMCrB7f=p_OV2M-3J30_nOI9bB&fKw!V8n9o$i;JoMNtZ|| zA~GaQiBVU?h{kS)5_7l*aE^q}0uD%c7;v6|vmqo43b+u$vqAx{C83KXd;xGV!T7g! z2uMgqi~=r!vEZc(TZ%sj#o^U}%OngYtX#r(0Irnqef-wMAH9sv7>Q-CU}<;(4@$Te z{Q__*i*Xizvg~x6%8+GoL4JeF2D%i$$cpG)2%|Gw9IgS}B;hu|JrX_-_yTH`i0B9u zG2rkhejzu(bW+JxCSfpg(I17k;I~o2r}5h^;mi2#7O;h~xcVdvL0#u0oQ&T=2~)4` zq71>5P9f3OB8Rg9r%Sj5uq-7`8Zmdd3`aV5t$<@FZIgr{u)9OT2y>qmFdZ6lUy^V= z3XwuEtSa6EBqSo}T#i{OVPs_1Nf;&OrG}t%7RT(A;b3SU7jOat+%I9`c|pP`lsPQn zEELp~Fa)x~qz*8p^EMVDIot|3DB*6v&;SnybE`_gbbQ7_DJYzd&R9sp;ab4QB-{r0 zjDYEMjCEPU_>BQh^kF&{6XO>M9f_f9nJ8jXIp8u0_W*7Xu(uj87!wVhaEa-X@HxP} z0;ZEKF=r(V-Z9V;(bI{RSdWCkCpL@fpCVAQ*r1FU09+zqI-wFD-5BP{QEnL54iM7Ckxmau`~OlNr-Fj<`yM)2*3wMkB6G5YhRJIQ&rp zI-3!13YZR5#Dk8)XIubWDquP&5f3^Fr!x}q4HE7EEP19t;P@^X{{J@iHQ-TI*V_Bc zoO3b>0}ePqfB+K`Fd=~ih%%4>69^@cs8K?R8YSUJqasF)HoZYjXr1buO1X>~Bvw-VOIF$iLB@|EZ{71A& zI1@0+i1>WKva(d*8*xs?S3}@Y9(fG$exGh+Pyu?EPdCv7+z7Z-!UKRSO*qX5xK6^9 zr%A%yfI&EwrC0XuP6_t|?v?N*z-LW39R!S|{-*-;j(%i04N*PY{K-$dXz*; zFRSUM164K;RF4{vu!>=dzlcYE8p;AL1zc>x^x~P$yea;=5a7cS-VOMS)c^Ey`Kt3~ z0=-!FB%AO86!27-9 zmj`05MtKn*01QF|3?i;BlQ3{zZB)rXJp%ZPOwE8>CEN}ee-RJDuI`cWDZpnW+y(f& zga@J3+$Ov{1+Y)TnSenE;aT1W7=#c!artosLS}$opL!2Tc;E`Bq~rOAhhPwJ-gHb_ z?*$9`p1IyR&9Ne#{F3S`(xF$fcH;5g2%Y)brP@I7$$A_Lv`o`Q$u^jQdkjrwlP?nniU5+l6a! zsCU82@TVZ+<~6I-#c6Qq7dSE03C9edZ$E@2JsD3{Z|v?fDnn+Ohp4TDS>Z+Rr?e39RH~ zC3$8d8$ip&lZd~18!NHd$Ea2DyeL*1YYbf^b8v4Re2n=+CclBzOJ?F0X4(91h~&Nq zJFaA>m(2PF-=*;`@)6%5mX}+i*ye^fH-Zo;G%UeDM$fR0OhB_ULt*A!FqOrJPO=35 z$7m*;N?p;UgG2664O5XGZ){Hqpz?GgJh&;oD7bN=S9Csv2$hM35#hlXQ;H~_B%1mi za$v-RqEm3m(kGnGt_8lMc;#ifkCmsd7BhBH0?ZD#qPz8h24+j+~)(4gj+D##1H4mFg}R<$>}A{w7S@*Y)6@r_7FW`C$-SXaS79C5wI z6a8fVjBa4y9%5 zi$5Y-;t?L1yU&q@=QxVX?Qqob#-rMjktMk&SU#dtk=(^kAJwu)mm)Yfcb}7fdIiG=mr-uf3-A_Q+*<-CJp-gzT z&oJ^TuP^f+j8F@MJQ zAgJqNvf$3(cy>5EL=(L+_@mhwjbaY*kPz2otil9zxo-Oa^KA2A0g-yaOLNGYR6h5( zcKz69|9*8}P1cWQx13a)iR}lLsLg!$aV;&@2if%0-iXCP*Ky5&0cQSdFcaUxn_q(w zZ4YmMO?xOcJsYz%6|=?#!U^PEV*AI;wY{9>P#Ua`&+?MjVQRXC*S`+;h*`Yy4J~Q( z#;4wLKCu0HjIxiWd0VzS@8pNxfI0bDe(nvhX$$wZ!%R1eZ*14TRPuPq32lj1jE)({ zJG+%h{MZT23nx_Fh(-~2hc-2~cxNK{7;$dlSsmJ4h;8mbFKywS9ooIXkbY7-N!U-q z(s&Dx?-Xe{o!S#d*`6gVwqdce{MD0e1mHMY;ed3uJMpsc6@TJQrIYN}8x@B;yFa`- zcbigGb6r7otzRt)emJk1Ts4wkks5tjb?}X}YI4!|u{!v|!CC`{wr~dlb*=ceo*07Napztti1BMab zRCFX)XapGhdI%>Iy#gU^b>wIAsn zYfrq_k^NEl>#d)?QN8w~tA=O_Fh2Ui>n~SWc1QSv5D-lJaA;AC3P&2?0^tU}$%JnM z#*J_73z>6C5&2&Te<>3MSD-zTtrjmRcUUe@Sj~#n7-K_i*)2HzAE$RvKjT0CnU*lRI$KdPjeTbs)WM;r-c*wL>7QxSjBurp-}Z2Y zaQjfMWD?0{Q^Uoiw_yg~`A=yF;U4n`@S$)(VgHl{uLJEV?35Z z1>sNU(EJ?Sf=)NXiM;tOZPLW{#!r;v1>rwl4&hld=K>c0R}Iy?74J{u@4cmsgHy?~ zZ)pjt|IbX}>M1SJ@PG3%R0erD35xE812tmc!k;kshWXQU(X4|*DI_LRJW@zJAST5m zA|T6c?D7XlJfMt&HMjX+hBB@)Bp%V5nC^fF&b%)7FPIN~nG3%_sm>o@{#1;mIOKt7 zK!XpZL>B^*?i&AjK^*RD{cUSQKJ?MD>OC{r-;mZ7EgCleFNegyA;~}^BJl?=SCB{1 zs5r3jaxvCteCmH`mtEu_gcKc5ep~w`He&;C!vjDkcmEutevoJWT-$}msh>kJAk+no z*2#;y;Iws+w{>Z=9cTJ^f0ve&I7p61AX4+FV$;tI+%GP{z(HK-ZaCpYsri`lO5f3* zSC&8X3++2f;<4&qXpbt&O?>c|m<}iNlx`?ag$KKl*l=vHTic+Zo|0cdBM$QVUttOX zDZkR@jUI$kvd75p69xokdUcSy-qi{w*9uoq2U$9ZsBZZjgX@U_T0_%>?&Fp3!X@qp zCwTX}n$N)OT-Z^|;%QyFeVIBK++>&FG>LA^3-NCw5Y27PqkRi$iR}cDQ)R#>P0i zA75`7QnxMaWa|2#u=w@66=pi&VyDR|7q)J+nN-m9xSdeM5qwx`Vg=yZeuD9JJ=&4`0{%#97>*a>~)y$=+P!#_sM6w+Hpb+ynfW{?-aU-MV1{wfzzGQ9NrC` zm4)@tAaKs(eLa{P+|RtHO&)<23XK@}2K$Vsyr(U=WwF{MwwU0|vmdEVPj{$wPw!Lf z>xa}P+RV}V+<4L-$ZcnC&nwhSgnzc92HlFOqW-r`lGzCcbPuIjR zt2R#Z*Wc5U=0%}z+NU;QxmUMyE6`7o=u?2co>}N={kfTYeyvS6PSWrW_lUN_%@JhQ zwF^8i2!H%=5bcDwrNgub2-QaR0SUy1f^c7~aPn{vu9C4W2f{k?EQ-9IT_>?@$DRl4hX!?0TLu1o;X|U@zTatU zXPq*|EnFG8NAILz5tXeJ*vN4r`36gG+3(PKX`gmYY*Tg!D>_51<2(AaM@QaCn?&sV zo3QSx;NIV3UD{+|A(q=5?nM_A5)xkadu`&FfzQo-`_S&d({MmYr0w{! ztScw@_^R0?YH4+BJhmgfc*f(|jpqbBPo>oj# z15NdSGZ6owLl`*6;qD%8^ZuYMnUIr4KFB)Qd2E27C3;_^Its#npT$Fez+6zqLmzA7 zM~*B{ok3r37%9Z9{}0;K>F{`mBRi}*sP~~o;*lIrM9I}Rv;m|g`Ly=n>~~%inqym- z9CA}*u_xC%MZS)3p8ri8li=Kj26aLBof>}Xw07g1Zc_ICGHQj=Ni-fv6sM04RO7*s zS%pdOuRk;C9k@H1UjE|`wRnuut`DOKE&P8H>i!55U>VQ(2;QLv;eql3`5FrDo#x$x zR)a4qdG$xygX4blTeB%c{n1T%=3{M&<2MJm?_&&qlQG*^X4-y6&W=(JEXMEv8@G=h z6m2E36>WWcIrsK!_b(bW{)DJH=rzt7V?xzG>cq@UIi)h^nv6At!@i`8Jj( zG3Ok}0p`wr?V~ZLYT@!#=*3`gBFde5fVX|3{m>{k_7w#ndY1ytroZWj;Uf|#&S9Xf zGoBovwEhfEgO8=azh5(!2P9eB

>KJ8MH~O5tsPxz z*T$Mf^!Y!Lgg78jT){BvsaZ~F$p^7~ekt}i&d6vnDaI$S__KCDhD6_=vB;rv zqz!V;YBL=tUgH&K5jn^k&uVigp12)jb6iU;Cf)ML7#&v-?wZa|pVekKPE6+N=h~97 zq$PY9zCv|D1GxoRC7)}4gP`bCsYBfK+5p~?vjVSN%p_JnJd6`s4`P8IIC!~z>#|)mzM*U1*!%n^*y`NO91E7GuHA6 z&OV=jW`0J?%BjH zf+Gr=T*-syAW7}~&^c{M>MaNEzy#S)1U`iilPtn#9D}FAb7WD2uT)U{ZiN4vyZ>98 zZ-j<-x#+2bmsA>=xj5JheD9m4;d#u36IMbme-os9=>B+UoI;WS8eV~pi>GQAYc$D| z_D+Y`Rbftcn4=zR)c_>q4$bYy1QgjJ;C!uRSBHiP^dA*K>O#T1D1=o9&{FCG#6cD> zZUoZdzVF=VYzIUSh{bthEAXf&^9b_8hc>|=Zr{a}n(Y4BI~O|=3Npf9UmD&zlLHqm z4$uG^8R$5_oAO}@k2gl9*LA=Q&ilL9)gnf$Z2beLy#*!h%_yh2vb{%fi(l%_R}LM3~d7}s#;e2$;~ zt2RkUs8}7!VPBf|G|Be)Zj#EaNl$^6pZ+Ik@h-SIJhYI379k?%4;xQo0y^rdTa7i zGVPBmjqQzKH9ng#!(sx$@z028pQvj$tLDEaoZ?-}OIQFFr+A@po8W^_Q6Lg1q%hoF2Ez42QUHreplb66EVPqx6Jl25}ye z!ixt{s)z>%wG6Cg%%4j>QICUO$+l#m^!~>{&AgTNUp`Z3aHIk$q81SR?yLX$38rwrfboEkus( zLNd10EbYj%@>yc-*eVFO2!@Enf|iSDaU1Wwi0

>LqPSEGVJhNR<~}!V89K-h2t4 zgK08jqlGQ*Fz=xxDYsW7^;6Om#|SXtvc`=@2jm+Vk|0%GcqYp*Ed~lIu zcTk4!z_D9A^5@9#;|LccyhDbMBHWK~i46DRdKyVwr40WS;a1Fvtk{fDR76}thC?zu z4OhupAOZ<8JPUUEA*2Uocm<3Os6s1zE81`d;TD;`5hnPD5Z)}qSc9Y^j&;g#3--N( z49nRPUb#pa$A3MfO)#8b1#Z?Vzd}YA{#N++fZh0eWI9zugTxAd2$*DDlj(m0oQ3}= z8NLiSFDm>EU?P6JnGQ(&_^%cz6Lwuy;--(!JFtu~e;)C05WB@shNlh-69M8U({qM} zR}BlJ3(cR*f1e%3Y6S$;*byR(MUVND1@QLfitzKp!mkVqzZD6i4}hPzEPfK-ZzEw* zzqrSIMTWsh27!QjCpz5;uF0^OJ~|Q>fb*J2*i4@v37hH5t*~$~!MVJ&i%ZG*U z9~OQD_qN&*Cq05WcSO?73in3B0&u=OER3>bTh5Gj)76ag{|w7uv&clyk9%HTfG(N; z9Ks}+R`@)^$q0AD1_Rtu0eS}jCYbrvQHT&fk04NmjE!^Cu(S$5ipTXKhx9C?`XIC^ zKoFD&KyCaX!YwPtr~UF<&ym zvS)QDa9;pnSzf;x;d+Ekz8Xy5fC!S+5{cj;C|DAu%`&_b;Y(5JhoNwL(9>R-{u(9= zv`C4U;r~Kj@iRH54-;J-9W}if8Tu$c2DturSo~HY;*5zP2IfQ8K%C$(5E(GtB;a;5 za4E9IF|%?E3`U}EgiDN;3LuJ^ghR48hGqfrGi5pEQ>6D|&=tx27wvSR;ONS{ z`7;Z+CJhVEfiWFgq_mm{ToB6Zx}i9w<0{u$-20)%pO@*I@fys9{8Gs1_BB}oI(lR} zx^yubI8q%0UtwUei~2+SOcuIc!bL$KuzY*DhG}fquaRDebm=pQuH+Yh?UsADSPkJu zJ3V$P!svoXdJe+i2y-1P)%CZO33C_BW6M^rEnb#C8=u>>!E5<6m%ee=s24`#C3ab)?>-80b#R=+6Pp&cLvypYx3ELC6U%r^t9U z1%tqX({ZEUf-7+=--6Ktc#9!^>QM{=3kK&Sc?L|!LP8GFYY`Vkw0h5w1++jEybX#T zBb0vHlYnWU5PZl+syY;atcH!78o9I{&VX-|H zL|AsVvEY_vi%a$|R>iT0?RbNBU{*pLTDefRUw70=n*TvBr3krZv6;UkYnZP zvvH0Xh=R{Ewn*l2CkUKE{+JuBu~_HMvkSP3qu`BEa8(o>ih`T$mW>3S#j>)i^6imz zRT*PTWW0yG4nzXTWWl3R*n-D^6A>7dMc_*~)s%?HY0y#&2GPqbxDK<01wUBwy1#gUkQQ3MczRC8vGX-5^>5nP>QSf;5u80`9P?d2krNvKdb_YAi}C3F*7Q@ zI4T}85y^i%3O;RDFfHDWpH^g-ofbvVv>nJ}NJ^)*MHL>j1u7}oZhaEEz;gDM6pD&( zj)G4`!96yd?6SKcc_U-@%X*DuAhOt)+#Z$bOcZ>Hu?J*<=^ndf)AQ^KrlXY)T6wzd zJTts@o*6z{m&^ds;G#MHW*oLFn}HUjN<=fFgyot{JI^(pb_FS_?O86xZL>NB#97^x z62{a&mL=e` zn8ZWvrz2~NqFDhO>8#zhOw0lztFqZ>K?H`NJt`}nooQD#8?CoiKC>Y=)=->XX4f@4 zgz+D=3Zp+P>N1k;3NnhLU~tG<2aq!Wi-?S_D0slmlZl2|dFUpGHL@~;5dkz4z-+Kese0 z0Z1d6+HH6qSZxtBFN!N!nP8)=APdArI&_EC$Je0(Ynq;~+IZ%JAPdj@I=k%reiIhs&!1u^_`yaC zssFUC8_0c)Rq=v)yMhJ1cK(H^*dk&fxMDSC;bFUMw%5j)ogB6P&uO!zH0M%8K-ePm z*}al0i_n^l77T(c$zKd2cF6c88|})L9JkAoQy8lO0d%F=WoUmO7?sdt_f6o89iI!T zt-`rznI(X^g;6jF+8~L@Jr$MzoDDCH;`GvLl(htB>7XrWWF%|pgJr19s(4vm6da0z zqbgelqVJJJ&r7!R=e5{F-B_M)OXhMQwOaPAD0oG&U3dkkwg_6$&Dd61S$5N+v+f+E{pRzXEn zel*~F5@*4VsQkNechZVKd`(mVurX2qauBJYkFlruyHoTmql+=tiu06-*r20VS+5Dx zixHfrhlid)I@)zo8N}16u5e5Om`-$^8_jq+&2{cJ zVLG{W$_C@q)?iK)qQW?$#R;tm)3K&nEa5i52veS^KEMbIxB~Dg38Q7|c@w4+OASO( z9$x@(riAMOqYe>|)@xM+Ls$~M2<$c!5<`HGOBk%v`c0T#3+bwadjLzM^m<4yHRF@( z082b{Dyesx@iVFb5123=M#gw0do)^*Fc@2A!gMGYi;RSn z4g|?(F~M{g7<>RNb+*%`{nG+liJ0P=d}SrVEqxazL@)-sP#D=BUBv z1(Wp|uDSE)Uw2(5yp8{Lmt(v-C+j-DFj=o|=ckkP6?hq*JY8QgVT->EyvHROT;A}7 zg81g`UbY?|E$rcS)AjJ=GP06Ad4TOElafY-9YVHZx+P2()_BVdebQ)8J_f3J%L3Ot z@L5ORGEAXAzQW-oebexQ}orcxwQ;8HzLg~vB=}`sruCarMZUHT&s%gezHsm55SV8 zUhq(1B{kWwQb=KX%~V*+B(k_gK9CiQN%r>D)pTDArfJm&QgE*lcA2=y>I%LN6Exhy z7T2}Q*=XDVyb65~4E}yz_0C*2g7`s(p$ih3;mZD)#TlPp@IH5v#iHHx0a@Ijh6%~t zfA?CZH)PF4g+k@9=xq43+Hk#9ZTuV;h~I=+3BFTHrZ|*Ny@(zq=Hg=Ug`c1wtF4A* z)H4;0@{300vNmukzEPRNx*-{@!M#bMSE+Xe+gidyKoZX@XX;bu#1n2yQgGL%o|0r7 z)g@qIqOy9^12z-= ztC(*=0KE1w-QNk3N(9Sbc@N%u>?=W+e~Uiv%-C-g5@kpZx^w!`zduT=Zb*V%<3O4| zZDu$n11CA?s!A9y_-mJ`S&#(EEARxeI+yccOrNV{K{#hDQLUig(V^GYovRo^@_Y_0gBSi)z=Y z`7n`ZWNbx41=oW6>6WsYCqP#^Pn*{tSx#*d436JYUX$ou{&(Dep|(-GV7tb^BQm>< z1MKy;gu`GqKAnB(G#I*?7;1hWm2a7?PZ+($-vUmD@ZaEm0~Y}6c++e>J9mp8?~?re zECx@X{{{CO=s1XB#H5P+LbxcdVXAXW=pCkpK4-4_lgmeCIm-7eI>PYJwl5k^=wegT!^~N`(vTJdlH53rO zF6ffFj{&aY0}d_T$aqW);9#wjkvR{me_p+%e!F^WOBWVD4Vh%1$a*Jlo(sCR@NT5QvhUnnJsY8vc?f;Q z^XKXF5ek`);}p4x_n9G2mY$SoNjNoP1PBU|gj1j6GxTW0*PruZWShQacrpf5=|2(I zoCW-~_>8;$edQirc&(m2Hig&5IAS7_*GSm&#$NVQ%VH}PdjrU1H z+XbP={dy8goc8N~SbjTF9B4v&$Y6AbAC_o;SxI~#`u?dc@J;~zkBi@bnQodYhEIuh zTw0(nov65KlN5JN+{%}OPpmWBGbQ9zSA(Mw$3xkPdEQw#Mcv@K74?0f*<5!b(CG?}Xu zw)tctrVmUvP`O19W1L{jmV$_LwN7UlwBnRCE;fa3Rby=BH8_=X_*(Vr^=~=LjK>48 z2T}9uKUMy_!RahF>ivPhUe&*5mGj$8NZ$#3O`kf;Fu(8MZ9{Tr;eOS`x z?o(;SLI&L)^vZgn9m`n?6=+ze97kF#rk-?~^A0S=Xi8<*(7-;Di1`bv9a7;0Q@>DI z!eI?;Q|~zsBaM1|J*oJIVc7WmpA;Ew!+yCIwN)VjFACiB?t)H!q3{LNu;+o#KYUbym$am~#?YO7Q15 zy=?f;V)OK;w->{9rL5_5(%cHZ>W&E|z?^tGn%-f~BeC$n_c_yQ!3CNPp@!2jd#BXo zuYCDm#gXk2E)1s}S>jv|)0r~lO*b3hXoGB4lPm`7meRV&kW+(WN9ax1AASPFQ<tm7Zy^nK!$KlT)}L5!ZC?T$ zNI8I&0akul;DG4D8iS0j!EUTA(+N2ZIb;+S{8K#S<47XQBGyvH!8(&jv!9hhii2#V z9>_%=$c|WBNFwOg^mgFi{w7+!&mjyzDX&2kVkkT!Tq(b;D%geLV1)@9xNw?!XaHstj8M756e!MSh?(DFv7&N-H&a_$fJar;m_9#3J-?sVdCw_yivHoCwv;57yXXDw))=93A?)B_SYaxokOpaf~v{+Vs`dq=70^jXHCk_NCmr$ zCj$(Vs2gUMSUu~eL$JNrd6=r!lY3C{qjKlgw_io&&JDzIGQ^`@tMREJcBf?9ipmvo z_ThwOuM0#>!&*ON1b^nuAp%>N5969yF3(KM1SS@C*u5vgkCY03QmzFn-TziQiMfOA zowJ|3fP=ml-T&73j(cn4=k9GgW8IHG`w5!_zfuXv??HZVtucwk@0`gJ&@yi$v{)lF z+D>S+r|xFc7G$%e=gQecqoEDvgF}Nx!ZdHjq+AzI3iiI8I!J#smCx{5Le*_`LYgRda4MK`@+lTU= zKfvOF8_OznJ?VjG!4ax>+nZR2_T%jKPj48)xl6G56|q7f!9rKScqCkJoOs2Hes(v2 zD2xUj>+1v}ZWD-GGc%)O!7ApwX=Pv6PQ*d;k#B$$@~uF9jS6q0NeJ>Grg7QMgdM<2rR#s>GZL<|WLDuk`ST11Fxq>vC% z8p`z`PR#2KOO)eALmxH)Lv7MMUP1(yp)^r`({N>|k#IyBY8)JD!4!E5T6i@IS7G)u zcOECN*mclofH}($l#99Jz_3DoYsZm7tD>r?9Y=Slj`>kZ9W{U|B&%212rLoR+hhYg z24#SB2Z${+6xXCWzb!Meok`eIZE#Pd%(5S$6HNA^^=D<*IACtxOcM^ur&3)c$ z#bJ{wjD|YG%?-&y>jfZJ6{t^W+=B2IM!CqmEqn+&);bcTK>OvMn$o4-nw-GP^)ErE z*D-BPYGAf;!dDc0p`aS88@F*{rne2kW$dMqak0Pt0}Rnm$h#IsL^OL3Ue1GTNKbf| z$xT5K=@JMy^ulG>5RX&W(U{LYahXN|1jh*r-OF$#nWv9W%&%RJ9r}z_-jliH|LJCo zHu%8UtK>B#sdr>=cUJMfJROEO&n(x+P5CTUYldPg;|2e6-4IZvX!-w*N%f!>KTYgu^p}7X=*X38hfjj_ng8G){IK+%&0o z(DXoSPk$L59fVtHLgPKl^)IJm)8k^rT{yC-hXK<*mW1ko&`lJ=|x9+dH+OajXIh(bG^oyGRrl~K=sx;p@AWxhTMj~)5?ys^U@lmb58#(VSiG^O;JmHHbK@{QDAz*&fIcVKTxQqOx= z>eIfZsgQnq@c|{4dyrub=@_&Z8{vMbFEIR|FYbh{!Eu&35s{em{~w;S3IcVCZ(N15 zXFZ+oSfxLCLrnYu(hz&_8tA06@Ce*8Kt!sZKB??(G#sv{!w&aO92-2h#NmN*_0s%C z`qXbYM$=%dy`3?X-{yakIgTuWGmVV}`n^WJb@24u#~SH;e?|k`#dL_XTPO;rzaf_$ zPkRzpmwUCMMLva!B(C3?$eQtQ3G8*Y2QTHnTvG~N7snKs=E6o57GS3e z^;coXU46ZtW^|=(cd*>Oj?RWe_JWwUVa1A}@sT++9BtHgQn`(Wl8J^DVllEEif0~( zby&ngqYgBE!Vc|G*b5M#D%yy{F=ij0s1b&aOVpsmR|ec6h4gj!I~RSDp{m( zsG>;49jpjra+_5-IUQ>(XRWY~tP_jW1MIM=5`LR1Cc14(p#A_mgzej5>>*kU!td8o zJQl<$ufEA>-v}?Y=AP0fh6Nf{uTw*ERh-p;cLbP*S^X#M1#B*Mgg_Wo656k15+No+ z=7yt=MnV=vY&-T6&8URcPF4H(sT=fbj6N`Ey2T($g5LQk@XAmtV47HI4=b1grdCpK z6G}*jB91k4VZWcqc3aX#U5ZsfJ~`AQohIH2_?RZ~V8LeTxXby#ukTqhMTLFpA=Y{N_b|^hSNL<9Bcrb)%k^8U)R8!)Qil4V{6q zKMr)8(fO0`+{gn(I23QkIsi_-uAe>&@3cB=7|m%DD#r{-b? zywFArAx4>s|H3Iq_i<3@0A+a+_6GJ{5JF^=@l`!McBs4pXpD_l*7jBLuyCG`!xo$f z{uAY2;h0zGv55UR@`yE$RTXCMjj*7l1^H1L*?9gK&wlVXh-csKME>->m--9uU2&^|g3xUJXqe>2;_p%wXX#u=m$y;BY8VtdF1N$H+Tfo8c^?o`J^q zG-Rk{SlcLj@NBqIEu$h(O|iLqSrfmcIudwGv3}L{RIUy}B=Xf}m}e%aA_Z}7l)W7T zleV;ZHJ?5z7GOd<-0$?~wucK*$8975fxY1~wHYw5^sLd-11RaBS`mYjVh0_THc?Kq zM;socI|Wr{=~y@r@FGq%%TSN3(Wk^IE-XvOi3T>V!HiSJ53kV|u2+QdeDLmx-p2c} zsgp#RiwI?hStUFiZBwcnK_t-X0_}}hDdf}fm{N_n7>e8eH?`)Cgu_5A(H4k5i;NUJ*A(AXV3p+sLYvR)kF?q$^eI$nV&Oh~OI`UYfh z-=a?)>&NCAdsu8gp#`D(^GPUq;1+$=6vYjNJFfOBoR|E~Sw!bxhHI7ZGtrQNGt$;u z^!tG`{#O0giNAQ0ifv7*ziI2u6R~H*S?Kd;i$HM^-*KzHRGyFSL?2L>^V7HLYiAYJ z%=n|%cp^U#XddbeeP5}p@jva|n(|aNEh(|IXXMKO?uULaC@Q;69}m*2Z`0>bE~1X1 zl_b_hZgjkcj=zoEo$h=WEb6{Zzit{;q?lg*0?^ut!V3zWaC#A6wdY32O>!wttzqq4 zs(;{kJC^6%u1~!-i@0d^jRH>^;l|nwreZQouYX5bLq}4eN1Xd(?&`%HkPNBL;*GcK zY16YPYyFGLnu74#|4q_@EIZoDahQnlg;B{s5n>w2<`C9sJBXeW3#y!B?hdkA$lFvJXkIG%R^VnSM)qz07^97uAO(ZujC2<-(yg+$Pr)b9`N zTr9@hDS>(V|3-+_7wMQnZ+~W^KHumOucINz@-QkZfF*c#NVwh4l#b0!XJhb@gcGwk zIAuD6V_oz730|2&aWx&$4&!1cx{775(>wPp(O-rZjl+pszVMRzQTS3eh$fC_FER9I zjpyJX6)y>&JE^~%9TK~e`j&l6x8`7QLLrBQn3m!R2_dtbL4ud1kKMu4wRgL6vLA&P ziNShllRjyJ7*WF{wQJYMY8B7C6W3?T zc=ernQXUrAL#<-7d@$TbeNSQ|X9FMFB$i|J9z~7=tn^r3lcBjOFY>tq`@;PD&pXB? z)w1};t#st2K^;znM=;HWwiO0K;e1+S01j~1U3i@bS5kNBej$#N|D`zA13j{zK2~*? z{=7qJ;qmui9_iyjdbIHVdvJ>d_n#E>kofh$1w%Fe2S@E+uCo zXSnlxKD628DlguRa#1N#+kc7C%D1Tf%<% z^dYX52R7?dH3GW{OuA)2rdEJ-PaZJeFpA}x?Ph2ieIks0ii<59<)NDQD+O^Mi#)j_ z;D7~QDo_HCrK3Fi6|-?5*_qFeZq_prtIgsJ9-v0W6Z-3~MBl{K`!GxN@SOXgkX1LY zz7N_fi?`gTCoRupOf5ALXh(sdg6iKB6KT6+zv5JqEH59XzYMTXZ8XcM)U74_%~~ZP z-tn-N4bDK!oS;%gy<7Cz9!*jS>$Kca1Msjt=YlqY@7kjKut+|-1w*2mpV^`>QkL^M zgW6=`pVr6o?#FKV60e|#kGIhyPds8PB);NjDzU)a!Ov4#8&9aj%lKr*^j?`>%6pJO z110(;9;npQNGkD}F7ww1VlsF2|7sjByGe6R{JrH6gz{{Zd3vwNGb)k?wZt^@fl6I` z@FnIHf!D;IlcoB(?*V=d1%LY{>b+f&#oV@4e(bV z(CdvJ2c!b!yTJ?Uq;47h6B_Pn|hq2CzG=(j%&jm4&bOC6SB4LqVvy_W0 zuR(0+!Y`B7VKt0mR%E2~&A&B=5Z^0NluDUWk4g@btK-@-2Avv2~7NQ7QU<1M!6|7%|hYi!X$8c(N3hA3=`d%1J zXCj=(gOBRJQs(o5pguvlmTwB`k0|qwoet_>DN)`Qvfz!OXRH2W{_lo<;#f&Ye?{4~ zH)E6+ZXPz=SIKO*4Rhg^A$^1U~XH zeGyN5M4Q4_J*Hp1tNhw2y!fwiu{o*nG zF~xWZQ=Crig>HHoF!e6MKaGOVvWPjG2Ii&4ArF394qmZZaEWcNuQg#aVa2!E=JXo) zW*HM{Js6D0Bg9ZowhgiL3dG7D75{itJhb~t*&0s?4hk$7LT7m?@qoL9R{UwkuD9Sp5ijJA(N}D5kO}mr z>_!Vl7gz;GcR{UL@#k!5CntzE%lI)6G;4IwHz8Nc_^Y8KE#j^Q5ydjz>qY(6XXd?` zHr3vMO|`ewCc;}472g;Yk5OPXfY@v`U@RJNldNp)QQPo;Y@c*2K$Xv z0Sj{)9{5ehh;Y)dBp6*_*;7tI1^3Fzrl4OfO*a+Yw^_zd4cHu-in8}v@jGlhQ;lX@ z`S=oSM-Sxd+8RRSy1+7Z^_^#Ii$pZdZL8a9)ix)lHQ5}R)@fHZtq(56WZ9&}=8zWc zPx_V|(`aQ9S`*3C6=leuXU9+fsacqzRnt3US%S}CWg;t>kz;dZ2Kw7-zzh&)dAYb| z2lT&XUwzFXY{F#WYtUzwaHW8a7JE}riDl%S(jH~(kBT3WWmA1N=Td`=eaDIi+bz5N zRNyxoiT2L~QcF3^L;%mnMKJZWXNg=$)hZ8Dn%f-EcK^k!VKlNG0fqD zq*!@orNFY;GWwlWZ}-_O6t-A23rMY@IP08kV>=s#mr0~#)NhT5*`@X@H+wS{YgV2p z{Id_+_>GJ#+o3}SDzjRdan^2qrq>p*j5iKIU3qahHGXH{8c9$*8iGo4gQ!)>kds-&(*~NDE zWnY5+w$G3U0>ML=v>9Cz9V_ zi-72RGJ(E)-DtrTxMX9&?e?s=7=;haU;SgXDCF1J;d4mXArp=QMuilg8UTz6MS*s}s8GP2fSV-6kxKL1kGwq131mC`*TtTA>_~ba1E1 zis{f!J8fp7<18HnQUN--qN4)=gD^ecgz1Dz-z;G~b!s*8)5(+$LI|c)DIItP48me0 z&cHx10-0t4oixQ%m@u6x#k80(ogl?@NjL;}K*DH&%V)xLNaPBb@bXN{HNjlIuSqX) zEUyw?3G_`V@XKAueS2^rczG+&+k>l~%e#2zcN{bH<)}b0_`oq`n&Y7=-i|bV#R^6z zO}-z%Mf_7w^YQ$bpQu;qE80+1DewP8ou)tHMU??w_N+c_R1rELt_&scWGTW?!L49N W+#BSmU|cmC$~NI|{cs$|*#8BMC;g59 delta 156954 zcmd444_s7L`agcoodE_MVAN4YL>&Yb1OX9s5Y$1@5Uebr%uF${wQ^f4tEmR=pwy!4 zw&-Zr3JFb%ZCyWZT9_%)=JvJL?PIO&vSo&4n_F!kGPlf(`MsZW&*hHP{`qeE{eFM< z^&0N;Jm;L}Jm-0y^XHy_bbpX|=GnxCL^UUWeC~wYiR0Yv95+4Tf8Fk}o{8ghN@WaV zmYIyrKK8HwDw`SmCqMNcM(~v|_MiG`Cm8$oPc?}xpD^}+{ilXy`aUH55B&ILRqP-B zmN3SRpGv?F(*CvI9UB>^pYP(||E)R7_}}|&bTZ!Sr}9VlvVZ&cyo>Sg_fx+wgYTJM z{oW<`egdf9PksM#=E}Y6n6hflw|;65F?gIQ;lJhsO!<4i|C+~?|IAPQPciy8`KbS~ zlKguDsQ-o(x)xiJX z?H}<}3Hv|!Q~ysg59b}3>Sy2atNbqFf0DMRE;gc%w(5Ub6N0U-{+2~ceS4mB^|uDQ zlI+^#3MHxamI`Gc-%~hrc+{S|M%)*z-TJaMeoub(80VgQrpHBU35}7C;IC$FQnIsy zx0j{_1EqcTY%DFd*z^y#ym7(K%Uyh|_F27>q4Yfw9C^j-6V<`K2F{%RwhUiU6HCgj zW0CasREFjT-{p?{#ms>ZD~2C03x&Gm`%G}km3Q(-g3nyJLFtYN&YbfxckRi&YLU`+ zv)`sXc_^9B_TNjK`SRelx#Lu~`p)O{amEWyakrg`MEtC&-*dq14k1LrU1%hZ=dUTkA>cRfkdRvX7lsuQRC zswbC`NdDlBRT~ol7GfJ@Lw+X?1^M*y9SEfZ5F^#uallIJ=mxw6A+pZg>-V3qC z zPZ6}|Zi^VHS{f-+Jpu1~X#(!*g^y$`!V8*B#-9wFY;i#1m-mW)J!6qp@UN2LxAY44 zv3M4>48#T*ArSn-{JJ=H&yq#6Zo7Hq++~Y%$4>}89-9&&l1{`24+JHAhSObQt`$C1yHa>&u%>bp z&(x+Y;Ug7WX7IJjQ4uJI;tgiqJzVL_f_hJ7M;CFi>t z%V&&L&$2w3U&OuDrKL`4P^U3&&;NF~+YD#t^1Xb}rRkY1Ec`?*%7IRznL3H;K&=}k zVCru^M{^#jxADP;evqK|C7Bk+AY{PkErR=hkiy-;lRp@oPRY2Q%hwFKY1H7Ph`dAX(8GCer#zZ10Vd?j+v`sIsa3`^vqb5Gb4e@}&CP{xBYaL=lH zqd4CjTzlVO-WYuHz7$S)0s!1)=%OT@YXi>!*f@;K%zk-T}PN;9ZCJ zCwSN6-G%o$ywBm?fcJU4H{yLUV+-|?tWobFS);d&r6E&aaNGUkWKT`SSQVO$Axn<; z83tW4vsbPe>?3;7L!nQ;%REvLa%C0-T6LJMVs~VtYKMobQu{^|c3t6ZC9(i^Dl+t;c*i===tAUd_ zk4gN8wNp?%P#xCeO`7urn7b@=VN;G83c#+w}B2;SrfM}s2+)A{Z_w*(GFD*+{V=;**;!#rzn##%QI?73;}YTF=>*%|Q# zVes-jO7M$_o?5cu5f{(VihjZ~l(=(yW#^c0}*$bM*@H$5fX`7i>UGlcCppkh+`+%V@4QC5Nq4u)SS6@;3qE(?I zWcQ+`P^uU$~7ynFJU6K_Wr^#Rd=9~g-T$`nr; z{%#Kb`H775!;*p?NIVp~L&8@1PQv?>;H2%txLq5*h~F9f-S%ZgdHR@)!9DbcQsSAd zzw~?o&&41w5AOvs{!-u#5H+ABZsvoFL~NOK4aOq`+GSJ?IOT1X_zvK1;KdT(1H3Bu z#*S;8i|$x@=gJ?fxMNZ7#6>>#!=*o5vf|!g;geg`VsjW2vE3YJMVvR`NGQV?e?^`N z8!sShW9(pqdW^Ay&1DXWY$&af)`n8iAdns#@}j{fjcAx{Z*bvL*)!_(K3*uJQNl>V zj_9x``3VVAskF=|tb+Cpdi?-%$)8~gS+pZ{WkuX^Zo;q&V1^XO(mN3xniA@6f+ zo!X6VdEo`(6{)W6ps?NfD88sGdRyvPpB$`zzMty9Inha7u)1B;bnbbP+0+le_IX}l zHvi#qK6Ul`A`7ZcsJ07;g@4OgXHQE9I;vwavYLu&SEx3*yp%0ki5&07&&-q<@l=crJ`15-{`pr))gAU5k zKm+wgBqsGnWua3$f)BltFzBZ;w37Ov<6!h;HJ58m=x0X}=5MEEk9(g;UmVf6>!dTk=#8|?SrQ&l*# zcuG(@_w2q!>hw5P6sb2H$R)xkNjZg=A^fsS!@=(#rZ1P_BK?)$;;%%k)Vg=_!Li^& zUpnGx*P04=V$gYP06!WWeXK0nB?FRzeSHbR$v^aJzihYIg6|xg-FGuIT(3}#WNaZm zQjYAI^!gqS6@U6hg8Gq6C%@tOXJ|Kkpvfjsfr{hnfIIajj~an^Ftjp>r}v~s4#;S1 zFC1(6`s2{Uuk67EFip9khoDFJVGk|<<*puF5635-{z!&vwWgOW!}#{#7r)O|U+EQi ztQY>LUU+9O{8N1Axj~bCg(VueA9$r+TFWTlCxDkryb#}lIc9v-0$V1mGYOVkfu8}s zQ6>oB)0r5`843&R=_2(SIC>ZtrI#}jmP5e1fJ<{&{s8j>bWvAsG2YXM;K2nNhL3!mq6Kq!&nFi#TfZIsx$68I-!;b@kI z7fiSjj!B_m%?MB0)AnX3x0@a5ghhKA|ME`X-vx~281&`H zf2@H(wYdfit&B6^cE<7y7?~Nu^*wFE{j6sEeo3Yf{gAOSJ=3qm_Th13u5#3<;}) za!jWiRAmMXf>sQN8U*1=WP(JLewG14rN&%dA~Nftx0q=Y510ZChMs>koq{NG0Gpyyr<6qAEy5^!@~&&|zv%m5UPgqf<_jFv2Z`I!tXS%{Ee6YCbJ~ z38Tao*puigwVReBIznxx<%EPO!9@vop#^eC7&I$XLy4(Lv@X|SY7VUd2|EGrlQ4K& z&+9NXfe|hVqc9O3HeE2Hwl89y9zgA0gipftfDw^0qvkH+m=04@7n!8P!N<$kAtup0yMwQu?im{A z(;Q7i?)bdi95FgxynN4;57s&o*?Ei;GXsYi3!G-wS}U{FrZRiOtL*%q_x^TYq{7Yz z7hb$obZzs9+H{CRVa4EuxF|wWpbos&l=`aEQKT8pwDP4D`w6bN1tKiE+DZA; zmb%i^zym1L2LtrL7`%G|QML?ZvLh+2TAlCo*9qOYYi~tnfGb9C5^-xwAsF!Tk95Yw zRD{P=$Z$tmb?IndppB){yL>4Mgv50leK#34m{voup z10@nlM}|9KxEhAH7O?Pvs!%9s<+r}MzkCS_K?19Z&e~gDX@MmW7-7}vi9XDRWYU`q zUjAbUm`;Wo@Q)1)B}fD32)<<8v`x~G!m#m|T6T%%Q22nTylNZeqGc+4_-FxthpkDS zwdp9?hoVHDz>ZDjJVpC`Bu`L@R-G<7+iA8tR9sNHb(E!-Tb^D5+4bZaQf) zuVKC(lTn`k+-%nyb}Rl4yL}(CmHZoKoBh9IHu76(vN_*nGOD)-?{AuoG(we9m~Jo^ zM#~uR9rgBV-wZiSB-bY^iBII&x+DF_Xn1s z9H>OpZc$kI>NiDLc^%rmC2$GR_#!Jxmr^0ZYE#fW=@rvY?+PoG8iy6D>VDuJVsI zQ5qE`p$3wehA|QN0LfHu!O>0BiWhh@OsGb2Pdl-slQF{U~Zas3(Lr zsAnuK^Ki3?Qd|dh(h$4C_QgW%Ud<{hD>A6Jmjs6co zzgb%z$urb7$O*yabto=1j&+`HsL)L7VY%7|old(;@|}VGFZTT-t->-$BhZc&l>~o%Kt= zUY(3!1)ZhV>~;uB;( zK8hx3$LxFvcWIy6`6w+pmV0BdBLK7bVw(JqUun0+@~M4O{qKzP)mnI3?R1`5n}XGg zwpiZEf2Z9Y#~d%O+1j?ULRzZDGR1Na z!p4rqI&vlm z6Kj)M+O_%a2?dpmA+ig2Cf-SS=iu$eI}h(v^|2$~nvS=eH5cA;B9oojn8+(?V>wu` zNGl7yKghF{*`S^@T|LKdsCg1Q)_#K>YfxFu`!8T+;r+kRvVD=-#EJu3*-G{2ANvBe zY=wFRt0X_h62wgG$I~~*ammajne|n7d@LBzf@N9gbhL+w@6Ba?i$$z{poETm6sr2B z>&d9h6A%lZw6LB^0+N51h2Fc1_^PIqzklA-&K$j@oPk6xm`AK4VHJKht&BEc6{(<8 znCEczkMUs)(+IqY@1>7md>}jN0~u!9P9M&AH)1mblW`hg#t_UH4>PKD(!PFS&xNq( zBx%ogVb24w=VP#E2kiMLVb8t2?1^{Tc6#rZ1)WeY!zcVJmM5#{dv{e&^zO>HF;2Zv zMQP*|H8j^ZjfKw8TJg0m_)a@Y+{PB5w6iel51CG z&E3`Mv&1Y1=t)?C+*egObY>F+%K9QBHletg3W*{#c_zjE-shl=n%pw&$^(`}+Tx)oS7?1>Bm4LBU`8%UMma-^meYdmM+Z=pfy!NC>%v=q>iDC+ z#+Qn?^Rzb#`6z4|xKPNm`EG6WWIiQc!DJ&n*mzeI*QIFpOy(ow5L-N*pq){)Urgr1 zOUflp=E(52ER(ci#Bp`vw+3(92Eb!xkSQmB?scUK))@V5Oi6;b-)4PLt>2LDqOUN|rSnz;YQr zL6GrBh8H7zUvTaG!8mNdvN7+;y)vf1SIo6o+5l3$=l0W_<~mT?VKYwJadR~zy~?Dg zLq*1RjnQ@;#;hpj zTAK9$az10-0**&pX0(T9@_V$`H!CU14b9r<%g~za#+I3p%DCP7o|$n_NOGFKXQsTv z+%r>7eB1RsGnLlh{LLdH=RqE&OPg83Q>@Sm*IsXpNKqEMv<)S^XL(>^YkLXbIM~=o z<)@$#;u)`qdYh8Ep>%tCbVCx=r58C{d zd>prF53S@GcSCeZ*! z+jUKZOKbW-iHy`)XuBTfQ?=*s;tu`z!a(iRUEB@0)p9q#+$hQToDGj8wEpNm{ws%+ zc>Gve9I@n%pQxW$v1Mwv{e=He^^1{SYJrzVdMr;L(XmWg1_{8h{wFXv!*Lc*9ro8A zWXDRN+yc}<+Gm9L)K9x<$O1Z3Pvh8$+~h+rwlj+Tc9e!zF|PfKW0JZg(Wl;0lI34= z#zTF+N(BEcv$ARn!C(!x%WMf9KxC$_1$+>La?t66r8@nLhi0J(nHT!> zW()wW5KQ}Q9Y3d@pf8&To)CU)I&5e z&iKtZpC^F0^!bJHEEN|cAljOm696x<(FmjX)!@H+E3?zkbM=e(JhNGzTzv|=J(FkZ zOyyAu3Dd z*kS~sT8ihewlL8$#C3H{WYIM0)Uhq6PZ^LR9noI=86SwPGP8sC{xnsa)xguhV^M7D_zfj?pXT6 zJD09xKU}eB<&W-ITy?Wg>$`y$YGoUEu9{>Xz~Gr-FxnsEWC=z!JzEzz+NmD;MRNg{ zhBwB>K*b+MM_OYwS~+I6!e@084@kHxG}b!?YOi@8yoXzi8M{N7jF8Hpl>XEpliv$<3p+K0&X{)UsMXDEjkeD$akaOBYgc- zR!^U~>S25i%gCs%yQZTzhqPnXjhl z32jRUZ&x|Y=tGJ@-nMUi1!xs(+J1pg!V%zBvroQnN5f@V==CCmdh3 zi1$s4#H|wF+$+4kS2*PrQFAhK4>4=kF8qn#q?{U~-S`%E(4LCc9(;?Z%=$p+stF&i zrYqR+_4_+XpBF~Ag8rD4g@EX@DoGE<>6)yejG-&ZE82h)D_b$070`JRkL=Z<2~@q|6HdYBU7Y^J5S*r! z_5~Ir@)8y;GSkm6h)9H^^s5nPBTBo~^BB%r(pCq=$2R`}w)8JRI_hpYWmfPKnk|I+ zU(nBJk`U@iY#v5|{Ez9h+GK=7%j(He=Tw}7$rRE&{=Vp4jSc$9Fcpj~c(;(Z7F1&Q zREQ}B->?WZv>%(66|RQPYDK5{AXN=vP0x=J$!6?uKA@|KBr1BQ+d~r-MQz6{_oT7(I={P&#XUe(vVpM{eJmNi9eG@UB(-wXP|_neQ+(&Nfe z5wFoFcE;HJ_kJXfq!w-HUZA#qr0xd6{j*`v}Eye-h#uOiB z<@B)_#s!|O+(Y`p&=Fq9OV%fIk5=;`PncyRGLE0*i(zCf+o%2+4&KZZ9D%}AixMf! zu$7Z~eSyW?Lng@@qR$>ub4~Uqx_0tI^!Q0yH@HIj>i2~7YUn*DJV!_mjyeA73p)Me z1!wjac-ATIX`Ob4`xGp-z3>sA7_oJ#rR4V3FF)e%akbs3NvK6hble4ltzw$gMNM*v zQ^lC*MQvI@wMcBkX=5&$JS=#SrFq-1?@FgnfMdJh*j~e_3toZAPrm029u|#OXZ`|A zu~mlrbgTq@&T(>&5`4@RQ?>LzkIo8{NZ6lqz|1JLI}0Bz{__RC+Elp1GokkUg=`El zsV;?Sbw=wZeT}V8&5Vf+;_x@2O)!VHeFaaj2A6uEidWL48K$lCX!MMWx_l^;u#6m?h7K^?}P7Rd%gdDgu&m`Hr<`n^B0^VKFm(S zh`sIP>($_U5ouF@i!_PCNZS5Sx!dMf&*Ds0cZ)Wyi+_HVj~YYr1%2X{Eu+a@n&L+r zuz)n-Z%UysKb^=?*Lb`|TVS$37l@v;EOhKI!p~M=ta}iX91k#e>)Oxwr(F5?MeV-N z`B3HKt=glX^W|xQcNM>X37W61%vrwVPc`K?+X|aiOG){Xs0;ojWxm~j1FEvJHR~K- z%atP!wC?{KzltZMz}Y)7vv0wC9VDnuw>&w`8#>lH`b+*4Pq(A5WvHeOs-|$J1^x~+ zv0vgq!@%j7{bM+sfIU`dZnX>N`E=ExE`8fq^TaQNrgXs-E2dVtw~5mMDTlhIo~AHe zlfgFlA{t#Zw8R2U%wcs+7lk=R7_y`=&`+ytI*IPsKr{^AKs%2MH z7(=CJwt!#vIdNEFYsi!RD7p+k`v102CJJC%KS>DSM!U$NrxI=G*L?7ZOq!YZwu$DF z+VUhE!CD9(IIUK{jmDz;1im#K+QP5-s4+NyLCt-4A)HAZbik~nn12`FNQ>D{@{lIeWYI#zmfwG*fC%_Qw?kkWkp3ss(vDB(K2uXD{?b-E~E65pA`*8g=^&jKv!1?gZio zf3j2cD+~QPU3zyQdo$X$TCAm@TG)a>XhI%eW_I9Cs&oD()HOJvsDo%Edov3nZdvHX zKN;1942QIK!)T%p!X~=_WsVbQ0V-J2a8Ym3(s`t6RnqG*@_K2HB&wfutjCX|JiWA$ zNA>dn-zLSb6DS>m4?<-ZL`n(Ba(gFIH2u$blaCDS{e;Bg?-Nv5S0OK3F` zaWXyHp?GCLKSv&_P+tCMbPSCp-lE3-CEB0kl~kpmQnNc0mwopTvUO1){=~I!YdH=j zNsT`MH_Oae!y1a3Vq35_m;<=BsL6g9Eg#Wm6g5Sjz&lXXW>3@W1W$vw7~*nwL8WNi zwj+FXQBzbq-VeZ4PlzGLXy)*)>esM19V>h2V}6BU2h>4Lj%)RcEDt`DqpI(mb%Nkj zZ+g3DYDzC-cMAk_l4(#W_fa=NiS<_Czly}VOLKP}Wi;pJ8`6k5;=9zxO1v1}*2C1) z9aso2I)L#V_(O;!@NgI%Ipw3`_^ua*OF~8p;5;yKByl~TNSIMyV|}fshx_I@FKJ`Yvv%PqebXcdnr~K zGc9T*Az6bMyL~iMFgNDHU}YT|un6d?4)1up{kNyP8MXK87g=D4*kyu2x)(?GV|`j~ zoKiAhr?~0poandLPqjD%O>m9PgqNu(^k2nVXH$HVod4Q>;dZFA=wMvqY85GIklz%)Z1oE`#=C{! z*t#{7nH_NyI3PKl6*LE>@wVAJP#4o^B@JIoq5fL<71(Pg1ut|6Ox zo8q0T5s#L6k0WtQQB$ABj5W$m5&(fI&n zSoBw)81!%YD`N$HtWy~r{nf@Wx?8);sr2m$RK62T z{A}WjzRN9jOPd3ld$SQnboeQ^$% z>Md*A7iWm!qyUSY)QoR+)F>QcW|J_pK}wzE#>_?$;-Zdw51uDScIB6bLd29bQ*bjT z5Neq#xLC6%C~ozO0L4JPbf`CX%%NPW)88V|#h{5kFVWH**-(HwyBK=Kh}e*-;eIi2 z+m1n&qX8!}Fz9j_gDvoJ;M9h_=IL3x&?u&^FTkgO%2JV*I-KoLS%=^gLmljazg>iQ zq7tZo>--nwN!x%EA>Snr_@)|j0O*rf*J22PF@)fBC4{w zovPC?`hFP4h#PG#8e{lRPIIbjfgfZguza`Zj2am>vrltYPbqb-nFY6A%d#=%DOrQ& z3*9Bbh2#U2p|JV3?#&w>W0(*8=9udLbIC63LYjnIEKYZe{@L4P^{mE7gItyB z1Y9-MNfm<<8WjVukW{anpVyJ|Ebgl$4EcN+>ZuC_3KTUl(JfY_Ti+`S{jG$ed^Si) zP(ROupE^8;6sj3c%v?DAHKnvQZMVO>Bnw~2*4pXV2bY4gO(CUYeFXNx&A=Do2#oDh z@FhHgnzX;!b@8cRj@+n=@0H?P<^>=&6@lgeNNOp)!+Y@TK2HM5g)&{zmKGg2+pIMu zDhU&kzC(t?P_a-g=A)c?zMS&4FHYxT_sy@gP@*y>_p9UN6rzn<%arOV-d(?%s(k8g zI+v!xA=WHpyrR^bRh>T9NA$ALIee=QhC+_ZZp;ny*(J;|g6Jv>eX&pC@Pkm7glW?C zw1la7?~t$;@KIep>|9wDk$L-Q2jq;%T%7J;FsEBK`Kf5)Q&%r$d8=yCy(UMJJG|Zp1+G;O8YY)}#2uh!~TPP^DMjF4<-Hp!eWs z){G|BT+@FwO~N<;Z}qlyb=8dfi4Vp}U4?Y(F@L6xeEX~uo{*$&!l?70aN1NT5<9oV z05BD$s>h~8ZG94Y=&ojpO6aeWlz}&$49~A?M1^~a0X+^RAX1%>VxzV^SM=yDV0mdl+DkR z@ZKh+Sd1y*m#c4pj;31dYTTM*^g)*t!1iKX7o|ankqX|g3{!HsSGzb&nWsGdj&_Y( znWjAci1w&kDdLZ6C)~>5Jm0mH? zpN2+p8EVi)yrJSR&e510^P#iFcpP1VJ{}JhBD^2MF}WJ@<9!tGNq8T|dj;MHv^SEK z3~ZI_PF6f>zBd#K9%5Bg&90i|6IBY`E53x32fR(8cEC)?hL$>jWBZ~eHHBKp!^BNJ z+d`WIhtN+wu1|oWyWrr*u!>04I)D)|rmbEo!5iv*$=hq1L`{;@&3TylnY%vOoEd}- zcgkhV?Kq+75OXP*Zl`7(3o@CgqBbFfzE~6RRC1b0S}kbwdAkbxn43BCz;TF10uU~i zHBq%Oi}b8t)f)bX52&ztLM#pSPc8T1Sjg&T!6JDgC^R*_i%dA5c+TWif64(;gaSiBw{i zYp=U3&PbMoNX6PmW0hgNN`KX9F}c9DYoqCPSS!s{#_{u74ZSk8XL6P7=oJ<6uVKzE|zaEV(ivo-U1F@+-o%i8zuF^fOpI}ZC9R>9St$Wvt3-()bGad ztD5p~6Jfa)Hy*OB(`JrWviSk+?(xuWpDyi+XDzM;S0J{2s}t>ju)8ELt9%p9C`LHV ztB3QIGTt1-E7xJ=IE0-i?jwy~$lcnM3Cb{)__WBl1|RUXACR=;*!bDbr{faS$08c7 z`tDEC_HFXoDT#Lz-GBN#iNWH&@3X00t$$N_G%A$V5Yb;+J28x(0?9d z@hCq%&J&QW9vg$RpSO$P&qa1H)k)TV$50Z~5Wic- zwaGWp4)>y=!0{bAjeEf}=i6qwLn%TMYcSK=$HigG>>a-ePY7A(tGe6WB+9kK-33@r!^v@r%`Q zxbUidt1 z;8av%-1nq(BB-UGLUrAGABqH{;6@}Juj`d;1L9PIRwBb2dxbv@t&qN5G91N^Bz+qA zZ-A4!B(7SIfBGQ308ZtfEg5zJCzo6&@o!N5ih*y|@dztm@i@?oKp4tg zJQ7d71cwui27?puiX_RPmm(uBgEG#e)JJ9bRcKHSgGsZ*D|;9UAmX-OxF5~rZqUxl z_@rI&kYUJ)eufsi1p+V`;Sn^*gv*`&5tLXwlmPMDu!-G?aH*jPY`5>9iGWm@9#x?K z9N;S@et}Zaqo>CeB&m?42WbLH-*C+|^_G0kY zUieq|WGn%#Q;#1Vjl!k@ml}(PusM~$rHP`40VjB|ep~~#9k`LfPxM1(MuDQ?Bl(R;ze1+3$0WEN zxIC5JG3x|_USpb@mA$)8~ zC2-k}M1KMMPt5~ipRNHq?lbih;2R}A80HHAcSt-Jcmwcbx7 z#M~}%Xl!~5;_sGt0NO_!B}ekp$o}HdOBA!0v6(0_mu-E_|B}J7VTnOgt3P_Ri#gGQ z3n1pqrFb8u7v3LDKsjh>xf`N|;F?}|RWBS(um0!-=+moK^m(jT z_%7TZnnqtGQUJBRSA?Uz@V9#5os2E9f+icLK4@x}906{V1wbuXa?Hf-XjzwZK%??7 zntc>wOI-+;POjR=0inm*SD{$}I~oc`85lSk3Nc$?;ER9@FP8C_1E<0p;r9cE6Zhah z222?m;hO*__24SAQ`710Au#*%fK$WpmjOd%Jq*YPGQ;rq0Oy3^p8+PPHZtr6>@o4! zSipq_j*Maxfp`r9@N~e%VR)_e?`KlY19l$Vgk1ikaysC!^5!4iws`rh+m_#a+fw{*n&5M;k*$NTRKDWD zZRvyEW|DD8f`6{DbP0aG6+gOT1ZzZV2xFt_PJ--}3YR8p0z+`WN55PNP0OL^(Gj^o` zpD=ILqXS=8NxJ16V^>Sqx&T*A8}MmdlV-r@iJqV{jYu*RN9<*+LK}3glCro$#*Msa zri-e>ZLN|XwVkm=28?9%UsCCbf{aF5o6}5dD>UV@l{0puw&hyoYd*X6k$K8oi)x4# z2Wgf{R&ilT;!wmYgT9lon+*69lOA7!dL`-cE6}eSa6Pg!;4_R}BVmV~u^;F#4mcn) zLkI`TW(eU3OVAhPyHzIci?S^+V7T%P28^=xz!0JbMge-@mM|Flx*zAbOoj%M87&yh<*_IW+_C!cC#@3&M`J$()**3%MBQ5dtenR{gDx{&$M9wUAD4GaleD;|zdS4DAj;oW+vofDS#*&Co0x2(=jQH4ths+-o3& zFx+b(%+V9)yh%^6nI=nsphnt+w6HiU8M{NfYN6s(8%+;N0C%G(3Fl0myPRQg7#Ekv z)W6GTrgcH*_sC+oIvDdwc#t~`o~>6}VeUbdjNNBMS{?>(G;8*tmN5F>Fc>ve~li#gqoTuI30|ZT)@SEUzIR|5?_;WKHxVbJRa~LB#b^Q z5o4hetK@?gU%VTUBM_PK5F|FtG1P7*9(uRTY%IQq zYGh^vKPc%Ce&|DzPVmE$J``}1q!aw4qz{LQhVGI9K!$$8*eWT+Fu+F3lMI)BK+=;_ zv5INHa6qGlO+L=pg9aUGS4((!oyl`J{K;^};qAhC_2y>y8T=CjnIHu!GBQhn4UP6S zWv7{ODon6e#vcLUj5s3-G4o*1OBnm90i$*pg&6@MeqzuMBmajaGSX=>9hql({>aKO zI)rF2;vY6kGxC^O6-Qn)G2v|Z$5t6X8=5oxCcDtAirHSqwi$7JVR1Hw!F$pE-)lrV z!c6!?7~I9!{W4CDH4IL|?1Mpv5Jnr210jr-G)I<_;mKJL7N^b-0_D#MlPCwJ@5$^y z7!11_r5tNB)jk%^xI+pt_PAM%bCK~=lAgQLbn4u7rn%|Ph6bbk&pm3|IQInpo1l?6 z%!$UK^o9e{B?`tcY20SBMH>e#8m-$n2yOVyxYMT4c|Mb_=Arb4XXc$Td%W?^Fu2_8 z*T*k2$5`W$u`%)-f0(hSrO@M%nK1wye-Q_yBz=O*BpK7KD|Y_b4bB@7!IO!JqU)hr)cF*3;SF#RSUS}|@PpJZq3msDUX|0D-vyJYDn zp??;cc|jj3Gb4DK?6YS9o+-O*g0GhJrGT%Ibb@b_bYw7z1}P*o!8MW&At$W@Ndyq` zs0{coz{X&K;HM=W(?^qxu>!%rmh`^>ei<-jK=2znotEw<(GU%E0e>XvBS8OD(nmm~ zNf%_m3vV!kC4CRzDI1) z!KZG)SqV=BtbPH6R78wO69f~ZZV7`?p`ydYs1Qsj4lyc(Faidn!Z^SrG}K<0#MmAw zXd!8W=qPdFOg+AU=j(KpN?Ay%po|GNN=%Gi)+33GU)AFX_>7ssWW?JmGn?!(X9Xr# zNe_oxOs-?>StHKFI!`L(&zW5!7e2`9u*=(x)L~qs^a& zI7Y)Y4JPQJ!vsBa6wH`~P^XZ-pAm_|c&1DeE=oK$>GIonha2Zs+(twe{O9l*Q?15K? z@!5>ISR>9}#ts=U3cP_}D*t6LfiYCN?6jGHYQ}G5f)WVvvH^R|_$4bCd(ogDHq~1K zo<=8B(q(FQ7SbBpnguPYJ;-shyDWuJhI&hpz))#vC1bD1%t{-~%u11g!KV!Ehv>kX zu|K3nc3=eKXY`h3C}gwFM`dM59F$CFI~aS_fOE`=g4s~1k$84p7`&6Q-x~2z0K+u1 zKQaC0a`?ni8RznH#vV0b@LXn$|1WPenO?q^vELbyjxlz`fG;xknuM?LGq%%!;eh25 zzS3=K;>to(LswRX!Rt)zUa1~16VI`l^J8-w%>-A0Ze(y3N^A_Ru7YreX|DE~+Pb>M z96?=u80#@oxN?ulvm64EiADV@KWzq7urN5)%(!BnS+WY0-Vmr_cNiTeFzDCVO!_r* z!svBj^mgRmli-{ga4o8q(a2m2JN3Y*PKIM%3o{vMuZ1QI2b_n@jQH~ohtbcNCcX}Z z)cpzNzYaDtTDt3yvBBuNDwEN5^+p23Zw`YYgz;T)-BHF~m#V(5)8siHS~Pgh2YSCy9$hYVEBR2UsQF5(Jx}}j!e7MZqk>+4}|k(qJ&Gq)Nqicb>@I#>26bv zOFLjc?VXj%f2)%q8?8Xmy?T>Q0|qYvZw3rm2`*R%c#fp61Y9m*gtK`PJ_Z=p5%C)V zS4y}UaFv9&170TMcLJt=w;UjwvCNpvbKtxyUWh0mhpNr4bkuY~cXMm{0v zO97Wicvi4!Q$p)s@4>cQm9`~WWbtWBlI5sgeA2ZdmFp)AXZQhC8sncoWPUKMuuLCRvN;wYQMOpO#+N=|mqr)S> zC~BF6kwMf(9UkcgyjQ|Lz*0Echhvj`MjiN`hbCeA!MIxxRId< zosOz5_24c~m#2DG8U8myHM(%~e{v2fgoJG%+j1VA9V0E+(O_j(BE_Eh2v9MTaJ3ZOS-Ld4-M7 zR;j~@weIJ&*J_mU9}g*ku2`;=(ltUEBfM z47%wl<6$1O6$VBihq-%42;?6m)7Jz)h)F zU`MpL0wn?eoMGVuN_NB~1Uj^B4=B0XsRxw)eQsQQ=h6vz#Y>m`s7gEgfHHDW6sA(d z0~ev@lODbR^)kp$CB+g$D1&?*Y{Y-Re(mAA70Y4$!b^BNOVuyDJg;APd0xNIm%1A^ zN59Y4TGDf$uVP)U#ndaKB637R+-w zRPu6#gDUY2twYx+Ka0xnX4hdv)GjobNB`;C)6C*M0oZe~JkE899b2&jS66J)IvbQN z1GY9GKwPO-i!*(=2MuRdf7-fXJx)hCt8i!|?b3rF<*frYDm(e)D$H1trk}x2JP!T! zJT!L%V7Ux`9qoP+@MRMJ7UPB#*dz-$B(9rqnDvUAoFS;XiCW-h|bY|kc~-f-Ynrd z!`}KoY~<0}`me1{?VTHWd?d9e>}c?zyYMg0TeP8%;8a%&U3EH=(A$7U90jKiZQ)v; z!jEcgMA;5XrS{rmxb!jBs>MBuG{xG4N5ibEbxn*+XubbYH%T z4LH_y%^6#aR&5sFSUU_|?piOd1z?5lIvj4qj~XD*?G@>cN%=SgiK~>Y)y1hf)g>ia z)unDvb;+zOdBl&d=2{SV7ja7vw-kB)xhM-XzO!}LA?0XKO2Bos>EakAZZKhU;O^YG4M-c^Agw*DU};p3sj8BU1u#V|{&5D3=_NH9S0$|e8j5%v;{&>g zFEAdOkO@%y5$VmBcs}CHA{=YnKFEg%lz|Bx-PD0jABP|sfxbo333TT_j zmBb~oxZ6*?G|d0(la{KeG@N7=7gUoQA42xxZtm4^S6p=l%~-|VyLDJWm}#@L#QC=j zca}deYD#$>pVCmTU9?%+BK>t|<}}o|wntlv6n;)q?3SPKRP7KsSP#$eOntFZy8AMS@D)B8I6e92H8iket`aFL2TUXTcx_>0!F zr0VNSc2$%{wV{HLXWKA*>!dpZ^1aMkJ4o+gt7qYV=9F~p5*K%1yn=Nyj{lX@r8agk z+#^t|e(<$VTq38RW9Gt5R-u*Xc?-r4b?f#sLDnJjIzFgjZU}5^tHrs z<;@5!v7hCvvi&M8u0Q_a{b#LN{Vgd`lk?D5&1U*@`rAi1OXLyGS@IHex&vKArgU}M zhD6Imobi1%(K3pk*3Qz)t|bn(WZ*{BnS(9ae3^FlU`xv6bux!K`9{BQX_jzd7!94f zc;?7=D&if{{xH}wYCxAH8PVMsq+7LqNtP6zrcFq)jKh8FwGC^z9o*oJf9M#?$3OUe_41;iPEo&IC678B{2=i$V(yK*#ZW!c0 zp?x$ArD0l}8!;h)8`vCeAz^-Pts7BxYi)!frrVMoZP#RCu4gs zv^=ec<22{AIIni)E_^o)OtBdc77nuv)S6Q)eQ{R(nG}@qxb|L( zWo|UYp+{lblvH@3Ut5?8F7T362)I$(mI`JNH`P)`yWC=B2|50~L7aCcPH0EWj5LpI z&)1GUZFRPmjIiYMeh0{Trz1+w8Eq{%((>fMLN+tbOY}#>QkH2~ju$#I5ugP9|Lor_~K~&YntVc*lK=SKik0X#c;A2q30xy zW=DVEad`N8n06xoc|L~!0(P_@97Z zr1|DL839I*4IqL%p29x{P6_77@N*ailZ6Z%gNV2VW_$$$m$=OkKptmNFq$V_@{M|W zWiaB3M=ua=Z)SaQ)jZ>}M2Zt91zQlKQ6|X6IK3FS5k3w0Ug+0gh(*bPB}m^OfaG&%2e4XcfpVNuS z%nG;CIP*>f z36UG6B!B+1S!Qg&LB3jel!*j2a1+M0!u=G+uPJaJ67FZ=KI3rj$H6@yUkpT|!V{*qt`s2y)IE@Up2#>eXD5p8xKZd)N{d$&>Zp}eKu6PmeGfc@{24&)8 zkU0!#_)ie>driB$58;v!aCQL&3DFo~xIvuMJrm05hptG@m{YK~sS@t(c6nwRIF)r4 z9;byz4i+2Q;g$#>a?W;4*=i!3xX6DtLUd9&fN+-#-*ZR!b2to!aC!dDd?f|Zq`0C1ypz(D~xw-gBJH%0h|npWJ33`BLLd4u8(gx?V1pP*BRaGcwI2+Z{Co?wfGe2)8v7drhj5Kt>o3HMs_NkBEToC#|$TyVG58@}=@mXAkkv!_Yqwq-+IULZm^%ssW&M@}s z>{oM)->8#4b8(#L_&alrRZ-S7G1RBA`XmYa958U0Ed9?q{QFVar2h@fXA3wc9y^pJ zoPw1A3Hw!Anm$Oj{Vk2!$*D3@P!$#f;-*Od(>Ty7VK6mCz_E}}qJ+C(9V85CN&lfh zXr}NVnyd03T1p6s3O=+_6%d!HD2szcB=vDyRHku2T2dSb4yB0#;;yL4lQN2MKi-r;{!$$osClK1#{MdbKQyb>fA z^v9!sxuUS~C}5m~p>z=#6r@Z4W(RyoDd6}X2Yf}{r#&N(d-N0+5jPH313| zfvd69C<;yps_K`}fia=lhYKpCPS>eHWB@kQLwD{llLe#PVQ1{pNs+| zt0!MjNKZMesF~8O@}V`(l>#AJQ~snA3V3uysYrm6nI4jHiR*Oo8=uAQ6Gfz}K))EAmM} z{!%ehkUw#e*S{1{BW-&Mu$CF6oL4MO8BlO)oT8Er|46Q+Iz*P5?C?)>z?lv>fbyk% zP6d0VoKizd9CSh`QUEB9!0isW%K;yDz(*Z$w*v-;Z2bWJGk~@20G#1~3l$PGz#(a# zX8<87jv1#MFt`=*2e%|gXM#hLqcfpf5r5>FX9?NNtW}9;f&!V*%pM1PP02pZRGFrM z09im93W&f|fXF|s&H;mqQYS1rnj{@*C`>9y+F4c2(yl11XE_Rd8$*Qn98LBYaBOwu;1FozW z`OH0};?M0CW}E1rds=lgGS8|=nU|Gq&%B|I58n+vSRpc{GcvMQGam>^%QzoYN+jk3 zA=z17P>3;^LloI8*m2JoY#mfZ&IbgdiEC&V4 z&PdK7m1mB1UQwS5HWrG+xfo&RV19#sxzhlHQVuV2_+!Q=;$MOuvy8t2u#8{f$iGhQ zI?UZ;AD86x=YmRE3vy2>PUM2slI^*mUcy*5h$!H~c!z(Q+Hbos;PC$f4sQtL7Cr=6 zAh$4t`d=g{UigfrmB>h#I4O~lx)ggCb}OA&cp4KsBJHA(0|o(7hw^;NKd;8&e?%%Q z=+8rylNkk&Kqd}+O|cqlq!CsJUU&Gv>G1DWA_)9Yi68(jO0fp6D-q-up{s5Q3i7KJ zW%&+-7RRan{NiL4XK|$x+2SpV)r%qHts>9GP-LmFi@_Dyvsw&GX_E2zD(;gP0EcgRpQ{%q^lqGej5PpE|`d5g;A_19d zk3wOo!ylUbML}6%t;2t}+5%e$z1boPF8mf?QE=fQ#koT0ja2r+ev~g|Pp3y@8-Guq z@?U~Xq)sfUcK9E5_+OCY%=E)?CvaH3@0qh=>Fbb=caJ$O1__`Xs z7NY<;j4A;VvJqN#8S|?m?J{se5(ef*Y(^;@B0gRtf?TJF1f|uAn&ruA;IZ7V#{G0C zLyBX0t;0X4CZ3i9Y0h`9Z(Dk7bo@msvbF94mX&0J>*~lsg&Ru`!oMO>6;_cUS%>-Oqe`nQ zE@IuE^gxIIWrsfq2$D{aKiYzwLRap~25buZe;?#gEDF1Cx6Z#Izxhs}gK@L}9l94T;2b17rzI`ENtNBcrP8UJQ;~Ro_1W%?*KZhI;;E+AuBZ zxdn2xe&;T?{b}va9kO9sw{xRF$~5^5V37~4*Tr~j|CHT;b8UE*7cj#3K7CrFi)pt5 zXniiGPr$8!ui5Zy_{C<}@EjBnTVuntP8Zu@!?Y$Bi@XR4T91ppB4ETFDmX#waI|(o zacB+B8d@(LXAyANhH33>C?ZlMT6c>BQUuc)TU@OT(|TGQ;*meCrNs%PX&G%83MYSB zG8$d}^N4uKJAHcZQ9BWi?$*2?JOU5Z5OVk0iwFs+Dryf(c4 zg4}~Tk$vTRQ6pI5PS=XI3DtMGDm8mMeFM-LhuGM!jP3N;L^JtuJ+bZIb_@mh{$qMP zoA7PykFU%`tqIU}TzLcD87ZG0j!o%{JEQW7*C%#t2ut#-8DxJuLmN*kMuK z4_pFl{a=kKuJ$+=US8I@&PZbqtv5!nyVo0c$I;#_+JKIoPuts`X&igJalMhL z>;J&s+<@&S53>*Hvz+~zKC{@EN_>W~`ISbpMbk^z^BPaDThQa1fgU`voV2WdMF?Bl zcWaB`w>JMo_&Qz-DU+~Kc_FNZ;U~_X6PVx znjw8T?U@UF6OUTN;8BvV2FO2oFY=pEqD{@DOm{BDV>AW)HMM4IHzJ$}U#6|C$TSm) zkFnVMjpY_L8PY=@e3RjCbL#yeB%DxCPn$uZA3A^6?_l^?PM%hT7rx_jCTS_zm+-c^ zhF)GjE)}6?$D-b;r&pQfBdmCZq=~F*QpgE(P|keUy6}$+Q^K7bs7>zG75bMy?-D{)QAH6P*{i;Mmsu=P~}r&VX(dq*FoIxmm`BKW&UZ?yE9Bi49z*w_5$xS_ZvXOA5&aK#!m7 z!rOpd_Ji@{CzgAh)_pwr`}zxkY{?l7i}t>!%88w+ja{qH?^6DaQZ>kk>98+s~x z^$}yd>*_G}-Xlgr*6%rEI>U$XMoEyi-eq(g+KY32x~@InFvd4I7LSyKKVYI z_^6SfzreB|HU3k7jZLe=UaJdp6d7oIkE0_Ae@Jv!_$WycQtRH2{t~`@K&YQ1ly4)mbLuieB$*Hi4&XWC zgo1i{v4@bdx7q66oGQFdPx~kD`Ji6DHZS&8-b~|Lkg4E;4^*OET0d728#%cV^Gw_D ze;I2XqsPVnPH0CYr`uEQ=A@CrIksb_!pZ7#RH;F14jC-V9+6zcw4#Ptr8k@BR`TV%ud^G`?K<=48QB<1oq5R#&rLmi17S_w`!mg6(pSnS*V%2 z@FH4;7Pl7XE^>TYV)h*DiGI2$eO>F2!F3%s8>|z%*nd4`tQp%dp@~iz6arC=3;job ztZ#VvyX?N8G0pn+ckAiM2w{e6mtf-u&ZDmOQFF+p44uSzE;?d@wgXKj^cFkA*Ww$8 zKM!o?7Bsb5aDP%gg;Q95r&dNyGHvb#TsZsdfN$jx><@l8&#vqKW%W7zz$XV8%7%!x z-IFEtpIldlz?~z9%h%?wx??O$a{q09& zzSIQeqjj}jhP|K~$`7ag;%@9Zx9G^rA(%$5JhLFS=eIUa#xvpp6n^+W>l^;{je2Vd zstZ*WWI(!y<5T-Z+%5FXV16f#wxAaC8ZM4vAe^jVA@vgoIdImlI|s1k{Ym1grB!m4 z?b2F_jbKr;c&jT!Y=gT#2NiAS{AKl&$<7U{>-SEEdmLVW_v2^;*ov<^_;XZ5I#hy# zU^yY|J=~;KlStR$2m4AN^KvggBafCr8OtgV^bWSa3%I7XvpD);HsE z9w}T$hb4F*9m_cwu7(Jb8{Px!Nd*7#gL*6aoqBG?skujHc+7R2U7)rHhYj4+?T}pw z?!Qah&RadvMo`+|W-YV)$&VU{189LQuK6O9BA!VH%(!?CUSyKt$GH(|u5UvS)ertY z?jN*m7UD>mt5De8FBsB3k2!>vBpj>CL7?89G- zhpf;gNkR477yM{mJx-U@5{G6#&#FU4g4NDdWB?D=k*eIVAC}gxg`R?4>B8aFMy(do zj1qL5gTEKOo*JrHXmxm2{O!42+EF|WS0QS!d?vgVM~A#5-Nr;588qLi4-Me#{8L&{ z=mMVIM8zFN6(l0DU0QW0$l@A-R|jnN9Xt#LH526qDS9KiR@6hVn)t(xk-BGf#%lpQ z>E8AcRFt0<{rDbe9BBBs7#i6sHIf7gVQaGSkCfGPy^LT_@VP0nTL&hi6aE&kVkdSP z6H|-BgETIfNk_8qvN_DH$y?GBs6CxYTpcKUb`wk4Wi+zJPjs)KWn42%S}-+;;!H+^GH`ZcV5`qn6cvwzyNPppI+fM*QIo$i@;dtfdTXlomkSoX8JM zf$?a&VCXBypRnv8EMw}?~t0nPM(+SjIdX9&rx!H<02UM7HUny z^wj;HoCe$;fmZ-SEn1vS9rYQ*UCz$4HTB0-*CNNlxH=vTcYq_Lj?I)VI2{%ROj@b+^fVKHfF!4JYyf`!pSPpqUs9hH-VEco?D#fbP{0X-e>`sQ!Hr z8$^eLSv|pTLovzEb{~PrtAp&nziPbT`fxdW=4(ct{x18;*Kj23XCv9~zJ_xZFEHQN zA>oNE@O5LVMX$_5|8(zc^mXv%&oSa_3S%+Qn0uQJU!#g@OOi~!b^*5N2$zt3Sn>?Q z$+);-TzZy;e>U3YoJO4P0XMl8tou&9-)e~u1fLp-6OMRmHRmO5$hs3(24PK@-fVb> z)T}#!C@-+YW@DC>i8A&$%J8B;mcIb!xdI2ZOfV)(hU1GKzz5{!I6*0Z!v|l1He8X$ z0rb#8&pnO#S`W1bV6+x`FQT1a=Yqjlj08jF1bT;u59I{4A}SE-zmI*`Y)qO^PxR2x z17-Q7cH6XuE7|ZCW41+ogdYFf7`8QPdxG!Gqv0nfUqp-J;TYCY59{_U2Cwt%(G%kp zgDTK%X$Q|n!qMLV3T1bMA8nj$@xqS;PtEn6dmX(#5qvXL6J=|aJTH1(|R$hd+R z3Xgq6DFS)cCk;`#crBGfz3NA`Y?xC$!<+48tHAXDT8;q@}S3UovJ|MN*nj_cCeWvZ^)h#IG=V-N8Gg$DkQ&VbyB( zqO*dI=yqYHYXvr21U8idi*i1#(1}@+YF*p8YBe8l(!i5?QNeTQL7~GMe3sgPQFQJW zb@(g52`Bj|0o(Nr1J^WDH6*Q~ek*A#y@bmBFp99Ed=?p(voSxrlB*PYt5FOioh^|5o zWw>Z|>CMoQqDU1wsPlg6?S9(PU6}FUZD%8PG&H>Q-TH>#+4DqpCR(fi=jiBAN z|0Tl=%8&{|hJMP}nJIeP(u||+)HG^25M<*ulnW_BEdJy(g}&+b7kp-Nbt%2 zbfQpDRzI6*M)qHLfv3@Pk3-MhL{;=;_hU}(<6q;2cN_wK5&RGIhKWr&0yH#UMcE-F z1QOW`HP6%NfMrk6d{1|yzVCzoK4eG-zuUU0UI!aK>V6gRwT5ndQP|plf4_Ha&-=YQ zul}Zf?T2HsX#@D$?~TcZEh!2-tL;I})6p1qiyF9lnH3Hn34Ckt{JIWLHmB;j{`4$F zmaOGt3P%qze-}N$Jb2jV#$XpjQNf3DDh{=x%~Wgg4ec+cMvca^gIx~zu-$dhN-bNd z1}nG{kr{?U@$R|G5N-dU|9=Uu&wqCC3Qq0~FH|o*ZaCBI1oo+Cj$WK-;qH6cP$%E(lX#9XSK=Um@#)k-@;P;$e zJUxxiru`YSX%h?T*>kN%vDFDX+#5be3PW#@JNlqHhH#h`z}fRnS_Rtk6mGT95VfIa zMOY%PCug#D7-7`bcehQ}>e?E$?aRVHZsGO*U^vw1m+gTbYQ)(fF5g~#JGjzKN^Hqi zkERmQ=?FkRG{)>+7JhG&Ez7WMR1Aa{Qm+beng{{eb0S25L=KR+g2IQ{h3kG4a^-J2 z98ccX-hyr&EvI>D%7O{g5VkGNDUSq~AnoDE>L&C^!N3xa9pHpZmh(Ec2Dh#4~{+Skdn z({wnr%Z+&h9StGZB1B^^Gh;@T9j6Q@h;kws z@GQ57ztZDqau2-7%-^MNNyii#i3~LP^LzDj_E@_y{hr7J^DrcK)1v9MGI$hwR= zZt{K~rmx|@R;mWVP9v_zwrJrV_PchR*KcRB`;D0+YpoaJ1NlASEl?g#Gg|`h(HUfH zB(0PYv4eeWKNe>268nB5A?7?40Zlu5{HObk*L7>~CXpenZ||?P%MdN8Xgf%vyF|`$ ze9*3-aSWi9K8g|ze2>vW9>m&#v>rdK1k&{7ylB@k+0GzNs<3S|tt_X6&MgbSZLc_5 z2hkZuLMnv#2*a35(-J&W_@n;V2G9=kp>mz$9U(Dx6;_>)nGUOtj8FcH%n$nG7JXE$ z=_Do%xbbwAQXaI-NuB81nukEID}&}!Fm5{suH!n6@KIz|C%MxUtGRbw)l6{ZEFlbz zct8~myqg7A>@nn1G<%3?>aK7Tg-ha~Af~Y3M+G-5KcsaQSpSJ%ezZ$#2X<$vUlFl) zq@laC5c$(W3jFO1ZT}juUWduDTWi~|oZ_N4r^_izEFH&D_X5Ou<@7U{ zd5JCzA!C3Bkjvb*Fe#uS1*`>PqgO&%uWFaaq5snFy!)Czh!PX)fa& zWX{>!l&ZO#Vl=a9s~G!&3owbaXy}DG)U6@t2EcIh9-V_g(znHsQ@k{NLQ}EA7)~X> zW#JRs$an>MZyh1M;5yNHs|#=u)k^pu&FMSd*J&Kmv$dNvoq-_Fu1_ckgF)Ckd=Hbz z{nfl1bcF04DmG<7*^vR*$G+WVtQ=X`ScN)Pf|)#;7d#QpWYGtVq|shJdD0t(tYnJ8 z0k#N1F&FGPxWRMBA39*H*2ndU(Py_9eI6BU$YJ*3L1Xr~da6^@96+TV4I%D}oA{D3 zHi1|k599E4q73yq1#Y(uvn?+fJ+W^c1~XmD!f$o48HbFk!@qxwuLw{k+TZ>>lz@B`=m^r0Zgd7sz z0Ahq}7%!~n5BC?af1cx-$bS2V5s%AW2H!B|yYvAz{}|@5a@iBdFr^~1kcB0JXpx0h zL%0?K%NO-ExaWjt48&Yrb`f;JE&q|XY+woe$SYU`*0e* zXUtB`6=6lGVT72-CbC6_M# z^1?4ZrVE7@+n^wVR3&PkU8Dw9vWo8+!#%4}jwpq~d)Sn2W7>?U%OajbG*LH&pCkob ziH>8Rjx!RXQUIp0XS=_tjkJHasK00Nj?^2z^Azm9vo(4e!(= zc2q4xd?|UK4V#4^w1Nm_BR1;3Im8y%hnz3J`1qsqKmYJ&=RWx9`)4JOAnhSuJEdNR zl!1b_N&lYU-|9#pqIwXs+>RO1#{m3lY(JNW%4I8ijPY%)6((-c896N4OZy&acOd=r zJ&4iD8h&7mAA{?BIKw}}o3bN}15q)8C?kbE`2%C(#5H%a1bN0thF@#D_;2G! zJt3IJb+ZD&&FptSFtXX+SIorWr0p?61C5)kq{o;PwG@=CBthIoS9Hdvu&?zP^I|G( z#OS)D|D(s}xH$8E@v*WybgcvbNfIdWA(4vgYM0BdNo=LxH98$BNroOoI&VkPyy6Q1 z#9k8#Lr8ekwYaVC%xKaOw(W!wKN@o9Kbar}`z8ad^Mo<|E~Fh=Ylj-7)XlC!O3VK9 zgfV=?&z<@)^azXYHL@oTy&`gxc$XrJ0ozY6WgB~qG;A*VMz1k`Awu{sQ+$DZT(y89 z9R4G}?E;oL0^hi1_Um3_Hhcd|`dzVcXGDa{tl^k3<_p`oh!iX1MDdy|5Sh~EPX2Qg zK1|vNSrEmOh)BOe_?5D6pEQ=H?h{!giZ4Y!EZ}(Y^}!EH*=I}{Gpt|uIpg18EBcHt zTGw5un+Qg9?K=KW3-=s&cf;Kw+$&It%Ha+OcMaTxMxk&A;XV(yykDvVZqmogBK%b} zAE%M04DW;GtjDf<{k(|qv8Ih5K!j4;O-!5wtusXdL&o8J@NQ)4=NDAv{|BO0Apa;J zABFE<;V#41ZM*e2xQiU_iEszt7V&WlTkqS(N^3E^_|Jo45v9a-L7#2+m+o+Hzrzi( z?VpH`L7H&$kKPt>+xel>X8#~E{Mv$#4z=u%H*Eh%$zYcK6FGl)hx?ZiHwW~q5x1S+ zUm|V}xWFXy9Kb`PKqmM&Muy*OqvA@I9(IAQnJ~)Ws3C48auwbYzU&TnwQ{$$elXg) zgH^6Z6;6qh-uIVzrXC3KLzGimema`Bd^oRuSV1suq0`>`aKVbe72%uJv0~K1b2oJ-318#vp z6htzf()Zcn)QPfxcKWD=%1z~KQBcyvA^?J=QS0F*nU#qQw&K<^P#|QcMeTsw3%5WZ z3L=@{hdWcme-`dqxGRPGAl#=x;1O}_Qy;7raV!JZw^KEXx(EmV*-966?G86l$A5Ns zw0VbnXvEEdXqdsID=1Lh9Tu&Wk}G-iBHX`02)ivC!{}0Y1W?^PHipp~@5qp-;Xi=@ zI3V2o6TK_qwhMR~2mQ)`fVgQZ`lUOF^PZaPGw$5LGvtJI5 zr8;f9=??QWa(jduhAQoh!<`B@(&H{c{DX~x%x7IkxLde^+^m~azVxWZflY)PDIx;N zhyQGZ=rGG|?k1eKN`cQc5r5wu;V+}v@BK;Sb}=|c$j+40?@aY*|VVh94r!fAr5putRGbv!BAq{&Zm%+aD5eu`a2WSh0t@tn{~6_%fGyHe#he1ne>R0NP{NXSc!+u(b5#Tj zC5?r%1T2>Y#6lz`=N#@dxQPQoM`BU!mYs$>(MBM)1oSVv43Bu>QH2NtaGw_LM}Zq5 zB@;Bj-4FL}5&jQ=>1U2~(YS%mDA7;%!yTnPuz7R(X8K=M_vqF~wpVR`wCdqUAK9M1 z_3_6xrO(yAyt(QDmic32PQjK3YDJWq^tw%tZBO^}KqP$du?HToz2?l3e$LpNAARKU z?RAemTE`ywvGEFfk`bL|709%KJ_#z>Cc`pDMpRS)l|-M*Ejt#FNF{b!6( zabJG4_QBPwORJV3`?e83A8XE=gWK)~&tPW6D}t79s;zx=v-a=<4?q6E_O{7W7ap(q ziSe;+%&)3%`|GrQ?4z@|6Lvlu`My!)xHJ#hu!{GM+N}lmvz5yY-!6$ zSuh;9J@$Cb7c_h~ZP~(Vern8Csps5{yq`&#!G7{nkG_R8SrT)>_q}b`65^$+SmtL{7rcrU-lmusnOJC#w_KI*^cw z^>SExkyx)qizHzbEN|@7p~CVe7X7e7LPx=qM0~Q^l1NuTrL|mTsxViLBSD=5u6Mw# z>WH`Nh{OMw1MYFa=V0gs5{6g#(-BM{XWIv3iz8r<19oI;oKj~@&9e&WsPVX@6|DvR zqF_-*ngRxL^3K7iesyV9G?0)Sji$?8B^#s5Rl(7aw`3h1ql~~1K?L5d#1VbSksZc}CIN-|;810(8gU;>2%&jQQoq`^RgaZzL z5F-yfyCF(>#+ha{tVjUZ6-j)`kr=Ft#2HX9O71rSG^QC> zquPk#?nzKD3y$e_L<04Z#Gqa#rgV~m*hB~Hcfe&TPdeinNxRz-rz@|euH;Iy z9GQZRLs5WKmZ7;S@lX^XtK85n>VPzz1C98jfCvmCrQQrZ?0~I4b;Ntl z*Olz!+z#01fCGwKaX?NM7FXebYaMaG3E~Q;KdwWuD-H@M*+ml@QZ#Xw9sUE#f0$SK z56f`CMUFVt4u5b+<~ght<;%io>LL;Vu0;I72`TSkHYW2fI+e3ipQf8d(u=KPhq4wX`V_)d=xAT^MFX%n0d}B17&$2S81(0C``g5 z-B>Xa$c;=^wP0jGWje9~`>14`T1Dl^-RSB{{|<%F$YT!wGu+>WDummdK6rE3F;{grv5QDn(~f6g+B+y1`*oJ^I4Zf1e^|)M1oAT?PO@JK5WXtA7 z11?)OFDRCG3VH8!#98Zzvq#<9=|#UdlFva$oTI4!l49>^N2VV;5?oXXMnfE>f-9q` zsTIxc=xL5Pg{o;DU8!#38r_VpuT1+~B(0^5ChSbG0l(4E%t)kPMUYcyVT{DV=2CfGxk#zC*Gmd@zAGIY5(KP6=m^32Yko@pK-v@3CW3Z4ur-z5E_Sk zWDObzyrq*sAJf;vrR?5<$%(fpsDZkXQL7-c(h0f~n$902gJP3A@!jBNL7~ z;-8Wn1^p9~)pbl0D-|0j);VBgB-uL=6w6y#CZ1PDY2q~nPXhJQSWN;eWPf5(p}Gif z(ms?c?f;}MmFXm8`UOGpq$|qE_)G`vbHJGnxYPk}alk>9r?1<-cMdpemaiXIbcw?O({|drqnv%kSbsb z3Xp|Ofh;AQ6t6DLN^;~wmyAeal3E=wly{RrBIyFkml!2iDx06&r3MelNFdvSWKbio z^qQKc?j4#64#|trXk}K$r;BgDBnq1b?n?h@86qE|e_ElE&9pKHT&>1z(+;WYz@~L8 zWt?^vSG&mqt|-w=N50a3Iye-8!S+W){OKsyk~b$!52+?{dcVRn1qmJ!2~zxu`jm3j z)TY#6YE{NTJ`wn^x|J&hNXx38(ie$iX(^!KF_AbGn!H59&6@V8gpVqVHX}~OnUUy# zA#Ztw)QoyZd?=$VcxHy`E6fBjk^cY8fFodwV(&~KA^ZO`I}}%DURRVs4I;{z7Vm&j znADXtuv*%Kw4mZ>ngtfg9?L9`!gN-t8nMm-LUQart4rDNS^dhC&bp$8*|Tn_%dut+ zV4h!a5wkuKPNeU#Imhc?Iw+F`q@Pv_m<}ps12fyJX-|oaW}Fq6EmekFCC&g>WJVcaZv^%!iZgQ6v`R*W>Xc@nU^(5A z(e8k|B@FsA&f>U%z%Bz6%LH@c6hd=$E7r{c1yZ5r998-;=bXB^YYy^h5P8ml2qe;T zO$Y2jyI_e(bDLEwHy7eqB>j)5R%>pb7I}$&E(()K%)RV@Z#ZBSEUV%?5EFp|s>WIK zz%E(+=G7<-pVz9icV3s0@w{VdhHM^?kldOFiY1(h!Xj{*11@sF&=17n`ln^qDYj%n zPMZYvnV?vj=gce0|8B4HzZ*!)F8tj{E91|vb-*A-8oK%YDxU>ZzAS73lt?xz3(6cY zFpc;hR_tAHR@rvHrVNokS;g^#FxhYLA5vWOBQ0;@iGKf0Rn4*zRW-{(uG09>)xEOu z$f|I_A;r0@RtMbffV&(p2$0H{bqe-hVwatvs!ev8l2dk_18!EF$VR4;E7{NqY2C6< zJNz#=;Oh#`@u6T_#Fmx=w&w_W=b&JTP)?s>W6oIx=VoYHlZc;NiCvKru2Gcb);VBs z;yxJ%2+8(kp@+C@>z}p|iKV4m7;?b-6lDt`KgqgG{r^RUD)Ay9ktY%_YF2f3QHQFoi@G)K>oN`si^K=FWL;l$S;f!ORQx=z zrhN@*IsJLt)x=XC3Xm+yyP`760|heEfKL?`$W#RcprjI^07N4Z3P2pv#su~_;v7c# zErNmo3X|F%7*Ko!{nzZUC9rq0Y*Lw+avPH2Qku|=cBL)4Dm(a9+?m5&+k`C zmk%nX0xtHd1dCDd1EPS%ekJe4KtjrXF{t;+I6y*DzZeBa;3Mif*~RB!4=kAg1TZK0@?HhuadlFT__Y|t0@jXCVUZ%SQNI=|n{abLS?l$Su<&j>`9nkZieECs8j<}U@6du1dfkZ@7F1FpbBQX)y98zO(&&|{Pf|C@koP!lL4+R0<=u>)uq zkAaBXA6zg%1&0T)AZ*$&ZOk!~1&lamp$*f998=^&dv8p^McQ{`UbExS9-Amlz&D_Y zQ6eMSToWa*quqE>?RF&ELle~}U{D@)#fE9`Ocde~aU?# zF+i65vExIFO|xOz>=9dS!?_?VcApK?rVg%ah))|jVo^BKVkRsO4iruq<@vB}HN%E! z)5g$30Ura5LMRSx&KP>shVMbt;k5yOrM z7|0Fl6Y#hJIN(8%Xio&K^>DbKUl__(bn8iM*iP37w(l=SrEB>X`?k;^@JJ{JV*IvH z*YftZhU#hfutnd;)Ajg1bJLg>%YeP!PqEmF2G>N_ia)W7@OM?5wXX`D@K;ZNy#wbn)ds{D|4 zijK#HHk;?!GoRzg#d-Gn=QvzWp!1I{i;U$6cQr0Db6LqCUN}F+ zJ{&ZHY<<|s8Qslk@D1*#B(0Vfz|p1egZO=DgGy)n7<`S=Qm{pI?XgT=rVtx*BpP#Fh>}vWg$q!+WkTO zYk9B+DLB)G`vEtoCa2DsraSr&(=k?ZfmORYNHc>uKJq$AwmL6-IWajR`RqZz37}BLigI=@x zfMt}f8S?LgYoh-$xW>%u4V~0$*2G*I4B=L*HL?Fa_!>xPZPYxiZ-dppVpoQl6H;^i z)tbH|m1kDen5S1pj+~`J#aqzb@6;0EUwu4%xcNo&Iu0z-w!fBV(s9^2;tRgG%+@@E zZ|&YZ!;fzbE?NzNp}82VxK_oyTZ-`9mJ-caRebP64sX=T_E(w9aE!ZjRq;H{ zm=gY1zk+{~VZ(TPVO8?^42Q>r@%iGaGeE5+M1%JJuSA!cDOU} zWc?rls{v=ONnMh?GZojTrmn8vpQmquAK0kZ;G2tYEuAJLk;7dLF*W161>Zd_i!>M< zW3g0o_!ml5K)6XCy9;6SdiGm++F4K% zK!JxhrMk7Yuy#m^w$n0*}7~Mx^F_Q{kRUCwjWkDxCC0J1C1%=QDBN2Z-%D`_KW$Z_HnP1lT zuti>TY)oKNs*C6ju#H|bA*!^o3JpL5K#Ok9FiB+K0^P2eCN52~O&o52$jWn#f*HhR znc)<|V@+z*Rls|o4w1vckR;txhGXpZL2@o7#3d;{kc#W*Ueq|zkS@1a_Oa7&`?9cW z@En^l+RVATxwT2(-TIEcr}Z~_Yhy~>o1w#TuY^v=y&Ad__c|>6K7_R+tYdGI-qn&4 z_tyR-yfOdWXmhdax0{Y%9Bt<5Xg4R0HFHLu3w3I{2?d~eD%5M9V-Jlrla?ovodkv4 zfRmh|BjA|s3t4*d-w8`bSPC%jz`f1wk}IT}{*!tI`*^H5J1VdZY-Pja&FNcnDM!-A zZSH`EBgq-Fck|LR(FsUyEHHgpF?8iYAh6dklX07wCu;`oj7Wk%Y3V({W~yec2x&gV zPec3^NBlJ02i`B@r?Ad=bMu4>+!*-RHL1~y=+;1FSB>IzQr4C{qk>HwXHEx>OU9W= z`p?)yse0IBrihC2(quNuIr|PS_S?>fh$-3P14lZ+k z_j(!nJ}Ec`9);@_%lUEe6Iwi4;0ye^sm%sJ$7pYl$|9d-kquOW$1@cT^R_S#8o(7MR&O~TuZ7#s@8fES^as6IS)tn zXC#@MH(d~STU@5wB4lkOr4yPE|95MqZSt<=KZ_g6E{6ZO?qc*JBK!GE+JCjZs9k6~ zN&Nura+`%K2tG|RXO8QKLAZ?D{@m7gaLMb%qO$af==l|BSJ>QSGiP)^#m)nMxMPOy zf#`=YF0ft6X2Gz_wmHXrqvZ9|WOLof2p7=IR8uWx*;CC)Bm1rITq)aGe6QDfx}SOs z{p_KsX7+e(fEtI!B;DMZQdDNOT%o&f4$%ma^-eVxZ3Gi9_Lo^rfAET4fd`f1ro4rP z7^hgF#{jvTP9uf510WqOfbOPpg1fJJpTDHXfDJcWU)0Ux>!+E&ap}3o7p20Sg6lt; zVJ;Y#xij_Gkk!3jv^RlmB^dD81J(Q4n3?7mtxW6Uuf5jAx!$&45<3tDO*x`?piB2# z@BTsh=PuM-+L{@9=?+}uVLgrJuUCr)HnG&9qAExjfk~C{8v(x}T#$J^%jeNw%QK7N ze|cxY>UwJWU_wJXLmIz{wzrWD%rsxn??3)rn)ydU`I&U{OK1r`O9utHY}afwaVyy? zvrTL2{TLOjq($od8G(Ou6i;Bg9#>>urhQ&^KC0ev_H== zXU41){PnRJbInIV*mH9^eLtLQ7Em_>@nYwhRTiJrIN7NAM29#tr%Q`&NizLHJ1{w5 zmIxTP*Wi*mx;GAni42mso+kwD8L)nb;Wo4bjjR3uZ}Qw)(EgVr3S8;~$O zC@BpX1=*$G_^~S0V?HQy|#MHeBUkvsys zT$PPgMlLmJc#R;_dgB%E%op+o&m z9W7Xi{TH;T=W?~^HxjiWQj<_e=wc{SavIl@c^eXc|LW_fFsze#a|<)kRz39GD1jjp zWG&K+z_WTK%l4ZIqjPsAx7)T9)LY-d4R2Lo=|g@qX=<)@5ei*=wv5`NyuzvYR z`(2n$t(A&nZ&5DiajR30yg`WS2;67bRlm7z)*&u-XeMF@NISU}9)xyF&EB3+-|)gq zP{dn>?2#-pVe47cIxV|ji^}Q4k=XF9GePie=RonRZ)~}f#=lP@A%+GhI%j?Ovz!y* z&p5w1Pa^Sg#}!yGJlh;Qr;cBY4Qz0~5}(>4u~|=_4+J^}({|1{e>;07A=%n&bJDom z*h4KAu?X1qvuCo+F>_Ci3p^Wcg}V<_z;+LAA*#?RFSLmr$i*E{xUp>j_J{6*8c1Uw zW}}yjTH2?fC+nqTx7GA25Vcc_At`Jt3Gg{03>o~WBYya={C`nR>nYw#cf&rPoI@w(x`h@ds}!;J~iIQr4Sm-fP_&z-?3D#jP83ofW><{MC2?6z!S( z!a}LZ=zJ~Swotf^w`K7As1dL+7*-@1$&Gp3@83~;9Kuc`43lUkCfmYc(gM_~dL9?? zV56?{JLfE1ItRRqMIW~s140inC?w4#De%hQt46TY8*R0WWOP5OXEzO=K@CH}RIM{; zY7m7Do`DVaWcddBs9?+~B$FiJr}4ad!-u8zBQKo|Uu528CBqV*ZMvl6(I-8FSG~@D zJY$6>!53bQY*te?h;t+dZHtAl;4l8*1)5i^-hN!`28+V&S3vWh(3Vj4!9z3aG2`fM zJzx(MY03airY8hHC|Dekfcz>!=FJeUq8$jfOcCZOM08Z3{il{&YsoqR@B@F=70q@K|R!cYlL^SqEJ3E{TIZB!mY`E&( zfmtHlP}v7-LT!}SzHM#rD45%aj1IF$^31W5QCo1A&p~m42ZiyFEH@!v>Yv;C%)9|} z;X-s#Zzq&+eZY?k72O|Jne%8X1c5U0Q**f`Oo75O_xaJ zJS3{*FTczCm6-?f4BQ=4XjUQ5-a<2J;R^Jne5An8q&iF{<@$ex8|mJLlA;e^`?3}y zp_RY9aZoZHt`;FgQc=~!Jtl`=Rko`w5=G|XyerxG=>|HJ$2n^ zZY!5}WK;E0%+pXO)_Wky^(pnefF#B(gBIe`Ot%ijjYnmzT&Njn?W2d^5kDm2H*PB) zrG-#X3iT)`^Ohvnbr!n>!vvuFc{TEck^Q`aNMqSc%qhcb`l+k}l#V`j{t5jE)iE?4$!oy3g#nkwpP=Z~dr(L0{!2-*nY4<}9Kh665~7e^ z21u@<1rc0^$eS%POEBzdq~=J9k&Iajw~yFh;~VydEVG6*^*flCXT8N3tDmEp135@~ zzRIjc!qIv2Lddlt`!;3L_Atdk$mpm{h3hW0o2GN$7$GGD44mK0Yjj661VBIm~ zPuBK59@aVhHhNC62TROJ#qR;_b_d#ffc7bY_IkWlq6K=w^(gm27=}8DJJ@k2E$^|P zl$g`4Wa_lo6&VHq6SR%_SOCZ~F?hqk4Mu_nI%4qVK`-w9oiotkfu9fnRRHha9BRF9 zp0>&Ud>>luAm@1JKnM!B8!Z&S7#4l#WGt7)@fNDU%nf#oLhFJd1w90^ttg~5Z8kI5 zGt12J^UWIvl2D_5V^-6stI;s8V>a`KxU}EXVwgpMV0V>#(<(RCjU@Mlxo>j0XmYY+?yqd~q3VVzS6olC(z66lVUR{m^YuWFXo6GFU z)c7|%mBe(sTxwt3XHz^sdj+V5`dI%%w>3K`t_F-E}O{R&r+ zUTPO%f1W6V{W;H`vp>CM7=f=~GghI~T#2`SFz$0DqW-(^odDc7u=T6Vf>my09q*%;*`*LYe4mYIh$A|@9ES1#w=~m1KoJPI;UJ(?a`B}qb1g8` z59DJI`y6g*#uRhoWS565(O!H}n=2`wU;{f`ZVs~wt*^q`^L=cjIdYI*fhzVqRsSg3|1uVd*X- z)bzH?)0FS>TG=dfjhQ;@|BDms={4pg{VaQBjhT?zvrxm7L5Vvz%Z+ChithD(cZN2c zzj)IT)dlU>+Rz}pG0A*{eTwMA`nbL5)ymP<^szB(p{jjs5k7aHpw=S4Gu$WUJ@kmR zM^}qze}0mA0=m~uYAfhH!Jb=-rIweW^y|z8lM}(lM0k@(m5AuOUqki7H`F!> zHw-?u4$C``ZZwwpedqurvIh}$VU3NV z>pEH*dzQb`bs4C*ZfCuI*k--fXS4n$Zq-FM^(PhR;nlDi_o2^L^Tyk*@ig$D!do}F zeAJbI!HKLTAXjJ(N`deLoqwTuOGB2zp1u$L74&=WGgrnWQyD-rg$>?kZrJo5Dn%i@ zP%{U&z_y;EjEEZQ1col@$z2Cr@l+_a_0(HIp^=pbQ7GkcUgUAJWwL7mv=75D%>*Y> z*jww(l~%I9OG}oF3-tcE8cAuw4hk5V4NK$gl+b*@XoFpzziorLFliou=tVp1@=!aB z{D#22bXoY%ChGFRW#K;!;CldHj39>(o&s>q#__Msc)-~FdDN2Tt>!)K*-G$sG0qgm`a^#*%)qd8;5&(X9$8>WX8q4$H;%vFW<)z8wa5EWhgD%kHWYf|U;?q8^{ zZNVS!PT^JLmKY-w*73^X0zJbnftN#rAF`=6A`3BIhEQFVaP0LI$ep*Mc?6lsp(tsO%& z&vNYGYW~DrW_`UZu>1uK_4uTwme>+wE?nc*viIY=zt~s~d&MVIXv_ga=vm`76ZgiL zxhUr{&Dg`PUBK7y)3Kz|Ud=~|Snq>0EM>ob(EK3FBeM2Gq$b4a3vJfisOfl+864Rh z_nfTp`Pd*pw694u*3wvsefmW+X~N5h@}Cri7(m}FtO?M787mJ>0t6C z4{kN5N8QtY(pT!AWY(knes zO*bfB$r>Iu$IjXS6nPs)YC=JnCdE@mMh4uJx(r{uwR7t-8k8FLL*x|2dm8Ky51aE= z=OQ(?{a-#olY_Tb0{7|X(~udyFKVrF2$ zEz8?!n$fIV-lmWBtZJO@W z1~7_D=88iw)Q={%G4I{aK7Q1kbRR_Zd0&>#rTMFA-;nO?-zMhw4iwQI7_=xOq(1SH z#lg?_P*!MDE1>Z+(57Np%B`UZ&qe!;DOA0X-CKv*03rfgl1!SU3gC4lFCKMEM6^Wz zCEh8iklB*NDC?{M(7*sEu$!(cW^L%b|>b6JO6rp zS=bu%&~g^kj=!7?%}6wE=W@ zQB~gwZNij)7kb1e?X6V!rm!a-GiRrkiM|C4Klc3!>&eT-o5=?zYnj48>|@c7n@O{7 zQ#9lrXZLyeJZ~*(P!W_d8Cd!7O<^mLME@Fl>~YLD-ej*nj`sZ=`}N~kcI}2NP|sbb zTPADs0mBfw&LUkhp+E}FW^BhSTw+VAz6M&Mx|-{^n+Xs24q%fqYDhflbMnsEW$8%C ztq2&^0feUlv*gA}T07U*uqKr&g}Rf1PgJ!jZY<)KVb27(3(Bpz5sS5 zVoqa>zstoJ12})^F)ifp94=D}L3touV!qX(7h)b5D-hherQK=WP>UnYA2Osab|ox7 z6+9HR^*l8m`(wyB-0~w2(zZ;YZCLTuQ{WFSaQ}!FqUK+*YyGYE88lQOU4jxM62_<` z*n6t`$c_R-%3uqm>1{g6&OU*iVFT>bC(vW6<~1)*Gh1|RKG(;v?%RtYw)M(?(zqs( zOguQsO+4Q@dGOW%Y7lx^pPL9vbD9}@XXW5IAl8qH*$s2kZ$I(!8NJDVg%-+TQTPO3 ztF9#mUtpnnGbUB;4N4Ae{@=G;vDfRdvo4NyUy-)HafuId(8O!l8sp+GL(1b2P?^g@ zeG)^L%qv7^*GZZ#FuqOQXEyxB&6+3`GYsud_A2{ z5q|=Uj`wfSuPMZ4mffwFX6VhWVSUfuNqQ?HctW4RBE_J#rfP|;m#|edthXbq1I+JY z4PP;zpW`RX8T`dO{z9U_$&Fnve6rDszt<}!8foQBOg27gE}dM2rTZP2^!8zSk?)zM zIec{Ud|05t_H?6&z5XNy=Q5fLOFlOc?4l$T3{&YtJF|hsK4m5iqkfN$s++=lSlLgZ zx#20d&A>9q!NDN$Vp~ywdb((Gv^aa2#VA@+jG1*5ELIs(Fk$M(>H~7uX@<{*$%1sZmAhG&nd)rY6ahI)~G2o3ehhUOpWtEQVJG@}xt zEH-bem8}B_lD{hjxtnx?J8-|026;O2_|6$MVdz>?-Zv>o5~QrdGaX3%FqN}j7WFq^ z6nP#@ON3;7r%7X^nH7umB0RmnU1+EQB3wUh>qw{q-8uPrhW%Q9nK;q09hrsZm^ys{ z?hS6Q!;*2mxw}sHb{LhwEFUPlosD>rv<#M4-uSi$W9vS@;(TL>t+0#&?;-!hUv z*xbL}dYk{vWgat}Ldg~UCi0>bbbfj*w0R@#B%O#I62h!?HgppAqiEjFHftXu=H>Qr z+00Rw_9Y&>lWLp?vF>|nAN>-GOx?fI^S&0$KD6-EW&4YpfY+r>lC(7xa-DdRx&%K= z#gVT|(&@I|8ogt1P+IIk&<{R-zu(e#i)H@bB${86j9a!&;*S>GSb}|9muM?U1$Ak~ z8L#E(Tf%5gRx-(f<9J+FN0%k*NRri{-q@edx9tv6AJLI21?>qemL97*cE~2)Ci z>9DgIfoZ}3E#te|^Y<;*E~CZn+DECywZqK0_4-)c?ystc?)ZK%(hqHj0*NYCq>;!$ znic#5O=W5Sxd*X~w!m`vOho3w`>O3~AXTRFo#qQ zY=@<-Z;x3rvoL9mWW?7f8p&*FEA;4nq<`!YoV<@{HO{}%(}_&xLqTTJN92)8yjA%!DhH)DX9@j_DgO03^ z2!EQjRERdFY<~+UXj=e({b1Z=1Y(3d3nLfTMHKDzYya_ zJqxmO`)QBq%zwea0S^A)Fcp26MRmT0?ODhaM zjm<8=S$tyKi|@SX4wz2;9$>XEo^l4ab7`Ae+V%luH% zmL9B0F&QK}&ZT$M{#YJq3}eR?qS%qLz1sHL-(?ijDWsBj^ju5r@5J&O*G*cO+6Ei! zqA`qTK>eYUh4j$2qb{xc$aDRA7Hm-?{ZjW~UqtV>{nRKlkRHk5{+V^rkvBe30p|R( z`yc#ovFdq=08FrB!mo9b!lpn6&9b7C9J?S)kx2?%Clu(Y!V!qz1I;WLJm7E>t4)yY zMJRORbh@*1-b(#uQ*JxS8R%pT(*%DP-_q|asr^GwF>NpFZkp?RavMS~AJEdxMcee` zP`GXp^u7do-%?Ebu+?DYpt}sjeXORY;NVvJ(*Ei{qso=kBHYiV=ePBh;*6ae^jxi$ zN>4vUcQX9Gx4DlmWA{x8Gn%RRR%#PB!5+SjAY?dNT{wB`Di(+BP8B-$GWCO)N6Vn^ z%Q(J4TcHxPhd=qsT8sm1Yw^L=UVbpjPkjYC+>+7z0Xf82r!`-ETWq#%(}xc$!}Lvu zqWSjCS`T_V%{!jdZwuYOW@9uxcA|4Tz12dl4q}IChMu@$tEnYIEP8mHNmY=DWD>y1 zyfBqf`&c0!A9T_T9_WVo;Q2WAu(>6F&~t+)dz0$Y0>yZl(1AmTT`SUHemFrC{j@!~w z)RllaI32&kL05s!olA2~aFfx2XHXp!p_z_`5{ALyfsvkR zO`n4ENVc1hUh!v%2UE4L*MB zs$a}Jxbw#HSd4oud@LGd6zG-F;|myeF9N{wr=5-O#*SLr|HrN7fgj>Q754PbLcZ%j z7gPLtJS`Rv=J*Y%h!K0`Aa%KQOVxJ_uyxGmWZxl}%3}1U7xPUssRBcxhg1QxeHj~) z%70`XunaOWlrxK(^bw&_8kk^$r~iCD=5sgU=xPrpfN8MTb0lc?Nd&V##k#E9^!{#n zTMk>NzPY9x1b7v%Z!cinRiiTbB}N5J4!k~Vg2>#uHe~z0gg&x_Fd$e-Yc+idL4%Yk zrF7c>_EQJbAm)qD5^R1j8Q>!$P8VrVTYoJX1v)#&T8IGC9dxRfKU=sD&lqkr@7|#g zK}6S$JFxK5gNkOF>#oEe|gkvHL*e6E59v--SmPDi*@r?_2 z*4&iVN1x`C*g5pUh4n>{R&Md{rH}n8<+!Hu`I|=e9$MOexe*(TI!Ob6)|dpJkklENc9#^THAwNCm{2o2REM_Zu;eEiBZ{&FXTXUQ$VsJEvo-YiBHh#=c2+%GI&pdtn{sEs4@lEXuP!Z1k z;pR87E|=yLEfFwml|G%(u=&wAFVNt|mt8V*ci|QOVsq6lJ#QABOV7Z$^p_!zpPx^s zAnH&uolnP;u2!`30cs~rgHYaKSUq+>yY%6stH(2%CWE;ZpwVecc!goyQ$N z(tocV@7k^3>M*-?*En;{vwDG%%HV+0eE(T}@~~Y1>B_Nwc*xg7X54f7j9k_s(o)2) z7r#9MCKhxdP17xqrHfzCYl-H@=WrGXhg$G6tU~0#p$@-LTB|ibeGV_$QQ7nOocgTF z;SllYG#5P&9&YoV=k>9pWsQdgWdUOjA+_FUzVf_2(uk)}yXL#k>q#RZm!m;Yf)~I1 zNZUiPh7-)xW<55pRismRrKc_eoxSOgj^R{LP?Gf1-;upo8e)G9zNQ=7pCAEf@ z;{)^$n(;=w(R93^Pn&f@P*7Z8?;^xW-KQ1VLN7Zni2Nk+>j#HR<{dBK)sENP_5vQz z6_{-=;8U(DL4XGF3svf}VemwRP`-;w2So9mZ;#{Z2mNVL_B@11rO>KY%<3vB5X9HJ z%{%r&{6us2Ui3Vmm)zdqg()oVVwA10Gx9-!Pp^PT-@Q;m6LKO{R$ z@qZ^JxP|I9w3=U;jJeU212_$XatEw(2fzibKY({^DEFeC>xc%;i#Y!pFyD9)q{w^` z8frF29@OX0i0QO=X+EepV_*p3d#{Na%wWlb(CUMDfiDb5r^v$x~ritAl!S zv>2L>Qgh^w^@-{Cl5vZkrBK9FA(TYXT=?Y{zm#UipK=bJ>(Q+wM-mA|!Km$FiSH2s zfkmWS2<3q$=)yb3wjViEIkL zd`4ej79Vj8H{X6qPZ(Be%5LjfY?dy7|f>d?k`%v2#|M9~{!BQIHCL$>wG-Hn_@6cv+tjGx(sD zb3|fr7 z^ajlcBrm{E4SsV3j!+>Q_0?s8SJPYxyh7kmfU^;Jp}-M%baVw~ z9T}|mCvdoZ#vF4P&p5%Rpc|yM7HQ1&h`kX2DTOJas{a+oQ;T4Z+XenxJXC~IqB{hB z2{cXkGeB(M_b>R{W5d4zjFq3oSos>!9HKu9cW6V*HxJ{H(Kw{>3(d!+&E!A$C-8*> z@RbAb@(2#WP`=u{?HA4wAq&|R$>e}`080}Ikz&Qrq)=<*^O26}i$yMb(s{=K{6Wk$Bw&tUfHKx) zX~4OA0RB&)hjnSXpnofpZwdHr1jlo2z|PNX350)%d1nuRO2OdI1M>T>#q|*oT}N7x zMX&n@l&KS$;Bw&*v2fDA=47@!gTF65s;z7R-%R52h(#|GWHEREO=^;X8P2){gOUOGdK73zS`|J>bPNx{JbfO_2g0U}CkBwC z^AcbI2x-hs&OrOEOR#?v`5j297WwZF$p75{{40DzT8#QyEc%dfB|^YW%IJ^a9B{b? z;6BDi^dL>zmQMq(wHUgfAnURObj=!o=U;<|m}?pQat4vuD;Ny07+1wL1(@sM z0XQ_4L}n-jFoBZ=1O>kXz^?+Y68Nk3@-SML8dN;Tb=FRR{LTUR*Vp1v(A&6bq@`LF zL=7;ZsG-QG9xoU9n1!qh8lpiHH5p!!DMhRoQLw4;WaEBOAPBqwxUhk!n}Kf!E^H=h z16)3%TeJ&9@DKbRLLR@YE{J*>tS=!!OoLIo;T$&ur0qi-AzlE}%!D2gbc+gMR1+@% z?-BTb1u6;?^Q0o=cZ&S~!gtl_V3;m&3h2u(A;5Q7>q?Q(YUR73p(zj;8o>$*iQP#^ zs6m40Gj}R4jeiycH$G0Dasm~c6AXfQrPrt`bT7r6d<<6IEb_lMp!}T(d{>OLu*iQz z=7&TD1BM;>0iJmdL?W8K8%tLvgwn-C?0!Qs5arJdz&{*-{}C_GNJBm$K(EM0*lRxQ zqTP5R8U#V6MG%b$!qz47Ck()+!$Sj%PCp~)uN_t_`bNg`Fe)6P0nu2A@^^uUThP}6 zZzlVb37e2`5CxJ1!IO~+IS`G-d_g+|OcnV*L6GNix{(k#y2rYNz)B-l1Aj9hzk}ms z|DwRB5dscGU%eKOi5Y2OcK#Ip2hA|%j?*g791o}dd%lfbumxcUD6l>KWfMpr@C%R-1CXTWI za4~TVN&}8Qi{xhmM~me?anNeu)D5ycth}rp_z6pZK}~@9WeGe8GbL}o)WDztEgXb- zVOQioHNRGEGP^-mL(896KxESEg{PnYQxHaKj9 z_o(o)#vxn!2^DJAXt%*RCZ(LOY4_y!8Y#EoZB8&7WU8&t&pt{KeL1joH4}_C}mpq3RA5W{|VpCL? zg<`=}2E&Mju|(k2icxH(QeAAVEgfAjUkDm|P=%udp)wh=Bo4N6y`YanS1y*p zRpOf9rC($WhRsA^A8zMldZvohIv9+kwGW1%V8pM%4fxbe!lyBHNw`x5ULB0?mT{E4 zndtwU1(6r6mumOI=vK(|T`C-$_n3_aOm7u5@o2FOHy7_`?0YgDnp-2`u!{5<4};~S zhQ?n!BrOv}Lv$67WJn1XHJOf9mP`0NmL&mGgkLH2&@vUrW+*gKA!(YFKts`hJ7oGf zjQ$v?b|BrQ2vS7<&Z#`TRdBpuz%< zf@MnU9ff|9Ef@v+kg=(f(8`B}a7ih6ZYtqS72PLkwW>I&#s)*vk+R27e+22W5nWc2 zjww(=i~&jBSni~Uql3E)Q1psY$;Cra2V|$+khi|GNV})7<*V1 z@OxP#P?{fo`M99>M;Kv33aj*SQ156#Gp^E#W5#feLtTwBy&dN(W{2g z_(U9z66xauHn>7*Ydka|=Ya9&$*QR;toz-HCK(M_AkvdlRYa*!GWzTxnUMp7kZ`eD zUX#mgj8Jh{(p0G-njE&#KnQ7c$z2Lgflx9%1p)!)_Qz8Ec-AhMrer7sNhwmXsZt=s zQPlwR;^Zmcm_!F6J<`e*#n?GbTVs5g4tP>Y9McB5)P!CZ^T2T);Y7f-4PWcL^<~ zp{!h{(^^!dut^Y9)D>crI#gwopcdK6$*F20n!E&$O{p^60!&^8m?{IDeoV~)>1eSj zDxLxxdRD^dvPgQh8d+0zQ8Y2j{@4^Sl3~WCW~w=WLdQx?Ohe1$#$noJC0qt7lbep| zt*Y!yq_+qmW>zY-Q`pi2GCc&fOppj#@S=omn#fF2Ofyr|SkJ`d^OB&?tYGXX5{5C# z88GuaV+Te0Y-m(AW_E!E^Y+gvjPwT&4|PZsm~&VK%nP6b85%Co$=Htt4Mhf(>qVBA zu~$TT7Bsh0!f3rLn}z*9w;O07>m`hTZa9QMb%$jEs8?1n*T>jDiS)TSis{@URdIGT zWB)8@a-c0)Sx%#xF>_8Rc%DaU0_~qyrdmI*MrI)Wpb}yp3QNPBht|uM~o z;5|0@oZ^{Rthzg|0b4pb-R6O*l$v5xN}C9xWwOt3xJM2f7PK*?2XInb`DmFGltNBQ zLG!CrSI$pY>7n`PS83Jr(fVUTjq`hyKnsGZf(16F3!0PxE$vgC#Bs`U#yRVx=>Rq!J8{c*u(QNWgtZjzd&K#p=J zy{HBC%UO@2G|FL9h$fs6j0%sc+pfYcMPJyf=$A6aUJ&$4bCeKE(aL|3>E~5fF1^Iq zo0LxNFFK}Xt0FLcOcb~Ql1ipG98|N|4Pf+^puuFwS|yyM_I=CH$8x*2tW@z_27yjW zdNd}~CJ=g_MH@o8ZbYBe3Ai|@x~3T2BUx!VS(Dh(}1cS!9nUmbx% zYHW-Y%U_hq;()0L`kM$2S3-Hg7J275CYwF^OSu8uHeH#aDrC5epvT+ozcs4ZFv z_-vB%f5|x|bqUlmS`=7;!doP4E4(7CDqC?{8QKbTjWo0smsR>oj}1<-!J$2>;+02L zD_24wIqq+PO68corA*P^Qe{hrKvF}uwAji*ph($E3N95q`S>d>S4>N*ZA9B`aI>nQ zv{hA53T^#DXy{fjl`G+`ejD7VCbU}*DW12s!~Ugobo(q9hE;fuE!TxrXt5j-t7_Ek z^r|Mt-WC!5ed`~OF4#|EKuIA;0+jZ zaujUnWbC(s>4qLP|K9;V-xKL~z;2{H-2v^&vUk)n_K~DPU6J|!juyr~mKmr(3i17* z4TdHz3Yzbu@Fx;Rm&qyl`|Wr+E7LD9_In9K&`$+i;bH7E3l6c00<}S?IEeF8g6K}P zMvm7zAw&d5#a)u-j2fbMb|{*=P=VYL-Ib^&oV#+=CgrXY+7Xfdaoz1_tV1xp8+IU# z1$re`@ z;{CWR(9GC>N%*Mhno2PJQl$T&T9y3)j84uU_dw7;3YvRbtql%u|GlXAbCGdxi(1+4 zy{uGM<+j04shqf~QdH}!N>z7Mol{0v)s0zJ@V_rr(cD*v`Co1d?yFUOf8SNcmWu-S z!zSd;_yGtZwekS^QqJuUpyEh6G$i}}0cc3BFArQ|>?^^u8n$JXMfJ@^~ zBan2Vglm2x>)X#8xG?j45d^1A4kSt1kvMF>TdV((~P|# z(zp0j;VnqtE7QBw!>K216W0?nL<3+;PuM20Cvrt&klyG){c@gfY)}<6?qTeTsG#wz znq;;@SlI%EXo;*5TR|_=w}n;uljjt?9rXJI&!^DEf3@Hcd#X$o{vqH~g6M}fMn8l~ z<@DSH8fkP*jjF$Q6xiTH%070$4z3EG&!j7Xo`FC=lk@-1W9rGp&dcgS#E+m}X^gvJ zq)!V*yK~f?^6u5@u4s2TWB*Um995MuTofrf4R*qG3!X%YA-Bi?G4lxcDqyc5f~uHL zq*nq?wBT?r;3Ny)(gWCU!JCQ!r&w@(6JQ8U6*mwKT2Js309l3whn|2mEK_7a7#0vP zgrNiKynq*QP{0s|6WX-cbM7!?9O2DsCL`DydZ0zL~m z$Vl`Kq-nxFoqoUtR=Tqhu;@i6l%$14dKX~9-#|GHdBi6~$GSCS65>k1uSdW=_)WLq zC`u0smc)TMhUwBLnxx5!?}iNF&(@$gg|tL*5$Qm==`h;e2IP(G)PBY z38rJME^1_m5J=}bEHbVF7EI~O3)f{UosOYK`2-B%q6#c{JOf-RV6-@@QozWMY7#Ii ziaKV&bec2@f|C#_m#q1bBXn$(4rfxv1hl|iWWf_J0Is#*)H8sOS}>gwbqhvxLez~i zR5l&LL<>H25;R)ynNkC|+M=NYpV1Z{oKI;4A_~(<&zKyGh)#9JhyrwAGp5B#r^A{t zT^39SF9)F#syHhM7=HxQ`N=_hESSzp4(hbv{9S-A3%D5u>_-1n0XiS)30UxgcEIHp zOkcQoARy5!M4AVA1m8&Xmn@jRdWrR0Fn#e7yV`=+UI1Jr;4Z*T7F-5eI?X|R%0d}H zP6&h;ofR;oi|rIJh+~D+bP6!eEz%)OT%iT8s{xEM#B_ZaaEAqND92|4g8mNB4^Fkx z@8|_whW@7lbnb01RK{UcH29DO(|NYRofdpA3Jw-R&@nY{l9f&;%)A8_OsC7dqQ&&B zk5}-aQ)ThYqWKYc#%EeE4u=h5@r4$GlVNM`hsXD2C$wZUw$3rwZ2XxqeCMCm<~z)w z`PEKse9U`L&gjEnG-&5-Wn&y>_0ElD6Yyi^{)@(cxBXe45Yr9m9GuErw$U-hwdYsB zOU;Xa#)pT`C+~c}Y`8i4xG~uEJSvVaF{gfw$TojW!T1dlXZ%I)yzQZpafh4H;C7%M z{EgoE^q!HfR>&S#we!fH@s6Hy^S!V23GR%nSu^>zcL6jwr+> z{fnNISdWJ|;kTU`b;(Ql$H(LVG1$V2%~gNVi_(Le`r%czzZ)M!UllO|J)%VBfD%C} zG0pHJSk<@Y(>X?>Is3A{Gd^QknE8n*`KoT(?9ALb^}W2EkF4~BYVh5ddp^D!yCnu6 zA-eLd?-2QxhUK6^bX7%YI0;Yl;y+r+FJ1gn8hVvq_Ou3(M)`En?;Z|eTDK=sXV7I& zYv(D~rk(!>Y2E)It@rQKXual_^*f3)*3hfAL@O;|-gQM^yR+^GetB=mYKCA91mSQ& zE(P@uz*B+4xbVG!ML%Oeel~EDR~Px$1HNR#ak`&>nC-RlL+nnA4~_|20A?fJ5Q*;s z?nfbszYILXhU3nO_7{nRv*G=~t0H(J(-M#njwC#MZ{;0#-aB=@Iqj-G zJZkOQ4fo%F&%MVNUe!HX5X0FW14_D})@TVgVa!Ol*_IAHMChS|K|ABuCc!Er+fc5k zYHR3oB{d4T2Q*+ra}o6k?F>2W1$y8@<+Lbb=c~y3}9}8uqPTs}=5?`p|fn3x(Ms^P?&)*+6|-c;`l> z>PG=i<` zUF-fo7$DMG|E~XoMhI`Ogj~ow;lQuI`R~d`iI$to`{3@f)ZE<%*T`tQDvlyjKjh>G z0df#2_hKKuOCF$(sDY|$oac9Gc6D0PQ<_7nn4}6@bSe#M_g$Oj^huRb3s43kVtPZr zz>(X)ez6Op+Cfa=NC@s#xf3HNep}%Nf}$ZfgK)?P2P`*C+lF0;aAiDs8`CzVA{^RS z@*s+>jT_!D#T?!b3-T&%Ipx^(^Dmn3wo->kTuj!;8 zy=Nd;+>gF8_ATxpf4AhX13orVwkE^Z%vKf+JtWpA>lY{;dMJlz3s7i zdJfTTUdtM8`CVSy<~;qp`JrYkMFgnv4&#c_|$t9#&X%L}*crSMB~2C=26OnbOCQlcCo#olL zJB>MuE#Z|QTzC>3_U4NSsv5@y6^*-UZ=Ct5)0i1w9O$$J34G%0p*ETmbYtu_$(^Jw zbER%fi|!N^w3tup#>^>FDfHyQvY-RK%}{7WIoBxWE8Up5&<|rG-!3I^HdA2}*Uln9 zep~{lz{X&D{X*s@meeO){I$B*91~@XF>4HC#4M=}TlsI#%03lp$v|CRGGNr5iobO8 z9mBXjmYS|bnmy8GOvBW&#AS>UU2shgeS4I5!A6%c79F+MWems98!ls}!6h)iLdu9v zo4}m|1zvm8t>nTN78`hSfpbm%5qS85->ATPXBnw4wDvbOR-_07R&D;q%G>A+hx$L@ z9qc{MS(((ug(Ed#Fmwqp(m- zE}|IZ>iY57ZsYSPxmnG6=Go!;jI8Oi%{;FGA4uk1UgP)K4Zq!3veli_xS8El(h&7c zZNt)WFLKN)K4Z3HEMoHvGe(W3$Sj8*T;k%p-TK9P5VEo2ZRMZu0Bqhd%$ORZ zUnN-sWv9P=YB*{ z$}FNqKGXtma)Y>92kG^{klm@AT`2 z(>dh*sc%KvCw*{2Ul9&5eHuxKsjZUkUEtO$bsFv^$ilE9_;_qJz|!*8rMb;75{*tx zKmOhbV~ztc_NFEolg#uaV@jxm`de`Ewyf7zmaI<yox< zvwmLIKp}wbe3~}9PW%sfp746t38E#55z(i=?*_Pn3YTLs`ZURy17AoZM;oKGR&(}f zV~!^nSg&`6U;Osqy0ozQ$Y`TrVS8Y`tCjj;K%Ktui>x6KMmkFT5BY^wJ{(?pg`S5^0&_c*lepa4i$c{XR zXP}3C@}5sxfHcMX^WbH6YbxCK_0x(hc_LB_0!mFCYmA!bfdM8Ft34qnXNST1YZzW4 zHO5-ZokP&&jiLj5=zy-K7xiwc!hC-`ZfW<9HIk#TH$liDnpFCRAnnt!#^l(Hrcaza zj>As;nj`(j0y*Hei{e?+K?sw#XMHFw+LaP_zV|@m$xO3Wi-Q)B87moQwoy*d9J8?9)z@SjyG<+ z4rzX#2Bk9MYqv7uk8(NY)MTuNW!#9ZO_+y_8D1_gVc7~FzdhMFr|IGK@G-UMI%7^W z1ceWI>X9wi8EdawDn|xpak$506 z@}fQsr>Vkhf((5@770gqZq$nK7s)l`;*$d6VRQuqfARsD9(=}ZPB*4#r;opvZk%$A z-p)fmwnbM3k3_A`f5zFdc^sk!JbwlbO`T`Vm!=sLM`w^v>a2Eawy&+hoxuTTQdTD| zFOGEc%W2q3SDUjljO!_GU51gOW0QQ&Jd$CIily*&)uA7LM*jQ`9se)`%ezsX|4i>y zbJ7gsf%p-10AhvcVWWO@pCeR0wb_4gBd!Rq_K$B8>gS4Sz^aHY%`*<%|Mic z717vc;C44qub-i<#fs=p`c}CAv#)8tek}CQf2^^(`f9ord*bRL{KCogcQs^KMfpd* zD}`mvwv3NkR+-JR%7kUj#@vFNcI_x^>FDNqSlu|iHTXK5)*t!nxoOR`hWr(g3Fg4E zTg)wUjIq(4{3E^HuZGZ9M}RIqi%QC|d#i{T7;r@1d7K!b+sI33#KSviPQdWUMRyKv z<`YSvX+NYX;ICdYAz&r=<+uJV zG5GY5Z_Wpw`KE@(mZj_~`tdPY#!odYxgX3mj)%_36=UFPR7KB35I1M*0(L_dgCpi8 zuC|+E0vXQ&M;<%;1_9bq@`0D+BXB~w7E_c%hx$8-PMNlAkjCy$SRh>C?b!@ zWrh0@Jsg!)u3Mt9*8t1P5OgPJ0}Ai3(x|cw1R|UV+8#>?eI6=I5*40Rd{~(Hpu#Y% ztMo@pHGeE`-kf9HoRO}h2RE_At;uK)4I=zXy`Xx;Kj^j&^3?`~Q#P&fRnWuj{#W6q?q@OU|sz5h2luw?@5zwaPN7|tW)5=KK z@H)$k0eRa=RCMc6`e{X*fu`YTBR%adw8pAVFM0WeYY{bN=K(RxX8iLg164EeK zW&SN_B%!Ml^0AjGGIR5dha7s3`9?mT{-8Jd`=Ryp>@aQv_aXW7d}D2FCN|et?BGTk zzqGlYIGS7524Pv0Mci>G{2p1FxqH5m6~Y!JuN@tj%Qr|#!e)HgoqWfZC`4w6^UAV2 z`*&xz!aQ+DOU!6s1P}CgZ0^I2K^|P*g9q{9JX*2!*@#(2&|)^yU=fD{wborNX%43E zPA8@jB9TaGRDng*UkiLN%%$3VbOH7-0Xf=e7NVq)F|1OineQ(!DCE+R0?gt6&&(~r z4TIZU1#G%^@^j3A2d(bxAahXo%*}WrKPRidA20IU*?ycBS?`@Y_jmB1{uy&*zrb?L zHwuix)a+IL{dZ?UnCH;iz5PdFyEHIqFRRt9`Px@Mi51i@!MlbD3vt_s^?0E%%?Lh- zC}ZX`3yqnhe}D}GMVGW5l(zNn$qPc2tMG378|F4YU1&_65}dr-l5B1}B%Aw<5B}eC z=3Eq#wIllJn=A+Q9m-DD8qB$ijA^5Dwq|M{uUL}ThI>aWC{{%D`b>yY0#UXsGO|Y; zcs5)62%e8$#P7!_?VtN0T5=ILX&)^zazfacrk}#POLr0vB7PUf5)ZCO`*hJEtadLp zu6V{vZKa;YR$8Y(2-s90`bGbF+Z|*I-9gG;C3<-`is6GOIL;w?VKf^{EdJbh?r{TW zO3`*Omw2*U`gfy;8}SrxPw4btYOph`&0gym^5jNs_lvn~7ctzq7J=XJz~uQ;&LP-& z+=iXvNBCWf-;d4DuQw*=|M;~$?d$9oE-Qs!ybPIZ@q2Y^u4Y1pq2WFjt{=l1w%*1l zv|I0vv4|?W)}e!LJMNs_=JG;geYA%hUQ;b*TcI&=O%8Fi;)-E+n9Ek53RQz$e^KJ2x{|d4E@XI{Kdw@(H#`bF0fI% zX#QfcaWf73CC0?~;Dc_aWBMz+Z*iDqZ${TITLN>&dyg8cX zWR+sCvY6$J4WJVq`P#Q}%||}OQJVhT{o2PAk4Vneu#`)I7M6ja#y{pg?Z>JSF*uYE*I!xkc*C!FBm4lVr5%bcG^{A4->{(F5ZyRh-`7i+?I zvhyTEy~f;hMg>X=&~qe3>1Xx*d0L10<_*TEaR;+M(Jsn_<9P>yPQG~)OtsVe@Ft|<@$XIiLGq&I{Ac%ayymg)0`Y|P$xrli z^hyEpdF379^Pgy$bPvkyp$%bDLRuBoWKAa8EZXa1BGzpAe7`U9XPZlI#(nEz^U<66 zYS2a)f^6T6$2~JR=`-Y#dU?AGOG5M=k61h31hGJbYegzEfhnZ7giO z3vYa%UV#<)9`lVAV0rBL=PQf`&HR0xt72kt<%V?+Z16wuU{zJ+BmQ;%+aJ8+jt%$w z@3{AVKi?jzNG#yMJwR zYrTlOYL?!Q>68T>Q{oqP$NZwS9sx_)kTzK6%d`N}5-mEMXvmKXE{Zp|e;*G-O3XLE zZ!8$SNASQ20DfhFUdZMMa(C>AtQbGWIrMm8h4H3tCj7uKHD(_9fswpe$GHQl@B8?p zUx_~e*lok>0ekS5A?Tk1oP#3}D9qkLI=?J0V(fzmZULPG z@IMZ~{|3Arf5H=;78A*L5JU$$*jfCgSSLy}98Kp(PEry@!g3IiQpyE>hdJ_}^fcTx z;L@7-5B@>rxHJqeelT^lAby1>S}uQk)cWz5qPQ zmj6@WDK`AyfT!E=FM&guvS)NB@KWH_R)yp}*t)o$a3hM7ZN^z72?_Q2IIBt&>7oF3 zsxGQP=060y%$5&<=>V*DOwjK`9=|M&>HieLxkmL9XloE@oL>Rd@f##Sh1zz(fb5E2 zg27*|#SMvyo;2dkSBAO9hR_q%Wfe2+a9>L+I7d=NuTq6Z;0?aR~#jZ8TKZpd$unKrP@Ip)Ru5Fwc{{;Ph zoK_`)#F%uQ0$v2%FX%7W=`r!Rz5+p|B8bAEkA-Q-V|h{6VNF1**d>cWRGwHP1jDG+ znA@rML<^%DfZJ?2>JV`1f?`qrXTXsLpS9S%V01;j1B72z3!=^qz<-Cfk;=sAjl!ht zMZZQEeh2(4a4~w_I7b*y0{g5A-LSFvL>rz1JRLY}nS1GV(^n7tvIKCWviLG2tQHKQ zrTA9hLIC$Oz|R9u75TWwv@TKp$H?zRiqMGrG|s;Hf%CxwQzBvc<+c3WyFUX#2~uQ% ze&96zd;Ec!B`Ul44Pox^{_EElx>CB&6-J8a8NsB%cF=?ngc;vRULm z9?9nu>YyE%NvJ1;;s;^6NGb&`Y&$dvOKwsX5`^YyGECY9T-e&6zX3mpi9gk9n8$-W zep!n2j2VDW!}0C2^!PkBdoa+X+qPn_X4j5E;JpB{c7rV z;6l-{hk+lp<$nO2Ojy!G@u{5(j~fRZ<4WX*SlkkPfJefM0&&Zy}FgR!_!3fV4|UsI*Ke?oV(|PNq_3;e%nklTHB7ARHrUa556Qkst=);JNq$ zml|}7q<}c$C2Pi z!ZAVcOUk8-EEDVEZ;^i{lnnVFubZ!+$U=(!oFr*7OskO_(hq~Z}b~SL1z+r@W6~Jo+ z4kNTKtAe3e`tradLjNT29^j%&h91E~m>}wpB%DJ+lOpf|40ht55Xgu9P_P@gP_Zu` zPw%KMp&{QI;3>dG1-@F~G;v8B+nxN=HXKHcAfZT*75oti=r_3?8Ri6j5V)9_hK&H; z3OvPX@vs@dJAsQGLLp8^Jvw zXaFv(JYfs)MjMWKqF}oX|21HKi3%~16*M6s-D>f0*o<{q`NKyepEQ^$@@Jy|3#f&n z3x;FyDYyzeEC}wfipya*94cH$Mk(o`!i8br2L=6s2tA)ih98BS;}oRr68Z04lmEa2 zmF8VxW2O0C*jTL1Iqs`BJ{@ExKV^(CuWUD_9M5^mh#5o{0?UKeq2IVewn^nISSV*prP?HqZzg*;e)oqCxqJq$f;o% zOUDsfmx3LK;ow`8bwHqL6272#I$NC@&IAK7Nk+W1Wa_&;zsGSfl zQ_`cwvjnXBm5Wn7Rnh1Ln7kwn_{#dQDVl7>TDu(hJ%!3P!7!RV%HkxrkY z%3StA zZ=!-BsCcu0hkBKF%AwG-a6BAhLvxgmm7$PMxY}R)$t9O$>!5q_qz{s9a@` z$MGM^iec@I5F8j|1AtE#o;z>ylyAds8 zzC((B*hbv&3+)cu0$3;A()fqEo)d)=P=OqN3FsTyH3=n*Juhj(%0FYmK_x^2S|%$_ zfE`F*EyGjQv^~63(GRb&=z05xZ?_dVt%lHWFqN%Lgv7FfM8Bd>MAyjSmk6c@grMZz z{6z^v69)x6!j0Qt2`6Iy|FJ|+_$2|4w6$!ct!1>c{)wO&1xB*sQIoK$3-ykg3K+uD zHEMw*fRVKRz?H^Un*vpbBgph_as?i2xdlg~&k_|qjv@!}Cnuri>Hkxicz!3bC zJj!^Jd@yP`|C38|X~{_e#$J^LATx(*xAI2h2czSH#t%*WOu|j7tpBho>xWk4q%TUsX0fM^!Ms(MAJ}%EpX8VWa6%LL`IFQEC9S zKedES$iC=XKCx=q;hf z2|+daOsG%>y!LTO?HUdBlp2>NpgL(pFcI29Uw+k!(Z z6|I;3ky@@QPK6L$MUXTNt(TUZc1T%r8q_OWmUdc>Y0zI_?B7LYlQJ0lsesenYAB}H z5WQu8EWJrtW;!a6mYj|XI%MIiie^fxN}m!?6;D}hqp48SHhKE^z2GxtyPDdkgwV21 znQ>Tc!>6Fnx76#Fmz5f4(3~&k{~5M9e@2nwIb*q+l4q33wE*p( zf%`%^x6i;WSOk9524l^Rq;FSq{)}d|Nttof2Dh__^S7DM)=bfunFqi}2s)G2k&w># zH4}y9Qkz+zme)*ZJW|OKo^9*C(iu75N6w_I@)o&IIQ}Ud3Nb#I?R`CqYLVwF? zayBZKYy50T{f($#cB9&o&)%g9&pxe&?(C105VJ1=77d%-t%R5Zdy;j{$>eoe<8KZs zmXgkCu@OOPDbO5LCRfNg=WX;|N{E21fC4J zb9=Db2A{UUT}&G!_~e(W^n7UIr*i(!zp66k!v{#bC@>$bk!$~abVme6Ya%cjASbB# zXuva~?1EL|jtbgbaGSWJA{cWFpU#7TLmS0>PRKK&z%szQMFE2Miu6T*F@f+~GlE|c z>A8T9h;)MA5b3i4zbVoQ{)I>OglvHk*iUu3{g7JMKI5R5U+?+KxW1s6p+;DU6f z$)Q+Kz%+TIQcz|~uVUJ0p^1Vp)5b`+K|O}S)3=afw4G`4*-pVxrlpDk3&#s}q2h&; zgtiDqU%n}6Dwvio;WKKlun=}5cfAWQslCENbhmXkjq$e#hx?|9!iy3W(V_~)Xi=?V zw5W+`($^z%0Kb_Sr;2Jy!^a}Vq;1mHPpB_4rKn@RJA)Lbx7?tsK2&q*I z7{6MhfcF4CDqu8T!yoqoM(3U!Nmhmqc^snkba2T*f2d3+hE)P?!f%6s&)^q~IZZEq z4_h#uQF62k7=k*`2%@30Ne(oE!zt()2Nj}>bUdW=3OEyRihxT2i&oOPBWIbF?qYyR zD3oy0i$BQM!*e#!Hg=S zGdp^VfI9#m6Yy2Qqz%w`h$r$m>;~K;U^I$rhG-y=5lR#psFXCo3!o(iGC6z@aEXB1 z0asWsowK16MnpqrY>XxWR{};Ep1vLMSqr9PGzJ8ubUJ3~@>p<)&d<2~7D8udT=*j* zIyd85E#O0d!xl`(VO+Ze3;|roBYHXp<7%~FIs)T5Ctx(t)g|C`9JztuL?2%UIGy^R z5EP6Gij4DsO9b2txWaV9>H|*A_j~(3?b;*Fu`=7BBoNnNQ(&z z7!8RLJn0NY%ps9}5by;Hrn3>DK>-V)^8$m41Y8ZcOu*X#1EwQO zj66^3-~PHb^&()J}=;_fKi_K(ChqIH~OCtdY2!YBw#R&Ef6r6##UG` zy{@MiokUNs>SLP(TnJdSehSiJMeC2jiXok=K^geiqsCYgq9wI7UzyOPi=^gM8QSkz(afoQ;f(tl(2BD~e1zmts z1l$8SV8Qgdmmc#I4ZZ3eS|(ud92$b;Jfj#$qkzi+9};i_UA^mVFZy6 zPHoZ7*A7i|ExLsHs>{6V4P(4x(IxZgH}I{)1@jI3(5l6Dn0>FglC}SmzBj!(l;JaX z#2G$w;c>%jcrjO=Hdh^o3!sDM#^c7s*kh>0kD{^o^Ks{!_nyZb`62hVcksM<<+vf8 zZ_ddud*-+jomp8kc7B5IVIS=|e%A@(V=ej+KE<4g&$bUAU-qUkls-qk{Vg~M2%3A} zG7>BIW5vg}E>U%9^L_O(_@F#Z&#hm=0)!Kc&#lf)egU8Kwf8-QFEJ0}v#XB!WTx*= z(;Jajf;?CK0;XsAnIpfguRF9DuAa8RI@|g>kf(*eWJ&nq#S7jZb4;tTG_;4DJk-J2 z1HPfF#5Z(BwY8&a_QO`_dpS6LD7y?LK3=>TU*T34Vuu!P)z62USp%vX zO&`;ci?!y=fi)-cKWk5w(wvs=+7fh1o%TI|nBZfpsDA3FSV> zi0^0MKFcFNEu)VVLkoU`FZs38^$-Lf^HtC%oOR)PKPqA2b)vFI>ASoBqv7wEhlB|K z4u2<^9)5xEl`UZo^zVVNHCYY;YBZavL7B7SR(iz4gnYe-~@h$Tk7pkgi7E@I za2n~9cTKuTqfhqTS!w;Bg=p%4fsy5qm!X|^#XPaOe;270c0hu&FodOY z^lR5lb{KikBEBd`{&<^8+rGO>1$OQwtN!ki_;$7H_%pvSW@@ATFvg_XW_&3O7iwG} z%w!lULF_}un4i84nj|yfwDIKVBr;8yTM{WaqTd(LNg+(FM@}2V&Hp%!Lp~$_73;^m zba+;&#@HW(ng0^tBt9wc)e?~wli#K_Z+!Vxs*mv4{JoA0{3cLZew!m~KKhQ47h95l zk`*F34cVv7ciu6w<4b|g$lvRvU#uz4YIDdhjqGvWtROz;UcUGUIZD9f(_c4jiLb8Y z&btn@3MLSFCo;WaP8HdZW4N zJ!5jTwand!zIfw3BLuetvwwxJkyn}9eua-X@xj!uj0e(EvfFH<9VP|bM@!7+PcVYT zx&?DRZ!S8EFCa-?`zrYTy8$|Z}^n?y!p|; zK~1Yn$NTuqF5O)IzVR0*ZPCBOK~#~s<=~gg#D7!W5-r>dC;biv-SQ%nv+8PQqF1 zw5!sILtW_ln_;E>sSaIy-S=9))`EW2Hh$Z4By^&?_}P5zz}z}42`wzR z@vnP|;o++$YYs*l`S>OBId+yT3OkChpk z(^xsilvAY0egEs6y*XE&-se5PADp$n)?Rz=9iTh4lFA#$oF`UvZ(SI z?FY+;&n&ChRD!khOnAf8a!_Dm`M94Bdj7!_C?#^?;WLEd;+sZajsF9K+sbwhXWvd@@S|{)Jjry12jc zUX}`a%No8yhr1Ll7=y{bxM>d-0O+`lx2dhr%uX7G z1|PBR_U>h8a++EHoCY>v;~vA&N?2Airnp#j<@i>n-t!TQy5|oHGc-XH6P^H+cH#~n zf58zKdrV!4fLgkQMJ@iN%n0YJqy*uAjX!$9F>v$+r4Gy12E=(VZak;}5@0y(GYIh+ zt%TE7wUvm@@`JVSU2qIbjsmCig&S5z8xrAxqU?oTW^o#paGUjSKJW`i=3NujD$0PR zRK&9ZwQB3<>guh>)V0-sX#q(~aQ(>=FBDDq#-l76lDWS;smO2~ID5D=yL|45`(r#}f>92YXpM zZ3}>~YD*$~!sK9ol87$HA{lQN-cfi*VSf`&dz{LJOvQdD94@kHF|MW}g4|v>$qH|L%CQU#rny6^7uX z`r)$CLz4Ny-{JSDmX^k1#fnYhx!>~6zhj1P<-@;pOeAssp^q^rvB0E`e(ljOF?Nu= z{U2C*Ao=QBLfR7zX@Bn@SWvX`uuCF!nn+DGQgbdjicDh6H8@M^B4+m`;62XYxP)Yf)K>Czg@IK~-thQKU!g^f z)K~-m?!Z2y+K;|++&QAzl(E2S|NUAc4TPX<^MQ?=2pay=;1%RMKJRPCu+S=6y=OsQ z_@=KNkM*2scqBa9xdV&4S-kHzSol`y_4zCpPJ7VFhLbJ6@Ega#zW;K-HxUWQHt$yW z+9T37ed8FW|Jh`vk`D~kCOwLqNTl&&(F4yWpa*gN1x+rZDGkS5wB4ZipBs;&n=bp0 z8NPCp<>IHSZF}__7s+P~Rh-*&<4j78#xRK;hli9;NN}<1n@mKQwBI;Fa3vi5_&-;! zVvbSj-oj?;M1Dz4tofY=--&^)>VSP7m2Eg?iy;3nLFJ7u0zpN=u9 z)T^`@L(*uXu_*9ujWJ#}be<%aPMFprAihWNcJkf-gdogH*^ODUNr}LgM%|NOco{L& zMNJ$FU7XC+op=`o{x;1Ve&4;t-}n|Pxfoxy!S1KviX$8%Ip>Nab_o2eVI_yv2K5PM zrl?ooUX^H;BY>F2pS|K(GxGffCQ*T6XtQ+W!H!vLH1ahC@^EewK_2C3tQ7^`AH~Oi z>zGk+krb|{lysiJyhdJbe7oXZU{p`2g`@nVHpiOC(*=U>t-(#?3;*Sav7PS6 zEB=MiYH|#o{!*T27D(E3pI;%>} zIaCRQ@ZIs)Kz;a(5Yp<(Z1Q=BzJP;6fjN6mHZaG0?>N`@#9;U*HT0OzHxT7c^yIy+ zI)0;1(|2PY*u^@$^`>9rb?|Wr6qn&ys7T+`Mro~S+!!ZGa5uLUuJ*j%dZikDVSny( z`!u9SJ@>h~6e^V*@EoRi?=E(jy8XdyKf}bj8Q!R=4_!D4$lidlMB+iam)s3JLP5@3D<;Wm@>d`xeFYB;u<26P!%r9k`xzB(v4zVZhL58ZTUl$JAoBZ9qtMDO%C z!$mHxMsHj;>;Ih3QryMvRytAGTXy4ui>5D2)zTncg=kuB$9p0YsrOG04 z^l{nf#E*V-#4dB1YRI;YPGu`|pkV1Zp~>O)Zm^%k*z)Uejs!3HSdq59Vy;N-hcR>` zDV|sZ&#(J{c6jdYkfoTSYXK+V2%rV;WK^}>sA^t2=9E4B5ZBuBt)>S?3sm3GISeX_0ESiKQF=O;tN7hZD=8gkZOVW?0> z^o+1$!Mg?v-j_pXVTz>{p)qp#iJu&+Xll8JU2!o-LDCS2-e3b;rbhq(Iyl*~S(JOWSaRus>dRcy#Zp z*Gq_*>xPrMxt?dpWYcwg?gs9=4Q5_Xr`*99gbE6$j=*ZY*t_+5HHc4;O*ff;qn>)z z=(MKJY?9-hIqGE+mY{s05Z1s7gPiRh@Y!>*;_eHsy(pLa>W#}OTOjjCZ(Ll1LmBVh z8)qwStD_N&$^YnGFPvu)<7YBk=0yDLx&=;dn{G7j8P9BRR7-geaoY``djeqfD>>>D zq{eBxg%LU#3^)aH5??`fkkjJb;5bF{V>Y*wWCX{4*EdsDzBQXLsvG~zSKh$E&eD{} zF%ccTKA&&B;aH^8WSES@+22!dnhHvZ8s7&5J%g#f@!HvqU*H@Ly(6#;*prJ7$ZTS6 z@6l_`b3)aeir?-p(Vr=yyoW|U&sf8GoJu|krMz9eoZED*zIL7d|$vrZVt;O;Gp zNI74tN_moS*sl5bnoelPH)j(!glHv$BMO>4pI_^Qq@3mP0msDT$$J)J>Z~aNp8~WN zWbjDF;1}-uvfJr>`lln^^O!3cEKLsn zR8RS+`$-Rz2+#oXHeJ66QEMYPN1P3KGU}StwxYm~2aw;1yy<3M-N=jz)cM3-L_*H4 z??*vJ%1%+>r~N3TBK={cZAPa7M!DVB{pDG$Be&$(Fx~w)t2>cqL$1#k4Ivrs>1}E^ z^h}qGKl7v3S3gOj2*yGbe>x4#4^jN-Q#oWP`-9DDZkN+8N>53Q;UT&p%Hr z{)uELkyJQ3qMH15H#C{2ZCIrqCfS4BUHW;_t{qO+VY526k-)w7#q1* zi=#p?3kzas*@KD}IsB(Y60?egr$Eq=Js`-HIWy2X9zO({eg2cGZ^fK(^oJyV1^L6i zc*fvE!?h&d%cc#S^Jz~bydhAFQ%r{XXaa3W*-8VUeP0mnI55OTeV|{Y{ll3DjZVkJ zfqu9feR7=QDII%@WL^Q>`WK46u@+2e&-a6Av^Io?#O6xuGpMrxA2#zh4Imo8+!aJW z7`O739OXOUq`t!87WMN_C7=nk{n%mA^x7jg)AZl(ilxtdgO)`GF=uK_LIe3!nK4nC zm9Yje?xsbmNJmdyrAmte?Pu}+JvI;?@2gi2nZ5qQaeRZRv?%azIQO35h~<0i+8_8r zRr^1<`Z1|j{$zMb<9!w?F?_B=8>MG37!%%H&J42q;o^#ZzyX?Dd_=bmL zit}E>uiB@de5~b?yEfxu96M_iW3~pAD<$u1R+&X+e$x>fetT7%W?q&p-V_&&-?xq6 zW)Yc)$aLOI(}v+ID&s>n?CLe`7Nwfst7$2r_`%l9&7ak@L7`{NkQT+8H0=)fX73w< za`XB45G^fPVwBaQI*@5TG7i<-4)ae!v_TG3Y&*?gB?KK56RSkmO@C^Taa9bbwoWZg zS-}hO>Q^t25Z~y*@6>SG{3l(>c}RSzE+ ziVBPdrlD>3hiWPPWZOJud6tfhE&SzBZA`xo5rwkGx9te(uiTkzqhJi{BcC zP#K>`p&k5D3N`ZGVQ9`p3dK5-a5>7!zYfzy+J+yvQ6iL`Y zzSILPzRGt$j-udANEE-;1IWBQK3s$APQ^x(c&4D*45_nR56U*$=F5Ciq-|A(d`droXksX6>4hd9=Fj#* z+b{C>dTA5;Ac3Cn28^85w}s|1-g}|q=1&i^YuwvgiyP}RGvG=moDtH{d0r|0T+20L zA#-8%B0Wgv!VdBGdTTL}VW)m34fXa$AA(!GHLh>7VL%`kc5C*NcqfW5F5%eQXuyha zK6-aKNw^3vM0=>lY!Q9};XH&li!c}-O0~}w;nScr3E|Zud-Fo{KB0&)9`qC*TO|MbKh#)dJb$(?+_v3iMB<-Fy|-KVp>E;IZsA{b3-9d~ez{xt zm2P2Mv*`%%%Wm;kZw}kR8}l*gq^qqrg`>NL>Bg7wi2S+T!gFp8>vnXO`G^8*x`qAS z!uToBd_?|daF?nUF~W_M{dZmI=xs=HV^`P!?0>!~tTX$km?x-b8%_5lc9KNn5fyaj zNC5dSA%oM*uR`-0uES)wKf>)uKZ)4~!lK6FCeU$!(IP*j*?b~EppFdVAbG8bk_GO- zh06m73vVInM1(tlz$Xx_XN)X@6`J0tf^MRqK8N3ikuF_ZsQ-yD;VTpQNwkdz1kjC7 z^%P?RAnU4d=%RkiuN_ijbFYbPLPQ-j=8eZ>jDvd)iEd-3ZI_42uvuO=e%l%w1r0pkMCinPF>WpLw~O#9bpHwz5JKccA7+98+bNO0 z4XPe}9Nr+p-GtEjAB+_^fiKS-V9pan3_V29RA`F7Awx03!dHy*8-%IPvdscCn-7nrmgMhAdbXmb`69#B4ihWG_7#=f7Tgqz(Y5nTHj*RGuZyw)qNAaR*i&v~zwS<2# zNE^gIO}B^MHhS!$GPZunqP*pIEL&T&>=6^5x@_gLHH+6SLqy5q`_`}rmOb#ms)v`+ z`=MoPDbKPcOBUU?^1ii;mX+0wPa4E0-;Swk^B^shPi|HR@~Ttz2)=xlt#@5TatJ?h zOda~#6VckQ>^#n`t+S6>R94q#O3G^=y0yQ+qZx){LKqr?#|8#S%PadO%S{aFTWLz9 zCNVZlS3_1MydQEZ;X_7#3_U!g-lWSI^(ur@WO779&Lo_H z%gqw5w<>cSwhW*gz%yFrX${KL4tW#tTE0b)HW&3v>a+%{Wg3vmmT9Lg;xr6(*)pvS zDn%d-K_kXWIKs*kf>Cy>jEBmQjR`3ejiL63Yzr!|&mt(KF$e|`l2E5=ImRJd1Ic!0 zqQwd4bj&CkkmGS;LXScj1741SBnWbD#^jbM0|#I@DdFQm6$Dp&F)043MNlX>A&Ce> zmt_e&^y5%he5uua_4=R><`kcacNZ=taZ<8dPgj?GZ z#z^r>Sijfmr@kw#e(LM9d=}CD@h+riad}!62BA^_Z^4>N_V+EjEj+gzvGU*2Y;p7! zbQ$3^#-D4GRoJ!FD(q^s3cJwaB2lpmM99|kd)O*Vo>-)y^=q)o_SmPMvoEQ&0)S|3T0ETlRTQ-mxVxh<&dKFc>zB!pUWC=!j4TZlIOW77cOkrfXpv%ESDsJ47r45)|At1b`? z0E=#yFetrK!tGe62zVffl+rs8EtcAFAo56f5Qx4@1ZBEvWg5aP?J)#Y%hnIsY*jV{4Upq!NRV(0jj-|zZLrD?y(nFE zq5VTITdW=i>SP7Og4jL`1>}61ggmmcq!KHC(vBb)t(SO`otEp4WOqLX?93mITpv++=0s>Q%~9D)4m0w*>)ui*}KWkORo;f0}9s2JZOr9M}fCp zusa9_&aQZW5DeZ{0*^7SMhEd>^en6MMuUiQQQ7Ev#x_WJzvb9vG!Q)^;>RRePT4H(G zgvX&CDI?>&mL3>)Dku-?BK!suJP-g`z_Z*U!h?R3L}WtPWCfXJ7ShaWt8A9b64b0x zOBS+_=a+)$EHp;W9$BYQzZCNcAVPXFnb2ZYMs7D`;hf^2c%RinIjvSax!QP4R5md` zC>})1224c5OwmL8Cmxakz+ll5QP`Vg74Vh>!9lF{LIk7?lj{sAZ@C~&4#!+nCM(X} zZ^4tCfaMUGgv#z06;DECxe{I;RN$gDmTvD_ z3i?S>H>ElVhJZ-LG1Y0sPtCI`%LmdjfhZrGSSR3uXiE+X&>fp)e7>az3ed=>!q`Ga zPr>q_0{)-^Xr)vf1z@9eI#qBWC_h@kBLcn*7_6XpI!?EtZo^Lk z9hcfl%>+96v{4wD49n1c0tP`gfrw5sZD-7QI?2R|laZeeE$xChISi;Z4tZ2T5FOa5Cq=y9IKMXt zqJug*m88bRx&eCx430YH5{xlMr*jUUNVp0ZVJhG*1>7v)vw$y|a2!}J-3-t{ohFdd zFAf@rrLuHjrwKfCIH$Fk@pLe!wVUuzlnc?LMW70SJOP8%A%a~=Nq|uaA*G)zLO_TC zgBYjNgy}HOnQy{$@a9}$!gT27tQGJP!1$xGboS;H+|udb&Dkarc0iC&h%(WEnPJHf zn9j;V1tK~p3l)gyj4Tv{P<}ceBf%q>&c?#f4FnfB0XGP^81P{MgA-w=S*)1}$ioC8 zI_K(vLPp`!hT(4A2iwQ;=l|fi-BxhcwAo$mVdmGe!VH_;LSA_*ewZDxMCq*<@Gz|~ zf;q(?JG9sAMzqI`ayY?f z35JdC!n26F%dpXXbTfY&xt-~mV@KaQdfaHT(e1CMj~;ugVWhj3@%yjY)A_v~tv^g} zDm>cM0rPMtjV^eoxI^HEapelnE_M$-xptDD^Jsy=W#Sv@KC%p`RoG@^n?=_tas9%{ zuVre3>dr465)Rt~Tn@mc#Ko+dPZ_U$F}axv!ZIiC*kUEs_gq4muQ8>}zmZk>Ur;AR0pNp^UD|BQC6N=R5rm2(vq0wdvs74Zb^n^ z4rgo+u9gz=%0f&es0bGso#l?(%6u2Ih^>9VW?y+M!k>;Q+mg$Ayb{NH6Cs&#WX_7) zp=3G+1B3HVVwf`2qYi|r9XxXf!H zbuAUKA-nNWX_#yAp*i@i&~KO_H{%llkHa{}kGF9rxASonC_{xuB=@MNP~nksKN~89 zEnC=Tdwj=I%20VR$q5~Sf{6UwS8HhQEnU!9}j?v&Hp%eA5_65mysypXYy&Li*ka@(8A>ltC^AN%LGOi0xKy!#_qt8% zANr#2I92e|Ug|6P60E1FJrVuW@yvYI%xD5_Yn88JQT(UxM7pwg|#zmGmw@|Y7FuI9q*`< zY0&KWLY*SZ;8V`a@j2VExIpO#ycvCod(UoMG!8WS(KxDWBO1H$JPY?ZdFo{)j8D(Q zEe>e?JdKCWgOM0(IA$;5F_X1HdZ=-K8n=dDK-5F;GTSsiM0Bt1kRc4P-IUp>Gl<4a zEQAoZ+4DKe_Eo`75NZ~8uig@P=o)#6ezee)`>HLy8;+SlIBdXC>-n4?nXL8fSuP4Y zQFtc*aI%&LRSq&ypMv^&0L}pa-t;sC0;0Y+9zR9Pg8VF;f-55b#Ve+0;}H6z`MN@p zV|lNsM&y*KxLz}l-#-LRKzIhdIU>{&0czs_maQ`0zq)j532S zEW|CXIrug(+EC1|;1xFmqLWwA@z;aEN}pJtfsaBr)1kR* zfd>O1zC4*_%ufEeVrL@Ec5hS1-#*-vKD$6WMDnsTK^>2p8R=Fj!?}J|3YqUHPabIS zatmO7ZJPF^W8PDr+ZXUBrfci<{WNSbT<0HCn1@CIv|;u-j1Uap`IQOEnM%987@96- zwv)xs)mRM4yc)Z5Cez*dM)f=PV*Lp(hNHc#`U~ab8awXES9`qPUH0X(3+;1uAbkt) z?fAkzji@5Ef_vx1m5WF%bp9%BlTMo2p1lXNcFiJXAIAEyv`sj%#&~}vjxMLOa8juR zlXety8XD?0XoFyE!y59%#5T`(H%0ZW16 zS8`a$&V?9LUS`LeZo;Z~tF!Y@7c$?PzLKf zR)#sjP2M#G>(FAG3zd?C5*5x$oSDPJ=T#1dW4y~q=R zJT9b1RW4xBwePYBeDK(Xj~_=t0Y>Aa!TV5`j#Z_N{Drvj0qd%rIV{Cf!BVsQtQZ<} zpUE!r4uhF3=ZldrRIvFfF1X-%L2cNF5mD9Ui$WzWf_2dF7k-OwdKVTp4VZMnL4DT+ zS9!ttDRX=*c1(yY0jFwjPV=~1< zcpmmWLbe@>>VE_m9QUv!q>*iiAse}VrFu^s;+jz&_NWFSzr9pK%MO{xyFpnxQ7^@L z*-l)Rehk#b+Dq}?MwaDdwM6#W2J*Lnr~$1JUw9_rLj_3&prLoOlv9{|Wh4D&+4tWdv)H+Eem11y z>+pq!M1+Ok<9`p5Q5b%2?Kw!s4cH|P#`stON%;zPjG>T<0!Rf+SdkX7Wv~vhSOBq@ zKt`H3E|L^L0#c#17_Ddp{c(c+q?&9oFTw_hY|d%EG4p(5EHHBSvQk5gn*yci<#0-a zrp+f^q!)bXs>8UUhGHEW%fx1HwI-ZkpUXTMY?7uLpM&;u~m1EL2~y-t-o8LjgNC zzG!UKK#c8D$`cSJI5{BmRXF)L0*aH$6TcowIud%Wn3mA9hrgYZwSd|5YFI7oW-jD= z1KlFs)j*ADIlk*zWtdxRxc{Dn1u3a3m_7xdKcO8G>@)DEo5~SxNzl6E$PDA7z!4A- zkELj}UiG0X8~yKlJ%!A($d=bFjC6&$q_IiUc4lE+4(*UNm?iknGS%NM?QD}$_&=5}`PXzL~Dx>j}C_Ksh4;4|K^R;W!yDUEQRv5F?9D$`%XNNxL zZCBg`W-m|v&{Y|$W>fq!Cj<;I($DJe!MN&Kqz^xJ1${ob21{+cr_>ZOn>i*7Zouw=6v>@@Hf2Z!kxE;zky1#)3(#VWbTUp zf(HQ%XsoxN)u|v&CCjjJq}4oCVoI%jhAF9?%SmDCHHV-X0(k}!c$?}%qAP~EnYdM- zNM#LT47WEou0pX-#)!BDWt}zXCctD;uw1A#-Oy>qQgs9KVGpkwb^+MI)Fc{1&5I$G zVUC2$d(2hbjWb<{c4OP+HrNcQhfskt7{-2o6^(?z5o#EfCHpwhI4n@qsb<4&)Mhp4 zhEIYL$_U|tqQ!;)0yjI^K1UQ_TM}Rwuq1q-SqMUj?tvv-S$R(D!SaO{Tu*I+PlS2Q zF+15iQa^gCM6WL@BgL)nBDv{ksp$OBRsAW1_dIk3Hmu~Lpo>d)8*J)0Rf)xmp*Y~O zgNQMP%HEE{U|$i93Lx5Vw$MJ!K-LPa*d3XP3kJR)!c^(T8D4Rh);}(zax!MHp@ptv zx#SCNrc1B!!01rPt4UA`vo_jG`5*7XP3&xb?k+7d=F7htJcblyJ#Y7Wo`*Lt)ME1g z%RlhG^KhQ@#Q=WmJS|~%hJLQlW$ygGGj@I^;V_KaU^Zfc*9J~1#fIq#WCjfg6YPiA z7PXKX4BZj#DK&Px`%%7)ADpLsKO{f9HG<7*VJ+rPNVzzxC9Mh0-IUw4GcC36*z;k~ zTfk4;ts}n457JLt>rIs+Sry@dpLB+)J5Ut!LLl*Hie{iFwX+Ad@Fi4l^*icR zK5_xJ8~J?t0_>&p`TYxEz0kcuN#N5|{^|nkUi1061=^bfGW6v4;HyGytD7JceiPh& zVST}0U8u!RF^saT`4}eQ7=Q5IX1hvdj1FrGw4x(v12GjgqDN@PqP2xJU0ztn2QGq0 z`S_$oI9_yI<@YbrHci(~?IB$N1-A8=-SY}8xPh{C>oLV&t1DNx29)+K*y27nQR#q^ za_K|fFZ0#Eirt@bgGL?}at!5HdN#o{c_Pf+CzWcy)HCFv11w}OS5CAirqu+tp(E+& z4kO;4Sd$C)aGPMdwaXDT!L6{x$*gaA@~m{S4$R%)P_YHNY_@0t!Qp=9 z-2j`cO%N_6&O$Yrlup$DDh#6n#g^MjOlBWvhiczWR8>;U31=d!lhA7-JhGUh*jf*Mj?V zn{=!wnz0<)18;iJlSP4#KEvT1W)a0(y@&0CNz?%x`0a;%*I0_DrQh%0Vh6xo8*v3P zFddv)Zd9_Hd0`m5LQHiTaCx{d(+ijQ=h=%`9B=l6Fsj482A#fON5PnEg=h{ zwvk#wU5F|0IR9{oHcUT`#t)H=rzF(r;kLgm;BPP0a%>+vxNVu161N;QhjpVFM;Vp;t1Xu{y(aAP?!I>MW|aSK_J0ng zT>&(4_1%&-cMJP?)4kfDQKj7p$C7X@4CwN~mBUyVr{n#fc$3)s@OJZoztC2Nw$kd; z|Am^txBf!=4eYAMFW2tGYwL3D%>`XO2GxP-BoF|ju2!b84k7;Oy=R+Jw#RUR7>mpcv?<(kY8~7d$%ADG90p4xFpm=v=J@uuwNFiKc!W5Way~G+g4U ztmNMNwO*-&$Ltha1n}4ma!uT!umh%@r7Cc@@u%&8k9A5xH4^ zv6pWAmbLRYP-L>PRzOF2h*QDq3W#Th=hr5u;7_BcK(Q9Z{fN&te$zk|a3S$89kV{|*Z&usxinz8w@NV=!YfH{+7DHx!DMjK1KPx%YmKwJT@1}sR`aJ3g(>8N z2ec();T4eC<*!fVWqf~I8i zS66A1dYQ*&ThIs8<=nPfyK{1O`B1EApUn4q>pPqM_&uQ9v(;6R^i&xw53$^4WZMj{ zA}mK4i*`A?V(crdSi` zDtO6ydW{y@_x(pmFff0e#ypT%y9(3rAJ=FpJ>5W|R{vI+4PObb^DAq#{sq$o)*--} z?tcpw)L=FkyTkLX;>I+aiXS9YOi)QuKG2QiQz6l!MoF)nf!|7|KLndfcjXMW100Ly zk3NLM;_3X=hj3P2%r86y8JteIF&jDQ%oDJ2iepmBGJvlG)3logB=rOhN`B8;ZP?&a zs+uUrBs;VwS()tzY4|zM>HiDrd1ySlf8hIxV)}i;^eCFoY*S zs*r!TP8&yVki2}v!`gBP`}T*m-#OekD!!c`T(2dmw3Fo{%e4MOjIj;vw_i@dSPz}V zbnZphGVD=lI`>kc8Th5JbG^YyD%eM4aMM1ImiMQ4;d-n=i+M$vHq!RdPJXaV%iuHD zW65k*)l)KsCd~rA;Sp_Ik5=&`q03jnJw7e&mN2+DxkO$P=oe%9#SlMJ);^~7>wTPt zJ893%7;SszMBZ@J)^AM2bDi4DAe5HzJ7!Ob7(aWeGu!uB`pC>esMVINk%&Ky)0ghm zj4`SaUI0Wj31tu|<2;+x61dP})u^r(H4Z_IYL%$5{{K}YKk=A`q4OA|?*MOl%;4FT z$FxBMeva8Kb)T!HJl>~G1)uKsX$d-hEb81(b`uDxKxLTRC2TcR}cx9L^QhgM>SNJs6^L&kF)_Q7S7U_gAcX?+PSh8KQ* z?z6LoWj%6InIodiNf;d;;ZIj;2@6sYeOW}GB`bciMK+C|VV$o6%Q7-(md5!EcP(tu zB0o?X55-A%hlm4STONBCBQYNE!+0orwSYb1?M7TZU%3H$i)MPo&PFA+iz0P7 z%j*?EHqg_1v0N?Jh(!f<)l7#AfZSdY!~=3FFbVmJKr>9RS8KVspP%d1l|O^`+6a+Y z%5yeiY*g`u8zCo+eEUWWe0w|pa3e;Mn_t_gB@D}8#+f%2RXc!wE_or?;k=p2wr_dc zQM;?R>Zg1ls1-T$Z{uluZ2hBVn~n-T`S{F#eeLsl2n4mYkM9Vc7)1mzNcn_l5O>L#9-}I!G z;2;nV*`9>Hl%jBozwx9t^p=noQS%B`fZn2B;%Wb(+{IT{Yc=|Dn9C{1a1u=}p|=Qs z36hD7vm*Q>!tDsBn_;>v7Xnh*4iQG)kY=D-E5f(p7f;Zn;IM@7E0bVQ3t3f|8AeIt z;n7((=WG5N?RJ}fkBo$%;-Two=0hfZ2tOu*!sgKa6z&Z{T%=8-eJ{d3goV*1-Fh=T zObD}5`+HsG4ZwZ|H=;ZMMS6_=8$>iBV!3H^Xb%Jz;43%d))AaFZH5S6H-#rLokfDP zY`;mh!?G=wSrSS*A~IbhbOYgfBv=!AW7DF%S(l90%*bOQ+K*20jHUFil#La?1OACsVv zqHf{&U10)r7II%#go)shZejGX`3Qu+>K1;cTXndO(=qB|}$Ia=^Zc^_|=t?&#bb7jl&AAAXXb{Ptb5^$u4|EH! z>lVfxCi5{l;@s9PjJ?85>Gj>hzsC(1Xn2@>qkbqj=byS|07tUR5I5K4i1VK}r-!0U z_9?_IH`7C7aCeznDZ}FsZa{dJNS}@{$(is_5V{z)V|fTy^+o%EEEFxwX+eZv6zJB+ zp}%8{F2u72k^VNqmk_QO;lE*TS%vUY5k_TRN*Cd<-dG|QBYetC4@&}UJP{@f!$z53 z%3&+`qg%BPV62w6Y|VWSlhyOIhkh|~$*PqPtzErl)#{O>Zskkrw1<_9*FLG!{;lxO zp3x5WT(oA{Lu-Grdd;FS>5Izvb1mus{=#gA4@M}xCwq1$u$~$`W zqB54Z>W*b=9$vO4e;JIi$)r~PubiOxCxYUi4vIe!6#s!0-y51<;^~bME%EmzoT6U6cVSS%qgF!i z4MFjHgW_Kfif_k#Z_%0vANDp9K5fZF#6_qj5#I;xnnk-Bcpt`$kyytYpi4hm41y$0_ajoz?&i*v)!1!W>n5-O9{Xh}=0#w0-wq=HHUp(cmWe)_tj zBqBM{%9MP-GF?qZfyYDz!%=}WSsQ-IGW<(HS!tn|l5OQlSpnxmqHM}ZtIJYa!69jL zm&&Z+mx{jWibrAT<{`D#DxBJ2O;o9eus9MGqy|-xN)?Fs5z8%uz!7a$BlVHdR_jOR zTY@%nZBTrRRd^(jN>-i;xQv{6t> z=C@T6E@td;32(MIlz!P#tE0lLR*pg|%*WKAp8Fj>>0V&fTIh5nZnlWDC~ z8lyqb6C%?XH)BsqIM4dz`Is~KDM`d<1XVWnv{l*I4h!e4z%PwT$2kRYH2%iTwOBe1 zEs)YXuF5b=G$`>bWj4M)FUd$Z3v1#gP&$( zd%0mqzYdUiBz*G}XI1CtdQG9#}V2m1q^#oAEB1EQUz%BtF2OK2|_yB`A zDv)pzuv@^V04It(`vE73co4}_Mf^p;;Dk}O6>x@tQI2__|BZx82xNvRMLF0nZhAsO)?Zk8-S3=Ar&yY6gZN16wW>;>E);5@+lOgIJUY`=)7Rvr*=3E)Elo(1@@$bXXN|08A~4Ur6$6Q$`Y z;AR0w13oU`)qqXU@j^z*)(-D@V#VkyxJC4f&Mr*YQ0iOa4qNrjz zu+ioU7%kU`0~CK1Fv0}WA&quiz`#w1g%m$AKO3xci@+toq6Ksa6SCHfrvsRfdK0F@ zmynYtJSqBTKDXPy?%PGV$|N3FVRP}%?ooP&Eq38Zu90EGO*Xu?NsWBuOSb-X&y@DI zO*+eSURQ={lg^^^b^i3f)cCNKXc~1O>%pg2*kZK2y8-9ns}^d!E$?~xA>Q5^c^L?~ z$VYys#`k(~HOeGW8T^ITEqr*OR=gkQ=x)CIRV`kd(*n4FjC&&=+JPL)@FyP}S~2#2 E0f4EmBLDyZ diff --git a/source/libs/libwolfssl/ocsp.h b/source/libs/libwolfssl/ocsp.h index 62313a45..8a8dcc53 100644 --- a/source/libs/libwolfssl/ocsp.h +++ b/source/libs/libwolfssl/ocsp.h @@ -1,6 +1,6 @@ /* ocsp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -111,6 +111,7 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, WOLFSSL_API int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID *, unsigned char **); WOLFSSL_API const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(const WOLFSSL_OCSP_SINGLERESP *single); +WOLFSSL_API int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b); WOLFSSL_API int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single, int *reason, WOLFSSL_ASN1_TIME **revtime, diff --git a/source/libs/libwolfssl/openssl/aes.h b/source/libs/libwolfssl/openssl/aes.h index 83121c22..afd6fcec 100644 --- a/source/libs/libwolfssl/openssl/aes.h +++ b/source/libs/libwolfssl/openssl/aes.h @@ -1,6 +1,6 @@ /* aes.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -59,12 +59,20 @@ WOLFSSL_API void wolfSSL_AES_ecb_encrypt WOLFSSL_API void wolfSSL_AES_cfb128_encrypt (const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key, unsigned char* iv, int* num, const int enc); +WOLFSSL_API int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); +WOLFSSL_API int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); #define AES_cbc_encrypt wolfSSL_AES_cbc_encrypt #define AES_ecb_encrypt wolfSSL_AES_ecb_encrypt #define AES_cfb128_encrypt wolfSSL_AES_cfb128_encrypt #define AES_set_encrypt_key wolfSSL_AES_set_encrypt_key #define AES_set_decrypt_key wolfSSL_AES_set_decrypt_key +#define AES_wrap_key wolfSSL_AES_wrap_key +#define AES_unwrap_key wolfSSL_AES_unwrap_key #ifdef WOLFSSL_AES_DIRECT WOLFSSL_API void wolfSSL_AES_encrypt diff --git a/source/libs/libwolfssl/openssl/asn1.h b/source/libs/libwolfssl/openssl/asn1.h index b31fda47..14efe494 100644 --- a/source/libs/libwolfssl/openssl/asn1.h +++ b/source/libs/libwolfssl/openssl/asn1.h @@ -1,6 +1,6 @@ /* asn1.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/asn1t.h b/source/libs/libwolfssl/openssl/asn1t.h index 871e4c9e..feafbf09 100644 --- a/source/libs/libwolfssl/openssl/asn1t.h +++ b/source/libs/libwolfssl/openssl/asn1t.h @@ -1,6 +1,6 @@ /* asn1t.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/bio.h b/source/libs/libwolfssl/openssl/bio.h index b7ced08e..7f9b049a 100644 --- a/source/libs/libwolfssl/openssl/bio.h +++ b/source/libs/libwolfssl/openssl/bio.h @@ -1,6 +1,6 @@ /* bio.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -68,6 +68,7 @@ #define BIO_set_fp wolfSSL_BIO_set_fp #define BIO_get_fp wolfSSL_BIO_get_fp #define BIO_seek wolfSSL_BIO_seek +#define BIO_tell wolfSSL_BIO_tell #define BIO_write_filename wolfSSL_BIO_write_filename #define BIO_set_mem_eof_return wolfSSL_BIO_set_mem_eof_return diff --git a/source/libs/libwolfssl/openssl/bn.h b/source/libs/libwolfssl/openssl/bn.h index 93be9513..474001d8 100644 --- a/source/libs/libwolfssl/openssl/bn.h +++ b/source/libs/libwolfssl/openssl/bn.h @@ -1,6 +1,6 @@ /* bn.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/buffer.h b/source/libs/libwolfssl/openssl/buffer.h index be298d1f..f090d19f 100644 --- a/source/libs/libwolfssl/openssl/buffer.h +++ b/source/libs/libwolfssl/openssl/buffer.h @@ -1,6 +1,6 @@ /* buffer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/conf.h b/source/libs/libwolfssl/openssl/conf.h index d13f84a3..246fccca 100644 --- a/source/libs/libwolfssl/openssl/conf.h +++ b/source/libs/libwolfssl/openssl/conf.h @@ -1,6 +1,6 @@ /* conf.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -75,6 +75,11 @@ WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf, WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, const char *section); +WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf_nid(WOLFSSL_CONF* conf, + WOLFSSL_X509V3_CTX *ctx, int nid, const char *value); +WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_nconf(WOLFSSL_CONF *conf, + WOLFSSL_X509V3_CTX *ctx, const char *sName, const char *value); + #define sk_CONF_VALUE_new wolfSSL_sk_CONF_VALUE_new #define sk_CONF_VALUE_free wolfSSL_sk_CONF_VALUE_free #define sk_CONF_VALUE_pop_free(a,b) wolfSSL_sk_CONF_VALUE_free(a) @@ -95,6 +100,8 @@ WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, #define _CONF_new_section wolfSSL_CONF_new_section #define _CONF_get_section wolfSSL_CONF_get_section +#define X509V3_EXT_nconf_nid wolfSSL_X509V3_EXT_nconf_nid +#define X509V3_EXT_nconf wolfSSL_X509V3_EXT_nconf #define X509V3_conf_free wolfSSL_X509V3_conf_free #endif /* OPENSSL_EXTRA */ diff --git a/source/libs/libwolfssl/openssl/crypto.h b/source/libs/libwolfssl/openssl/crypto.h index ebcd4079..9b804b43 100644 --- a/source/libs/libwolfssl/openssl/crypto.h +++ b/source/libs/libwolfssl/openssl/crypto.h @@ -1,6 +1,6 @@ /* crypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -26,6 +26,20 @@ #include +typedef struct WOLFSSL_INIT_SETTINGS { + char* appname; +} WOLFSSL_INIT_SETTINGS; +typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; + +typedef struct WOLFSSL_CRYPTO_THREADID { + int dummy; +} WOLFSSL_CRYPTO_THREADID; +typedef struct crypto_threadid_st CRYPTO_THREADID; + +typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA; +typedef void (CRYPTO_free_func)(void* parent, void* ptr, CRYPTO_EX_DATA* ad, int idx, + long argl, void* argp); + #include #include @@ -33,26 +47,21 @@ #include "prefix_crypto.h" #endif -typedef struct WOLFSSL_INIT_SETTINGS { - char* appname; -} WOLFSSL_INIT_SETTINGS; - -typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; - WOLFSSL_API const char* wolfSSLeay_version(int type); WOLFSSL_API unsigned long wolfSSLeay(void); WOLFSSL_API unsigned long wolfSSL_OpenSSL_version_num(void); #ifdef OPENSSL_EXTRA -#include - WOLFSSL_API void wolfSSL_OPENSSL_free(void*); WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); +WOLFSSL_API int wolfSSL_OPENSSL_hexchar2int(unsigned char c); +WOLFSSL_API unsigned char *wolfSSL_OPENSSL_hexstr2buf(const char *str, long *len); -WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); +WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings); #endif -#define CRYPTO_THREADID void +#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID +#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID #define SSLeay_version wolfSSLeay_version #define SSLeay wolfSSLeay @@ -71,6 +80,8 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SE #define OPENSSL_free wolfSSL_OPENSSL_free #define OPENSSL_malloc wolfSSL_OPENSSL_malloc +#define OPENSSL_hexchar2int wolfSSL_OPENSSL_hexchar2int +#define OPENSSL_hexstr2buf wolfSSL_OPENSSL_hexstr2buf #define OPENSSL_INIT_ENGINE_ALL_BUILTIN 0x00000001L #define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L @@ -79,17 +90,25 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SE #define OPENSSL_init_crypto wolfSSL_OPENSSL_init_crypto +#ifdef WOLFSSL_OPENVPN +# define OPENSSL_assert(e) \ + if (!(e)) { \ + fprintf(stderr, "%s:%d wolfSSL internal error: assertion failed: " #e, \ + __FILE__, __LINE__); \ + raise(SIGABRT); \ + _exit(3); \ + } +#endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_EX_DATA) #define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions #define FIPS_mode wolfSSL_FIPS_mode #define FIPS_mode_set wolfSSL_FIPS_mode_set -typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA; -typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int idx, - long argl, void* argp); #define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback #define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric +#define CRYPTO_THREADID_current wolfSSL_THREADID_current +#define CRYPTO_THREADID_hash wolfSSL_THREADID_hash #define CRYPTO_r_lock wc_LockMutex_ex #define CRYPTO_unlock wc_LockMutex_ex @@ -98,6 +117,13 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i #define CRYPTO_THREAD_r_lock wc_LockMutex #define CRYPTO_THREAD_unlock wc_UnLockMutex +#define CRYPTO_THREAD_lock_new wc_InitAndAllocMutex +#define CRYPTO_THREAD_read_lock wc_LockMutex +#define CRYPTO_THREAD_write_lock wc_LockMutex +#define CRYPTO_THREAD_lock_free wc_FreeMutex + +#define CRYPTO_set_ex_data wolfSSL_CRYPTO_set_ex_data + #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */ #endif /* header */ diff --git a/source/libs/libwolfssl/openssl/des.h b/source/libs/libwolfssl/openssl/des.h index 8654cd4f..a6bf3d7f 100644 --- a/source/libs/libwolfssl/openssl/des.h +++ b/source/libs/libwolfssl/openssl/des.h @@ -1,6 +1,6 @@ /* des.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/dh.h b/source/libs/libwolfssl/openssl/dh.h index a0454930..a18e78c1 100644 --- a/source/libs/libwolfssl/openssl/dh.h +++ b/source/libs/libwolfssl/openssl/dh.h @@ -1,6 +1,6 @@ /* dh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -64,12 +64,12 @@ WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_dup(WOLFSSL_DH* dh); WOLFSSL_API int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes); WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*); -WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub, +WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* pub, WOLFSSL_DH*); WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); - + #define DH_new wolfSSL_DH_new #define DH_free wolfSSL_DH_free @@ -80,9 +80,10 @@ WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, #define DH_size wolfSSL_DH_size #define DH_generate_key wolfSSL_DH_generate_key #define DH_compute_key wolfSSL_DH_compute_key -#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L #define DH_set0_pqg wolfSSL_DH_set0_pqg -#endif +#define DH_get0_pqg wolfSSL_DH_get0_pqg +#define DH_get0_key wolfSSL_DH_get0_key +#define DH_set0_key wolfSSL_DH_set0_key #define DH_bits(x) (BN_num_bits(x->p)) #define DH_GENERATOR_2 2 diff --git a/source/libs/libwolfssl/openssl/dsa.h b/source/libs/libwolfssl/openssl/dsa.h index 21135544..e34943aa 100644 --- a/source/libs/libwolfssl/openssl/dsa.h +++ b/source/libs/libwolfssl/openssl/dsa.h @@ -1,6 +1,6 @@ /* dsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -68,6 +68,17 @@ WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits, unsigned char* seed, int seedLen, int* counterRet, unsigned long* hRet, void* cb); +WOLFSSL_API void wolfSSL_DSA_get0_pqg(const WOLFSSL_DSA *d, const WOLFSSL_BIGNUM **p, + const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g); +WOLFSSL_API int wolfSSL_DSA_set0_pqg(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *p, + WOLFSSL_BIGNUM *q, WOLFSSL_BIGNUM *g); + +WOLFSSL_API void wolfSSL_DSA_get0_key(const WOLFSSL_DSA *d, + const WOLFSSL_BIGNUM **pub_key, const WOLFSSL_BIGNUM **priv_key); +WOLFSSL_API int wolfSSL_DSA_set0_key(WOLFSSL_DSA *d, WOLFSSL_BIGNUM *pub_key, + WOLFSSL_BIGNUM *priv_key); + + WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DSA_LoadDer_ex(WOLFSSL_DSA*, const unsigned char*, @@ -84,8 +95,17 @@ WOLFSSL_API int wolfSSL_DSA_bits(const WOLFSSL_DSA *d); WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_SIG_new(void); WOLFSSL_API void wolfSSL_DSA_SIG_free(WOLFSSL_DSA_SIG *sig); + +WOLFSSL_API void wolfSSL_DSA_SIG_get0(const WOLFSSL_DSA_SIG *sig, + const WOLFSSL_BIGNUM **r, const WOLFSSL_BIGNUM **s); +WOLFSSL_API int wolfSSL_DSA_SIG_set0(WOLFSSL_DSA_SIG *sig, WOLFSSL_BIGNUM *r, + WOLFSSL_BIGNUM *s); + +WOLFSSL_API int wolfSSL_i2d_DSA_SIG(const WOLFSSL_DSA_SIG *sig, byte **out); +WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_d2i_DSA_SIG(WOLFSSL_DSA_SIG **sig, + const unsigned char **pp, long length); WOLFSSL_API WOLFSSL_DSA_SIG* wolfSSL_DSA_do_sign_ex(const unsigned char* digest, - int outLen, WOLFSSL_DSA* dsa); + int inLen, WOLFSSL_DSA* dsa); WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len, WOLFSSL_DSA_SIG* sig, WOLFSSL_DSA* dsa); @@ -99,9 +119,17 @@ WOLFSSL_API int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest #define DSA_generate_key wolfSSL_DSA_generate_key #define DSA_generate_parameters wolfSSL_DSA_generate_parameters #define DSA_generate_parameters_ex wolfSSL_DSA_generate_parameters_ex +#define DSA_get0_pqg wolfSSL_DSA_get0_pqg +#define DSA_set0_pqg wolfSSL_DSA_set0_pqg +#define DSA_get0_key wolfSSL_DSA_get0_key +#define DSA_set0_key wolfSSL_DSA_set0_key #define DSA_SIG_new wolfSSL_DSA_SIG_new #define DSA_SIG_free wolfSSL_DSA_SIG_free +#define DSA_SIG_get0 wolfSSL_DSA_SIG_get0 +#define DSA_SIG_set0 wolfSSL_DSA_SIG_set0 +#define i2d_DSA_SIG wolfSSL_i2d_DSA_SIG +#define d2i_DSA_SIG wolfSSL_d2i_DSA_SIG #define DSA_do_sign wolfSSL_DSA_do_sign_ex #define DSA_do_verify wolfSSL_DSA_do_verify_ex diff --git a/source/libs/libwolfssl/openssl/ec.h b/source/libs/libwolfssl/openssl/ec.h index d7f23839..77019dcc 100644 --- a/source/libs/libwolfssl/openssl/ec.h +++ b/source/libs/libwolfssl/openssl/ec.h @@ -1,6 +1,6 @@ /* ec.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,6 +25,7 @@ #define WOLFSSL_EC_H_ #include +#include #include #ifdef __cplusplus @@ -68,6 +69,13 @@ enum { NID_brainpoolP512r1 = 933, #endif +#ifdef HAVE_ED448 + NID_ED448 = ED448k, +#endif +#ifdef HAVE_ED25519 + NID_ED25519 = ED25519k, +#endif + OPENSSL_EC_NAMED_CURVE = 0x001 }; @@ -109,10 +117,13 @@ struct WOLFSSL_EC_KEY { WOLFSSL_BIGNUM *priv_key; void* internal; /* our ECC Key */ - char inSet; /* internal set from external ? */ - char exSet; /* external set from internal ? */ char form; /* Either POINT_CONVERSION_UNCOMPRESSED or * POINT_CONVERSION_COMPRESSED */ + word16 pkcs8HeaderSz; + + /* option bits */ + byte inSet:1; /* internal set from external ? */ + byte exSet:1; /* external set from internal ? */ }; struct WOLFSSL_EC_BUILTIN_CURVE { @@ -146,6 +157,9 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *p, const unsigned char *buf, size_t len, WOLFSSL_BN_CTX *ctx); WOLFSSL_API +WOLFSSL_EC_KEY *wolfSSL_o2i_ECPublicKey(WOLFSSL_EC_KEY **a, const unsigned char **in, + long len); +WOLFSSL_API int wolfSSL_i2o_ECPublicKey(const WOLFSSL_EC_KEY *in, unsigned char **out); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_d2i_ECPrivateKey(WOLFSSL_EC_KEY **key, const unsigned char **in, @@ -184,6 +198,7 @@ WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid); WOLFSSL_API const char* wolfSSL_EC_curve_nid2nist(int nid); +WOLFSSL_API int wolfSSL_EC_curve_nist2nid(const char* name); WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void); WOLFSSL_API @@ -195,6 +210,7 @@ void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag); WOLFSSL_API int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, const WOLFSSL_EC_POINT *pub); +WOLFSSL_API int wolfSSL_EC_KEY_check_key(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_ECDSA_size(const WOLFSSL_EC_KEY *key); WOLFSSL_API int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, int digestSz, unsigned char *sig, @@ -287,6 +303,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key #define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag #define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key +#define EC_KEY_check_key wolfSSL_EC_KEY_check_key #define ECDSA_size wolfSSL_ECDSA_size #define ECDSA_sign wolfSSL_ECDSA_sign @@ -329,6 +346,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_POINT_oct2point wolfSSL_EC_POINT_oct2point #define EC_POINT_point2bn wolfSSL_EC_POINT_point2bn #define EC_POINT_is_on_curve wolfSSL_EC_POINT_is_on_curve +#define o2i_ECPublicKey wolfSSL_o2i_ECPublicKey #define i2o_ECPublicKey wolfSSL_i2o_ECPublicKey #define i2d_EC_PUBKEY wolfSSL_i2o_ECPublicKey #define d2i_ECPrivateKey wolfSSL_d2i_ECPrivateKey @@ -343,6 +361,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, #define EC_get_builtin_curves wolfSSL_EC_get_builtin_curves #define EC_curve_nid2nist wolfSSL_EC_curve_nid2nist +#define EC_curve_nist2nid wolfSSL_EC_curve_nist2nid #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libs/libwolfssl/openssl/ec25519.h b/source/libs/libwolfssl/openssl/ec25519.h index 180eb8e8..f9cf3c9f 100644 --- a/source/libs/libwolfssl/openssl/ec25519.h +++ b/source/libs/libwolfssl/openssl/ec25519.h @@ -1,6 +1,6 @@ /* ec25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ec448.h b/source/libs/libwolfssl/openssl/ec448.h index fb3b9005..3f0b1b7b 100644 --- a/source/libs/libwolfssl/openssl/ec448.h +++ b/source/libs/libwolfssl/openssl/ec448.h @@ -1,6 +1,6 @@ /* ec448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ecdh.h b/source/libs/libwolfssl/openssl/ecdh.h index 06a4b3c9..b40f99c7 100644 --- a/source/libs/libwolfssl/openssl/ecdh.h +++ b/source/libs/libwolfssl/openssl/ecdh.h @@ -1,6 +1,6 @@ /* ecdh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ecdsa.h b/source/libs/libwolfssl/openssl/ecdsa.h index 4a7bcd8c..a1383940 100644 --- a/source/libs/libwolfssl/openssl/ecdsa.h +++ b/source/libs/libwolfssl/openssl/ecdsa.h @@ -1,6 +1,6 @@ /* ecdsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ed25519.h b/source/libs/libwolfssl/openssl/ed25519.h index 579c653f..50683d4b 100644 --- a/source/libs/libwolfssl/openssl/ed25519.h +++ b/source/libs/libwolfssl/openssl/ed25519.h @@ -1,6 +1,6 @@ /* ed25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ed448.h b/source/libs/libwolfssl/openssl/ed448.h index b9411e92..4ff184fb 100644 --- a/source/libs/libwolfssl/openssl/ed448.h +++ b/source/libs/libwolfssl/openssl/ed448.h @@ -1,6 +1,6 @@ /* ed448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/engine.h b/source/libs/libwolfssl/openssl/engine.h index 37dac7ef..d097e146 100644 --- a/source/libs/libwolfssl/openssl/engine.h +++ b/source/libs/libwolfssl/openssl/engine.h @@ -4,5 +4,7 @@ #undef HAVE_OPENSSL_ENGINE_H -#define ENGINE_load_builtin_engines() /*ENGINE_load_builtin_engines not needed*/ +/* ENGINE_load_builtin_engines not needed, as all builtin engines are already + loaded into memory and used on startup. */ +#define ENGINE_load_builtin_engines() diff --git a/source/libs/libwolfssl/openssl/err.h b/source/libs/libwolfssl/openssl/err.h index af119c63..9debeeee 100644 --- a/source/libs/libwolfssl/openssl/err.h +++ b/source/libs/libwolfssl/openssl/err.h @@ -1,6 +1,6 @@ /* err.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/evp.h b/source/libs/libwolfssl/openssl/evp.h index e7c89f33..4c29c3c2 100644 --- a/source/libs/libwolfssl/openssl/evp.h +++ b/source/libs/libwolfssl/openssl/evp.h @@ -1,6 +1,6 @@ /* evp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -59,6 +59,10 @@ #endif #include +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) +#include +#endif + #ifdef __cplusplus extern "C" { #endif @@ -81,6 +85,7 @@ typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO; #ifndef NO_MD5 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void); #endif +WOLFSSL_API void wolfSSL_EVP_set_pw_prompt(const char *); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void); @@ -286,6 +291,8 @@ enum { NID_sha3_256 = 1097, NID_sha3_384 = 1098, NID_sha3_512 = 1099, + NID_blake2b512 = 1056, + NID_blake2s256 = 1057, }; enum { @@ -372,6 +379,46 @@ struct WOLFSSL_EVP_PKEY_CTX { int nbits; }; +typedef +struct WOLFSSL_ASN1_PCTX { + int dummy; +} WOLFSSL_ASN1_PCTX; +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) + +#define BASE64_ENCODE_BLOCK_SIZE 48 +#define BASE64_ENCODE_RESULT_BLOCK_SIZE 64 +#define BASE64_DECODE_BLOCK_SIZE 4 + +struct WOLFSSL_EVP_ENCODE_CTX { + void* heap; + int remaining; /* num of bytes in data[] */ + byte data[BASE64_ENCODE_BLOCK_SIZE];/* storage for unprocessed raw data */ +}; +typedef struct WOLFSSL_EVP_ENCODE_CTX WOLFSSL_EVP_ENCODE_CTX; + +WOLFSSL_API struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new(void); +WOLFSSL_API void wolfSSL_EVP_ENCODE_CTX_free(WOLFSSL_EVP_ENCODE_CTX* ctx); +#endif /* WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE */ + +#if defined(WOLFSSL_BASE64_ENCODE) +WOLFSSL_API void wolfSSL_EVP_EncodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx); +WOLFSSL_API int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl, const unsigned char*in, int inl); +WOLFSSL_API void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl); +#endif /* WOLFSSL_BASE64_ENCODE */ + +#if defined(WOLFSSL_BASE64_DECODE) +WOLFSSL_API void wolfSSL_EVP_DecodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx); +WOLFSSL_API int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl, const unsigned char*in, int inl); +WOLFSSL_API int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx, + unsigned char*out, int *outl); +#endif /* WOLFSSL_BASE64_DECODE */ + +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2b512(void); +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_blake2s256(void); + typedef int WOLFSSL_ENGINE ; typedef WOLFSSL_ENGINE ENGINE; typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; @@ -381,6 +428,8 @@ typedef WOLFSSL_EVP_PKEY_CTX EVP_PKEY_CTX; #define EVP_PKEY_OP_DECRYPT (1 << 7) #define EVP_PKEY_OP_DERIVE (1 << 8) +#define EVP_PKEY_PRINT_INDENT_MAX 128 + WOLFSSL_API void wolfSSL_EVP_init(void); WOLFSSL_API int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md); WOLFSSL_API int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md); @@ -547,7 +596,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY **ppkey); WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#else WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx); +#endif WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e); WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding); WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e); @@ -587,7 +640,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, WOLFSSL_ENGINE *impl); WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, - unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); + const unsigned char* sig, unsigned int sig_len, WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type); WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len); @@ -645,6 +698,8 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, #define EVP_CIPH_CCM_MODE WOLFSSL_EVP_CIPH_CCM_MODE #define EVP_CIPH_XTS_MODE WOLFSSL_EVP_CIPH_XTS_MODE +#define EVP_CIPH_FLAG_AEAD_CIPHER WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER + #define WOLFSSL_EVP_CIPH_MODE 0x0007 #define WOLFSSL_EVP_CIPH_STREAM_CIPHER 0x0 #define WOLFSSL_EVP_CIPH_ECB_MODE 0x1 @@ -655,6 +710,7 @@ WOLFSSL_LOCAL int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp, #define WOLFSSL_EVP_CIPH_GCM_MODE 0x6 #define WOLFSSL_EVP_CIPH_CCM_MODE 0x7 #define WOLFSSL_EVP_CIPH_XTS_MODE 0x10 +#define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20 #define WOLFSSL_EVP_CIPH_NO_PADDING 0x100 #define EVP_CIPH_VARIABLE_LENGTH 0x200 #define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff @@ -665,6 +721,7 @@ typedef WOLFSSL_EVP_MD EVP_MD; typedef WOLFSSL_EVP_CIPHER EVP_CIPHER; typedef WOLFSSL_EVP_MD_CTX EVP_MD_CTX; typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; +typedef WOLFSSL_ASN1_PCTX ASN1_PCTX; #ifndef NO_MD4 #define EVP_md4 wolfSSL_EVP_md4 @@ -672,14 +729,15 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #ifndef NO_MD5 #define EVP_md5 wolfSSL_EVP_md5 #endif -#define EVP_sha1 wolfSSL_EVP_sha1 -#define EVP_mdc2 wolfSSL_EVP_mdc2 -#define EVP_dds1 wolfSSL_EVP_sha1 -#define EVP_sha224 wolfSSL_EVP_sha224 -#define EVP_sha256 wolfSSL_EVP_sha256 -#define EVP_sha384 wolfSSL_EVP_sha384 -#define EVP_sha512 wolfSSL_EVP_sha512 -#define EVP_ripemd160 wolfSSL_EVP_ripemd160 +#define EVP_sha1 wolfSSL_EVP_sha1 +#define EVP_mdc2 wolfSSL_EVP_mdc2 +#define EVP_dds1 wolfSSL_EVP_sha1 +#define EVP_sha224 wolfSSL_EVP_sha224 +#define EVP_sha256 wolfSSL_EVP_sha256 +#define EVP_sha384 wolfSSL_EVP_sha384 +#define EVP_sha512 wolfSSL_EVP_sha512 +#define EVP_ripemd160 wolfSSL_EVP_ripemd160 +#define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt #define EVP_sha3_224 wolfSSL_EVP_sha3_224 #define EVP_sha3_256 wolfSSL_EVP_sha3_256 @@ -732,7 +790,11 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_MD_CTX_type wolfSSL_EVP_MD_CTX_type #define EVP_MD_CTX_size wolfSSL_EVP_MD_CTX_size #define EVP_MD_CTX_block_size wolfSSL_EVP_MD_CTX_block_size +#define EVP_MD_block_size wolfSSL_EVP_MD_block_size #define EVP_MD_type wolfSSL_EVP_MD_type +#ifndef NO_WOLFSSL_STUB +#define EVP_MD_CTX_set_flags(...) +#endif #define EVP_Digest wolfSSL_EVP_Digest #define EVP_DigestInit wolfSSL_EVP_DigestInit @@ -895,6 +957,7 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG #define EVP_CTRL_GCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED +#define EVP_PKEY_print_public wolfSSL_EVP_PKEY_print_public #define EVP_PKEY_print_private(arg1, arg2, arg3, arg4) #ifndef EVP_MAX_MD_SIZE @@ -925,9 +988,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_R_PRIVATE_KEY_DECODE_ERROR (-MIN_CODE_E + 100 + 4) #define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA2 19 #define EVP_PKEY_DH 28 -#define EVP_CIPHER_mode WOLFSSL_CIPHER_mode +#define EVP_CIPHER_mode WOLFSSL_EVP_CIPHER_mode /* WOLFSSL_EVP_CIPHER is just the string name of the cipher */ #define EVP_CIPHER_name(x) x #define EVP_MD_CTX_reset wolfSSL_EVP_MD_CTX_cleanup @@ -935,6 +997,25 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX; #define EVP_MD_name(x) x #define EVP_CIPHER_nid wolfSSL_EVP_CIPHER_nid +/* Base64 encoding/decoding APIs */ +#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE) +#define EVP_ENCODE_CTX WOLFSSL_EVP_ENCODE_CTX +#define EVP_ENCODE_CTX_new wolfSSL_EVP_ENCODE_CTX_new +#define EVP_ENCODE_CTX_free wolfSSL_EVP_ENCODE_CTX_free +#endif /* WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE*/ +#if defined(WOLFSSL_BASE64_ENCODE) +#define EVP_EncodeInit wolfSSL_EVP_EncodeInit +#define EVP_EncodeUpdate wolfSSL_EVP_EncodeUpdate +#define EVP_EncodeFinal wolfSSL_EVP_EncodeFinal +#endif /* WOLFSSL_BASE64_ENCODE */ +#if defined(WOLFSSL_BASE64_DECODE) +#define EVP_DecodeInit wolfSSL_EVP_DecodeInit +#define EVP_DecodeUpdate wolfSSL_EVP_DecodeUpdate +#define EVP_DecodeFinal wolfSSL_EVP_DecodeFinal +#endif /* WOLFSSL_BASE64_DECODE */ + +#define EVP_blake2b512 wolfSSL_EVP_blake2b512 +#define EVP_blake2s256 wolfSSL_EVP_blake2s256 WOLFSSL_API void printPKEY(WOLFSSL_EVP_PKEY *k); diff --git a/source/libs/libwolfssl/openssl/hmac.h b/source/libs/libwolfssl/openssl/hmac.h index c2e47cfd..a139343e 100644 --- a/source/libs/libwolfssl/openssl/hmac.h +++ b/source/libs/libwolfssl/openssl/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -35,9 +35,17 @@ #include "prefix_hmac.h" #endif +#include + +typedef struct WOLFSSL_HMAC_CTX { + Hmac hmac; + int type; + word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ + word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; +} WOLFSSL_HMAC_CTX; + #include #include -#include #ifdef __cplusplus extern "C" { @@ -49,22 +57,13 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const unsigned char* d, int n, unsigned char* md, unsigned int* md_len); - -typedef struct WOLFSSL_HMAC_CTX { - Hmac hmac; - int type; - word32 save_ipad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ - word32 save_opad[WC_HMAC_BLOCK_SIZE / sizeof(word32)]; -} WOLFSSL_HMAC_CTX; - - WOLFSSL_API WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void); WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src); WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src); WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, - int keylen, const EVP_MD* type); + int keylen, const WOLFSSL_EVP_MD* type); WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e); WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, @@ -75,6 +74,7 @@ WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx); +WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX *ctx); typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; @@ -92,6 +92,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX; #define HMAC_Final wolfSSL_HMAC_Final #define HMAC_cleanup wolfSSL_HMAC_cleanup #define HMAC_size wolfSSL_HMAC_size +#define HMAC_CTX_get_md wolfSSL_HMAC_CTX_get_md #ifdef __cplusplus diff --git a/source/libs/libwolfssl/openssl/lhash.h b/source/libs/libwolfssl/openssl/lhash.h index 84e29404..cbf62991 100644 --- a/source/libs/libwolfssl/openssl/lhash.h +++ b/source/libs/libwolfssl/openssl/lhash.h @@ -1,6 +1,6 @@ /* lhash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/md4.h b/source/libs/libwolfssl/openssl/md4.h index f6d2e2c4..52aaa082 100644 --- a/source/libs/libwolfssl/openssl/md4.h +++ b/source/libs/libwolfssl/openssl/md4.h @@ -1,6 +1,6 @@ /* md4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/md5.h b/source/libs/libwolfssl/openssl/md5.h index 9409d68c..086fa800 100644 --- a/source/libs/libwolfssl/openssl/md5.h +++ b/source/libs/libwolfssl/openssl/md5.h @@ -1,6 +1,6 @@ /* md5.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -52,13 +52,14 @@ typedef struct WOLFSSL_MD5_CTX { WOLFSSL_API int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*); WOLFSSL_API int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*); - +WOLFSSL_API int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX*, const unsigned char*); typedef WOLFSSL_MD5_CTX MD5_CTX; #define MD5_Init wolfSSL_MD5_Init #define MD5_Update wolfSSL_MD5_Update #define MD5_Final wolfSSL_MD5_Final +#define MD5_Transform wolfSSL_MD5_Transform #ifdef OPENSSL_EXTRA_BSD #define MD5Init wolfSSL_MD5_Init diff --git a/source/libs/libwolfssl/openssl/obj_mac.h b/source/libs/libwolfssl/openssl/obj_mac.h index 6d0f9004..0544d6b1 100644 --- a/source/libs/libwolfssl/openssl/obj_mac.h +++ b/source/libs/libwolfssl/openssl/obj_mac.h @@ -1,6 +1,6 @@ /* obj_mac.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -42,6 +42,8 @@ #define NID_sect571k1 733 #define NID_sect571r1 734 +/* the definition is for Qt Unit test */ +#define SN_jurisdictionCountryName "jurisdictionC" #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libs/libwolfssl/openssl/objects.h b/source/libs/libwolfssl/openssl/objects.h index eb54c21e..eedf5ecf 100644 --- a/source/libs/libwolfssl/openssl/objects.h +++ b/source/libs/libwolfssl/openssl/objects.h @@ -1,6 +1,6 @@ /* objects.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ocsp.h b/source/libs/libwolfssl/openssl/ocsp.h index f2fde405..e0f97c16 100644 --- a/source/libs/libwolfssl/openssl/ocsp.h +++ b/source/libs/libwolfssl/openssl/ocsp.h @@ -1,6 +1,6 @@ /* ocsp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -79,6 +79,7 @@ #define i2d_OCSP_CERTID wolfSSL_i2d_OCSP_CERTID #define OCSP_SINGLERESP_get0_id wolfSSL_OCSP_SINGLERESP_get0_id +#define OCSP_id_cmp wolfSSL_OCSP_id_cmp #define OCSP_single_get0_status wolfSSL_OCSP_single_get0_status #define OCSP_resp_count wolfSSL_OCSP_resp_count #define OCSP_resp_get0 wolfSSL_OCSP_resp_get0 diff --git a/source/libs/libwolfssl/openssl/opensslv.h b/source/libs/libwolfssl/openssl/opensslv.h index 4b32dcc7..fb2fc0b8 100644 --- a/source/libs/libwolfssl/openssl/opensslv.h +++ b/source/libs/libwolfssl/openssl/opensslv.h @@ -1,6 +1,6 @@ /* opensslv.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -30,12 +30,15 @@ defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10100000L) ||\ defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER == 0x10001040L) /* valid version */ -#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) +#elif defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIBEST) || defined(WOLFSSL_BIND) /* For Apache httpd, Use 1.1.0 compatibility */ #define OPENSSL_VERSION_NUMBER 0x10100000L +#elif defined(WOLFSSL_QT) + #define OPENSSL_VERSION_NUMBER 0x10101000L +#elif defined(WOLFSSL_HAPROXY) + #define OPENSSL_VERSION_NUMBER 0x1010000fL #elif defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) || \ - defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENVPN) + defined(WOLFSSL_NGINX) || defined(WOLFSSL_OPENSSH) || defined(WOLFSSL_OPENVPN) /* version number can be increased for Lighty after compatibility for ECDH is added */ #define OPENSSL_VERSION_NUMBER 0x10001040L diff --git a/source/libs/libwolfssl/openssl/ossl_typ.h b/source/libs/libwolfssl/openssl/ossl_typ.h index 7c20ba1d..a6117356 100644 --- a/source/libs/libwolfssl/openssl/ossl_typ.h +++ b/source/libs/libwolfssl/openssl/ossl_typ.h @@ -1,6 +1,6 @@ /* ossl_typ.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/pem.h b/source/libs/libwolfssl/openssl/pem.h index e31fb279..50cfc276 100644 --- a/source/libs/libwolfssl/openssl/pem.h +++ b/source/libs/libwolfssl/openssl/pem.h @@ -1,6 +1,6 @@ /* pem.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/pkcs12.h b/source/libs/libwolfssl/openssl/pkcs12.h index f7481f45..5eee8706 100644 --- a/source/libs/libwolfssl/openssl/pkcs12.h +++ b/source/libs/libwolfssl/openssl/pkcs12.h @@ -1,6 +1,6 @@ /* pkcs12.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/pkcs7.h b/source/libs/libwolfssl/openssl/pkcs7.h index 6163cc78..1ea4330c 100644 --- a/source/libs/libwolfssl/openssl/pkcs7.h +++ b/source/libs/libwolfssl/openssl/pkcs7.h @@ -1,6 +1,6 @@ /* pkcs7.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -37,7 +37,6 @@ #define PKCS7_NOINTERN 0x0010 #define PKCS7_NOVERIFY 0x0020 - typedef struct WOLFSSL_PKCS7 { PKCS7 pkcs7; @@ -53,6 +52,8 @@ WOLFSSL_API void wolfSSL_PKCS7_free(PKCS7* p7); WOLFSSL_API void wolfSSL_PKCS7_SIGNED_free(PKCS7_SIGNED* p7); WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len); +WOLFSSL_LOCAL PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, + int len, byte* content, word32 contentSz); WOLFSSL_API PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7); WOLFSSL_API int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7); WOLFSSL_API int wolfSSL_PKCS7_verify(PKCS7* p7, WOLFSSL_STACK* certs, @@ -63,6 +64,10 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7); WOLFSSL_API WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* p7, WOLFSSL_STACK* certs, int flags); WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7); +#if defined(HAVE_SMIME) +WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in, WOLFSSL_BIO** bcont); +#endif /* HAVE_SMIME */ + #define PKCS7_new wolfSSL_PKCS7_new #define PKCS7_SIGNED_new wolfSSL_PKCS7_SIGNED_new @@ -74,6 +79,9 @@ WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7); #define PKCS7_verify wolfSSL_PKCS7_verify #define PKCS7_get0_signers wolfSSL_PKCS7_get0_signers #define PEM_write_bio_PKCS7 wolfSSL_PEM_write_bio_PKCS7 +#if defined(HAVE_SMIME) +#define SMIME_read_PKCS7 wolfSSL_SMIME_read_PKCS7 +#endif /* HAVE_SMIME */ #endif /* OPENSSL_ALL && HAVE_PKCS7 */ diff --git a/source/libs/libwolfssl/openssl/rand.h b/source/libs/libwolfssl/openssl/rand.h index 7bcbdaca..c4dca87d 100644 --- a/source/libs/libwolfssl/openssl/rand.h +++ b/source/libs/libwolfssl/openssl/rand.h @@ -1,6 +1,6 @@ /* rand.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,4 +24,6 @@ #include #include +typedef WOLFSSL_RAND_METHOD RAND_METHOD; + #define RAND_set_rand_method wolfSSL_RAND_set_rand_method diff --git a/source/libs/libwolfssl/openssl/rc4.h b/source/libs/libwolfssl/openssl/rc4.h index fa246755..91ac416a 100644 --- a/source/libs/libwolfssl/openssl/rc4.h +++ b/source/libs/libwolfssl/openssl/rc4.h @@ -1,6 +1,6 @@ /* rc4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ripemd.h b/source/libs/libwolfssl/openssl/ripemd.h index 616e64f1..73ae5ae5 100644 --- a/source/libs/libwolfssl/openssl/ripemd.h +++ b/source/libs/libwolfssl/openssl/ripemd.h @@ -1,6 +1,6 @@ /* ripemd.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/rsa.h b/source/libs/libwolfssl/openssl/rsa.h index be514482..af3f2ddf 100644 --- a/source/libs/libwolfssl/openssl/rsa.h +++ b/source/libs/libwolfssl/openssl/rsa.h @@ -1,6 +1,6 @@ /* rsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -77,19 +77,22 @@ typedef struct WOLFSSL_RSA { WOLFSSL_BIGNUM* iqmp; /* u */ void* heap; void* internal; /* our RSA */ - char inSet; /* internal set from external ? */ - char exSet; /* external set from internal ? */ - char ownRng; /* flag for if the rng should be free'd */ #if defined(OPENSSL_EXTRA) WOLFSSL_RSA_METHOD* meth; #endif #if defined(HAVE_EX_DATA) WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */ #endif -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) wolfSSL_Mutex refMutex; /* ref count mutex */ int refCount; /* reference count */ #endif + word16 pkcs8HeaderSz; + + /* bits */ + byte inSet:1; /* internal set from external ? */ + byte exSet:1; /* external set from internal ? */ + byte ownRng:1; /* flag for if the rng should be free'd */ } WOLFSSL_RSA; #endif @@ -107,10 +110,11 @@ WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr, unsigned char* to, WOLFSSL_RSA*, int padding); WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, const unsigned char* fr, unsigned char* to, WOLFSSL_RSA*, int padding); -WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, unsigned char* in, +WOLFSSL_API int wolfSSL_RSA_private_encrypt(int len, const unsigned char* in, unsigned char* out, WOLFSSL_RSA* rsa, int padding); WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*); +WOLFSSL_API int wolfSSL_RSA_bits(const WOLFSSL_RSA*); WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m, unsigned int mLen, unsigned char* sigRet, unsigned int* sigLen, WOLFSSL_RSA*); @@ -140,18 +144,35 @@ WOLFSSL_API int wolfSSL_RSA_set_method(WOLFSSL_RSA *rsa, WOLFSSL_RSA_METHOD *met WOLFSSL_API const WOLFSSL_RSA_METHOD* wolfSSL_RSA_get_method(const WOLFSSL_RSA *rsa); WOLFSSL_API const WOLFSSL_RSA_METHOD* wolfSSL_RSA_get_default_method(void); +WOLFSSL_API void wolfSSL_RSA_get0_crt_params(const WOLFSSL_RSA *r, + const WOLFSSL_BIGNUM **dmp1, + const WOLFSSL_BIGNUM **dmq1, + const WOLFSSL_BIGNUM **iqmp); +WOLFSSL_API int wolfSSL_RSA_set0_crt_params(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *dmp1, + WOLFSSL_BIGNUM *dmq1, WOLFSSL_BIGNUM *iqmp); +WOLFSSL_API void wolfSSL_RSA_get0_factors(const WOLFSSL_RSA *r, const WOLFSSL_BIGNUM **p, + const WOLFSSL_BIGNUM **q); +WOLFSSL_API int wolfSSL_RSA_set0_factors(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *p, WOLFSSL_BIGNUM *q); WOLFSSL_API void wolfSSL_RSA_get0_key(const WOLFSSL_RSA *r, const WOLFSSL_BIGNUM **n, const WOLFSSL_BIGNUM **e, const WOLFSSL_BIGNUM **d); WOLFSSL_API int wolfSSL_RSA_set0_key(WOLFSSL_RSA *r, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e, WOLFSSL_BIGNUM *d); WOLFSSL_API int wolfSSL_RSA_flags(const WOLFSSL_RSA *r); WOLFSSL_API void wolfSSL_RSA_set_flags(WOLFSSL_RSA *r, int flags); +WOLFSSL_API void wolfSSL_RSA_clear_flags(WOLFSSL_RSA *r, int flags); +WOLFSSL_API int wolfSSL_RSA_test_flags(const WOLFSSL_RSA *r, int flags); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSAPublicKey_dup(WOLFSSL_RSA *rsa); WOLFSSL_API void* wolfSSL_RSA_get_ex_data(const WOLFSSL_RSA *rsa, int idx); WOLFSSL_API int wolfSSL_RSA_set_ex_data(WOLFSSL_RSA *rsa, int idx, void *data); - +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_RSA_set_ex_data_with_cleanup( + WOLFSSL_RSA *rsa, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif #define WOLFSSL_RSA_LOAD_PRIVATE 1 #define WOLFSSL_RSA_LOAD_PUBLIC 2 @@ -184,10 +205,16 @@ WOLFSSL_API int wolfSSL_RSA_set_ex_data(WOLFSSL_RSA *rsa, int idx, void *data); #define RSA_get_default_method wolfSSL_RSA_get_default_method #define RSA_get_method wolfSSL_RSA_get_method #define RSA_set_method wolfSSL_RSA_set_method +#define RSA_get0_crt_params wolfSSL_RSA_get0_crt_params +#define RSA_set0_crt_params wolfSSL_RSA_set0_crt_params +#define RSA_get0_factors wolfSSL_RSA_get0_factors +#define RSA_set0_factors wolfSSL_RSA_set0_factors #define RSA_get0_key wolfSSL_RSA_get0_key #define RSA_set0_key wolfSSL_RSA_set0_key #define RSA_flags wolfSSL_RSA_flags #define RSA_set_flags wolfSSL_RSA_set_flags +#define RSA_clear_flags wolfSSL_RSA_clear_flags +#define RSA_test_flags wolfSSL_RSA_test_flags #define RSAPublicKey_dup wolfSSL_RSAPublicKey_dup #define RSA_get_ex_data wolfSSL_RSA_get_ex_data diff --git a/source/libs/libwolfssl/openssl/sha.h b/source/libs/libwolfssl/openssl/sha.h index af2bbfd6..172e07dc 100644 --- a/source/libs/libwolfssl/openssl/sha.h +++ b/source/libs/libwolfssl/openssl/sha.h @@ -1,6 +1,6 @@ /* sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -52,12 +52,14 @@ typedef struct WOLFSSL_SHA_CTX { WOLFSSL_API int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*); - +WOLFSSL_API int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX*, + const unsigned char *data); /* SHA1 points to above, shouldn't use SHA0 ever */ WOLFSSL_API int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*); WOLFSSL_API int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long); WOLFSSL_API int wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*); - +WOLFSSL_API int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX*, + const unsigned char *data); enum { SHA_DIGEST_LENGTH = 20 }; @@ -68,11 +70,20 @@ typedef WOLFSSL_SHA_CTX SHA_CTX; #define SHA_Init wolfSSL_SHA_Init #define SHA_Update wolfSSL_SHA_Update #define SHA_Final wolfSSL_SHA_Final +#define SHA_Transform wolfSSL_SHA_Transform + +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_SELFTEST) && \ + (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) + /* SHA is only available in non-fips mode or fips version > 2 mode + * because of SHA enum in FIPS build. */ + #define SHA wolfSSL_SHA1 +#endif #define SHA1_Init wolfSSL_SHA1_Init #define SHA1_Update wolfSSL_SHA1_Update #define SHA1_Final wolfSSL_SHA1_Final - +#define SHA1_Transform wolfSSL_SHA1_Transform #ifdef WOLFSSL_SHA224 @@ -99,6 +110,13 @@ typedef WOLFSSL_SHA224_CTX SHA224_CTX; #define SHA224_Init wolfSSL_SHA224_Init #define SHA224_Update wolfSSL_SHA224_Update #define SHA224_Final wolfSSL_SHA224_Final +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_SELFTEST) && \ + (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) + /* SHA224 is only available in non-fips mode or fips version > 2 mode + * because of SHA224 enum in FIPS build. */ + #define SHA224 wolfSSL_SHA224 +#endif #endif /* WOLFSSL_SHA224 */ @@ -113,9 +131,10 @@ typedef struct WOLFSSL_SHA256_CTX { WOLFSSL_API int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*); WOLFSSL_API int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*, - unsigned long); + unsigned long); WOLFSSL_API int wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*); - +WOLFSSL_API int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX*, + const unsigned char *data); enum { SHA256_DIGEST_LENGTH = 32 }; @@ -126,6 +145,8 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX; #define SHA256_Init wolfSSL_SHA256_Init #define SHA256_Update wolfSSL_SHA256_Update #define SHA256_Final wolfSSL_SHA256_Final +#define SHA256_Transform wolfSSL_SHA256_Transform + #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) /* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS * build. */ @@ -137,7 +158,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX; typedef struct WOLFSSL_SHA384_CTX { /* big enough to hold wolfCrypt Sha384, but check on init */ - void* holder[(256 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; + void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)]; } WOLFSSL_SHA384_CTX; WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*); @@ -171,9 +192,10 @@ typedef struct WOLFSSL_SHA512_CTX { WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*); WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*, - unsigned long); + unsigned long); WOLFSSL_API int wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*); - +WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX*, + const unsigned char*); enum { SHA512_DIGEST_LENGTH = 64 }; @@ -184,6 +206,7 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX; #define SHA512_Init wolfSSL_SHA512_Init #define SHA512_Update wolfSSL_SHA512_Update #define SHA512_Final wolfSSL_SHA512_Final +#define SHA512_Transform wolfSSL_SHA512_Transform #if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) /* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS * build. */ diff --git a/source/libs/libwolfssl/openssl/sha3.h b/source/libs/libwolfssl/openssl/sha3.h index 5dad5b51..e906eefa 100644 --- a/source/libs/libwolfssl/openssl/sha3.h +++ b/source/libs/libwolfssl/openssl/sha3.h @@ -1,6 +1,6 @@ /* sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/srp.h b/source/libs/libwolfssl/openssl/srp.h index 23657ee6..42bef8a1 100644 --- a/source/libs/libwolfssl/openssl/srp.h +++ b/source/libs/libwolfssl/openssl/srp.h @@ -1,6 +1,6 @@ /* srp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/ssl.h b/source/libs/libwolfssl/openssl/ssl.h index bf35a5d3..5e406004 100644 --- a/source/libs/libwolfssl/openssl/ssl.h +++ b/source/libs/libwolfssl/openssl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -70,8 +70,7 @@ #endif #ifdef OPENSSL_EXTRA -#include -WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); +WOLFSSL_API int wolfSSL_OPENSSL_init_ssl(word64 opts, const OPENSSL_INIT_SETTINGS *settings); #endif typedef WOLFSSL SSL; @@ -113,17 +112,26 @@ typedef WOLFSSL_BUF_MEM BUF_MEM; typedef WOLFSSL_GENERAL_NAMES GENERAL_NAMES; typedef WOLFSSL_GENERAL_NAME GENERAL_NAME; +#define X509_L_FILE_LOAD WOLFSSL_X509_L_FILE_LOAD +#define X509_L_ADD_DIR WOLFSSL_X509_L_ADD_DIR +#define X509_L_ADD_STORE WOLFSSL_X509_L_ADD_STORE +#define X509_L_LOAD_STORE WOLFSSL_X509_L_LOAD_STORE + #define ASN1_UTCTIME WOLFSSL_ASN1_TIME #define ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME typedef WOLFSSL_COMP_METHOD COMP_METHOD; typedef WOLFSSL_COMP SSL_COMP; typedef WOLFSSL_X509_REVOKED X509_REVOKED; +typedef WOLFSSL_X509_LOOKUP_TYPE X509_LOOKUP_TYPE; typedef WOLFSSL_X509_OBJECT X509_OBJECT; typedef WOLFSSL_X509_STORE X509_STORE; typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; +typedef int OSSL_HANDSHAKE_STATE; +#define TLS_ST_BEFORE 0 /* NULL_STATE from enum states */ + #define EVP_CIPHER_INFO EncryptedInfo #define STACK_OF(x) WOLFSSL_STACK @@ -133,13 +141,15 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM; #define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; -#define CRYPTO_free(xp) XFREE(xp, NULL, DYNAMIC_TYPE_TMP_BUFFER) -#define CRYPTO_malloc(sz) XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER) +#define CRYPTO_free wolfSSL_CRYPTO_free +#define CRYPTO_malloc wolfSSL_CRYPTO_malloc #define CRYPTO_EX_new WOLFSSL_CRYPTO_EX_new #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free #define CRYPTO_EX_DATA WOLFSSL_CRYPTO_EX_DATA +#define CRYPTO_set_mem_functions wolfSSL_CRYPTO_set_mem_functions + /* depreciated */ #define CRYPTO_thread_id wolfSSL_thread_id #define CRYPTO_set_id_callback wolfSSL_set_id_callback @@ -160,6 +170,9 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define set_ex_data wolfSSL_CRYPTO_set_ex_data #define get_ex_data wolfSSL_CRYPTO_get_ex_data #define CRYPTO_memcmp wolfSSL_CRYPTO_memcmp +#define CRYPTO_get_ex_new_index wolfSSL_CRYPTO_get_ex_new_index + +#define CRYPTO_get_ex_new_index wolfSSL_CRYPTO_get_ex_new_index /* this function was used to set the default malloc, free, and realloc */ #define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */ @@ -174,11 +187,12 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; /* at the moment only returns ok */ #define SSL_get_verify_result wolfSSL_get_verify_result -#define SSL_get_verify_mode wolfSSL_SSL_get_mode +#define SSL_get_verify_mode wolfSSL_get_verify_mode #define SSL_get_verify_depth wolfSSL_get_verify_depth #define SSL_CTX_get_verify_mode wolfSSL_CTX_get_verify_mode #define SSL_CTX_get_verify_depth wolfSSL_CTX_get_verify_depth #define SSL_get_certificate wolfSSL_get_certificate +#define SSL_CTX_get0_certificate wolfSSL_CTX_get0_certificate #define SSL_use_certificate wolfSSL_use_certificate #define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1 #define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio @@ -186,6 +200,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey #define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp +#define SSL_CTX_set_ecdh_auto wolfSSL_CTX_set_ecdh_auto #define i2d_PUBKEY wolfSSL_i2d_PUBKEY #define d2i_PUBKEY wolfSSL_d2i_PUBKEY @@ -292,6 +307,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_pending wolfSSL_pending #define SSL_load_error_strings wolfSSL_load_error_strings #define SSL_library_init wolfSSL_library_init +#define OPENSSL_cleanup (void)wolfSSL_Cleanup #define OPENSSL_init_ssl wolfSSL_OPENSSL_init_ssl #define OpenSSL_add_ssl_algorithms wolfSSL_library_init #define SSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode @@ -299,9 +315,17 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_CTX_set_ciphersuites wolfSSL_CTX_set_cipher_list #define SSL_set_cipher_list wolfSSL_set_cipher_list /* wolfSSL does not support security levels */ -#define SSL_CTX_set_security_level(...) +#define SSL_CTX_set_security_level wolfSSL_CTX_set_security_level +#define SSL_CTX_get_security_level wolfSSL_CTX_get_security_level /* wolfSSL does not support exporting keying material */ -#define SSL_export_keying_material(...) 0 +#define SSL_export_keying_material wolfSSL_export_keying_material + +#define SSL_CTX_set1_sigalgs_list wolfSSL_CTX_set1_sigalgs_list +#define SSL_set1_sigalgs_list wolfSSL_set1_sigalgs_list +#define SSL_get_signature_nid wolfSSL_get_signature_nid + +#define SSL_CTX_set1_groups wolfSSL_CTX_set1_groups +#define SSL_set1_groups wolfSSL_set1_groups #define SSL_CTX_set1_groups_list wolfSSL_CTX_set1_groups_list #define SSL_set1_groups_list wolfSSL_set1_groups_list @@ -320,6 +344,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define SSL_SESSION_up_ref wolfSSL_SESSION_up_ref #define SSL_SESSION_dup wolfSSL_SESSION_dup #define SSL_SESSION_free wolfSSL_SESSION_free +#define SSL_SESSION_set_cipher wolfSSL_SESSION_set_cipher #define SSL_is_init_finished wolfSSL_is_init_finished #define SSL_get_version wolfSSL_get_version @@ -359,6 +384,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define DSA_dup_DH wolfSSL_DSA_dup_DH /* wolfSSL does not support DSA as the cert public key */ #define EVP_PKEY_get0_DSA wolfSSL_EVP_PKEY_get0_DSA +#define EVP_PKEY_param_check wolfSSL_EVP_PKEY_param_check +#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free #define DSA_bits wolfSSL_DSA_bits #define i2d_X509_bio wolfSSL_i2d_X509_bio @@ -401,6 +428,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_free wolfSSL_X509_free #define X509_load_certificate_file wolfSSL_X509_load_certificate_file #define X509_digest wolfSSL_X509_digest +#define X509_pubkey_digest wolfSSL_X509_pubkey_digest #define X509_get_ext_count wolfSSL_X509_get_ext_count #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i #define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d @@ -419,17 +447,17 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_REQ_get_pubkey wolfSSL_X509_get_pubkey #define X509_get_notBefore wolfSSL_X509_get_notBefore #define X509_get0_notBefore wolfSSL_X509_get_notBefore +#define X509_getm_notBefore wolfSSL_X509_get_notBefore #define X509_get_notAfter wolfSSL_X509_get_notAfter #define X509_get0_notAfter wolfSSL_X509_get_notAfter +#define X509_getm_notAfter wolfSSL_X509_get_notAfter #define X509_get_serialNumber wolfSSL_X509_get_serialNumber #define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr #define X509_get_ex_new_index wolfSSL_X509_get_ex_new_index #define X509_get_ex_data wolfSSL_X509_get_ex_data #define X509_set_ex_data wolfSSL_X509_set_ex_data #define X509_get1_ocsp wolfSSL_X509_get1_ocsp -#ifndef WOLFSSL_HAPROXY #define X509_get_version wolfSSL_X509_get_version -#endif #define X509_get_signature_nid wolfSSL_X509_get_signature_nid #define X509_set_subject_name wolfSSL_X509_set_subject_name #define X509_set_issuer_name wolfSSL_X509_set_issuer_name @@ -456,6 +484,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_REQ_check_private_key wolfSSL_X509_check_private_key #define X509_check_ca wolfSSL_X509_check_ca #define X509_check_host wolfSSL_X509_check_host +#define X509_check_email wolfSSL_X509_check_email #define X509_check_ip_asc wolfSSL_X509_check_ip_asc #define X509_email_free wolfSSL_X509_email_free #define X509_check_issued wolfSSL_X509_check_issued @@ -476,6 +505,10 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define sk_X509_pop_free wolfSSL_sk_X509_pop_free #define sk_X509_dup wolfSSL_sk_dup #define sk_X509_free wolfSSL_sk_X509_free +#define X509_chain_up_ref wolfSSL_X509_chain_up_ref + +#define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new +#define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free #define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num #define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value @@ -511,6 +544,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt #define X509_NAME_add_entry_by_NID wolfSSL_X509_NAME_add_entry_by_NID #define X509_NAME_delete_entry wolfSSL_X509_NAME_delete_entry +#define X509_NAME_hash wolfSSL_X509_NAME_hash #define X509_NAME_oneline wolfSSL_X509_NAME_oneline #define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID #define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex @@ -525,6 +559,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value #define sk_X509_NAME_new wolfSSL_sk_X509_NAME_new +#define sk_X509_NAME_new_null() wolfSSL_sk_X509_NAME_new(NULL) #define sk_X509_NAME_push wolfSSL_sk_X509_NAME_push #define sk_X509_NAME_find wolfSSL_sk_X509_NAME_find #define sk_X509_NAME_set_cmp_func wolfSSL_sk_X509_NAME_set_cmp_func @@ -549,11 +584,18 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME #define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS +#define X509_VP_FLAG_DEFAULT WOLFSSL_VPARAM_DEFAULT +#define X509_VP_FLAG_OVERWRITE WOLFSSL_VPARAM_OVERWRITE +#define X509_VP_FLAG_RESET_FLAGS WOLFSSL_VPARAM_RESET_FLAGS +#define X509_VP_FLAG_LOCKED WOLFSSL_VPARAM_LOCKED +#define X509_VP_FLAG_ONCE WOLFSSL_VPARAM_ONCE + #define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert #define X509_STORE_CTX_set_verify_cb wolfSSL_X509_STORE_CTX_set_verify_cb #define X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new #define X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free #define X509_STORE_CTX_get_chain wolfSSL_X509_STORE_CTX_get_chain +#define X509_STORE_CTX_get0_chain wolfSSL_X509_STORE_CTX_get_chain #define X509_STORE_CTX_get1_chain wolfSSL_X509_STORE_CTX_get1_chain #define X509_STORE_CTX_get0_parent_ctx wolfSSL_X509_STORE_CTX_get0_parent_ctx #define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error @@ -570,6 +612,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; wolfSSL_X509_STORE_CTX_get0_current_issuer #define X509_STORE_CTX_get0_store wolfSSL_X509_STORE_CTX_get0_store #define X509_STORE_CTX_get0_cert wolfSSL_X509_STORE_CTX_get0_cert +#define X509_STORE_CTX_trusted_stack wolfSSL_X509_STORE_CTX_trusted_stack #define X509_STORE_set_verify_cb(s, c) \ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_CTX_verify_cb)(c)) @@ -585,17 +628,26 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags #define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs #define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject +#define X509_STORE_set_ex_data wolfSSL_X509_STORE_set_ex_data +#define X509_STORE_get_ex_data wolfSSL_X509_STORE_get_ex_data #define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer #define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time +#define X509_VERIFY_PARAM_new wolfSSL_X509_VERIFY_PARAM_new +#define X509_VERIFY_PARAM_free wolfSSL_X509_VERIFY_PARAM_free +#define X509_VERIFY_PARAM_set_flags wolfSSL_X509_VERIFY_PARAM_set_flags +#define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags +#define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags #define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags #define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host #define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc +#define X509_VERIFY_PARAM_set1 wolfSSL_X509_VERIFY_PARAM_set1 #define X509_STORE_load_locations wolfSSL_X509_STORE_load_locations #define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir #define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file #define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir #define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file +#define X509_LOOKUP_ctrl wolfSSL_X509_LOOKUP_ctrl #define d2i_X509_CRL wolfSSL_d2i_X509_CRL #define d2i_X509_CRL_fp wolfSSL_d2i_X509_CRL_fp @@ -606,6 +658,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate #define X509_CRL_verify wolfSSL_X509_CRL_verify #define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED +#define X509_load_crl_file wolfSSL_X509_load_crl_file #define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY #define X509_REQ_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY @@ -626,6 +679,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents +#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509 +#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL + #define X509_check_purpose(...) 0 #define OCSP_parse_url wolfSSL_OCSP_parse_url @@ -656,11 +712,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size #define BIO_f_ssl wolfSSL_BIO_f_ssl #define BIO_new_socket wolfSSL_BIO_new_socket -#ifndef NO_WOLFSSL_STUB #define BIO_new_connect wolfSSL_BIO_new_connect #define BIO_set_conn_port wolfSSL_BIO_set_conn_port #define BIO_do_connect wolfSSL_BIO_do_connect -#endif +#define BIO_do_handshake wolfSSL_BIO_do_handshake #define SSL_set_bio wolfSSL_set_bio #define BIO_set_ssl wolfSSL_BIO_set_ssl #define BIO_eof wolfSSL_BIO_eof @@ -735,7 +790,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ASN1_STRING_free wolfSSL_ASN1_STRING_free #define ASN1_STRING_cmp wolfSSL_ASN1_STRING_cmp #define ASN1_STRING_data wolfSSL_ASN1_STRING_data -#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_data +#define ASN1_STRING_get0_data wolfSSL_ASN1_STRING_get0_data #define ASN1_STRING_length wolfSSL_ASN1_STRING_length #define ASN1_STRING_to_UTF8 wolfSSL_ASN1_STRING_to_UTF8 #define ASN1_UNIVERSALSTRING_to_string wolfSSL_ASN1_UNIVERSALSTRING_to_string @@ -746,6 +801,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ASN1_STRING_set_default_mask_asc(...) 1 #endif +#define ASN1_OCTET_STRING_free wolfSSL_ASN1_STRING_free + #define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING #define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr @@ -774,6 +831,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback #define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos +#define SSL_CTX_keylog_cb_func wolfSSL_CTX_keylog_cb_func +#define SSL_CTX_set_keylog_callback wolfSSL_CTX_set_keylog_callback +#define SSL_CTX_get_keylog_callback wolfSSL_CTX_get_keylog_callback + #define SSL_alert_type_string wolfSSL_alert_type_string #define SSL_alert_desc_string wolfSSL_alert_desc_string #define SSL_state_string wolfSSL_state_string @@ -782,7 +843,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define RSA_generate_key wolfSSL_RSA_generate_key #define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback #define RSA_print wolfSSL_RSA_print -#define RSA_bits wolfSSL_RSA_size +#define RSA_bits wolfSSL_RSA_bits #define RSA_up_ref wolfSSL_RSA_up_ref #define RSA_padding_add_PKCS1_PSS wolfSSL_RSA_padding_add_PKCS1_PSS #define RSA_verify_PKCS1_PSS wolfSSL_RSA_verify_PKCS1_PSS @@ -858,6 +919,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define ERR_error_string wolfSSL_ERR_error_string #define ERR_error_string_n wolfSSL_ERR_error_string_n #define ERR_reason_error_string wolfSSL_ERR_reason_error_string +#define ERR_func_error_string wolfSSL_ERR_func_error_string +#define ERR_lib_error_string wolfSSL_ERR_lib_error_string #define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings #ifndef WOLFCRYPT_ONLY @@ -881,6 +944,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_clear_options wolfSSL_CTX_clear_options #define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key +#define SSL_CTX_get0_privatekey wolfSSL_CTX_get0_privatekey #define SSL_check_private_key wolfSSL_check_private_key #define SSL_CTX_set_mode wolfSSL_CTX_set_mode @@ -902,8 +966,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_num wolfSSL_sk_num #define sk_ASN1_OBJECT_num wolfSSL_sk_num +#define OPENSSL_sk_num wolfSSL_sk_num #define sk_value wolfSSL_sk_value #define sk_ASN1_OBJECT_value wolfSSL_sk_value +#define OPENSSL_sk_value wolfSSL_sk_value #define d2i_PKCS12_bio wolfSSL_d2i_PKCS12_bio #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp @@ -1055,13 +1121,22 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_min_proto_version wolfSSL_CTX_set_min_proto_version #define SSL_CTX_set_max_proto_version wolfSSL_CTX_set_max_proto_version +#define SSL_set_min_proto_version wolfSSL_set_min_proto_version +#define SSL_set_max_proto_version wolfSSL_set_max_proto_version +#define SSL_CTX_get_min_proto_version wolfSSL_CTX_get_min_proto_version #define SSL_get_tlsext_status_exts wolfSSL_get_tlsext_status_exts +#define SSL_CTX_get_tlsext_ticket_keys wolfSSL_CTX_get_tlsext_ticket_keys +#define SSL_CTX_set_tlsext_ticket_keys wolfSSL_CTX_set_tlsext_ticket_keys +#define SSL_CTX_get_tlsext_status_cb wolfSSL_CTX_get_tlsext_status_cb +#define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb + #define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11 #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 #define SSL_CTRL_SET_TMP_DH 3 #define SSL_CTRL_SET_TMP_ECDH 4 +#define SSL_CTRL_SET_SESS_CACHE_MODE 44 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 @@ -1070,6 +1145,12 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 +#define SSL_CTRL_SET_GROUPS 91 +#define SSL_CTRL_GET_PEER_TMP_KEY 109 +#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY +#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 +#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 +#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS #define SSL_CTRL_EXTRA_CHAIN_CERT 14 #define SSL_CTRL_OPTIONS 32 @@ -1099,6 +1180,23 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define DTLS1_VERSION 0xFEFF #define DTLS1_2_VERSION 0xFEFD +#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L +#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L + +#define CRYPTO_EX_INDEX_SSL 0 +#define TLS_ANY_VERSION 0x10000 +#define DTLS1_2_VERSION 0xFEFD +#define DTLS_MAX_VERSION DTLS1_2_VERSION + +/* apache and lighty use SSL_CONF_FLAG_FILE to enable conf support */ +#if !defined(WOLFSSL_APACHE_HTTPD) && !defined(HAVE_LIGHTY) +#define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE +#define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE +#define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE +#define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING +#define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE +#endif + #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \ || defined(OPENSSL_ALL) #include @@ -1108,6 +1206,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AD_BAD_CERTIFICATE bad_certificate #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE +#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name +#define SSL_AD_NO_RENEGOTIATION no_renegotiation +#define SSL_AD_INTERNAL_ERROR 80 #define ASN1_STRFLGS_ESC_MSB 4 @@ -1147,8 +1248,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AL_FATAL 2 #define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal -#define SSL_TLSEXT_ERR_NOACK alert_warning +#define SSL_TLSEXT_ERR_ALERT_WARNING warning_return +#define SSL_TLSEXT_ERR_ALERT_FATAL fatal_return +#define SSL_TLSEXT_ERR_NOACK noack_return #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME #define SSL_set_tlsext_host_name wolfSSL_set_tlsext_host_name @@ -1162,6 +1264,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define PSK_MAX_IDENTITY_LEN 128 #define SSL_CTX_clear_options wolfSSL_CTX_clear_options +#define SSL_CTX_add_server_custom_ext(...) 0 #endif /* HAVE_STUNNEL || WOLFSSL_NGINX */ @@ -1202,7 +1305,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \ - defined(HAVE_LIGHTY) + defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) #include @@ -1235,6 +1338,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_R_HTTPS_PROXY_REQUEST PARSE_ERROR #define SSL_R_HTTP_REQUEST PARSE_ERROR #define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR +#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR #ifdef HAVE_SESSION_TICKET @@ -1286,6 +1390,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_srp_strength wolfSSL_CTX_set_srp_strength #define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX #define SSL_get0_param wolfSSL_get0_param +#define SSL_CTX_get0_param wolfSSL_CTX_get0_param +#define SSL_CTX_set1_param wolfSSL_CTX_set1_param #define SSL_get_srp_username wolfSSL_get_srp_username #define ERR_NUM_ERRORS 16 @@ -1297,6 +1403,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_get_rbio wolfSSL_SSL_get_rbio #define SSL_get_wbio wolfSSL_SSL_get_wbio #define SSL_do_handshake wolfSSL_SSL_do_handshake + +#if defined(WOLFSSL_EARLY_DATA) +#define SSL_get_early_data_status wolfSSL_get_early_data_status +#endif + #endif /* OPENSSL_EXTRA */ /* cipher suites for compatibility */ @@ -1313,15 +1424,30 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define sk_X509_OBJECT_num wolfSSL_sk_X509_OBJECT_num #define sk_X509_OBJECT_value wolfSSL_sk_X509_OBJECT_value #define sk_X509_OBJECT_delete wolfSSL_sk_X509_OBJECT_delete +#define X509_OBJECT_new wolfSSL_X509_OBJECT_new #define X509_OBJECT_free wolfSSL_X509_OBJECT_free -#define X509_OBJECT_get_type(x) 0 - +#define X509_OBJECT_get_type wolfSSL_X509_OBJECT_get_type +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +#define OpenSSL_version(x) wolfSSL_OpenSSL_version(x) +#else #define OpenSSL_version(x) wolfSSL_OpenSSL_version() +#endif #ifndef NO_WOLFSSL_STUB #define OBJ_create_objects(...) #endif +#define SSL_set_psk_use_session_callback wolfSSL_set_psk_use_session_callback +#define SSL_SESSION_is_resumable wolfSSL_SESSION_is_resumable +typedef WOLFSSL_CONF_CTX SSL_CONF_CTX; + +#define SSL_CONF_CTX_new wolfSSL_CONF_CTX_new +#define SSL_CONF_CTX_free wolfSSL_CONF_CTX_free +#define SSL_CONF_CTX_set_ssl_ctx wolfSSL_CONF_CTX_set_ssl_ctx +#define SSL_CONF_CTX_set_flags wolfSSL_CONF_CTX_set_flags +#define SSL_CONF_CTX_finish wolfSSL_CONF_CTX_finish +#define SSL_CONF_cmd wolfSSL_CONF_cmd + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libs/libwolfssl/openssl/stack.h b/source/libs/libwolfssl/openssl/stack.h index 559a7967..8040574f 100644 --- a/source/libs/libwolfssl/openssl/stack.h +++ b/source/libs/libwolfssl/openssl/stack.h @@ -1,6 +1,6 @@ /* stack.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/tls1.h b/source/libs/libwolfssl/openssl/tls1.h index b73a8b0a..51923f69 100644 --- a/source/libs/libwolfssl/openssl/tls1.h +++ b/source/libs/libwolfssl/openssl/tls1.h @@ -1,6 +1,6 @@ /* tls1.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/x509_vfy.h b/source/libs/libwolfssl/openssl/x509_vfy.h index 9714857d..6642dd54 100644 --- a/source/libs/libwolfssl/openssl/x509_vfy.h +++ b/source/libs/libwolfssl/openssl/x509_vfy.h @@ -1,6 +1,6 @@ /* x509_vfy.h * - * Copyright (C) 2006-2017 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/openssl/x509v3.h b/source/libs/libwolfssl/openssl/x509v3.h index b7412651..803777cf 100644 --- a/source/libs/libwolfssl/openssl/x509v3.h +++ b/source/libs/libwolfssl/openssl/x509v3.h @@ -1,6 +1,6 @@ /* x509v3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/sniffer.h b/source/libs/libwolfssl/sniffer.h index b066f284..beb3601a 100644 --- a/source/libs/libwolfssl/sniffer.h +++ b/source/libs/libwolfssl/sniffer.h @@ -1,6 +1,6 @@ /* sniffer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -25,6 +25,7 @@ #define WOLFSSL_SNIFFER_H #include +#include #ifdef _WIN32 #ifdef SSL_SNIFFER_EXPORTS @@ -182,8 +183,6 @@ typedef struct SSLStats unsigned long int sslDecryptedPackets; unsigned long int sslKeyMatches; unsigned long int sslEncryptedConns; - - unsigned long int sslResumptionValid; unsigned long int sslResumptionInserts; } SSLStats; @@ -199,7 +198,21 @@ SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats); WOLFSSL_API SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats); +typedef int (*SSLKeyCb)(void* vSniffer, int namedGroup, + const unsigned char* srvPub, unsigned int srvPubSz, + const unsigned char* cliPub, unsigned int cliPubSz, + DerBuffer* privKey, void* cbCtx, char* error); +#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_TLS13) +/* macro indicating support for key callback */ +#undef WOLFSSL_SNIFFER_KEY_CALLBACK +#define WOLFSSL_SNIFFER_KEY_CALLBACK +WOLFSSL_API +SSL_SNIFFER_API int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx); +#endif + + +#ifdef WOLFSSL_SNIFFER_WATCH typedef int (*SSLWatchCb)(void* vSniffer, const unsigned char* certHash, unsigned int certHashSz, @@ -226,29 +239,37 @@ WOLFSSL_API SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType, const char* password, char* error); +#endif - +#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB typedef int (*SSLStoreDataCb)(const unsigned char* decryptBuf, unsigned int decryptBufSz, unsigned int decryptBufOffset, void* ctx); WOLFSSL_API SSL_SNIFFER_API int ssl_SetStoreDataCallback(SSLStoreDataCb cb); +#endif +#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfoStoreData( const unsigned char* packet, int length, void* ctx, SSLInfo* sslInfo, char* error); +#endif - +#ifdef WOLFSSL_SNIFFER_CHAIN_INPUT WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithChain(void* vChain, unsigned int chainSz, unsigned char** data, char* error); +#endif - +#if defined(WOLFSSL_SNIFFER_CHAIN_INPUT) && \ + defined(WOLFSSL_SNIFFER_STORE_DATA_CB) WOLFSSL_API SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData( void* vChain, unsigned int chainSz, void* ctx, SSLInfo* sslInfo, char* error); +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libs/libwolfssl/sniffer_error.h b/source/libs/libwolfssl/sniffer_error.h index f2710522..a0788f9b 100644 --- a/source/libs/libwolfssl/sniffer_error.h +++ b/source/libs/libwolfssl/sniffer_error.h @@ -1,6 +1,6 @@ /* sniffer_error.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -24,6 +24,13 @@ #ifndef WOLFSSL_SNIFFER_ERROR_H #define WOLFSSL_SNIFFER_ERROR_H + +/* General Sniffer Error */ +#define WOLFSSL_SNIFFER_ERROR -1 + +/* Sniffer failed and is in Fatal state */ +#define WOLFSSL_SNIFFER_FATAL_ERROR -2 + /* need to have errors as #defines since .rc files can't handle enums */ /* need to start at 1 and go in order for same reason */ diff --git a/source/libs/libwolfssl/ssl.h b/source/libs/libwolfssl/ssl.h index 4fc731a8..dc90ffc6 100644 --- a/source/libs/libwolfssl/ssl.h +++ b/source/libs/libwolfssl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -35,6 +35,7 @@ #include #include #include +#include #ifdef HAVE_WOLF_EVENT #include @@ -143,6 +144,10 @@ typedef struct WOLFSSL_X509_STORE_CTX WOLFSSL_X509_STORE_CTX; typedef int (*WOLFSSL_X509_STORE_CTX_verify_cb)(int, WOLFSSL_X509_STORE_CTX *); +typedef struct WOLFSSL_BY_DIR_HASH WOLFSSL_BY_DIR_HASH; +typedef struct WOLFSSL_BY_DIR_entry WOLFSSL_BY_DIR_entry; +typedef struct WOLFSSL_BY_DIR WOLFSSL_BY_DIR; + /* redeclare guard */ #define WOLFSSL_TYPES_DEFINED @@ -208,6 +213,8 @@ typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID; typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS; typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION; +typedef struct WOLFSSL_CONF_CTX WOLFSSL_CONF_CTX; + #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) struct WOLFSSL_AUTHORITY_KEYID { @@ -276,8 +283,6 @@ struct WOLFSSL_X509V3_CTX { WOLFSSL_X509* x509; }; - - struct WOLFSSL_ASN1_OBJECT { void* heap; const unsigned char* obj; @@ -348,28 +353,31 @@ struct WOLFSSL_EVP_PKEY { union { char* ptr; /* der format of key / or raw for NTRU */ } pkey; - #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) +#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) #ifndef NO_RSA - WOLFSSL_RSA* rsa; - byte ownRsa; /* if struct owns RSA and should free it */ + WOLFSSL_RSA* rsa; #endif #ifndef NO_DSA - WOLFSSL_DSA* dsa; - byte ownDsa; /* if struct owns DSA and should free it */ + WOLFSSL_DSA* dsa; #endif #ifdef HAVE_ECC - WOLFSSL_EC_KEY* ecc; - byte ownEcc; /* if struct owns ECC and should free it */ + WOLFSSL_EC_KEY* ecc; #endif #ifndef NO_DH - WOLFSSL_DH* dh; - byte ownDh; /* if struct owns DH and should free it */ + WOLFSSL_DH* dh; #endif WC_RNG rng; - #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ - #ifdef HAVE_ECC - int pkey_curve; - #endif +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ +#ifdef HAVE_ECC + int pkey_curve; +#endif + word16 pkcs8HeaderSz; + + /* option bits */ + byte ownDh:1; /* if struct owns DH and should free it */ + byte ownEcc:1; /* if struct owns ECC and should free it */ + byte ownDsa:1; /* if struct owns DSA and should free it */ + byte ownRsa:1; /* if struct owns RSA and should free it */ }; typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ @@ -520,12 +528,19 @@ typedef struct WOLFSSL_COMP { WOLFSSL_COMP_METHOD *method; } WOLFSSL_COMP; +#define WOLFSSL_X509_L_FILE_LOAD 0x1 +#define WOLFSSL_X509_L_ADD_DIR 0x2 +#define WOLFSSL_X509_L_ADD_STORE 0x3 +#define WOLFSSL_X509_L_LOAD_STORE 0x4 + struct WOLFSSL_X509_LOOKUP_METHOD { int type; }; struct WOLFSSL_X509_LOOKUP { WOLFSSL_X509_STORE *store; + int type; + WOLFSSL_BY_DIR* dirs; }; struct WOLFSSL_X509_STORE { @@ -536,6 +551,9 @@ struct WOLFSSL_X509_STORE { int isDynamic; WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ #endif +#ifdef OPENSSL_ALL + WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* objs; /* object stack cache */ +#endif #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; #endif @@ -552,14 +570,24 @@ struct WOLFSSL_X509_STORE { #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME) #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */ + #define WOLFSSL_IP4_ADDR_LEN 4 + #define WOLFSSL_IP6_ADDR_LEN 16 #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) #define WOLFSSL_USE_CHECK_TIME 0x2 #define WOLFSSL_NO_CHECK_TIME 0x200000 #define WOLFSSL_HOST_NAME_MAX 256 + +#define WOLFSSL_VPARAM_DEFAULT 0x1 +#define WOLFSSL_VPARAM_OVERWRITE 0x2 +#define WOLFSSL_VPARAM_RESET_FLAGS 0x4 +#define WOLFSSL_VPARAM_LOCKED 0x8 +#define WOLFSSL_VPARAM_ONCE 0x10 + struct WOLFSSL_X509_VERIFY_PARAM { time_t check_time; + unsigned int inherit_flags; unsigned long flags; char hostName[WOLFSSL_HOST_NAME_MAX]; unsigned int hostFlags; @@ -581,8 +609,14 @@ typedef struct WOLFSSL_X509_REVOKED { WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ } WOLFSSL_X509_REVOKED; +typedef enum { + WOLFSSL_X509_LU_NONE = 0, + WOLFSSL_X509_LU_X509, + WOLFSSL_X509_LU_CRL +} WOLFSSL_X509_LOOKUP_TYPE; typedef struct WOLFSSL_X509_OBJECT { + WOLFSSL_X509_LOOKUP_TYPE type; union { char* ptr; WOLFSSL_X509 *x509; @@ -626,6 +660,25 @@ struct WOLFSSL_X509_STORE_CTX { typedef char* WOLFSSL_STRING; +typedef struct WOLFSSL_RAND_METHOD { + /* seed = Data to mix into the random generator. + * len = Number of bytes to mix from seed. */ + int (*seed)(const void* seed, int len); + /* buf = Buffer to store random bytes in. + * len = Number of bytes to store in buf. */ + int (*bytes)(unsigned char* buf, int len); + void (*cleanup)(void); + /* add = Data to mix into the random generator. + * len = Number of bytes to mix from add. + * entropy = Estimate of randomness contained in seed. + * Should be between 0 and len. */ + int (*add)(const void* add, int len, double entropy); + /* buf = Buffer to store pseudorandom bytes in. + * len = Number of bytes to store in buf. */ + int (*pseudorand)(unsigned char *buf, int len); + int (*status)(void); +} WOLFSSL_RAND_METHOD; + /* Valid Alert types from page 16/17 * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c */ @@ -669,6 +722,35 @@ enum AlertLevel { alert_fatal = 2 }; +enum SNICbReturn { + warning_return = alert_warning, + fatal_return = alert_fatal, + noack_return, +}; + +/* WS_RETURN_CODE macro + * Some OpenSSL APIs specify "0" as the return value when an error occurs. + * However, some corresponding wolfSSL APIs return negative values. Such + * functions should use this macro to fill this gap. Users who want them + * to return the same return value as OpenSSL can define + * WOLFSSL_ERR_CODE_OPENSSL. + * Give item1 a variable that contains the potentially negative + * wolfSSL-defined return value or the return value itself, and + * give item2 the openSSL-defined return value. + * Note that this macro replaces only negative return values with the + * specified value. + * Since wolfSSL 4.7.0, the following functions use this macro: + * - wolfSSL_CTX_load_verify_locations + * - wolfSSL_X509_LOOKUP_load_file + * - wolfSSL_EVP_PKEY_cmp + */ +#if defined(WOLFSSL_ERROR_CODE_OPENSSL) + #define WS_RETURN_CODE(item1,item2) \ + ((item1 < 0) ? item2 : item1) +#else + #define WS_RETURN_CODE(item1,item2) (item1) +#endif + /* Maximum master key length (SECRET_LEN) */ #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 /* Maximum number of groups that can be set */ @@ -815,6 +897,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, #define WOLFSSL_LOAD_FLAG_IGNORE_ERR 0x00000001 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY 0x00000004 +#if defined(WOLFSSL_QT) +#define WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR 0x00000008 +#define WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE 0x00000010 +#endif #ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS #define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE @@ -869,10 +955,17 @@ WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_ABI WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_CTX_up_ref(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff); +WOLFSSL_API int wolfSSL_get_signature_nid(WOLFSSL* ssl, int* nid); +WOLFSSL_API int wolfSSL_CTX_set1_sigalgs_list(WOLFSSL_CTX* ctx, + const char* list); +WOLFSSL_API int wolfSSL_set1_sigalgs_list(WOLFSSL* ssl, const char* list); #endif WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); +WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_CTX_get0_param(WOLFSSL_CTX* ctx); WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_get0_param(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_set1_param(WOLFSSL_CTX* ctx, WOLFSSL_X509_VERIFY_PARAM *vpm); WOLFSSL_API int wolfSSL_is_server(WOLFSSL*); WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*); WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); @@ -909,6 +1002,7 @@ WOLFSSL_API int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_no_dhe_psk(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_update_keys(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_key_update_response(WOLFSSL* ssl, int* required); WOLFSSL_API int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl); @@ -921,10 +1015,21 @@ WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count); WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count); +#ifdef OPENSSL_EXTRA +WOLFSSL_API int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups, + int count); +WOLFSSL_API int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count); +#endif + WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL*); WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*); #ifdef WOLFSSL_EARLY_DATA + +#define WOLFSSL_EARLY_DATA_NOT_SENT 0 +#define WOLFSSL_EARLY_DATA_REJECTED 1 +#define WOLFSSL_EARLY_DATA_ACCEPTED 2 + WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx, unsigned int sz); WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz); @@ -932,6 +1037,7 @@ WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz); WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz); +WOLFSSL_API int wolfSSL_get_early_data_status(const WOLFSSL* ssl); #endif /* WOLFSSL_EARLY_DATA */ #endif /* WOLFSSL_TLS13 */ WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*); @@ -986,6 +1092,25 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session); typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); typedef void (CallbackInfoState)(const WOLFSSL*, int, int); +/* class index for wolfSSL_CRYPTO_get_ex_new_index */ +#define CRYPTO_EX_INDEX_SSL 0 +#define CRYPTO_EX_INDEX_SSL_CTX 1 +#define CRYPTO_EX_INDEX_SSL_SESSION 2 +#define CRYPTO_EX_INDEX_X509 3 +#define CRYPTO_EX_INDEX_X509_STORE 4 +#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 +#define CRYPTO_EX_INDEX_DH 6 +#define CRYPTO_EX_INDEX_DSA 7 +#define CRYPTO_EX_INDEX_EC_KEY 8 +#define CRYPTO_EX_INDEX_RSA 9 +#define CRYPTO_EX_INDEX_ENGINE 10 +#define CRYPTO_EX_INDEX_UI 11 +#define CRYPTO_EX_INDEX_BIO 12 +#define CRYPTO_EX_INDEX_APP 13 +#define CRYPTO_EX_INDEX_UI_METHOD 14 +#define CRYPTO_EX_INDEX_DRBG 15 +#define CRYPTO_EX_INDEX__COUNT 16 + #if defined(HAVE_EX_DATA) || defined(FORTRESS) typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); @@ -997,9 +1122,10 @@ typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, WOLFSSL_CRYPTO_EX_free* c); + #endif -WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, +WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, VerifyCallback verify_callback); #ifdef OPENSSL_ALL @@ -1057,6 +1183,46 @@ WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*); WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*); +#ifdef HAVE_KEYING_MATERIAL +/* Keying Material Exporter for TLS */ +WOLFSSL_API int wolfSSL_export_keying_material(WOLFSSL *ssl, + unsigned char *out, size_t outLen, + const char *label, size_t labelLen, + const unsigned char *context, size_t contextLen, + int use_context); +#endif /* HAVE_KEYING_MATERIAL */ + +#ifdef WOLFSSL_WOLFSENTRY_HOOKS + +typedef enum { + WOLFSSL_NETFILTER_PASS = 0, + WOLFSSL_NETFILTER_ACCEPT = 1, + WOLFSSL_NETFILTER_REJECT = 2 +} wolfSSL_netfilter_decision_t; + +typedef int (*NetworkFilterCallback_t)( + WOLFSSL *ssl, + void *AcceptFilter_arg, + wolfSSL_netfilter_decision_t *decision); +WOLFSSL_API int wolfSSL_CTX_set_AcceptFilter( + WOLFSSL_CTX *ctx, + NetworkFilterCallback_t AcceptFilter, + void *AcceptFilter_arg); +WOLFSSL_API int wolfSSL_set_AcceptFilter( + WOLFSSL *ssl, + NetworkFilterCallback_t AcceptFilter, + void *AcceptFilter_arg); +WOLFSSL_API int wolfSSL_CTX_set_ConnectFilter( + WOLFSSL_CTX *ctx, + NetworkFilterCallback_t ConnectFilter, + void *ConnectFilter_arg); +WOLFSSL_API int wolfSSL_set_ConnectFilter( + WOLFSSL *ssl, + NetworkFilterCallback_t ConnectFilter, + void *ConnectFilter_arg); + +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ + /* Nonblocking DTLS helper functions */ WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL*, int); WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*); @@ -1111,6 +1277,8 @@ WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long sz); WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long); +WOLFSSL_API const char* wolfSSL_ERR_func_error_string(unsigned long); +WOLFSSL_API const char* wolfSSL_ERR_lib_error_string(unsigned long); /* extras */ @@ -1183,6 +1351,13 @@ WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_num(WOLF_STACK_OF(WOLFSSL_X509_EXTENSI WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_sk_X509_EXTENSION_value( WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk, int idx); WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_set_ex_data_with_cleanup( + WOLFSSL* ssl, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*); WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int); WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int); @@ -1196,6 +1371,8 @@ WOLFSSL_API int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_new(void); WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session); +WOLFSSL_API int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session, + const WOLFSSL_CIPHER* cipher); WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*); WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL*); @@ -1213,10 +1390,12 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); /* what's ref count */ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); -#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA) WOLFSSL_API int wolfSSL_RSA_up_ref(WOLFSSL_RSA* rsa); WOLFSSL_API int wolfSSL_X509_up_ref(WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey); +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* + wolfSSL_X509_chain_up_ref(WOLF_STACK_OF(WOLFSSL_X509)* chain); #endif WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, @@ -1226,10 +1405,14 @@ WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD*); +#else WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); +#endif WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO*); -WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); +WOLFSSL_API void wolfSSL_BIO_free_all(WOLFSSL_BIO*); WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); WOLFSSL_API int wolfSSL_BIO_puts(WOLFSSL_BIO* bio, const char* buf); WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); @@ -1261,6 +1444,13 @@ WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void); WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int); WOLFSSL_API void wolfSSL_BIO_clear_flags(WOLFSSL_BIO *bio, int flags); WOLFSSL_API int wolfSSL_BIO_set_ex_data(WOLFSSL_BIO *bio, int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_BIO_set_ex_data_with_cleanup( + WOLFSSL_BIO *bio, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void *wolfSSL_BIO_get_ex_data(WOLFSSL_BIO *bio, int idx); WOLFSSL_API long wolfSSL_BIO_set_nbio(WOLFSSL_BIO*, long); @@ -1304,6 +1494,8 @@ WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str); WOLFSSL_API long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port); WOLFSSL_API long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b); +WOLFSSL_API long wolfSSL_BIO_do_handshake(WOLFSSL_BIO *b); + WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg); WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg); @@ -1316,6 +1508,7 @@ WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num); WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio); WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs); +WOLFSSL_API int wolfSSL_BIO_tell(WOLFSSL_BIO* bio); WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name); WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v); WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m); @@ -1358,6 +1551,8 @@ WOLFSSL_API void wolfSSL_X509_STORE_set_verify_cb(WOLFSSL_X509_STORE *st, WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, unsigned char** out); +WOLFSSL_API int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, + unsigned char** out); WOLFSSL_API WOLFSSL_X509_NAME *wolfSSL_d2i_X509_NAME(WOLFSSL_X509_NAME **name, unsigned char **in, long length); #ifndef NO_RSA @@ -1375,6 +1570,7 @@ WOLFSSL_API void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psi WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int); +WOLFSSL_API unsigned long wolfSSL_X509_NAME_hash(WOLFSSL_X509_NAME*); #if defined(OPENSSL_EXTRA) && defined(XSNPRINTF) WOLFSSL_API char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME*, char*, int); #endif @@ -1435,7 +1631,11 @@ WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int dataSz); WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +WOLFSSL_API const unsigned char* wolfSSL_ASN1_STRING_get0_data( + const WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); +WOLFSSL_API int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dst, + const WOLFSSL_ASN1_STRING* src); WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); @@ -1449,6 +1649,8 @@ WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*, long); WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void); WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void); +WOLFSSL_API int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd, + const char *argc, long argl, char **ret); WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*, WOLFSSL_X509_LOOKUP_METHOD*); @@ -1472,6 +1674,8 @@ WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_STORE*, WOLFSSL_X509*, WOLF_STACK_OF(WOLFSSL_X509)*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*); +WOLFSSL_API void wolfSSL_X509_STORE_CTX_trusted_stack(WOLFSSL_X509_STORE_CTX *ctx, + WOLF_STACK_OF(WOLFSSL_X509) *sk); WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*); WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*); @@ -1493,6 +1697,11 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key, unsigned char** in, long inSz); WOLFSSL_API int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der); +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, + const WOLFSSL_EVP_PKEY* pkey, + int indent, WOLFSSL_ASN1_PCTX* pctx); +#endif /* OPENSSL_EXTRA */ WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, @@ -1505,6 +1714,13 @@ WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, unsigned long flags, time_t t); +WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_X509_VERIFY_PARAM_new(void); +WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_free(WOLFSSL_X509_VERIFY_PARAM *param); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set_flags(WOLFSSL_X509_VERIFY_PARAM *param, + unsigned long flags); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_get_flags(WOLFSSL_X509_VERIFY_PARAM *param); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_clear_flags(WOLFSSL_X509_VERIFY_PARAM *param, + unsigned long flags); WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_set_hostflags( WOLFSSL_X509_VERIFY_PARAM* param, unsigned int flags); WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* pParam, @@ -1512,6 +1728,12 @@ WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* p unsigned int nameSz); WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_ip_asc( WOLFSSL_X509_VERIFY_PARAM *param, const char *ipasc); +WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1(WOLFSSL_X509_VERIFY_PARAM* to, + const WOLFSSL_X509_VERIFY_PARAM* from); +WOLFSSL_API int wolfSSL_X509_load_crl_file(WOLFSSL_X509_LOOKUP *ctx, + const char *file, int type); +WOLFSSL_API int wolfSSL_X509_load_cert_crl_file(WOLFSSL_X509_LOOKUP *ctx, + const char *file, int type); #endif WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( @@ -1559,6 +1781,24 @@ WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data( WOLFSSL_X509_STORE_CTX* ctx, int idx); WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data_with_cleanup( + WOLFSSL_X509_STORE_CTX* ctx, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif +WOLFSSL_API void* wolfSSL_X509_STORE_get_ex_data( + WOLFSSL_X509_STORE* store, int idx); +WOLFSSL_API int wolfSSL_X509_STORE_set_ex_data(WOLFSSL_X509_STORE* store, + int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_STORE_set_ex_data_with_cleanup( + WOLFSSL_X509_STORE* store, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_depth(WOLFSSL_X509_STORE_CTX* ctx, int depth); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_current_issuer( @@ -1787,28 +2027,29 @@ enum { BIO_NOCLOSE = 0, X509_FILETYPE_PEM = 8, - X509_LU_X509 = 9, - X509_LU_CRL = 12, + X509_LU_NONE = WOLFSSL_X509_LU_NONE, + X509_LU_X509 = WOLFSSL_X509_LU_X509, + X509_LU_CRL = WOLFSSL_X509_LU_CRL, X509_V_OK = 0, - X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, + X509_V_ERR_CRL_SIGNATURE_FAILURE = 8, + X509_V_ERR_CERT_HAS_EXPIRED = 10, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, X509_V_ERR_CRL_HAS_EXPIRED = 15, - X509_V_ERR_CERT_REVOKED = 16, X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, X509_V_ERR_CERT_NOT_YET_VALID = 19, X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, - X509_V_ERR_CERT_HAS_EXPIRED = 21, X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, - X509_V_ERR_CERT_REJECTED = 23, + X509_V_ERR_CERT_REVOKED = 23, + X509_V_ERR_CERT_REJECTED = 24, /* Required for Nginx */ - X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 24, - X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 25, - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 26, - X509_V_ERR_CERT_UNTRUSTED = 27, - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 28, - X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, + X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 25, + X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 26, + X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 27, + X509_V_ERR_CERT_UNTRUSTED = 28, + X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 29, + X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 30, /* additional X509_V_ERR_* enums not used in wolfSSL */ X509_V_ERR_UNABLE_TO_GET_CRL, X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE, @@ -1852,7 +2093,11 @@ enum { #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) /* wolfSSL extension, provide last error from SSL_get_error since not using thread storage error queue */ -#include +#ifdef FUSION_RTOS + #include +#else + #include +#endif WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE, int err); #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(XFILE fp); @@ -1942,10 +2187,11 @@ enum { /* ssl Constants */ WOLFSSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ WOLFSSL_VERIFY_NONE = 0, - WOLFSSL_VERIFY_PEER = 1, - WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, - WOLFSSL_VERIFY_CLIENT_ONCE = 4, - WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 8, + WOLFSSL_VERIFY_PEER = 1 << 0, + WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 1 << 1, + WOLFSSL_VERIFY_CLIENT_ONCE = 1 << 2, + WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 1 << 3, + WOLFSSL_VERIFY_DEFAULT = 1 << 9, WOLFSSL_SESS_CACHE_OFF = 0x0000, WOLFSSL_SESS_CACHE_CLIENT = 0x0001, @@ -1981,16 +2227,30 @@ enum { /* ssl Constants */ typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, unsigned int, unsigned char*, unsigned int); WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*, - wc_psk_client_callback); + wc_psk_client_callback); WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, - wc_psk_client_callback); + wc_psk_client_callback); + #ifdef OPENSSL_EXTRA + typedef int (*wc_psk_use_session_cb_func)(WOLFSSL* ssl, + const WOLFSSL_EVP_MD* md, const unsigned char **id, + size_t* idlen, WOLFSSL_SESSION **sess); + WOLFSSL_API void wolfSSL_set_psk_use_session_callback(WOLFSSL* ssl, + wc_psk_use_session_cb_func cb); + #endif #ifdef WOLFSSL_TLS13 + typedef unsigned int (*wc_psk_client_cs_callback)(WOLFSSL*, const char*, + char*, unsigned int, unsigned char*, unsigned int, const char*); + WOLFSSL_API void wolfSSL_CTX_set_psk_client_cs_callback(WOLFSSL_CTX*, + wc_psk_client_cs_callback); + WOLFSSL_API void wolfSSL_set_psk_client_cs_callback(WOLFSSL*, + wc_psk_client_cs_callback); + typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, - char*, unsigned int, unsigned char*, unsigned int, const char**); + char*, unsigned int, unsigned char*, unsigned int, const char**); WOLFSSL_API void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX*, - wc_psk_client_tls13_callback); + wc_psk_client_tls13_callback); WOLFSSL_API void wolfSSL_set_psk_client_tls13_callback(WOLFSSL*, - wc_psk_client_tls13_callback); + wc_psk_client_tls13_callback); #endif WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); @@ -2002,16 +2262,16 @@ enum { /* ssl Constants */ typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, unsigned char*, unsigned int); WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*, - wc_psk_server_callback); + wc_psk_server_callback); WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, - wc_psk_server_callback); + wc_psk_server_callback); #ifdef WOLFSSL_TLS13 typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, - unsigned char*, unsigned int, const char**); + unsigned char*, unsigned int, const char**); WOLFSSL_API void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX*, - wc_psk_server_tls13_callback); + wc_psk_server_tls13_callback); WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*, - wc_psk_server_tls13_callback); + wc_psk_server_tls13_callback); #endif WOLFSSL_API void* wolfSSL_get_psk_callback_ctx(WOLFSSL*); WOLFSSL_API int wolfSSL_set_psk_callback_ctx(WOLFSSL*, void*); @@ -2020,6 +2280,11 @@ enum { /* ssl Constants */ WOLFSSL_API int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX*, void*); #define PSK_TYPES_DEFINED + +#ifdef WOLFSSL_TLS13 + WOLFSSL_API const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, + const char* hash); +#endif #endif /* NO_PSK */ @@ -2063,6 +2328,8 @@ WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); #if !defined(NO_CHECK_PRIVATE_KEY) WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); #endif +WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX*); + WOLFSSL_API void wolfSSL_ERR_free_strings(void); WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); @@ -2079,8 +2346,8 @@ WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, const unsigned char*, unsigned int); WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL*); +#ifdef OPENSSL_EXTRA WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); -#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl); #endif @@ -2113,10 +2380,17 @@ WOLFSSL_API int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *s WOLFSSL_API int wolfSSL_sk_num(const WOLFSSL_STACK* sk); WOLFSSL_API void* wolfSSL_sk_value(const WOLFSSL_STACK* sk, int i); -#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \ - (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_WPAS_SMALL)) +#if defined(HAVE_EX_DATA) || defined(FORTRESS) || defined(WOLFSSL_WPAS_SMALL) + WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data_with_cleanup( + WOLFSSL_CRYPTO_EX_DATA* ex_data, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx, void *data); #endif @@ -2124,8 +2398,15 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int /* stunnel 4.28 needs */ WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_CTX_set_ex_data_with_cleanup( + WOLFSSL_CTX* ctx, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*, - WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)); + WOLFSSL_SESSION*(*f)(WOLFSSL*, const unsigned char*, int, int*)); WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*, int (*f)(WOLFSSL*, WOLFSSL_SESSION*)); WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*, @@ -2156,7 +2437,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); /* which library version do we have */ WOLFSSL_API const char* wolfSSL_lib_version(void); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API const char* wolfSSL_OpenSSL_version(int a); +#else WOLFSSL_API const char* wolfSSL_OpenSSL_version(void); +#endif /* which library version do we have in hex */ WOLFSSL_API word32 wolfSSL_lib_version_hex(void); @@ -2218,6 +2503,8 @@ WOLFSSL_API WOLFSSL_X509* WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, const unsigned char *in, int len); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_bio(WOLFSSL_BIO *bp, + WOLFSSL_X509_CRL **crl); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); #endif @@ -2400,6 +2687,7 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ defined(KEEP_OUR_CERT) WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); + WOLFSSL_API WOLFSSL_X509* wolfSSL_CTX_get0_certificate(WOLFSSL_CTX* ctx); #endif #endif @@ -2843,9 +3131,12 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); WOLFSSL_CERT_MANAGER* cm); WOLFSSL_API int wolfSSL_CertManagerDisableOCSPMustStaple( WOLFSSL_CERT_MANAGER* cm); -#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \ + !defined(NO_FILESYSTEM) WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm); -#endif +WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( + WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); +#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */ WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); @@ -3147,13 +3438,9 @@ enum { }; #ifdef HAVE_SUPPORTED_CURVES -#ifndef NO_WOLFSSL_CLIENT - WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name); WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name); - -#endif #endif #ifdef WOLFSSL_TLS13 @@ -3167,16 +3454,46 @@ WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx); -WOLFSSL_API int wolfSSL_StartSecureRenegotiation(WOLFSSL* ssl, int resume); WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SecureResume(WOLFSSL* ssl); WOLFSSL_API long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl); #endif +#if defined(HAVE_SELFTEST) && \ + (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2)) + + /* Needed by session ticket stuff below */ + #ifndef WOLFSSL_AES_KEY_SIZE_ENUM + #define WOLFSSL_AES_KEY_SIZE_ENUM + enum SSL_Misc { + AES_IV_SIZE = 16, + AES_128_KEY_SIZE = 16, + AES_192_KEY_SIZE = 24, + AES_256_KEY_SIZE = 32 + }; + #endif +#endif + /* Session Ticket */ #ifdef HAVE_SESSION_TICKET +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(WOLFSSL_NO_SERVER) + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \ + !defined(WOLFSSL_TICKET_ENC_AES128_GCM) && \ + !defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #define WOLFSSL_TICKET_KEY_SZ CHACHA20_POLY1305_AEAD_KEYSIZE + #elif defined(WOLFSSL_TICKET_ENC_AES256_GCM) + #define WOLFSSL_TICKET_KEY_SZ AES_256_KEY_SIZE + #else + #define WOLFSSL_TICKET_KEY_SZ AES_128_KEY_SIZE + #endif + + #define WOLFSSL_TICKET_KEYS_SZ (WOLFSSL_TICKET_NAME_SZ + \ + 2 * WOLFSSL_TICKET_KEY_SZ + \ + sizeof(word32) * 2) +#endif + #ifndef NO_WOLFSSL_CLIENT WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx); @@ -3201,6 +3518,9 @@ enum TicketEncRet { #ifndef NO_WOLFSSL_SERVER +WOLFSSL_API int wolfSSL_CTX_NoTicketTLSv12(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_NoTicketTLSv12(WOLFSSL* ssl); + typedef int (*SessionTicketEncCb)(WOLFSSL*, unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], unsigned char iv[WOLFSSL_TICKET_IV_SZ], @@ -3210,6 +3530,7 @@ WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, SessionTicketEncCb); WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); +WOLFSSL_API void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx); #endif /* NO_WOLFSSL_SERVER */ @@ -3399,11 +3720,6 @@ WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); #endif -#ifdef WOLFSSL_WPAS_SMALL - /* WPA Supplicant requires GEN_ values */ - #include -#endif - #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c, int* idx); @@ -3426,6 +3742,8 @@ WOLFSSL_API void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_API void wolfSSL_X509V3_set_ctx_nodb(WOLFSSL_X509V3_CTX* ctx); WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); +WOLFSSL_API int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, + const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len); WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, @@ -3486,20 +3804,28 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str); WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); +#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \ + defined(HAVE_SECRET_CALLBACK) WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, size_t outlen); WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, size_t outSz); -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL || HAVE_SECRET_CALLBACK */ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio); +/* non-standard API to determine if BIO supports "pending" */ +WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio); WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**); WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX*, int); WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int); +WOLFSSL_API int wolfSSL_set_min_proto_version(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_set_max_proto_version(WOLFSSL*, int); +WOLFSSL_API int wolfSSL_CTX_get_min_proto_version(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); @@ -3517,7 +3843,7 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read_bio( WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_X509_CRL(XFILE fp, WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); #endif -WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, +WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(const char* header, EncryptedInfo* cipher); WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher, unsigned char* data, long* len, @@ -3535,6 +3861,12 @@ struct WOLFSSL_ASN1_BIT_STRING { long flags; }; +struct WOLFSSL_CONF_CTX { + unsigned int flags; + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; +}; + WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ @@ -3561,6 +3893,7 @@ WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne); WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); +WOLFSSL_API unsigned char *wolfSSL_SHA224(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md); WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md); @@ -3571,13 +3904,22 @@ WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509); #ifndef NO_FILESYSTEM WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); -WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); #endif #endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ +#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) +#ifndef NO_BIO +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, + const char *mode); +#ifndef NO_FILESYSTEM +WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); +#endif /* !NO_FILESYSTEM */ +#endif /* !NO_BIO */ +#endif #if defined(OPENSSL_ALL) \ || defined(HAVE_STUNNEL) \ @@ -3587,7 +3929,6 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); || defined(OPENSSL_EXTRA) #define X509_BUFFER_SZ 8192 -WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, WOLFSSL_DH **x, pem_password_cb *cb, void *u); @@ -3638,6 +3979,10 @@ WOLFSSL_API WOLFSSL_X509 *wolfSSL_X509_to_X509_REQ(WOLFSSL_X509 *x, #include +WOLFSSL_API int wolfSSL_CRYPTO_set_mem_functions( + wolfSSL_Malloc_cb m, + wolfSSL_Realloc_cb r, + wolfSSL_Free_cb f); WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); @@ -3668,13 +4013,17 @@ WOLFSSL_API int wolfSSL_FIPS_mode(void); WOLFSSL_API int wolfSSL_FIPS_mode_set(int r); -WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth); +WOLFSSL_API int wolfSSL_RAND_set_rand_method(const WOLFSSL_RAND_METHOD *methods); WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits); WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_new(void); WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s); +WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_OBJECT_new(void); +WOLFSSL_API void wolfSSL_sk_X509_OBJECT_free(WOLFSSL_STACK* s); +WOLFSSL_API int wolfSSL_sk_X509_OBJECT_push(WOLFSSL_STACK* sk, WOLFSSL_X509_OBJECT* obj); + WOLFSSL_API WOLFSSL_X509_INFO *wolfSSL_X509_INFO_new(void); WOLFSSL_API void wolfSSL_X509_INFO_free(WOLFSSL_X509_INFO* info); @@ -3756,6 +4105,13 @@ WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_SESSION_set_ex_data_with_cleanup( + WOLFSSL_SESSION* session, + int idx, + void* data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \ @@ -3810,14 +4166,20 @@ WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE fp); WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); +WOLFSSL_API void wolfSSL_THREADID_current(WOLFSSL_CRYPTO_THREADID* id); +WOLFSSL_API unsigned long wolfSSL_THREADID_hash( + const WOLFSSL_CRYPTO_THREADID* id); -WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( - WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); +WOLFSSL_API WOLFSSL_X509_LOOKUP_TYPE wolfSSL_X509_OBJECT_get_type( + const WOLFSSL_X509_OBJECT*); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(WOLFSSL_X509_STORE *); WOLFSSL_API WOLFSSL_X509_OBJECT* wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i); -WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a); +WOLFSSL_API WOLFSSL_X509_OBJECT* wolfSSL_X509_OBJECT_new(void); +WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *obj); +WOLFSSL_API WOLFSSL_X509 *wolfSSL_X509_OBJECT_get0_X509(const WOLFSSL_X509_OBJECT *obj); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_X509_OBJECT_get0_X509_CRL(WOLFSSL_X509_OBJECT *obj); #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) @@ -3834,7 +4196,8 @@ WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names); defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) -WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_get_verify_mode(const WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_CTX_get_verify_mode(const WOLFSSL_CTX* ctx); #endif @@ -3854,6 +4217,15 @@ WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int typedef void (*SSL_Msg_Cb)(int write_p, int version, int content_type, const void *buf, size_t len, WOLFSSL *ssl, void *arg); +#if defined(HAVE_SECRET_CALLBACK) +typedef void (*wolfSSL_CTX_keylog_cb_func) + (const WOLFSSL* ssl, const char* line); +WOLFSSL_API void wolfSSL_CTX_set_keylog_callback(WOLFSSL_CTX* ctx, + wolfSSL_CTX_keylog_cb_func cb); +WOLFSSL_API wolfSSL_CTX_keylog_cb_func wolfSSL_CTX_get_keylog_callback( + const WOLFSSL_CTX* ctx); +#endif /* HAVE_SECRET_CALLBACK */ + WOLFSSL_API int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb); WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); @@ -3868,6 +4240,13 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line); WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len); WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); +WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH* dh, + const WOLFSSL_BIGNUM** p, const WOLFSSL_BIGNUM** q, + const WOLFSSL_BIGNUM** g); +WOLFSSL_API void wolfSSL_DH_get0_key(const WOLFSSL_DH *dh, + const WOLFSSL_BIGNUM **pub_key, const WOLFSSL_BIGNUM **priv_key); +WOLFSSL_API int wolfSSL_DH_set0_key(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *pub_key, + WOLFSSL_BIGNUM *priv_key); #endif #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME) @@ -3883,7 +4262,8 @@ WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); #if defined(OPENSSL_ALL) \ || defined(WOLFSSL_NGINX) \ || defined(WOLFSSL_HAPROXY) \ - || defined(OPENSSL_EXTRA) + || defined(OPENSSL_EXTRA) \ + || defined(HAVE_STUNNEL) WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); #endif @@ -3901,6 +4281,13 @@ WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, void *data); +#ifdef HAVE_EX_DATA_CLEANUP_HOOKS +WOLFSSL_API int wolfSSL_X509_set_ex_data_with_cleanup( + X509 *x509, + int idx, + void *data, + wolfSSL_ex_data_cleanup_routine_t cleanup_routine); +#endif #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ @@ -3921,7 +4308,11 @@ WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL*); +#else WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); +#endif WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*); #ifndef NO_SESSION_CACHE @@ -3932,17 +4323,18 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, const WOLFSSL_ASN1_INTEGER *a); #ifdef HAVE_SESSION_TICKET -WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, int (*)( - WOLFSSL *ssl, unsigned char *name, unsigned char *iv, - WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)); +typedef int (*ticketCompatCb)(WOLFSSL *ssl, unsigned char *name, unsigned char *iv, + WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc); +WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, ticketCompatCb); #endif #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) WOLFSSL_API int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** chain); -WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, - int(*)(WOLFSSL*, void*)); +typedef int(*tlsextStatusCb)(WOLFSSL*, void*); +WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb); +WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb); WOLFSSL_API int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x); @@ -3967,6 +4359,14 @@ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio, #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */ +#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ + !defined(NO_WOLFSSL_SERVER) +WOLFSSL_API long wolfSSL_CTX_get_tlsext_ticket_keys(WOLFSSL_CTX *ctx, + unsigned char *keys, int keylen); +WOLFSSL_API long wolfSSL_CTX_set_tlsext_ticket_keys(WOLFSSL_CTX *ctx, + unsigned char *keys, int keylen); +#endif + WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, unsigned int *len); WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out, @@ -4002,6 +4402,10 @@ WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, WOLFSSL_API int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc, unsigned int flags); #endif +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) +WOLFSSL_API int wolfSSL_X509_check_email(WOLFSSL_X509 *x, const char *chk, + size_t chkLen, unsigned int flags); +#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) @@ -4042,7 +4446,7 @@ WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find( WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk); WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk); -WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); +WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(WOLFSSL_STACK* sk, int i); WOLFSSL_API void ERR_load_SSL_strings(void); WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); @@ -4088,8 +4492,45 @@ WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format); WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format); + +/* returns pointer to loaded key as ASN.1/DER */ +WOLFSSL_API int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, + const unsigned char** key, unsigned int* keySz); +WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo, + const unsigned char** key, unsigned int* keySz); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_security_level(WOLFSSL_CTX* ctx, int level); +WOLFSSL_API int wolfSSL_CTX_get_security_level(const WOLFSSL_CTX* ctx); + +WOLFSSL_API int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s); + +WOLFSSL_API void wolfSSL_CRYPTO_free(void *str, const char *file, int line); +WOLFSSL_API void *wolfSSL_CRYPTO_malloc(size_t num, const char *file, int line); + +WOLFSSL_API WOLFSSL_CONF_CTX* wolfSSL_CONF_CTX_new(void); +WOLFSSL_API void wolfSSL_CONF_CTX_free(WOLFSSL_CONF_CTX* cctx); +WOLFSSL_API void wolfSSL_CONF_CTX_set_ssl_ctx(WOLFSSL_CONF_CTX* cctx, WOLFSSL_CTX *ctx); +WOLFSSL_API unsigned int wolfSSL_CONF_CTX_set_flags(WOLFSSL_CONF_CTX* cctx, unsigned int flags); +WOLFSSL_API int wolfSSL_CONF_CTX_finish(WOLFSSL_CONF_CTX* cctx); + +#define WOLFSSL_CONF_FLAG_CMDLINE 0x1 +#define WOLFSSL_CONF_FLAG_FILE 0x2 +#define WOLFSSL_CONF_FLAG_CERTIFICATE 0x20 + +#define WOLFSSL_CONF_TYPE_STRING 0x1 +#define WOLFSSL_CONF_TYPE_FILE 0x2 + +WOLFSSL_API int wolfSSL_CONF_cmd(WOLFSSL_CONF_CTX* cctx, const char* cmd, const char* value); +#endif /* OPENSSL_EXTRA */ +#if defined(HAVE_EX_DATA) || defined(FORTRESS) || defined(WOLFSSL_WPAS_SMALL) +WOLFSSL_API int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, + WOLFSSL_CRYPTO_EX_new* new_func, + WOLFSSL_CRYPTO_EX_dup* dup_func, + WOLFSSL_CRYPTO_EX_free* free_func); +#endif /* HAVE_EX_DATA || FORTRESS */ #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libs/libwolfssl/version.h b/source/libs/libwolfssl/version.h index 4ed51502..471f5636 100644 --- a/source/libs/libwolfssl/version.h +++ b/source/libs/libwolfssl/version.h @@ -1,6 +1,6 @@ /* wolfssl_version.h.in * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -28,8 +28,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "4.6.0" -#define LIBWOLFSSL_VERSION_HEX 0x04006000 +#define LIBWOLFSSL_VERSION_STRING "4.8.1" +#define LIBWOLFSSL_VERSION_HEX 0x04008001 #ifdef __cplusplus } diff --git a/source/libs/libwolfssl/wolfcrypt/aes.h b/source/libs/libwolfssl/wolfcrypt/aes.h index cff740c4..ed0a0dce 100644 --- a/source/libs/libwolfssl/wolfcrypt/aes.h +++ b/source/libs/libwolfssl/wolfcrypt/aes.h @@ -1,6 +1,6 @@ /* aes.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -250,6 +250,21 @@ struct Aes { silabs_aes_t ctx; #endif void* heap; /* memory hint to use */ +#ifdef WOLFSSL_AESGCM_STREAM +#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_AESNI) + ALIGN16 byte streamData[5 * AES_BLOCK_SIZE]; +#else + byte* streamData; +#endif + word32 aSz; + word32 cSz; + byte over; + byte aOver; + byte cOver; + byte gcmKeySet:1; + byte nonceSet:1; + byte ctrSet:1; +#endif }; #ifndef WC_AES_TYPE_DEFINED @@ -361,6 +376,26 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); +#ifdef WOLFSSL_AESGCM_STREAM +WOLFSSL_API int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); + +WOLFSSL_API int wc_AesGcmEncryptInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); +WOLFSSL_API int wc_AesGcmEncryptInit_ex(Aes* aes, const byte* key, word32 len, + byte* ivOut, word32 ivOutSz); +WOLFSSL_API int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* authIn, word32 authInSz); +WOLFSSL_API int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, + word32 authTagSz); + +WOLFSSL_API int wc_AesGcmDecryptInit(Aes* aes, const byte* key, word32 len, + const byte* iv, word32 ivSz); +WOLFSSL_API int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* authIn, word32 authInSz); +WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, + word32 authTagSz); +#endif #ifndef WC_NO_RNG WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz); @@ -416,10 +451,18 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv); + WOLFSSL_API int wc_AesKeyWrap_ex(Aes *aes, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv); + WOLFSSL_API int wc_AesKeyUnWrap_ex(Aes *aes, + const byte* in, word32 inSz, + byte* out, word32 outSz, + const byte* iv); #endif /* HAVE_AES_KEYWRAP */ #ifdef WOLFSSL_AES_XTS diff --git a/source/libs/libwolfssl/wolfcrypt/arc4.h b/source/libs/libwolfssl/wolfcrypt/arc4.h index b8ddb294..cfc625f3 100644 --- a/source/libs/libwolfssl/wolfcrypt/arc4.h +++ b/source/libs/libwolfssl/wolfcrypt/arc4.h @@ -1,6 +1,6 @@ /* arc4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/asn.h b/source/libs/libwolfssl/wolfcrypt/asn.h index ea3e60ce..d87d8682 100644 --- a/source/libs/libwolfssl/wolfcrypt/asn.h +++ b/source/libs/libwolfssl/wolfcrypt/asn.h @@ -1,6 +1,6 @@ /* asn.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -140,6 +140,7 @@ enum DN_Tags { /* pilot attribute types * OID values of 0.9.2342.19200300.100.1.* */ ASN_USER_ID = 0x01, /* UID */ + ASN_FAVOURITE_DRINK = 0x05, /* favouriteDrink */ ASN_DOMAIN_COMPONENT = 0x19 /* DC */ }; @@ -182,6 +183,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_USER_ID "/UID=" #define WOLFSSL_DOMAIN_COMPONENT "/DC=" +#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink=" #if defined(WOLFSSL_APACHE_HTTPD) /* otherName strings */ @@ -196,6 +198,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_TLS_FEATURE_SUM 92 #endif +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* NIDs */ enum { @@ -247,6 +250,7 @@ enum NID_jurisdictionStateOrProvinceName = 0xd, NID_businessCategory = ASN_BUS_CAT, NID_domainComponent = ASN_DOMAIN_COMPONENT, + NID_favouriteDrink = 462, NID_userId = 458, NID_emailAddress = 0x30, /* emailAddress */ NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */ @@ -254,6 +258,7 @@ enum NID_X9_62_prime_field = 406 /* 1.2.840.10045.1.1 */ }; +#endif /* OPENSSL_EXTRA */ enum ECC_TYPES { @@ -305,12 +310,17 @@ enum Misc_ASN { KEYID_SIZE = WC_SHA_DIGEST_SIZE, #endif RSA_INTS = 8, /* RSA ints in private key */ + DSA_PARAM_INTS = 3, /* DSA paramater ints */ DSA_INTS = 5, /* DSA ints in private key */ MIN_DATE_SIZE = 12, MAX_DATE_SIZE = 32, ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */ #ifndef NO_RSA - MAX_ENCODED_SIG_SZ = 512, +#ifdef WOLFSSL_HAPROXY + MAX_ENCODED_SIG_SZ = 1024, /* Supports 8192 bit keys */ +#else + MAX_ENCODED_SIG_SZ = 512, /* Supports 4096 bit keys */ +#endif #elif defined(HAVE_ECC) MAX_ENCODED_SIG_SZ = 140, #elif defined(HAVE_CURVE448) @@ -330,7 +340,7 @@ enum Misc_ASN { MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */ MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ - MAX_DSA_INT_SZ = 261, /* DSA raw sz 2048 for bits + tag + len(4) */ + MAX_DSA_INT_SZ = 389, /* DSA raw sz 3072 for bits + tag + len(4) */ MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */ MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */ MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */ @@ -531,23 +541,23 @@ enum HMAC_Sum { enum Extensions_Sum { - BASIC_CA_OID = 133, - ALT_NAMES_OID = 131, - CRL_DIST_OID = 145, - AUTH_INFO_OID = 69, /* id-pe 1 */ - AUTH_KEY_OID = 149, - SUBJ_KEY_OID = 128, - CERT_POLICY_OID = 146, - KEY_USAGE_OID = 129, /* 2.5.29.15 */ - INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ + BASIC_CA_OID = 133, /* 2.5.29.19 */ + ALT_NAMES_OID = 131, /* 2.5.29.17 */ + CRL_DIST_OID = 145, /* 2.5.29.31 */ + AUTH_INFO_OID = 69, /* 1.3.6.1.5.5.7.1.1 */ + AUTH_KEY_OID = 149, /* 2.5.29.35 */ + SUBJ_KEY_OID = 128, /* 2.5.29.14 */ + CERT_POLICY_OID = 146, /* 2.5.29.32 */ + KEY_USAGE_OID = 129, /* 2.5.29.15 */ + INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */ NAME_CONS_OID = 144, /* 2.5.29.30 */ PRIV_KEY_USAGE_PERIOD_OID = 130, /* 2.5.29.16 */ - SUBJECT_INFO_ACCESS = 79, /* id-pe 11 */ - POLICY_MAP_OID = 147, - POLICY_CONST_OID = 150, - ISSUE_ALT_NAMES_OID = 132, - TLS_FEATURE_OID = 92, /* id-pe 24 */ + SUBJECT_INFO_ACCESS = 79, /* 1.3.6.1.5.5.7.1.11 */ + POLICY_MAP_OID = 147, /* 2.5.29.33 */ + POLICY_CONST_OID = 150, /* 2.5.29.36 */ + ISSUE_ALT_NAMES_OID = 132, /* 2.5.29.18 */ + TLS_FEATURE_OID = 92, /* 1.3.6.1.5.5.7.1.24 */ NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */ OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5 id-pkix-ocsp-nocheck */ @@ -589,6 +599,7 @@ enum VerifyType { VERIFY_OCSP = 3, VERIFY_NAME = 4, VERIFY_SKIP_DATE = 5, + VERIFY_OCSP_CERT = 6, }; #ifdef WOLFSSL_CERT_EXT @@ -682,7 +693,8 @@ struct SignatureCtx { #if !(defined(NO_RSA) && defined(NO_DSA)) byte* sigCpy; #endif -#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) +#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ + !defined(NO_DSA) int verify; #endif union { @@ -829,6 +841,7 @@ struct DecodedCert { byte maxPathLen; /* max_path_len see RFC 5280 section * 6.1.2 "Initialization" - (k) for * description of max_path_len */ + byte policyConstSkip; /* Policy Constraints skip certs value */ word16 extKeyUsage; /* Key usage bitfield */ byte extExtKeyUsage; /* Extended Key usage bitfield */ @@ -949,6 +962,9 @@ struct DecodedCert { byte extCRLdistSet : 1; byte extAuthInfoSet : 1; byte extBasicConstSet : 1; + byte extPolicyConstSet : 1; + byte extPolicyConstRxpSet : 1; /* requireExplicitPolicy set */ + byte extPolicyConstIpmSet : 1; /* inhibitPolicyMapping set */ byte extSubjAltNameSet : 1; byte inhibitAnyOidSet : 1; byte selfSigned : 1; /* Indicates subject and issuer are same */ @@ -959,6 +975,7 @@ struct DecodedCert { byte extCRLdistCrit : 1; byte extAuthInfoCrit : 1; byte extBasicConstCrit : 1; + byte extPolicyConstCrit : 1; byte extSubjAltNameCrit : 1; byte extAuthKeyIdCrit : 1; #ifndef IGNORE_NAME_CONSTRAINTS @@ -976,6 +993,14 @@ struct DecodedCert { #endif }; +/* ASN Encoded Name field */ +typedef struct EncodedName { + int nameLen; /* actual string value length */ + int totalLen; /* total encoded length */ + int type; /* type of name */ + int used; /* are we actually using this one */ + byte encoded[CTC_NAME_SIZE * 2]; /* encoding */ +} EncodedName; #ifdef NO_SHA #define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE @@ -1049,6 +1074,42 @@ struct TrustedPeerCert { #define WOLFSSL_ASN_API WOLFSSL_LOCAL #endif +#ifdef HAVE_SMIME +#define MIME_HEADER_ASCII_MIN 33 +#define MIME_HEADER_ASCII_MAX 126 + +typedef struct MimeParam MimeParam; +typedef struct MimeHdr MimeHdr; + +struct MimeParam +{ + MimeParam* next; + char* attribute; + char* value; +}; + +struct MimeHdr +{ + MimeHdr* next; + MimeParam* params; + char* name; + char* body; +}; + +typedef enum MimeTypes +{ + MIME_HDR, + MIME_PARAM +} MimeTypes; + +typedef enum MimeStatus +{ + MIME_NAMEATTR, + MIME_BODYVAL +} MimeStatus; +#endif /* HAVE_SMIME */ + + WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash); WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx); @@ -1126,6 +1187,10 @@ WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b); WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType); WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn); +WOLFSSL_LOCAL int wc_EncodeName(EncodedName* name, const char* nameStr, + char nameType, byte type); +WOLFSSL_LOCAL int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr, + char nameType, byte type); /* ASN.1 helper functions */ #ifdef WOLFSSL_CERT_GEN WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name); @@ -1178,12 +1243,6 @@ WOLFSSL_LOCAL int GetASNTag(const byte* input, word32* idx, byte* tag, WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output); WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output); WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output); -#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_DH) \ - || defined(WOLFSSL_OPENSSH) -WOLFSSL_LOCAL int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz); -WOLFSSL_LOCAL int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz); -WOLFSSL_LOCAL int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); -#endif WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output); WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output); WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output); @@ -1203,16 +1262,16 @@ WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g); WOLFSSL_LOCAL int FlattenAltNames( byte*, word32, const DNS_entry*); -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || !defined(NO_DSA) /* ASN sig helpers */ WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s); WOLFSSL_LOCAL int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen, const byte* s, word32 sLen); - WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, - mp_int* r, mp_int* s); WOLFSSL_LOCAL int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen, byte* r, word32* rLen, byte* s, word32* sLen); + WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, + mp_int* r, mp_int* s); #endif #if defined HAVE_ECC && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) WOLFSSL_API int EccEnumToNID(int n); @@ -1223,8 +1282,8 @@ WOLFSSL_LOCAL void FreeSignatureCtx(SignatureCtx* sigCtx); #ifndef NO_CERTS -WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, char** pBuffer, - size_t bufSz); +WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, + const char** pBuffer, size_t bufSz); WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, DerBuffer** pDer, void* heap, EncryptedInfo* info, @@ -1234,6 +1293,17 @@ WOLFSSL_LOCAL void FreeDer(DerBuffer** der); #endif /* !NO_CERTS */ +#ifdef HAVE_SMIME +WOLFSSL_LOCAL int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** hdrs); +WOLFSSL_LOCAL int wc_MIME_header_strip(char* in, char** out, size_t start, size_t end); +WOLFSSL_LOCAL int wc_MIME_create_header(char* name, char* body, MimeHdr** hdr); +WOLFSSL_LOCAL int wc_MIME_create_parameter(char* attribute, char* value, MimeParam** param); +WOLFSSL_LOCAL MimeHdr* wc_MIME_find_header_name(const char* name, MimeHdr* hdr); +WOLFSSL_LOCAL MimeParam* wc_MIME_find_param_attr(const char* attribute, MimeParam* param); +WOLFSSL_LOCAL char* wc_MIME_canonicalize(const char* line); +WOLFSSL_LOCAL int wc_MIME_free_hdrs(MimeHdr* head); +#endif /* HAVE_SMIME */ + #ifdef WOLFSSL_CERT_GEN enum cert_enums { @@ -1341,6 +1411,8 @@ struct OcspEntry byte* rawCertId; /* raw bytes of the CertID */ int rawCertIdSize; /* num bytes in raw CertID */ /* option bits - using 32-bit for alignment */ + word32 ownStatus:1; /* do we need to free the status + * response list */ word32 isDynamic:1; /* was dynamically allocated */ }; diff --git a/source/libs/libwolfssl/wolfcrypt/asn_public.h b/source/libs/libwolfssl/wolfcrypt/asn_public.h index 8b8bd414..ac192ebe 100644 --- a/source/libs/libwolfssl/wolfcrypt/asn_public.h +++ b/source/libs/libwolfssl/wolfcrypt/asn_public.h @@ -1,6 +1,6 @@ /* asn_public.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -32,6 +32,7 @@ This library defines the interface APIs for X509 certificates. #define WOLF_CRYPT_ASN_PUBLIC_H #include +#include #ifdef __cplusplus extern "C" { @@ -58,6 +59,10 @@ This library defines the interface APIs for X509 certificates. typedef struct WC_RNG WC_RNG; #define WC_RNG_TYPE_DEFINED #endif +#ifndef WC_DH_TYPE_DEFINED + typedef struct DhKey DhKey; + #define WC_DH_TYPE_DEFINED +#endif enum Ecc_Sum { ECC_SECP112R1_OID = 182, @@ -139,6 +144,17 @@ enum Ctc_SigType { CTC_SHA384wECDSA = 525, CTC_SHA512wRSA = 657, CTC_SHA512wECDSA = 526, + + /* https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration */ + CTC_SHA3_224wECDSA = 423, + CTC_SHA3_256wECDSA = 424, + CTC_SHA3_384wECDSA = 425, + CTC_SHA3_512wECDSA = 426, + CTC_SHA3_224wRSA = 427, + CTC_SHA3_256wRSA = 428, + CTC_SHA3_384wRSA = 429, + CTC_SHA3_512wRSA = 430, + CTC_ED25519 = 256, CTC_ED448 = 257 }; @@ -332,7 +348,8 @@ typedef struct Cert { char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ]; word16 certPoliciesNb; /* Number of Cert Policy */ #endif -#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) +#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \ + defined(WOLFSSL_CERT_REQ) byte issRaw[sizeof(CertName)]; /* raw issuer info */ byte sbjRaw[sizeof(CertName)]; /* raw subject info */ #endif @@ -468,7 +485,7 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef WOLFSSL_PEM_TO_DER WOLFSSL_API int wc_PemToDer(const unsigned char* buff, long longSz, int type, - DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey); + DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat); WOLFSSL_API int wc_KeyPemToDer(const unsigned char*, int, unsigned char*, int, const char*); @@ -508,6 +525,20 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header); #endif +#ifndef NO_DSA + /* DSA parameter DER helper functions */ + WOLFSSL_API int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, + DsaKey*, word32); + WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen); +#endif + +#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) +WOLFSSL_LOCAL int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv); +WOLFSSL_API int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz); +WOLFSSL_API int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz); +WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); +#endif + #ifdef HAVE_ECC /* private key helpers */ WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*, @@ -515,8 +546,11 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen); WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen); + WOLFSSL_API int wc_EccKeyDerSize(ecc_key*, int pub); WOLFSSL_API int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output, word32* outLen); + WOLFSSL_API int wc_EccKeyToPKCS8(ecc_key* key, byte* output, + word32* outLen); /* public key helper */ WOLFSSL_API int wc_EccPublicKeyDecode(const byte*, word32*, @@ -528,17 +562,24 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef HAVE_ED25519 /* private key helpers */ +#ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_Ed25519PrivateKeyDecode(const byte*, word32*, ed25519_key*, word32); +#endif + +#ifdef HAVE_ED25519_KEY_EXPORT WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, word32 inLen); WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, word32 inLen); +#endif /* public key helper */ WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte*, word32*, ed25519_key*, word32); - #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ + defined(HAVE_ED25519_KEY_EXPORT) + WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key*, byte* output, word32 inLen, int with_AlgCurve); #endif @@ -546,17 +587,23 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer); #ifdef HAVE_ED448 /* private key helpers */ +#ifdef HAVE_ED448_KEY_IMPORT WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*, ed448_key*, word32); +#endif + +#ifdef HAVE_ED448_KEY_EXPORT WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output, word32 inLen); WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen); +#endif /* public key helper */ WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*, ed448_key*, word32); - #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) + #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \ + defined(HAVE_ED448_KEY_EXPORT) WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output, word32 inLen, int with_AlgCurve); #endif @@ -570,7 +617,13 @@ WOLFSSL_API int wc_GetCTC_HashOID(int type); WOLFSSL_API int wc_GetPkcs8TraditionalOffset(byte* input, word32* inOutIdx, word32 sz); WOLFSSL_API int wc_CreatePKCS8Key(byte* out, word32* outSz, - byte* key, word32 keySz, int algoID, const byte* curveOID, word32 oidSz); + byte* key, word32 keySz, int algoID, const byte* curveOID, + word32 oidSz); +WOLFSSL_API int wc_EncryptPKCS8Key(byte*, word32, byte*, word32*, const char*, + int, int, int, int, byte*, word32, int, WC_RNG*, void*); +WOLFSSL_API int wc_DecryptPKCS8Key(byte*, word32, const char*, int); +WOLFSSL_API int wc_CreateEncryptedPKCS8Key(byte*, word32, byte*, word32*, + const char*, int, int, int, int, byte*, word32, int, WC_RNG*, void*); #ifndef NO_ASN_TIME /* Time */ diff --git a/source/libs/libwolfssl/wolfcrypt/blake2-impl.h b/source/libs/libwolfssl/wolfcrypt/blake2-impl.h index 6265cbd5..72d2a510 100644 --- a/source/libs/libwolfssl/wolfcrypt/blake2-impl.h +++ b/source/libs/libwolfssl/wolfcrypt/blake2-impl.h @@ -12,7 +12,7 @@ */ /* blake2-impl.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -85,7 +85,7 @@ static WC_INLINE void store32( void *dst, word32 w ) static WC_INLINE void store64( void *dst, word64 w ) { -#if defined(LITTLE_ENDIAN_ORDER) +#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_GENERAL_ALIGNMENT) *( word64 * )( dst ) = w; #else byte *p = ( byte * )dst; diff --git a/source/libs/libwolfssl/wolfcrypt/blake2-int.h b/source/libs/libwolfssl/wolfcrypt/blake2-int.h index 0c831e8a..a995e260 100644 --- a/source/libs/libwolfssl/wolfcrypt/blake2-int.h +++ b/source/libs/libwolfssl/wolfcrypt/blake2-int.h @@ -12,7 +12,7 @@ */ /* blake2-int.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -77,7 +77,7 @@ byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ } blake2s_param; - ALIGN32 typedef struct __blake2s_state + typedef struct ALIGN32 __blake2s_state { word32 h[8]; word32 t[2]; @@ -102,7 +102,7 @@ byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ } blake2b_param; - ALIGN64 typedef struct __blake2b_state + typedef struct ALIGN64 __blake2b_state { word64 h[8]; word64 t[2]; diff --git a/source/libs/libwolfssl/wolfcrypt/blake2.h b/source/libs/libwolfssl/wolfcrypt/blake2.h index 5a4332b0..f937acc9 100644 --- a/source/libs/libwolfssl/wolfcrypt/blake2.h +++ b/source/libs/libwolfssl/wolfcrypt/blake2.h @@ -1,6 +1,6 @@ /* blake2.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/camellia.h b/source/libs/libwolfssl/wolfcrypt/camellia.h index b58287a7..9b0c6cbe 100644 --- a/source/libs/libwolfssl/wolfcrypt/camellia.h +++ b/source/libs/libwolfssl/wolfcrypt/camellia.h @@ -27,7 +27,7 @@ /* camellia.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/chacha.h b/source/libs/libwolfssl/wolfcrypt/chacha.h index 49dc1e6d..b01feba2 100644 --- a/source/libs/libwolfssl/wolfcrypt/chacha.h +++ b/source/libs/libwolfssl/wolfcrypt/chacha.h @@ -1,6 +1,6 @@ /* chacha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/chacha20_poly1305.h b/source/libs/libwolfssl/wolfcrypt/chacha20_poly1305.h index be1a0aad..42a50eec 100644 --- a/source/libs/libwolfssl/wolfcrypt/chacha20_poly1305.h +++ b/source/libs/libwolfssl/wolfcrypt/chacha20_poly1305.h @@ -1,6 +1,6 @@ /* chacha20_poly1305.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/cmac.h b/source/libs/libwolfssl/wolfcrypt/cmac.h index 978badee..6fd46ffc 100644 --- a/source/libs/libwolfssl/wolfcrypt/cmac.h +++ b/source/libs/libwolfssl/wolfcrypt/cmac.h @@ -1,6 +1,6 @@ /* cmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -53,6 +53,16 @@ struct Cmac { byte k2[AES_BLOCK_SIZE]; word32 bufferSz; word32 totalSz; +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; + #ifdef WOLFSSL_QNX_CAAM + byte ctx[32]; /* hold state for save and return */ + word32 blackKey; + word32 keylen; + byte initialized; + #endif +#endif }; @@ -70,6 +80,12 @@ WOLFSSL_API int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz, int type, void* unused); + +WOLFSSL_API +int wc_InitCmac_ex(Cmac* cmac, + const byte* key, word32 keySz, + int type, void* unused, void* heap, int devId); + WOLFSSL_API int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz); diff --git a/source/libs/libwolfssl/wolfcrypt/coding.h b/source/libs/libwolfssl/wolfcrypt/coding.h index efdd5f88..a5c2ba14 100644 --- a/source/libs/libwolfssl/wolfcrypt/coding.h +++ b/source/libs/libwolfssl/wolfcrypt/coding.h @@ -1,6 +1,6 @@ /* coding.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -79,6 +79,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out, int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen); #endif + WOLFSSL_LOCAL int Base64_SkipNewline(const byte* in, word32* inLen, + word32* outJ); #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libs/libwolfssl/wolfcrypt/compress.h b/source/libs/libwolfssl/wolfcrypt/compress.h index 8a3760f1..8f3eb737 100644 --- a/source/libs/libwolfssl/wolfcrypt/compress.h +++ b/source/libs/libwolfssl/wolfcrypt/compress.h @@ -1,6 +1,6 @@ /* compress.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/cpuid.h b/source/libs/libwolfssl/wolfcrypt/cpuid.h index 557c4207..4eadb638 100644 --- a/source/libs/libwolfssl/wolfcrypt/cpuid.h +++ b/source/libs/libwolfssl/wolfcrypt/cpuid.h @@ -1,6 +1,6 @@ /* cpuid.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -32,8 +32,9 @@ extern "C" { #endif -#if defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \ - defined(WOLFSSL_AESNI) +#if (defined(WOLFSSL_X86_64_BUILD) || defined(USE_INTEL_SPEEDUP) || \ + defined(WOLFSSL_AESNI) || defined(WOLFSSL_SP_X86_64_ASM)) && \ + !defined(WOLFSSL_NO_ASM) #define CPUID_AVX1 0x0001 #define CPUID_AVX2 0x0002 diff --git a/source/libs/libwolfssl/wolfcrypt/cryptocb.h b/source/libs/libwolfssl/wolfcrypt/cryptocb.h index 18ca880b..249f2c11 100644 --- a/source/libs/libwolfssl/wolfcrypt/cryptocb.h +++ b/source/libs/libwolfssl/wolfcrypt/cryptocb.h @@ -1,6 +1,6 @@ /* cryptocb.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -15,7 +15,8 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program. If not, see . + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _WOLF_CRYPTO_CB_H_ @@ -58,7 +59,18 @@ #ifndef NO_DES3 #include #endif - +#ifdef WOLFSSL_CMAC + #include +#endif +#ifdef HAVE_ED25519 + #include +#endif +#ifdef HAVE_CURVE25519 + #include +#endif +#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) + #include +#endif /* Crypto Information Structure for callbacks */ typedef struct wc_CryptoInfo { @@ -126,6 +138,50 @@ typedef struct wc_CryptoInfo { word32 pubKeySz; } ecc_check; #endif + #ifdef HAVE_CURVE25519 + struct { + WC_RNG* rng; + int size; + curve25519_key* key; + int curveId; + } curve25519kg; + struct { + curve25519_key* private_key; + curve25519_key* public_key; + byte* out; + word32* outlen; + int endian; + } curve25519; + #endif + #ifdef HAVE_ED25519 + struct { + WC_RNG* rng; + int size; + ed25519_key* key; + int curveId; + } ed25519kg; + struct { + const byte* in; + word32 inLen; + byte* out; + word32* outLen; + ed25519_key* key; + byte type; + const byte* context; + byte contextLen; + } ed25519sign; + struct { + const byte* sig; + word32 sigLen; + const byte* msg; + word32 msgLen; + int* res; + ed25519_key* key; + byte type; + const byte* context; + byte contextLen; + } ed25519verify; + #endif }; } pk; #endif /* !NO_RSA || HAVE_ECC */ @@ -179,7 +235,8 @@ typedef struct wc_CryptoInfo { }; } cipher; #endif /* !NO_AES || !NO_DES3 */ -#if !defined(NO_SHA) || !defined(NO_SHA256) +#if !defined(NO_SHA) || !defined(NO_SHA256) || \ + defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) struct { int type; /* enum wc_HashType */ const byte* in; @@ -192,6 +249,12 @@ typedef struct wc_CryptoInfo { #ifndef NO_SHA256 wc_Sha256* sha256; #endif + #ifdef WOLFSSL_SHA384 + wc_Sha384* sha384; + #endif + #ifdef WOLFSSL_SHA512 + wc_Sha512* sha512; + #endif }; } hash; #endif /* !NO_SHA || !NO_SHA256 */ @@ -216,6 +279,19 @@ typedef struct wc_CryptoInfo { word32 sz; } seed; #endif +#ifdef WOLFSSL_CMAC + struct { + Cmac* cmac; + void* ctx; + const byte* key; + const byte* in; + byte* out; + word32* outSz; + word32 keySz; + word32 inSz; + int type; + } cmac; +#endif } wc_CryptoInfo; @@ -261,6 +337,25 @@ WOLFSSL_LOCAL int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey, word32 pubKeySz); #endif /* HAVE_ECC */ +#ifdef HAVE_CURVE25519 +WOLFSSL_LOCAL int wc_CryptoCb_Curve25519Gen(WC_RNG* rng, int keySize, + curve25519_key* key); + +WOLFSSL_LOCAL int wc_CryptoCb_Curve25519(curve25519_key* private_key, + curve25519_key* public_key, byte* out, word32* outlen, int endian); +#endif /* HAVE_CURVE25519 */ + +#ifdef HAVE_ED25519 +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Gen(WC_RNG* rng, int keySize, + ed25519_key* key); +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Sign(const byte* in, word32 inLen, + byte* out, word32 *outLen, ed25519_key* key, byte type, const byte* context, + byte contextLen); +WOLFSSL_LOCAL int wc_CryptoCb_Ed25519Verify(const byte* sig, word32 sigLen, + const byte* msg, word32 msgLen, int* res, ed25519_key* key, byte type, + const byte* context, byte contextLen); +#endif /* HAVE_ED25519 */ + #ifndef NO_AES #ifdef HAVE_AESGCM WOLFSSL_LOCAL int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out, @@ -296,6 +391,15 @@ WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in, word32 inSz, byte* digest); #endif /* !NO_SHA256 */ +#ifdef WOLFSSL_SHA384 +WOLFSSL_LOCAL int wc_CryptoCb_Sha384Hash(wc_Sha384* sha384, const byte* in, + word32 inSz, byte* digest); +#endif +#ifdef WOLFSSL_SHA512 +WOLFSSL_LOCAL int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in, + word32 inSz, byte* digest); +#endif + #ifndef NO_HMAC WOLFSSL_LOCAL int wc_CryptoCb_Hmac(Hmac* hmac, int macType, const byte* in, word32 inSz, byte* digest); @@ -306,6 +410,12 @@ WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz); WOLFSSL_LOCAL int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz); #endif +#ifdef WOLFSSL_CMAC +WOLFSSL_LOCAL int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz, + const byte* in, word32 inSz, byte* out, word32* outSz, int type, + void* ctx); +#endif + #endif /* WOLF_CRYPTO_CB */ #ifdef __cplusplus diff --git a/source/libs/libwolfssl/wolfcrypt/curve25519.h b/source/libs/libwolfssl/wolfcrypt/curve25519.h index ad34622a..2193f23a 100644 --- a/source/libs/libwolfssl/wolfcrypt/curve25519.h +++ b/source/libs/libwolfssl/wolfcrypt/curve25519.h @@ -1,6 +1,6 @@ /* curve25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -79,6 +79,9 @@ typedef struct curve25519_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif } curve25519_key; enum { @@ -113,6 +116,8 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key, WOLFSSL_API int wc_curve25519_init(curve25519_key* key); +WOLFSSL_API +int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId); WOLFSSL_API void wc_curve25519_free(curve25519_key* key); diff --git a/source/libs/libwolfssl/wolfcrypt/curve448.h b/source/libs/libwolfssl/wolfcrypt/curve448.h index 75614fe6..55e1ae1b 100644 --- a/source/libs/libwolfssl/wolfcrypt/curve448.h +++ b/source/libs/libwolfssl/wolfcrypt/curve448.h @@ -1,6 +1,6 @@ /* curve448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/des3.h b/source/libs/libwolfssl/wolfcrypt/des3.h index bec88ed4..438e72cf 100644 --- a/source/libs/libwolfssl/wolfcrypt/des3.h +++ b/source/libs/libwolfssl/wolfcrypt/des3.h @@ -1,6 +1,6 @@ /* des3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/dh.h b/source/libs/libwolfssl/wolfcrypt/dh.h index 7229e55a..d41f125b 100644 --- a/source/libs/libwolfssl/wolfcrypt/dh.h +++ b/source/libs/libwolfssl/wolfcrypt/dh.h @@ -1,6 +1,6 @@ /* dh.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -46,13 +46,6 @@ #include #endif -/* Optional support extended DH public / private keys */ -#if !defined(WOLFSSL_DH_EXTRA) && (defined(WOLFSSL_QT) || \ - defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \ - defined(WOLFSSL_STATIC_EPHEMERAL)) - #define WOLFSSL_DH_EXTRA -#endif - typedef struct DhParams { #ifdef HAVE_FFDHE_Q const byte* q; @@ -117,6 +110,8 @@ WOLFSSL_API int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz, const byte* q, word32 qSz); #ifdef WOLFSSL_DH_EXTRA +WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx, + DhKey* key, word32 inSz); WOLFSSL_API int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz, const byte* pub, word32 pubSz); WOLFSSL_API int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz, diff --git a/source/libs/libwolfssl/wolfcrypt/dsa.h b/source/libs/libwolfssl/wolfcrypt/dsa.h index 5716c0a8..0d3532ac 100644 --- a/source/libs/libwolfssl/wolfcrypt/dsa.h +++ b/source/libs/libwolfssl/wolfcrypt/dsa.h @@ -1,6 +1,6 @@ /* dsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -53,8 +53,20 @@ enum { }; enum { - DSA_HALF_SIZE = 20, /* r and s size */ - DSA_SIG_SIZE = 40 /* signature size */ + /* 160 bit q length */ + DSA_160_HALF_SIZE = 20, /* r and s size */ + DSA_160_SIG_SIZE = 40, /* signature size */ + DSA_HALF_SIZE = DSA_160_HALF_SIZE, /* kept for compatiblity */ + DSA_SIG_SIZE = DSA_160_SIG_SIZE, /* kept for compatiblity */ + /* 256 bit q length */ + DSA_256_HALF_SIZE = 32, /* r and s size */ + DSA_256_SIG_SIZE = 64, /* signature size */ + + DSA_MIN_HALF_SIZE = DSA_160_HALF_SIZE, + DSA_MIN_SIG_SIZE = DSA_160_SIG_SIZE, + + DSA_MAX_HALF_SIZE = DSA_256_HALF_SIZE, + DSA_MAX_SIG_SIZE = DSA_256_SIG_SIZE, }; /* DSA */ diff --git a/source/libs/libwolfssl/wolfcrypt/ecc.h b/source/libs/libwolfssl/wolfcrypt/ecc.h index efd7233a..a969d5cc 100644 --- a/source/libs/libwolfssl/wolfcrypt/ecc.h +++ b/source/libs/libwolfssl/wolfcrypt/ecc.h @@ -1,6 +1,6 @@ /* ecc.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -85,30 +85,41 @@ /* Determine max ECC bits based on enabled curves */ -#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) - #define MAX_ECC_BITS 521 +#if defined(WOLFCRYPT_HAVE_SAKKE) + #define MAX_ECC_BITS_NEEDED 1024 +#elif defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) + #define MAX_ECC_BITS_NEEDED 521 #elif defined(HAVE_ECC512) - #define MAX_ECC_BITS 512 + #define MAX_ECC_BITS_NEEDED 512 #elif defined(HAVE_ECC384) - #define MAX_ECC_BITS 384 + #define MAX_ECC_BITS_NEEDED 384 #elif defined(HAVE_ECC320) - #define MAX_ECC_BITS 320 + #define MAX_ECC_BITS_NEEDED 320 #elif !defined(NO_ECC256) - #define MAX_ECC_BITS 256 + #define MAX_ECC_BITS_NEEDED 256 #elif defined(HAVE_ECC239) - #define MAX_ECC_BITS 239 + #define MAX_ECC_BITS_NEEDED 239 #elif defined(HAVE_ECC224) - #define MAX_ECC_BITS 224 + #define MAX_ECC_BITS_NEEDED 224 #elif defined(HAVE_ECC192) - #define MAX_ECC_BITS 192 + #define MAX_ECC_BITS_NEEDED 192 #elif defined(HAVE_ECC160) - #define MAX_ECC_BITS 160 + #define MAX_ECC_BITS_NEEDED 160 #elif defined(HAVE_ECC128) - #define MAX_ECC_BITS 128 + #define MAX_ECC_BITS_NEEDED 128 #elif defined(HAVE_ECC112) - #define MAX_ECC_BITS 112 + #define MAX_ECC_BITS_NEEDED 112 #endif +#ifndef MAX_ECC_BITS + #define MAX_ECC_BITS MAX_ECC_BITS_NEEDED +#else + #if MAX_ECC_BITS_NEEDED > MAX_ECC_BITS + #error configured MAX_ECC_BITS is less than required by enabled curves. + #endif +#endif + + /* calculate max ECC bytes */ #if ((MAX_ECC_BITS * 2) % 8) == 0 #define MAX_ECC_BYTES (MAX_ECC_BITS / 8) @@ -128,10 +139,15 @@ enum { ECC_PRIVATEKEY_ONLY = 3, ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */ - ECC_BUFSIZE = 256, /* for exported keys temp buffer */ + ECC_BUFSIZE = 257, /* for exported keys temp buffer */ ECC_MINSIZE = ECC_MIN_KEY_SZ/8, /* MIN Private Key size */ +#ifdef WOLFCRYPT_HAVE_SAKKE + ECC_MAXSIZE = 128, /* MAX Private Key size */ + ECC_MAXSIZE_GEN = 128, /* MAX Buffer size required when generating ECC keys*/ +#else ECC_MAXSIZE = 66, /* MAX Private Key size */ ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ +#endif ECC_MAX_OID_LEN = 16, ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ), @@ -212,9 +228,14 @@ typedef enum ecc_curve_id { ECC_X448, #endif +#ifdef WOLFCRYPT_HAVE_SAKKE + ECC_SAKKE_1, +#endif + #ifdef WOLFSSL_CUSTOM_CURVES ECC_CURVE_CUSTOM, #endif + ECC_CURVE_MAX } ecc_curve_id; #ifdef HAVE_OID_ENCODING @@ -304,6 +325,9 @@ typedef struct ecc_set_type { #ifndef USE_FAST_MATH #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE #endif +#ifdef WOLFSSL_NO_MALLOC + #error ALT_ECC_SIZE cannot be used with no malloc (WOLFSSL_NO_MALLOC) +#endif /* determine max bits required for ECC math */ #ifndef FP_MAX_BITS_ECC @@ -396,6 +420,12 @@ struct ecc_key { void* heap; /* heap hint */ ecc_point pubkey; /* public key */ mp_int k; /* private key */ + +#ifdef WOLFSSL_QNX_CAAM + word32 blackKey; /* address of key encrypted and in secure memory */ + word32 securePubKey; /* address of public key in secure memory */ + int partNum; /* partition number*/ +#endif #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) int slot; /* Key Slot Number (-1 unknown) */ byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; @@ -435,9 +465,13 @@ struct ecc_key { ecc_context_t ctx; #endif -#ifdef WOLFSSL_ECDSA_SET_K +#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ + defined(WOLFSSL_ECDSA_DETERMINISTIC_K) mp_int *sign_k; #endif +#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) + byte deterministic:1; +#endif #ifdef WOLFSSL_SMALL_STACK_CACHE mp_int* t1; @@ -472,8 +506,6 @@ extern const size_t ecc_sets_count; WOLFSSL_API const char* wc_ecc_get_name(int curve_id); -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) - #ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL #define ECC_API WOLFSSL_API #else @@ -498,8 +530,6 @@ WOLFSSL_LOCAL int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a, mp_int* modulus, mp_digit mp); -#endif - WOLFSSL_API int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); WOLFSSL_ABI WOLFSSL_API @@ -545,7 +575,15 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, WOLFSSL_API int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, ecc_key* key, mp_int *r, mp_int *s); -#ifdef WOLFSSL_ECDSA_SET_K +#ifdef WOLFSSL_ECDSA_DETERMINISTIC_K +WOLFSSL_API +int wc_ecc_set_deterministic(ecc_key* key, byte flag); +WOLFSSL_API +int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz, + enum wc_HashType hashType, mp_int* priv, mp_int* k, mp_int* order, + void* heap); +#endif +#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) WOLFSSL_API int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key); #endif @@ -629,7 +667,9 @@ void wc_ecc_del_point(ecc_point* p); WOLFSSL_API void wc_ecc_del_point_h(ecc_point* p, void* h); WOLFSSL_API -int wc_ecc_copy_point(ecc_point* p, ecc_point *r); +void wc_ecc_forcezero_point(ecc_point* p); +WOLFSSL_API +int wc_ecc_copy_point(const ecc_point* p, ecc_point *r); WOLFSSL_API int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); WOLFSSL_API @@ -639,13 +679,13 @@ int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx); #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) WOLFSSL_API -int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, +int wc_ecc_mulmod(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, int map); WOLFSSL_LOCAL -int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, +int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, int map, void* heap); WOLFSSL_LOCAL -int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, mp_int* order, WC_RNG* rng, int map, void* heap); #endif /* !WOLFSSL_ATECC508A */ @@ -687,8 +727,8 @@ WOLFSSL_API int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, const char* d, int curve_id); WOLFSSL_API -int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy, - byte* d, int curve_id); +int wc_ecc_import_unsigned(ecc_key* key, const byte* qx, const byte* qy, + const byte* d, int curve_id); #endif /* HAVE_ECC_KEY_IMPORT */ #ifdef HAVE_ECC_KEY_EXPORT @@ -721,10 +761,11 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, #ifdef HAVE_ECC_KEY_IMPORT WOLFSSL_API -int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, - ecc_point* point, int shortKeySize); +int wc_ecc_import_point_der_ex(const byte* in, word32 inLen, + const int curve_idx, ecc_point* point, + int shortKeySize); WOLFSSL_API -int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, +int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx, ecc_point* point); #endif /* HAVE_ECC_KEY_IMPORT */ @@ -734,7 +775,7 @@ int wc_ecc_size(ecc_key* key); WOLFSSL_API int wc_ecc_sig_size_calc(int sz); WOLFSSL_API -int wc_ecc_sig_size(ecc_key* key); +int wc_ecc_sig_size(const ecc_key* key); WOLFSSL_API int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz); @@ -767,6 +808,7 @@ enum { KEY_SIZE_256 = 32, IV_SIZE_64 = 8, IV_SIZE_128 = 16, + ECC_MAX_IV_SIZE = 16, EXCHANGE_SALT_SZ = 16, EXCHANGE_INFO_SZ = 23 }; diff --git a/source/libs/libwolfssl/wolfcrypt/ed25519.h b/source/libs/libwolfssl/wolfcrypt/ed25519.h index 42cbe22e..6a41e6fd 100644 --- a/source/libs/libwolfssl/wolfcrypt/ed25519.h +++ b/source/libs/libwolfssl/wolfcrypt/ed25519.h @@ -1,6 +1,6 @@ /* ed25519.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -34,6 +34,9 @@ #include #include #include +#ifndef WOLFSSL_SHA512 +#error ED25519 requires SHA512 +#endif #include #ifdef WOLFSSL_ASYNC_CRYPT @@ -87,6 +90,14 @@ struct ed25519_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif + void *heap; +#ifdef WOLFSSL_ED25519_PERSISTENT_SHA + wc_Sha512 sha; + int sha_clean_flag; +#endif }; @@ -95,6 +106,7 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey, word32 pubKeySz); WOLFSSL_API int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key); +#ifdef HAVE_ED25519_SIGN WOLFSSL_API int wc_ed25519_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed25519_key* key); @@ -111,6 +123,12 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed25519_key* key, const byte* context, byte contextLen); WOLFSSL_API +int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out, + word32 *outLen, ed25519_key* key, byte type, + const byte* context, byte contextLen); +#endif /* HAVE_ED25519_SIGN */ +#ifdef HAVE_ED25519_VERIFY +WOLFSSL_API int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed25519_key* key); WOLFSSL_API @@ -125,10 +143,31 @@ WOLFSSL_API int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed25519_key* key, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg, + word32 msgLen, int* res, ed25519_key* key, + byte type, const byte* context, byte contextLen); +#ifdef WOLFSSL_ED25519_STREAMING_VERIFY +WOLFSSL_API +int wc_ed25519_verify_msg_init(const byte* sig, word32 sigLen, ed25519_key* key, + byte type, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed25519_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen, + ed25519_key* key); +WOLFSSL_API +int wc_ed25519_verify_msg_final(const byte* sig, word32 sigLen, int* res, + ed25519_key* key); +#endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ +#endif /* HAVE_ED25519_VERIFY */ + + WOLFSSL_API int wc_ed25519_init(ed25519_key* key); WOLFSSL_API +int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId); +WOLFSSL_API void wc_ed25519_free(ed25519_key* key); +#ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); WOLFSSL_API @@ -137,6 +176,9 @@ int wc_ed25519_import_private_only(const byte* priv, word32 privSz, WOLFSSL_API int wc_ed25519_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ed25519_key* key); +#endif /* HAVE_ED25519_KEY_IMPORT */ + +#ifdef HAVE_ED25519_KEY_EXPORT WOLFSSL_API int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen); WOLFSSL_API @@ -147,6 +189,7 @@ WOLFSSL_API int wc_ed25519_export_key(ed25519_key* key, byte* priv, word32 *privSz, byte* pub, word32 *pubSz); +#endif /* HAVE_ED25519_KEY_EXPORT */ WOLFSSL_API int wc_ed25519_check_key(ed25519_key* key); diff --git a/source/libs/libwolfssl/wolfcrypt/ed448.h b/source/libs/libwolfssl/wolfcrypt/ed448.h index 5966c49b..37602bf1 100644 --- a/source/libs/libwolfssl/wolfcrypt/ed448.h +++ b/source/libs/libwolfssl/wolfcrypt/ed448.h @@ -1,6 +1,6 @@ /* ed448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -34,6 +34,9 @@ #include #include #include +#ifndef WOLFSSL_SHAKE256 +#error ED448 requires SHAKE256 +#endif #include #ifdef WOLFSSL_ASYNC_CRYPT @@ -62,6 +65,7 @@ /* both private and public key */ #define ED448_PRV_KEY_SIZE (ED448_PUB_KEY_SIZE+ED448_KEY_SIZE) +#define ED448_PREHASH_SIZE 64 enum { Ed448 = 0, @@ -86,6 +90,14 @@ struct ed448_key { #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif +#if defined(WOLF_CRYPTO_CB) + int devId; +#endif + void *heap; +#ifdef WOLFSSL_ED448_PERSISTENT_SHA + wc_Shake sha; + int sha_clean_flag; +#endif }; @@ -94,6 +106,7 @@ int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey, word32 pubKeySz); WOLFSSL_API int wc_ed448_make_key(WC_RNG* rng, int keysize, ed448_key* key); +#ifdef HAVE_ED448_SIGN WOLFSSL_API int wc_ed448_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); @@ -102,9 +115,30 @@ int wc_ed448ph_sign_hash(const byte* hash, word32 hashLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); WOLFSSL_API +int wc_ed448_sign_msg_ex(const byte* in, word32 inLen, byte* out, + word32 *outLen, ed448_key* key, byte type, + const byte* context, byte contextLen); +WOLFSSL_API int wc_ed448ph_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen, ed448_key* key, const byte* context, byte contextLen); +#endif /* HAVE_ED448_SIGN */ +#ifdef HAVE_ED448_VERIFY +WOLFSSL_API +int wc_ed448_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg, + word32 msgLen, int* res, ed448_key* key, + byte type, const byte* context, byte contextLen); +#ifdef WOLFSSL_ED448_STREAMING_VERIFY +WOLFSSL_API +int wc_ed448_verify_msg_init(const byte* sig, word32 sigLen, ed448_key* key, + byte type, const byte* context, byte contextLen); +WOLFSSL_API +int wc_ed448_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen, + ed448_key* key); +WOLFSSL_API +int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen, + int* stat, ed448_key* key); +#endif /* WOLFSSL_ED448_STREAMING_VERIFY */ WOLFSSL_API int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed448_key* key, @@ -117,10 +151,15 @@ WOLFSSL_API int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* stat, ed448_key* key, const byte* context, byte contextLen); +#endif /* HAVE_ED448_VERIFY */ +WOLFSSL_API +int wc_ed448_init_ex(ed448_key* key, void *heap, int devId); WOLFSSL_API int wc_ed448_init(ed448_key* key); WOLFSSL_API void wc_ed448_free(ed448_key* key); + +#ifdef HAVE_ED448_KEY_IMPORT WOLFSSL_API int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key); WOLFSSL_API @@ -129,6 +168,9 @@ int wc_ed448_import_private_only(const byte* priv, word32 privSz, WOLFSSL_API int wc_ed448_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ed448_key* key); +#endif /* HAVE_ED448_KEY_IMPORT */ + +#ifdef HAVE_ED448_KEY_EXPORT WOLFSSL_API int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen); WOLFSSL_API @@ -138,6 +180,7 @@ int wc_ed448_export_private(ed448_key* key, byte* out, word32* outLen); WOLFSSL_API int wc_ed448_export_key(ed448_key* key, byte* priv, word32 *privSz, byte* pub, word32 *pubSz); +#endif /* HAVE_ED448_KEY_EXPORT */ WOLFSSL_API int wc_ed448_check_key(ed448_key* key); diff --git a/source/libs/libwolfssl/wolfcrypt/error-crypt.h b/source/libs/libwolfssl/wolfcrypt/error-crypt.h index 943de453..48af52ca 100644 --- a/source/libs/libwolfssl/wolfcrypt/error-crypt.h +++ b/source/libs/libwolfssl/wolfcrypt/error-crypt.h @@ -1,6 +1,6 @@ /* error-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -234,8 +234,12 @@ enum { PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */ CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */ ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */ + SAKKE_VERIFY_FAIL_E = -276, /* SAKKE derivation verification error */ + MISSING_IV = -277, /* IV was not set */ + MISSING_KEY = -278, /* Key was not set */ + BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */ - WC_LAST_E = -275, /* Update this to indicate last error */ + WC_LAST_E = -279, /* Update this to indicate last error */ MIN_CODE_E = -300 /* errors -101 - -299 */ /* add new companion error id strings for any new error codes diff --git a/source/libs/libwolfssl/wolfcrypt/fe_448.h b/source/libs/libwolfssl/wolfcrypt/fe_448.h index 0f8fd5d1..4664ce4b 100644 --- a/source/libs/libwolfssl/wolfcrypt/fe_448.h +++ b/source/libs/libwolfssl/wolfcrypt/fe_448.h @@ -1,6 +1,6 @@ /* fe448_448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,10 +27,6 @@ #if defined(HAVE_CURVE448) || defined(HAVE_ED448) -#ifndef WOLFSSL_LINUXKM -#include -#endif - #include #if defined(HAVE___UINT128_T) && !defined(NO_CURVED448_128BIT) @@ -45,19 +41,23 @@ #if !defined(CURVE448_SMALL) && !defined(ED448_SMALL) #if defined(CURVED448_128BIT) - typedef int64_t fe448; + typedef sword64 fe448; #ifndef WOLFSSL_UINT128_T_DEFINED #ifdef __SIZEOF_INT128__ typedef __uint128_t uint128_t; typedef __int128_t int128_t; + typedef __uint128_t word128; + typedef __int128_t sword128; #else typedef unsigned long uint128_t __attribute__ ((mode(TI))); typedef long int128_t __attribute__ ((mode(TI))); + typedef uint128_t word128; + typedef int128_t sword128; #endif #define WOLFSSL_UINT128_T_DEFINED #endif #else - typedef int32_t fe448; + typedef sword32 fe448; #endif WOLFSSL_LOCAL void fe448_init(void); @@ -94,21 +94,21 @@ WOLFSSL_LOCAL void fe448_init(void); WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a); #define fe448_reduce(a) -WOLFSSL_LOCAL void fe448_neg(uint8_t*,const uint8_t*); -WOLFSSL_LOCAL void fe448_add(uint8_t*, const uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_sub(uint8_t*, const uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_mul(uint8_t*,const uint8_t*,const uint8_t*); -WOLFSSL_LOCAL void fe448_sqr(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_mul39081(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL void fe448_invert(uint8_t*, const uint8_t*); +WOLFSSL_LOCAL void fe448_neg(word8*,const word8*); +WOLFSSL_LOCAL void fe448_add(word8*, const word8*, const word8*); +WOLFSSL_LOCAL void fe448_sub(word8*, const word8*, const word8*); +WOLFSSL_LOCAL void fe448_mul(word8*,const word8*,const word8*); +WOLFSSL_LOCAL void fe448_sqr(word8*, const word8*); +WOLFSSL_LOCAL void fe448_mul39081(word8*, const word8*); +WOLFSSL_LOCAL void fe448_invert(word8*, const word8*); -WOLFSSL_LOCAL void fe448_copy(uint8_t*, const uint8_t*); -WOLFSSL_LOCAL int fe448_isnonzero(const uint8_t*); +WOLFSSL_LOCAL void fe448_copy(word8*, const word8*); +WOLFSSL_LOCAL int fe448_isnonzero(const word8*); WOLFSSL_LOCAL void fe448_norm(byte *a); -WOLFSSL_LOCAL void fe448_cmov(uint8_t*,const uint8_t*, int); -WOLFSSL_LOCAL void fe448_pow_2_446_222_1(uint8_t*,const uint8_t*); +WOLFSSL_LOCAL void fe448_cmov(word8*,const word8*, int); +WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8*,const word8*); #endif /* !CURVE448_SMALL || !ED448_SMALL */ diff --git a/source/libs/libwolfssl/wolfcrypt/fe_operations.h b/source/libs/libwolfssl/wolfcrypt/fe_operations.h index 63435886..1f287a0e 100644 --- a/source/libs/libwolfssl/wolfcrypt/fe_operations.h +++ b/source/libs/libwolfssl/wolfcrypt/fe_operations.h @@ -1,6 +1,6 @@ /* fe_operations.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,12 +27,6 @@ #if defined(HAVE_CURVE25519) || defined(HAVE_ED25519) -#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL) -#ifndef WOLFSSL_LINUXKM - #include -#endif -#endif - #include #if defined(USE_INTEL_SPEEDUP) && !defined(NO_CURVED25519_X64) @@ -88,13 +82,13 @@ WOLFSSL_LOCAL int curve25519(byte * q, const byte * n, const byte * p); #if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL) #ifdef CURVED25519_ASM_64BIT - typedef int64_t fe[4]; + typedef sword64 fe[4]; #elif defined(CURVED25519_ASM_32BIT) - typedef int32_t fe[8]; + typedef sword32 fe[8]; #elif defined(CURVED25519_128BIT) - typedef int64_t fe[5]; + typedef sword64 fe[5]; #else - typedef int32_t fe[10]; + typedef sword32 fe[10]; #endif WOLFSSL_LOCAL void fe_copy(fe, const fe); @@ -122,8 +116,8 @@ WOLFSSL_LOCAL void fe_cmov(fe,const fe, int); WOLFSSL_LOCAL void fe_pow22523(fe,const fe); /* 64 type needed for SHA512 */ -WOLFSSL_LOCAL uint64_t load_3(const unsigned char *in); -WOLFSSL_LOCAL uint64_t load_4(const unsigned char *in); +WOLFSSL_LOCAL word64 load_3(const unsigned char *in); +WOLFSSL_LOCAL word64 load_4(const unsigned char *in); #ifdef CURVED25519_ASM WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py, diff --git a/source/libs/libwolfssl/wolfcrypt/fips_test.h b/source/libs/libwolfssl/wolfcrypt/fips_test.h index 54cd7ae0..b488817c 100644 --- a/source/libs/libwolfssl/wolfcrypt/fips_test.h +++ b/source/libs/libwolfssl/wolfcrypt/fips_test.h @@ -1,6 +1,6 @@ /* fips_test.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/ge_448.h b/source/libs/libwolfssl/wolfcrypt/ge_448.h index ba5d6db3..585ec541 100644 --- a/source/libs/libwolfssl/wolfcrypt/ge_448.h +++ b/source/libs/libwolfssl/wolfcrypt/ge_448.h @@ -1,6 +1,6 @@ /* ge_448.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -45,10 +45,10 @@ Representations: typedef byte ge448; #define GE448_WORDS 56 #elif defined(CURVED448_128BIT) - typedef int64_t ge448; + typedef sword64 ge448; #define GE448_WORDS 8 #else - typedef int32_t ge448; + typedef sword32 ge448; #define GE448_WORDS 16 #endif diff --git a/source/libs/libwolfssl/wolfcrypt/ge_operations.h b/source/libs/libwolfssl/wolfcrypt/ge_operations.h index ce1eefc9..9026c529 100644 --- a/source/libs/libwolfssl/wolfcrypt/ge_operations.h +++ b/source/libs/libwolfssl/wolfcrypt/ge_operations.h @@ -1,6 +1,6 @@ /* ge_operations.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -48,13 +48,13 @@ Representations: #ifdef ED25519_SMALL typedef byte ge[F25519_SIZE]; #elif defined(CURVED25519_ASM_64BIT) - typedef int64_t ge[4]; + typedef sword64 ge[4]; #elif defined(CURVED25519_ASM_32BIT) - typedef int32_t ge[8]; + typedef sword32 ge[8]; #elif defined(CURVED25519_128BIT) - typedef int64_t ge[5]; + typedef sword64 ge[5]; #else - typedef int32_t ge[10]; + typedef sword32 ge[10]; #endif typedef struct { diff --git a/source/libs/libwolfssl/wolfcrypt/hash.h b/source/libs/libwolfssl/wolfcrypt/hash.h index 00eba701..fb13fa9c 100644 --- a/source/libs/libwolfssl/wolfcrypt/hash.h +++ b/source/libs/libwolfssl/wolfcrypt/hash.h @@ -1,6 +1,6 @@ /* hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -88,7 +88,7 @@ enum wc_HashFlags { #endif }; - +#ifndef NO_HASH_WRAPPER typedef union { #ifndef NO_MD5 wc_Md5 md5; @@ -112,6 +112,7 @@ typedef union { wc_Sha3 sha3; #endif } wc_HashAlg; +#endif /* !NO_HASH_WRAPPER */ /* Find largest possible digest size Note if this gets up to the size of 80 or over check smallstack build */ @@ -151,6 +152,8 @@ WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid); WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType); +#ifndef NO_HASH_WRAPPER + WOLFSSL_API int wc_HashGetDigestSize(enum wc_HashType hash_type); WOLFSSL_API int wc_HashGetBlockSize(enum wc_HashType hash_type); WOLFSSL_API int wc_Hash(enum wc_HashType hash_type, @@ -215,6 +218,8 @@ WOLFSSL_API int wc_Shake256Hash(const byte*, word32, byte*, word32); #endif #endif /* WOLFSSL_SHA3 */ +#endif /* !NO_HASH_WRAPPER */ + enum max_prf { #ifdef HAVE_FFDHE_8192 MAX_PRF_HALF = 516, /* Maximum half secret len */ diff --git a/source/libs/libwolfssl/wolfcrypt/hc128.h b/source/libs/libwolfssl/wolfcrypt/hc128.h index 7508cbc9..00b04000 100644 --- a/source/libs/libwolfssl/wolfcrypt/hc128.h +++ b/source/libs/libwolfssl/wolfcrypt/hc128.h @@ -1,6 +1,6 @@ /* hc128.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/hmac.h b/source/libs/libwolfssl/wolfcrypt/hmac.h index aba80632..76e0c510 100644 --- a/source/libs/libwolfssl/wolfcrypt/hmac.h +++ b/source/libs/libwolfssl/wolfcrypt/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/idea.h b/source/libs/libwolfssl/wolfcrypt/idea.h index d246d55e..44b8c4a3 100644 --- a/source/libs/libwolfssl/wolfcrypt/idea.h +++ b/source/libs/libwolfssl/wolfcrypt/idea.h @@ -1,6 +1,6 @@ /* idea.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/integer.h b/source/libs/libwolfssl/wolfcrypt/integer.h index 8495a8b4..bc2a97fc 100644 --- a/source/libs/libwolfssl/wolfcrypt/integer.h +++ b/source/libs/libwolfssl/wolfcrypt/integer.h @@ -1,6 +1,6 @@ /* integer.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -72,7 +72,7 @@ extern "C" { /* detect 64-bit mode if possible */ -#if defined(__x86_64__) && !(defined (_MSC_VER) && defined(__clang__)) +#if (defined(__x86_64__) || defined(__aarch64__)) && !(defined (_MSC_VER) && defined(__clang__)) #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT)) #define MP_64BIT #endif @@ -227,7 +227,8 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); /* ---> Basic Manipulations <--- */ #define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO) #define mp_isone(a) \ - (((((a)->used == 1)) && ((a)->dp[0] == 1u)) ? MP_YES : MP_NO) + (((((a)->used == 1)) && ((a)->dp[0] == 1u) && ((a)->sign == MP_ZPOS)) \ + ? MP_YES : MP_NO) #define mp_iseven(a) \ (((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO) #define mp_isodd(a) \ @@ -255,9 +256,6 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); #define mp_prime_random(a, t, size, bbs, cb, dat) \ mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat) -#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len)) -#define mp_raw_size(mp) mp_signed_bin_size(mp) -#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str)) #define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len)) #define mp_mag_size(mp) mp_unsigned_bin_size(mp) #define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str)) @@ -285,7 +283,7 @@ MP_API int mp_init (mp_int * a); MP_API void mp_clear (mp_int * a); MP_API void mp_free (mp_int * a); MP_API void mp_forcezero(mp_int * a); -MP_API int mp_unsigned_bin_size(mp_int * a); +MP_API int mp_unsigned_bin_size(const mp_int * a); MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b); MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b); @@ -296,10 +294,10 @@ MP_API int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P, /* end functions needed by Rsa */ /* functions added to support above needed, removed TOOM and KARATSUBA */ -MP_API int mp_count_bits (mp_int * a); +MP_API int mp_count_bits (const mp_int * a); MP_API int mp_leading_bit (mp_int * a); MP_API int mp_init_copy (mp_int * a, mp_int * b); -MP_API int mp_copy (mp_int * a, mp_int * b); +MP_API int mp_copy (const mp_int * a, mp_int * b); MP_API int mp_grow (mp_int * a, int size); MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d); MP_API void mp_zero (mp_int * a); diff --git a/source/libs/libwolfssl/wolfcrypt/logging.h b/source/libs/libwolfssl/wolfcrypt/logging.h index 093fa521..450b0c12 100644 --- a/source/libs/libwolfssl/wolfcrypt/logging.h +++ b/source/libs/libwolfssl/wolfcrypt/logging.h @@ -1,6 +1,6 @@ /* logging.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/md2.h b/source/libs/libwolfssl/wolfcrypt/md2.h index 48133e7f..d44b686c 100644 --- a/source/libs/libwolfssl/wolfcrypt/md2.h +++ b/source/libs/libwolfssl/wolfcrypt/md2.h @@ -1,6 +1,6 @@ /* md2.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/md4.h b/source/libs/libwolfssl/wolfcrypt/md4.h index 77bd0967..2e37fdcb 100644 --- a/source/libs/libwolfssl/wolfcrypt/md4.h +++ b/source/libs/libwolfssl/wolfcrypt/md4.h @@ -1,6 +1,6 @@ /* md4.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/md5.h b/source/libs/libwolfssl/wolfcrypt/md5.h index 41442d5b..99a75ccc 100644 --- a/source/libs/libwolfssl/wolfcrypt/md5.h +++ b/source/libs/libwolfssl/wolfcrypt/md5.h @@ -1,6 +1,6 @@ /* md5.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -42,9 +42,12 @@ extern "C" { #endif +#if !defined(NO_OLD_MD5_NAME) + #define MD5 WC_MD5 +#endif + #ifndef NO_OLD_WC_NAMES #define Md5 wc_Md5 - #define MD5 WC_MD5 #define MD5_BLOCK_SIZE WC_MD5_BLOCK_SIZE #define MD5_DIGEST_SIZE WC_MD5_DIGEST_SIZE #define WC_MD5_PAD_SIZE WC_MD5_PAD_SIZE @@ -71,7 +74,7 @@ enum { #ifdef WOLFSSL_TI_HASH #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #else @@ -109,6 +112,9 @@ WOLFSSL_API int wc_InitMd5_ex(wc_Md5*, void*, int); WOLFSSL_API int wc_Md5Update(wc_Md5*, const byte*, word32); WOLFSSL_API int wc_Md5Final(wc_Md5*, byte*); WOLFSSL_API void wc_Md5Free(wc_Md5*); +#ifdef OPENSSL_EXTRA +WOLFSSL_API int wc_Md5Transform(wc_Md5*, const byte*); +#endif WOLFSSL_API int wc_Md5GetHash(wc_Md5*, byte*); WOLFSSL_API int wc_Md5Copy(wc_Md5*, wc_Md5*); diff --git a/source/libs/libwolfssl/wolfcrypt/mem_track.h b/source/libs/libwolfssl/wolfcrypt/mem_track.h index 1d5ade9d..362ef396 100644 --- a/source/libs/libwolfssl/wolfcrypt/mem_track.h +++ b/source/libs/libwolfssl/wolfcrypt/mem_track.h @@ -1,6 +1,6 @@ /* mem_track.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/memory.h b/source/libs/libwolfssl/wolfcrypt/memory.h index ff41eb1a..14b575de 100644 --- a/source/libs/libwolfssl/wolfcrypt/memory.h +++ b/source/libs/libwolfssl/wolfcrypt/memory.h @@ -1,6 +1,6 @@ /* memory.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/misc.h b/source/libs/libwolfssl/wolfcrypt/misc.h index 632a2abe..b359650f 100644 --- a/source/libs/libwolfssl/wolfcrypt/misc.h +++ b/source/libs/libwolfssl/wolfcrypt/misc.h @@ -1,6 +1,6 @@ /* misc.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/mpi_class.h b/source/libs/libwolfssl/wolfcrypt/mpi_class.h index ae2fa830..e04acc26 100644 --- a/source/libs/libwolfssl/wolfcrypt/mpi_class.h +++ b/source/libs/libwolfssl/wolfcrypt/mpi_class.h @@ -1,6 +1,6 @@ /* mpi_class.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/mpi_superclass.h b/source/libs/libwolfssl/wolfcrypt/mpi_superclass.h index 186ac750..91ebad82 100644 --- a/source/libs/libwolfssl/wolfcrypt/mpi_superclass.h +++ b/source/libs/libwolfssl/wolfcrypt/mpi_superclass.h @@ -1,6 +1,6 @@ /* mpi_superclass.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/pkcs11.h b/source/libs/libwolfssl/wolfcrypt/pkcs11.h index bf1cb1ec..09e2e684 100644 --- a/source/libs/libwolfssl/wolfcrypt/pkcs11.h +++ b/source/libs/libwolfssl/wolfcrypt/pkcs11.h @@ -1,6 +1,6 @@ /* pkcs11.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/pkcs12.h b/source/libs/libwolfssl/wolfcrypt/pkcs12.h index 36aadfd4..9d92f5ef 100644 --- a/source/libs/libwolfssl/wolfcrypt/pkcs12.h +++ b/source/libs/libwolfssl/wolfcrypt/pkcs12.h @@ -1,6 +1,6 @@ /* pkcs12.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/pkcs7.h b/source/libs/libwolfssl/wolfcrypt/pkcs7.h index a2698e29..cbb66b30 100644 --- a/source/libs/libwolfssl/wolfcrypt/pkcs7.h +++ b/source/libs/libwolfssl/wolfcrypt/pkcs7.h @@ -1,6 +1,6 @@ /* pkcs7.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -41,6 +41,7 @@ #ifndef NO_DES3 #include #endif +#include #ifdef __cplusplus extern "C" { @@ -157,15 +158,6 @@ enum Pkcs7_Misc { MAX_RECIP_SZ = MAX_VERSION_SZ + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ, -#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ - (HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \ - (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))) - /* In the event of fips cert 3389 or CAVP selftest v1 build, these enums are - * not in aes.h for use with pkcs7 so enumerate it here outside the fips - * boundary */ - GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ - CCM_NONCE_MIN_SZ = 7, -#endif }; enum Cms_Options { diff --git a/source/libs/libwolfssl/wolfcrypt/poly1305.h b/source/libs/libwolfssl/wolfcrypt/poly1305.h index 9683eb7b..9c71b790 100644 --- a/source/libs/libwolfssl/wolfcrypt/poly1305.h +++ b/source/libs/libwolfssl/wolfcrypt/poly1305.h @@ -1,6 +1,6 @@ /* poly1305.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -109,18 +109,20 @@ typedef struct Poly1305 { /* does init */ WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key, - word32 kySz); + word32 kySz); WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32); WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag); /* AEAD Functions */ WOLFSSL_API int wc_Poly1305_Pad(Poly1305* ctx, word32 lenToPad); -WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 dataSz); +WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, + word32 dataSz); #ifdef WORD64_AVAILABLE -WOLFSSL_API int wc_Poly1305_EncodeSizes64(Poly1305* ctx, word64 aadSz, word64 dataSz); +WOLFSSL_API int wc_Poly1305_EncodeSizes64(Poly1305* ctx, word64 aadSz, + word64 dataSz); #endif -WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz, - byte* input, word32 sz, byte* tag, word32 tagSz); +WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, const byte* additional, + word32 addSz, const byte* input, word32 sz, byte* tag, word32 tagSz); #if defined(__aarch64__ ) && defined(WOLFSSL_ARMASM) void poly1305_blocks(Poly1305* ctx, const unsigned char *m, diff --git a/source/libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/source/libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h index 52624982..e3d2cc64 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h +++ b/source/libs/libwolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -1,6 +1,6 @@ /* esp32-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -89,11 +89,13 @@ uint64_t wc_esp32elapsedTime(); /* RAW hash function APIs are not implemented with esp32 hardware acceleration*/ #define WOLFSSL_NO_HASH_RAW +#define SHA_CTX ETS_SHAContext #if ESP_IDF_VERSION_MAJOR >= 4 #include "esp32/rom/sha.h" #else #include "rom/sha.h" #endif +#undef SHA_CTX typedef enum { ESP32_SHA_INIT = 0, diff --git a/source/libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/source/libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h index 4c8b91c2..d2214647 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h +++ b/source/libs/libwolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h @@ -1,6 +1,6 @@ /* renesas-tsip-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h b/source/libs/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h index 726f661c..41a382a6 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h +++ b/source/libs/libwolfssl/wolfcrypt/port/af_alg/afalg_hash.h @@ -1,6 +1,6 @@ /* afalg_hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h b/source/libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h index 5e1bac22..87bff31f 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h +++ b/source/libs/libwolfssl/wolfcrypt/port/af_alg/wc_afalg.h @@ -1,6 +1,6 @@ /* wc_afalg.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h b/source/libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h index edcf0c18..387ecff1 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h +++ b/source/libs/libwolfssl/wolfcrypt/port/arm/cryptoCell.h @@ -1,6 +1,6 @@ /* cryptoCell.h * - * Copyright (C) 2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/atmel/atmel.h b/source/libs/libwolfssl/wolfcrypt/port/atmel/atmel.h index be1310dc..950e9192 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/atmel/atmel.h +++ b/source/libs/libwolfssl/wolfcrypt/port/atmel/atmel.h @@ -1,6 +1,6 @@ /* atmel.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -119,7 +119,7 @@ int atmel_ecc_create_pms(int slotId, const uint8_t* peerKey, uint8_t* pms); int atmel_ecc_create_key(int slotId, byte* peerKey); int atmel_ecc_sign(int slotId, const byte* message, byte* signature); int atmel_ecc_verify(const byte* message, const byte* signature, - const byte* pubkey, int* verified); + const byte* pubkey, int* pVerified); #endif /* WOLFSSL_ATECC508A */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/caam_driver.h b/source/libs/libwolfssl/wolfcrypt/port/caam/caam_driver.h index cac1742c..8ab6cc34 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/caam/caam_driver.h +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/caam_driver.h @@ -1,6 +1,6 @@ /* caam_driver.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,11 +22,25 @@ #ifndef CAAM_DRIVER_H #define CAAM_DRIVER_H -#define CAAM_BASE 0xf2100000 +#if (defined(__QNX__) || defined(__QNXNTO__)) + int InitCAAM(void); + #include "caam_qnx.h" +#endif +#if (defined(__INTEGRITY) || defined(INTEGRITY)) + #define CAAM_BASE 0xf2100000 + #define CAAM_PAGE 0xf0100000 +#endif + -#define CAAM_PAGE 0xf0100000 #define CAAM_PAGE_MAX 6 +/* max size of 64 word32's */ +#define CAAM_DESC_MAX 256 + +#ifndef CAAM_JOBRING_SIZE +#define CAAM_JOBRING_SIZE 1 +#endif + /****************************************************************************** Basic Descriptors ****************************************************************************/ @@ -50,12 +64,16 @@ #define CAAM_HEAD 0xB0800000 #define CAAM_NWB 0x00200000 + /* PROTOCOL OPERATION command */ +#define CAAM_PROT_UNIDI 0 #define CAAM_BLOB_ENCAP 0x07000000 #define CAAM_BLOB_DECAP 0x06000000 +#define CAAM_PKHA_OP 0x01000000 + #define CAAM_OPID_BLOB 0x000D0000 /* algorithms modes and types */ -#define CAAM_CLASS1 0x02000000/* i.e. AES */ +#define CAAM_CLASS1 0x02000000/* i.e. AES, PKHA */ #define CAAM_CLASS2 0x04000000/* i.e. hash algos */ #define CAAM_ENC 0x00000001 @@ -90,6 +108,38 @@ #define CAAM_HMAC_SHA384 0x00440010 #define CAAM_HMAC_SHA512 0x00450010 +/* ECDSA ECDSEL (pre defined flags for ECDSA parameters i.e. order) */ +#define CAAM_ECDSEL_SHIFT 7 +#define CAAM_ECDSA_PD 0x00400000 +#define CAAM_ECDSA_KEYGEN_PD 0x02000000 +#define CAAM_ECDSA_P192 (0x00 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P224 (0x01 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P256 (0x02 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P384 (0x03 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P521 (0x04 << CAAM_ECDSEL_SHIFT) + +#define CAAM_ECDSA_BRAINPOOL_P256 (0x0B << CAAM_ECDSEL_SHIFT) + + /* PKHA Operation ID ECDSA */ +#define CAAM_ECDSA_KEYPAIR 0x00140000 +#define CAAM_ECDSA_SIGN 0x00150000 +#define CAAM_ECDSA_VERIFY 0x00160000 +#define CAAM_ECDSA_ECDH 0x00170000 + +#define CAAM_ECDSA_MESREP_HASHED (0x10 << 7) + + /* key encryption bit */ +#define CAAM_PKHA_ECC 0x00000002 +#define CAAM_PKHA_ENC_PRI_AESCBC 0x00000004 +#define CAAM_PKHA_ENC_PRI_AESCCM (0x00000010 | CAAM_PKHA_ENC_PRI_AESCBC) +#define CAAM_PKHA_NO_TIMING_RESISTANCE 0x40000000 +#define CAAM_LOAD_BLACK_KEY 0x500000 + + /* PKHA RSA */ +#define CAAM_OPID_RSA_ENCRYPT 0x00180000 +#define CAAM_OPID_RSA_DECRYPT 0x00190000 + + #define CAAM_MD5_CTXSZ (16 + 8) #define CAAM_SHA_CTXSZ (20 + 8) #define CAAM_SHA224_CTXSZ (32 + 8) @@ -117,71 +167,243 @@ #define CAAM_PAGE_SZ 4096 /* RNG Registers */ -#define CAAM_RTMCTL CAAM_BASE + 0X0600 -#define CAAM_RTSDCTL CAAM_BASE + 0X0610 -#define CAAM_RTFRQMIN CAAM_BASE + 0X0618 -#define CAAM_RTFRQMAX CAAM_BASE + 0X061C -#define CAAM_RDSTA CAAM_BASE + 0X06C0 -#define CAAM_RTSTATUS CAAM_BASE + 0x063C +#define CAAM_RTMCTL 0X0600 +#define CAAM_RTSDCTL 0X0610 +#define CAAM_RTFRQMIN 0X0618 +#define CAAM_RTFRQMAX 0X061C +#define CAAM_RDSTA 0X06C0 +#define CAAM_RTSTATUS 0x063C +#define CAAM_RDINT0 0x06D0 /* each of the following 11 RTENT registers are an offset of 4 from RTENT0 */ -#define CAAM_RTENT0 CAAM_BASE + 0x0640 -#define CAAM_RTENT11 CAAM_BASE + 0x066C /* Max RTENT register */ +#define CAAM_RTENT0 0x0640 +#define CAAM_RTENT11 0x066C /* Max RTENT register */ +#define CAAM_RTENT_MAX 0x067C /* RNG Masks/Values */ #ifndef CAAM_ENT_DLY - #define CAAM_ENT_DLY 1200 /* @TODO lower value may gain performance */ + /* Less than half the default value to try and increase entropy collection. + * Value is system clock cycles. */ + #define CAAM_ENT_DLY 1200 #endif +#ifndef CAAM_ENT_DLY_INCREMENT + #define CAAM_ENT_DLY_INCREMENT 500 +#endif +#ifndef CAAM_ENT_SAMPLE + /* default sample value from reference manual */ + #define CAAM_ENT_SAMPLE 0x09C4 +#endif +#ifndef CAAM_ENT_DLY_MAX + #define CAAM_ENT_DLY_MAX 12000 +#endif +#ifndef CAAM_ENT_MINSHIFT + /* default to the minimum entropy delay of 1/4 */ + #define CAAM_ENT_MINSHIFT 2 +#endif +#ifndef CAAM_ENT_MAXSHIFT + /* default to the maximum entropy delay of 16 times */ + #define CAAM_ENT_MAXSHIFT 4 +#endif + #define CAAM_PRGM 0x00010000 /* Set RTMCTL to program state */ #define CAAM_TRNG 0x00000020 /* Set TRNG access */ +#define CAAM_RTMCTL_RESET 0x40 /* TRNG reset to defaults */ #define CAAM_CTLERR 0x00001000 #define CAAM_ENTVAL 0x00000400 /* checking RTMCTL for entropy ready */ /* Input Job Ring Registers */ -#define CAAM_IRBAR0 CAAM_BASE + 0x1004 -#define CAAM_IRSR0 CAAM_BASE + 0x100C -#define CAAM_IRJAR0 CAAM_BASE + 0x101C +#define CAAM_IRBAR0 0x1004 + //0x1004 +#define CAAM_IRSR0 0x100C +#define CAAM_IRJAR0 0x101C + +#define CAAM_IRBAR2 0x3000 +#define CAAM_IRSR2 0x300C +#define CAAM_IRJAR2 0x301C +#define CAAM_IRSAR_JR2 0x3014 + + /* Output Job Ring Registers */ -#define CAAM_ORBAR0 CAAM_BASE + 0x1024 -#define CAAM_ORSR0 CAAM_BASE + 0x102C -#define CAAM_ORJAR0 CAAM_BASE + 0x103C +#define CAAM_ORBAR0 0x1024 + //0x1024 +#define CAAM_ORSR0 0x102C +#define CAAM_ORJAR0 0x103C +#define CAAM_ORBAR2 0x3024 + //0x1024 +#define CAAM_ORSR2 0x302C +#define CAAM_ORJAR2 0x303C + +#define JRCFGR_JR0_LS 0x1054 + /* Status Registers */ -#define CAAM_STATUS CAAM_BASE + 0x0FD4 -#define CAAM_VERSION_MS CAAM_BASE + 0x0FE8 -#define CAAM_VERSION_LS CAAM_BASE + 0x0FEC -#define CAMM_SUPPORT_MS CAAM_BASE + 0x0FF0 -#define CAMM_SUPPORT_LS CAAM_BASE + 0x0FF4 +#define CAAM_STATUS 0x0FD4 +#define CAAM_VERSION_MS 0x0FE8 +#define CAAM_VERSION_LS 0x0FEC +#define CAMM_SUPPORT_MS 0x0FF0 +#define CAMM_SUPPORT_LS 0x0FF4 +#define CAAM_SM_CMD 0x1BE4 +#define CAAM_SM_SMPO 0x1FBC +#define CAAM_SM_SMVID_MS 0x1FD8 +#define CAAM_SM_SMVID_LS 0x1FDC +#define CAAM_SM_STATUS 0x1BEC +#define CAAM_SM_CSP 0x00008000 +#define CAAM_SM_SMAP_LOCK 0x00002000 +#define CAAM_SM_SMAG_LOCK 0x00001000 +#define CAAM_SM_ALL_RW 0x000000FF -#define CAAM_C1DSR_LS CAAM_BASE + 0x8014 -#define CAAM_C1MR CAAM_BASE + 0x8004 +#define CAAM_C1DSR_LS 0x8014 +#define CAAM_C1MR 0x8004 /* output FIFO is 16 entries deep and each entry has a two 4 byte registers */ -#define CAAM_FIFOO_MS CAAM_BASE + 0x87F0 -#define CAAM_FIFOO_LS CAAM_BASE + 0x87F4 +#define CAAM_FIFOO_MS 0x87F0 +#define CAAM_FIFOO_LS 0x87F4 /* input FIFO is 16 entries deep with each entry having two 4 byte registers All data written to it from IP bus should be in big endian format */ -#define CAAM_FIFOI_LS CAAM_BASE + 0x87E0 +#define CAAM_FIFOI_LS 0x87E0 /* offset of 4 with range 0 .. 13 */ -#define CAAM_CTX1 CAAM_BASE + 0x8100 +#define CAAM_CTX1 0x8100 #define CAAM_CTRIV CAAM_CTX1 + 8 /* AES-CTR iv is in 2 and 3 */ #define CAAM_CBCIV CAAM_CTX1 /* AES-CBC iv is in 1 and 2 */ -/* instantiate RNG and create JDKEK, TDKEK, and TDSK key */ -static unsigned int wc_rng_start[] = { - CAAM_HEAD | 0x00000006, - CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00000004, /* Instantiate RNG handle 0 with TRNG */ - CAAM_JUMP | 0x02000001, /* wait for Class1 RNG and jump to next cmd */ - CAAM_LOAD | 0x00880004, /* Load to clear written register */ - 0x00000001, /* reset done interrupt */ - CAAM_OP | CAAM_CLASS1 | CAAM_RNG | 0x00001000 /* Generate secure keys */ + /* debugging registers */ +#define CAAM_DECORR 0x009C /* used to set DECO into debug mode */ +#define CAAM_DODJR 0x8E00 /* for hung operations */ +#define CAAM_DOJQCR_MS 0x8800 +#define CAAM_DOOPSTA_MS 0x8810 /* DECO operation status register */ +#define CAAM_DODAR 0x8808 /* address of current descriptor */ +#define CAAM_DODESB 0x8A00 /* 64 registers that hold the current descriptor buffer */ + + +#define JRINTR_JR0 0x104C +#define JRINTR_JR1 0x204C +#define JRINTR_JR2 0x304C + +#define CAAM_SINGLE_STEP_MODE 0x40000000 +#define CAAM_STEP 0x80000000 + +/* Port layer for CAAM driver, functions defined in caam_.c */ +unsigned int CAAM_READ(unsigned int reg); +void CAAM_WRITE(unsigned int reg, unsigned int in); +int CAAM_SET_BASEADDR(void); +void CAAM_UNSET_BASEADDR(void); +unsigned int CAAM_ADR_TO_PHYSICAL(void* in, int inSz); +void* CAAM_ADR_MAP(unsigned int in, int inSz, unsigned char copy); +void CAAM_ADR_UNMAP(void* vaddr, unsigned int out, int outSz, + unsigned char copy); +int CAAM_ADR_SYNC(void* vaddr, int sz); +CAAM_ADDRESS CAAM_ADR_TO_VIRTUAL(CAAM_ADDRESS in, int length); + +#ifndef WOLFSSL_CAAM_BUFFER +#define WOLFSSL_CAAM_BUFFER +typedef struct CAAM_BUFFER { + int BufferType; + CAAM_ADDRESS TheAddress; + int Length; +} CAAM_BUFFER; +#endif +unsigned int caamReadRegister(unsigned int reg); +void caamWriteRegister(unsigned int reg, unsigned int in); +int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf, int sz); +int CleanupCAAM(void); + + +/* Driver API that can be called by caam_.c port layers */ +typedef struct DESCSTRUCT DESCSTRUCT; + +int caamKeyCover(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamTRNG(unsigned char *out, int outSz); +int caamECDSA_ECDH(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamECDSASign(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamECDSAVerify(DESCSTRUCT *desc, CAAM_BUFFER *buf, int sz, + unsigned int args[4]); +int caamECDSAMake(DESCSTRUCT *desc, CAAM_BUFFER *buf, unsigned int args[4]); + + +int caamAesCmac(DESCSTRUCT *desc, int sz, unsigned int args[4]); +int caamBlob(DESCSTRUCT *desc); + +CAAM_ADDRESS caamGetPartition(unsigned int part, int partSz, unsigned int flag); +int caamFreePart(unsigned int part); +int caamFindUnusuedPartition(void); + + + +void caamDescInit(DESCSTRUCT* desc, int type, unsigned int args[4], + CAAM_BUFFER* buf, int sz); + + +/* CAAM descriptor */ +#define DESC_COUNT 1 +#define MAX_BUF 20 +#define BUFFER_COUNT (MAX_BUF * DESC_COUNT) + +/* CAAM descriptors can only be 64 unsigned ints */ +#define MAX_DESC_SZ 64 + +/* 64 byte buffer for when data crosses a page boundary */ +#define ALIGN_BUF 16 + +/* MAX_CTX is 64 bytes (sha512 digest) + 8 bytes (CAAM length value) */ +#define MAX_CTX 18 + +#define MIN_READ_REG CAAM_BASE +#define MAX_READ_REG (CAAM_BASE + 0x00010000) + +struct buffer { + CAAM_ADDRESS data; + CAAM_ADDRESS dataSz; }; +struct DESCSTRUCT { +#if defined(__INTEGRITY) || defined(INTEGRITY) + struct IORequestStruct TheIORequest; +#endif + struct CAAM_DEVICE* caam; + struct buffer buf[MAX_BUF]; /* buffers holding data input address */ + unsigned int desc[MAX_DESC_SZ]; /* max size of 64 word32 */ + unsigned int aadSzBuf[4]; /* Formatted AAD size for CCM */ + unsigned int alignBuf[ALIGN_BUF]; /* 64 byte buffer for non page + align */ + unsigned int iv[MAX_CTX]; /* AES IV and also hash state */ + unsigned int ctxBuf[MAX_CTX]; /* key */ + CAAM_ADDRESS output; /* address to output buffer */ + CAAM_ADDRESS ctxOut; /* address to update buffer holding state */ + Value alignIdx;/* index for align buffer */ + Value idx; /* index for descriptor buffer */ + Value headIdx; /* for first portion of descriptor buffer */ + Value lastIdx; /* for last portion of descriptor buffer */ + Value outputIdx; /* idx to output buffer in "buf" */ + Value inputSz; /* size of input buffer */ + Value ctxSz; /* size of CTX/Key buffer */ + Value aadSz; /* AAD size for CCM */ + Value startIdx; /* for telling header where to start */ + Value lastFifo; + Value type; + Value state; + Value DescriptorCount; + Boolean running; /* True if building/running descriptor is + in process */ +}; + +/* wolfSSL specific flags */ +#define CAAM_FIND_PART 0xFFFFFFFF +#define CAAM_GET_PART 0xFFFFFFFE +#define CAAM_FREE_PART 0xFFFFFFFD +#define CAAM_READ_PART 0xFFFFFFFC +#define CAAM_WRITE_PART 0xFFFFFFFB + + +#define MAX_ECDSA_VERIFY_ADDR 8 +#define MAX_ECDSA_SIGN_ADDR 8 +#define BLACK_KEY_MAC_SZ 16 +#define BLACK_BLOB_KEYMOD_SZ 16 +#define RED_BLOB_KEYMOD_SZ 8 #endif /* CAAM_DRIVER_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/caam_qnx.h b/source/libs/libwolfssl/wolfcrypt/port/caam/caam_qnx.h new file mode 100644 index 00000000..3a915093 --- /dev/null +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/caam_qnx.h @@ -0,0 +1,75 @@ +/* caam_qnx.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* This file is porting low level QNX interactions, such as reading register */ + +#ifndef CAAM_QNX_H +#define CAAM_QNX_H + +#ifdef WOLFSSL_CAAM_PRINT +#include +#define WOLFSSL_MSG(in) printf("%s\n", (in)) +#else +#define WOLFSSL_MSG(in) +#endif + +#include +#include +#include +#include +#include + +#define CAAM_MUTEX pthread_mutex_t +#define CAAM_INIT_MUTEX(x) pthread_mutex_init((x), NULL) +#define CAAM_FREE_MUTEX(x) pthread_mutex_destroy((x)) +#define CAAM_LOCK_MUTEX(x) pthread_mutex_lock((x)) +#define CAAM_UNLOCK_MUTEX(x) pthread_mutex_unlock((x)) + +#define Error int +#define Value int +#define Boolean int +#define CAAM_ADDRESS unsigned int +#define Success 1 +#define Failure 0 +#define INTERRUPT_Panic() +#define MemoryMapMayNotBeEmpty -1 +#define CAAM_WAITING -2 +#define NoActivityReady -1 +#define MemoryOperationNotPerformed -1 + +#ifndef WOLFSSL_CAAM_BUFFER +#define WOLFSSL_CAAM_BUFFER + typedef struct CAAM_BUFFER { + int BufferType; + CAAM_ADDRESS TheAddress; + int Length; + } CAAM_BUFFER; +#endif + +/* check kernel and yield to same priority threads waiting */ +#define CAAM_CPU_CHILL() sched_yield() + +/* IMX6UL */ +#define CAAM_BASE 0x02140000 +#define CAAM_PAGE 0x00100000 + +#endif /* CAAM_QNX_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam.h b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam.h index ef942d21..c306edea 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam.h +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam.h @@ -1,6 +1,6 @@ /* wolfcaam.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,13 +23,20 @@ #define WOLF_CRYPT_CAAM_INIT_H #include - -#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) - #include +/* include for porting layer */ +#ifdef WOLFSSL_QNX_CAAM + #include +#endif + +#if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \ + defined(WOLFSSL_QNX_CAAM) + + #if defined(__INTEGRITY) || defined(INTEGRITY) #include + typedef Buffer CAAM_BUFFER; #endif WOLFSSL_LOCAL int wc_caamInit(void); @@ -39,25 +46,107 @@ WOLFSSL_LOCAL int wc_caamFreeRng(void); WOLFSSL_LOCAL word32 wc_caamReadRegister(word32 reg); WOLFSSL_LOCAL void wc_caamWriteRegister(word32 reg, word32 value); -WOLFSSL_LOCAL int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type); +WOLFSSL_LOCAL int wc_caamAddAndWait(CAAM_BUFFER* buf, int sz, word32 arg[4], + word32 type); -WOLFSSL_API int wc_caamSetResource(IODevice ioDev); +WOLFSSL_LOCAL int caamFindUnusuedPartition(void); +WOLFSSL_LOCAL CAAM_ADDRESS caamGetPartition(int part, int sz); +WOLFSSL_LOCAL int caamFreePart(int partNum); +WOLFSSL_LOCAL int caamWriteToPartition(CAAM_ADDRESS addr, const unsigned char* in, int inSz); +WOLFSSL_LOCAL int caamReadPartition(CAAM_ADDRESS addr, unsigned char* out, int outSz); WOLFSSL_API int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, word32* outSz); WOLFSSL_API int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out, word32* outSz); +WOLFSSL_API int wc_caamOpenBlob_ex(byte* data, word32 dataSz, byte* out, + word32* outSz, int type, byte* mod, word32 modSz); +WOLFSSL_API int wc_caamCreateBlob_ex(byte* data, word32 dataSz, byte* out, + word32* outSz, int type, byte* mod, word32 modSz); +WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz, + int flag); + /* additional size that is added by CAAM when creating a blob */ #define WC_CAAM_BLOB_SZ 48 +#define WC_CAAM_MAC_SZ 16 +#define WC_CAAM_BLOB_RED 1 +#define WC_CAAM_BLOB_BLACK 2 +#define WC_CAAM_RED_KEYMOD_SZ 8 +#define WC_CAAM_BLACK_KEYMOD_SZ 16 +#define WC_CAAM_MAX_ENTROPY 44 -#ifndef WC_CAAM_READ - #define WC_CAAM_READ(reg) wc_caamReadRegister((reg)) -#endif -#ifndef WC_CAAM_WRITE - #define WC_CAAM_WRITE(reg, x) wc_caamWriteRegister((reg), (x)) +#ifndef WOLFSSL_QNX_CAAM + WOLFSSL_API int wc_caamSetResource(IODevice ioDev); + #ifndef WC_CAAM_READ + #define WC_CAAM_READ(reg) wc_caamReadRegister((reg)) + #endif + #ifndef WC_CAAM_WRITE + #define WC_CAAM_WRITE(reg, x) wc_caamWriteRegister((reg), (x)) + #endif #endif + +#define CAAM_AESCTR 0x00100000 +#define CAAM_AESCBC 0x00100100 +#define CAAM_AESECB 0x00100200 +#define CAAM_AESCFB 0x00100300 +#define CAAM_AESOFB 0x00100400 +#define CAAM_CMAC 0x00100600 +#define CAAM_AESCCM 0x00100800 + +#define CAAM_MD5 0x00400000 +#define CAAM_SHA 0x00410000 +#define CAAM_SHA224 0x00420000 +#define CAAM_SHA256 0x00430000 +#define CAAM_SHA384 0x00440000 +#define CAAM_SHA512 0x00450000 + +#define CAAM_HMAC_MD5 0x00400010 +#define CAAM_HMAC_SHA 0x00410010 +#define CAAM_HMAC_SHA224 0x00420010 +#define CAAM_HMAC_SHA256 0x00430010 +#define CAAM_HMAC_SHA384 0x00440010 +#define CAAM_HMAC_SHA512 0x00450010 + +#define CAAM_ECDSA_KEYPAIR 0x00140000 +#define CAAM_ECDSA_SIGN 0x00150000 +#define CAAM_ECDSA_VERIFY 0x00160000 +#define CAAM_ECDSA_ECDH 0x00170000 + +#define CAAM_BLOB_ENCAP 0x07000000 +#define CAAM_BLOB_DECAP 0x06000000 +#define CAAM_FIFO_S 0x60000000 +#define CAAM_FIFO_CCM_FLAG 0x00140000 + +#define CAAM_ENC 0x00000001 +#define CAAM_DEC 0x00000000 +#define CAAM_ALG_INIT 0x00000004 +#define CAAM_ALG_INITF 0x0000000C +#define CAAM_ALG_UPDATE 0x00000000 +#define CAAM_ALG_FINAL 0x00000008 + +/* ECDSA ECDSEL (pre defined flags for ECDSA parameters i.e. order) */ +#define CAAM_ECDSEL_SHIFT 7 +#define CAAM_ECDSA_PD 0x00400000 +#define CAAM_ECDSA_KEYGEN_PD 0x02000000 +#define CAAM_ECDSA_P192 (0x00 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P224 (0x01 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P256 (0x02 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P384 (0x03 << CAAM_ECDSEL_SHIFT) +#define CAAM_ECDSA_P521 (0x04 << CAAM_ECDSEL_SHIFT) + +#define CAAM_ECDSA_BRAINPOOL_P256 (0x0B << CAAM_ECDSEL_SHIFT) + +#define CAAM_ENTROPY 0x00500001 + +/* wolfSSL specific flags */ +#define CAAM_FIND_PART 0xFFFFFFFF +#define CAAM_GET_PART 0xFFFFFFFE +#define CAAM_FREE_PART 0xFFFFFFFD +#define CAAM_READ_PART 0xFFFFFFFC +#define CAAM_WRITE_PART 0xFFFFFFFB + #endif /* WOLFSSL_IMX6_CAAM */ #endif /* WOLF_CRYPT_CAAM_INIT_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h new file mode 100644 index 00000000..bfc3afe8 --- /dev/null +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h @@ -0,0 +1,36 @@ +/* wolfcaam_cmac.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#include + +#ifndef WOLFCAAM_CMAC_H +#define WOLFCAAM_CMAC_H + +#if defined(WOLFSSL_CMAC) && defined(WOLFSSL_QNX_CAAM) + +#include + +WOLFSSL_LOCAL int wc_CAAM_Cmac(Cmac* cmac, const byte* key, word32 keySz, + const byte* in, word32 inSz, byte* out, word32* outSz, int type, + void* ctx); +#endif +#endif /* WOLFCAAM_CMAC_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h new file mode 100644 index 00000000..bbfd0818 --- /dev/null +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h @@ -0,0 +1,42 @@ +/* wolfcaam_ecdsa.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include + +#ifndef WOLFCAAM_ECDSA_H +#define WOLFCAAM_ECDSA_H + +#if defined(HAVE_ECC) && defined(WOLFSSL_QNX_CAAM) + +#include + +WOLFSSL_LOCAL int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, + word32* outlen, WC_RNG *rng, ecc_key *key); +WOLFSSL_LOCAL int wc_CAAM_EccVerify(const byte* sig, word32 siglen, + const byte* hash, word32 hashlen, int* res, ecc_key* key); +WOLFSSL_LOCAL int wc_CAAM_Ecdh(ecc_key* private_key, ecc_key* public_key, + byte* out, word32* outlen); +WOLFSSL_LOCAL int wc_CAAM_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, + int curveId); +WOLFSSL_LOCAL int wc_CAAM_EccCheckPrivKey(ecc_key* key, const byte* pubKey, + word32 pubKeySz); +#endif /* HAVE_ECC && WOLFSSL_QNX_CAAM */ +#endif /* WOLFCAAM_ECDSA_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h new file mode 100644 index 00000000..20f88b66 --- /dev/null +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h @@ -0,0 +1,84 @@ +/* wolfcaam_qnx.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* This file is for interacting with the driver code */ +#ifndef WOLFCAAM_QNX_H +#define WOLFCAAM_QNX_H + +#include + +#ifdef WOLFSSL_QNX_CAAM +#include +#include + +#define Error int +#define Value int +#define Boolean int +#define Success 1 +#define Failure 0 +#define INTERRUPT_Panic() +#define MemoryMapMayNotBeEmpty -1 +#define CAAM_WAITING -2 +#define NoActivityReady -1 +#define MemoryOperationNotPerformed -1 + +#define CAAM_ADDRESS unsigned int +#ifndef WOLFSSL_CAAM_BUFFER +#define WOLFSSL_CAAM_BUFFER + typedef struct CAAM_BUFFER { + int BufferType; + CAAM_ADDRESS TheAddress; + int Length; + } CAAM_BUFFER; +#endif + + +/* IMX6UL */ +#define CAAM_BASE 0x02140000 +#define CAAM_PAGE 0x00100000 + +#define DataBuffer 0 +#define LastBuffer 0 +#define Success 1 + +/* unique devId for CAAM use on crypto callbacks */ +#define WOLFSSL_CAAM_DEVID 7 + +#include +#include +#include + +#define ResourceNotAvailable -3 +#define CAAM_WAITING -2 + +WOLFSSL_LOCAL int SynchronousSendRequest(int type, unsigned int args[4], + CAAM_BUFFER *buf, int sz); +WOLFSSL_LOCAL int wc_CAAMInitInterface(void); +WOLFSSL_LOCAL void wc_CAAMFreeInterface(void); + +#define CAAM_SEND_REQUEST(type, sz, arg, buf) \ + SynchronousSendRequest((type), (arg), (buf), (sz)) +#define CAAM_INIT_INTERFACE wc_CAAMInitInterface +#define CAAM_FREE_INTERFACE wc_CAAMFreeInterface +#endif + +#endif /* WOLFCAAM_QNX_H */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h index 6bef3010..88c3c9c3 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h +++ b/source/libs/libwolfssl/wolfcrypt/port/caam/wolfcaam_sha.h @@ -1,6 +1,6 @@ /* wolfcaam_sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h b/source/libs/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h index f7914b8e..6a0d7604 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h +++ b/source/libs/libwolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h @@ -1,8 +1,8 @@ /* cavium_octeon_sync.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * - * This file is part of wolfSSL. (formerly known as CyaSSL) + * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _CAVIUM_OCTEON_SYNC_H_ diff --git a/source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h b/source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h index 3493230f..d3e4a09e 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h +++ b/source/libs/libwolfssl/wolfcrypt/port/cypress/psoc6_crypto.h @@ -1,6 +1,6 @@ /* psoc6_crypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -23,38 +23,18 @@ #define _PSOC6_CRYPTO_PORT_H_ #include -#ifdef USE_FAST_MATH - #include -#elif defined WOLFSSL_SP_MATH - #include -#else - #include -#endif #include "cy_crypto_core_sha.h" #include "cy_device_headers.h" #include "psoc6_02_config.h" #include "cy_crypto_common.h" #include "cy_crypto_core.h" -#ifdef WOLFSSL_SHA512 -typedef struct wc_Sha512 { - cy_stc_crypto_sha_state_t hash_state; - cy_en_crypto_sha_mode_t sha_mode; - cy_stc_crypto_v2_sha512_buffers_t sha_buffers; -} wc_Sha512; -#define WC_SHA512_TYPE_DEFINED +#ifdef WOLFSSL_SHA512 #include #endif #ifndef NO_SHA256 - -typedef struct wc_Sha256 { - cy_stc_crypto_sha_state_t hash_state; - cy_en_crypto_sha_mode_t sha_mode; - cy_stc_crypto_v2_sha256_buffers_t sha_buffers; -} wc_Sha256; - #include #include #endif /* !def NO_SHA256 */ diff --git a/source/libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h b/source/libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h index 1e8faec6..0181784d 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h +++ b/source/libs/libwolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h @@ -1,6 +1,6 @@ /* wc_devcrypto.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h b/source/libs/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h index 8eb9421f..f140f618 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h +++ b/source/libs/libwolfssl/wolfcrypt/port/intel/quickassist_sync.h @@ -1,8 +1,8 @@ /* quickassist_sync.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * - * This file is part of wolfSSL. (formerly known as CyaSSL) + * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #ifndef _INTEL_QUICKASSIST_SYNC_H_ diff --git a/source/libs/libwolfssl/wolfcrypt/port/nrf51.h b/source/libs/libwolfssl/wolfcrypt/port/nrf51.h index 7c02781f..88996740 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/nrf51.h +++ b/source/libs/libwolfssl/wolfcrypt/port/nrf51.h @@ -1,6 +1,6 @@ /* nrf51.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h b/source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h index ddc87497..fb400ff9 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h +++ b/source/libs/libwolfssl/wolfcrypt/port/nxp/dcp_port.h @@ -1,6 +1,6 @@ /* dcp_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -22,23 +22,22 @@ #define _DCP_PORT_H_ #include -#ifdef USE_FAST_MATH - #include -#elif defined WOLFSSL_SP_MATH - #include -#else - #include +#include "fsl_dcp.h" + +#ifndef NO_SHA256 +#include +void DCPSha256Free(wc_Sha256 *sha256); #endif -#include -#include -#include "fsl_device_registers.h" -#include "fsl_debug_console.h" -#include "fsl_dcp.h" +#ifndef NO_SHA +#include +void DCPShaFree(wc_Sha *sha); +#endif int wc_dcp_init(void); #ifndef NO_AES +#include int DCPAesInit(Aes* aes); void DCPAesFree(Aes *aes); @@ -53,25 +52,5 @@ int DCPAesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); int DCPAesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); #endif -#ifndef NO_SHA256 -typedef struct wc_Sha256_DCP { - dcp_handle_t handle; - dcp_hash_ctx_t ctx; -} wc_Sha256; -#define WC_SHA256_TYPE_DEFINED - -void DCPSha256Free(wc_Sha256 *sha256); - -#endif - -#ifndef NO_SHA -typedef struct wc_Sha_DCP { - dcp_handle_t handle; - dcp_hash_ctx_t ctx; -} wc_Sha; -#define WC_SHA_TYPE_DEFINED - -void DCPShaFree(wc_Sha *sha); -#endif #endif diff --git a/source/libs/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h b/source/libs/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h index 22e18318..0c3e484a 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h +++ b/source/libs/libwolfssl/wolfcrypt/port/nxp/ksdk_port.h @@ -1,6 +1,6 @@ /* ksdk_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -46,6 +46,7 @@ int ksdk_port_init(void); int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c); int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c); int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y); + int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); /* Exported mp_mulmod function */ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); diff --git a/source/libs/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h b/source/libs/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h index a67cc9d9..b5edceeb 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h +++ b/source/libs/libwolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h @@ -1,6 +1,6 @@ /* pic32mz-crypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h index 1d16634c..63388697 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h +++ b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_aes.h @@ -1,6 +1,6 @@ /* silabs_aes.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h index 0a8fd88a..99389a8a 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h +++ b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_ecc.h @@ -1,6 +1,6 @@ /* silabs_ecc.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h index ebb69b73..8c2a4f25 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h +++ b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_hash.h @@ -1,6 +1,6 @@ /* silabs_hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h index dd095787..aa01797b 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h +++ b/source/libs/libwolfssl/wolfcrypt/port/silabs/silabs_random.h @@ -1,6 +1,6 @@ /* silabs_random.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/st/stm32.h b/source/libs/libwolfssl/wolfcrypt/port/st/stm32.h index 10f0ff94..0944472f 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/st/stm32.h +++ b/source/libs/libwolfssl/wolfcrypt/port/st/stm32.h @@ -1,6 +1,6 @@ /* stm32.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/st/stsafe.h b/source/libs/libwolfssl/wolfcrypt/port/st/stsafe.h index 55c7a3dc..0809fcd3 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/st/stsafe.h +++ b/source/libs/libwolfssl/wolfcrypt/port/st/stsafe.h @@ -1,6 +1,6 @@ /* stsafe.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/ti/ti-ccm.h b/source/libs/libwolfssl/wolfcrypt/port/ti/ti-ccm.h index e5280e10..f14add29 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/ti/ti-ccm.h +++ b/source/libs/libwolfssl/wolfcrypt/port/ti/ti-ccm.h @@ -1,6 +1,6 @@ /* port/ti/ti_ccm.c * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/ti/ti-hash.h b/source/libs/libwolfssl/wolfcrypt/port/ti/ti-hash.h index a05f0638..93210186 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/ti/ti-hash.h +++ b/source/libs/libwolfssl/wolfcrypt/port/ti/ti-hash.h @@ -1,6 +1,6 @@ /* port/ti/ti-hash.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h b/source/libs/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h index 47b46242..edaa4fa4 100644 --- a/source/libs/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h +++ b/source/libs/libwolfssl/wolfcrypt/port/xilinx/xil-sha3.h @@ -1,6 +1,6 @@ /* xil-sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/pwdbased.h b/source/libs/libwolfssl/wolfcrypt/pwdbased.h index 735e86a8..3705e672 100644 --- a/source/libs/libwolfssl/wolfcrypt/pwdbased.h +++ b/source/libs/libwolfssl/wolfcrypt/pwdbased.h @@ -1,6 +1,6 @@ /* pwdbased.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/rabbit.h b/source/libs/libwolfssl/wolfcrypt/rabbit.h index 7ac6b8b0..757945b0 100644 --- a/source/libs/libwolfssl/wolfcrypt/rabbit.h +++ b/source/libs/libwolfssl/wolfcrypt/rabbit.h @@ -1,6 +1,6 @@ /* rabbit.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/random.h b/source/libs/libwolfssl/wolfcrypt/random.h index 27aeebdd..f6dcdf3e 100644 --- a/source/libs/libwolfssl/wolfcrypt/random.h +++ b/source/libs/libwolfssl/wolfcrypt/random.h @@ -1,6 +1,6 @@ /* random.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/ripemd.h b/source/libs/libwolfssl/wolfcrypt/ripemd.h index 116120e7..170e5085 100644 --- a/source/libs/libwolfssl/wolfcrypt/ripemd.h +++ b/source/libs/libwolfssl/wolfcrypt/ripemd.h @@ -1,6 +1,6 @@ /* ripemd.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/rsa.h b/source/libs/libwolfssl/wolfcrypt/rsa.h index 399acc1e..8dad0f26 100644 --- a/source/libs/libwolfssl/wolfcrypt/rsa.h +++ b/source/libs/libwolfssl/wolfcrypt/rsa.h @@ -1,6 +1,6 @@ /* rsa.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -94,10 +94,13 @@ RSA keys can be used to encrypt, decrypt, sign and verify data. extern "C" { #endif -enum { - RSA_MIN_SIZE = 512, - RSA_MAX_SIZE = 4096, -}; +#ifndef RSA_MIN_SIZE +#define RSA_MIN_SIZE 512 +#endif + +#ifndef RSA_MAX_SIZE +#define RSA_MAX_SIZE 4096 +#endif /* avoid redefinition of structs */ #if !defined(HAVE_FIPS) || \ @@ -283,7 +286,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, enum wc_HashType hash, int mgf, RsaKey* key); -WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); +WOLFSSL_API int wc_RsaEncryptSize(const RsaKey* key); #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) @@ -294,7 +297,7 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e, word32 eSz, RsaKey* key); -#ifdef WOLFSSL_KEY_GEN +#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif diff --git a/source/libs/libwolfssl/wolfcrypt/selftest.h b/source/libs/libwolfssl/wolfcrypt/selftest.h index 0c4a2ef2..da97d0d4 100644 --- a/source/libs/libwolfssl/wolfcrypt/selftest.h +++ b/source/libs/libwolfssl/wolfcrypt/selftest.h @@ -1,6 +1,6 @@ /* selftest.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/settings.h b/source/libs/libwolfssl/wolfcrypt/settings.h index 51a0d38b..5e88cd4a 100644 --- a/source/libs/libwolfssl/wolfcrypt/settings.h +++ b/source/libs/libwolfssl/wolfcrypt/settings.h @@ -1,6 +1,6 @@ /* settings.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -218,6 +218,11 @@ /* Uncomment next line if building for Linux Kernel Module */ /* #define WOLFSSL_LINUXKM */ +/* Uncomment next line if building for devkitPro */ +/* #define DEVKITPRO */ + +/* Uncomment next line if building for Dolphin Emulator */ +/* #define DOLPHIN_EMULATOR */ #include @@ -721,18 +726,20 @@ extern void uITRON4_free(void *p) ; !defined(WOLFSSL_STATIC_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) - #endif - /* FreeRTOS pvPortRealloc() implementation can be found here: - https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ - #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) - #if defined(WOLFSSL_ESPIDF) - /*In IDF, realloc(p, n) is equivalent to - heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ - #define XREALLOC(p, n, h, t) realloc((p), (n)) - #else - #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + /* FreeRTOS pvPortRealloc() implementation can be found here: + https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ + #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ + defined(HAVE_ED448) + #if defined(WOLFSSL_ESPIDF) + /*In IDF, realloc(p, n) is equivalent to + heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ + #define XREALLOC(p, n, h, t) realloc((p), (n)) + #else + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + #endif #endif #endif + #ifndef NO_WRITEV #define NO_WRITEV #endif @@ -910,11 +917,13 @@ extern void uITRON4_free(void *p) ; !defined(WOLFSSL_STATIC_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) - #endif - /* FreeRTOS pvPortRealloc() implementation can be found here: - https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ - #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) - #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + + /* FreeRTOS pvPortRealloc() implementation can be found here: + https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ + #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ + defined(HAVE_ED448) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) + #endif #endif #endif @@ -1174,8 +1183,11 @@ extern void uITRON4_free(void *p) ; /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic. the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */ - #ifndef LTC_MAX_INT_BYTES - #define LTC_MAX_INT_BYTES (256) + /* size is multiplication of 2 big ints */ + #if !defined(NO_RSA) || !defined(NO_DH) + #define LTC_MAX_INT_BYTES (256*2) + #else + #define LTC_MAX_INT_BYTES (48*2) #endif /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. @@ -1236,7 +1248,8 @@ extern void uITRON4_free(void *p) ; #if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \ defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \ defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \ - defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) + defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \ + defined(WOLFSSL_STM32G0) #define SIZEOF_LONG_LONG 8 #ifndef CHAR_BIT @@ -1289,6 +1302,8 @@ extern void uITRON4_free(void *p) ; #include "stm32h7xx_hal.h" #elif defined(WOLFSSL_STM32WB) #include "stm32wbxx_hal.h" + #elif defined(WOLFSSL_STM32G0) + #include "stm32g0xx_hal.h" #endif #if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4) #include "stm32l4xx_ll_rng.h" @@ -1339,7 +1354,8 @@ extern void uITRON4_free(void *p) ; #endif #endif /* WOLFSSL_STM32_CUBEMX */ #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || - WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || WOLFSSL_STM32H7 */ + WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || + WOLFSSL_STM32H7 || WOLFSSL_STM32G0 */ #ifdef WOLFSSL_DEOS #include #include @@ -1371,7 +1387,6 @@ extern void uITRON4_free(void *p) ; #define WC_RSA_BLINDING #define HAVE_ECC - #define ALT_ECC_SIZE #define TFM_ECC192 #define TFM_ECC224 #define TFM_ECC256 @@ -1610,12 +1625,11 @@ extern void uITRON4_free(void *p) ; #ifdef WOLFSSL_ZEPHYR #include - #include - #include + #include + #include #include #define WOLFSSL_DH_CONST - #define WOLFSSL_HAVE_MIN #define WOLFSSL_HAVE_MAX #define NO_WRITEV @@ -1627,7 +1641,9 @@ extern void uITRON4_free(void *p) ; void *z_realloc(void *ptr, size_t size); #define realloc z_realloc + #ifndef CONFIG_NET_SOCKETS_POSIX_NAMES #define CONFIG_NET_SOCKETS_POSIX_NAMES + #endif #endif #ifdef WOLFSSL_IMX6 @@ -1648,6 +1664,10 @@ extern void uITRON4_free(void *p) ; /* large performance gain with HAVE_AES_ECB defined */ #undef HAVE_AES_ECB #define HAVE_AES_ECB + + //@TODO used for now until plugging in caam aes use with qnx + #undef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT #endif #endif @@ -1792,7 +1812,9 @@ extern void uITRON4_free(void *p) ; /* ECC Configs */ #ifdef HAVE_ECC /* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */ - #ifndef NO_ECC_SIGN + #if !defined(NO_ECC_SIGN) && \ + (!defined(ECC_TIMING_RESISTANT) || \ + (defined(ECC_TIMING_RESISTANT) && !defined(WC_NO_RNG))) #undef HAVE_ECC_SIGN #define HAVE_ECC_SIGN #endif @@ -1804,7 +1826,7 @@ extern void uITRON4_free(void *p) ; #undef HAVE_ECC_CHECK_KEY #define HAVE_ECC_CHECK_KEY #endif - #ifndef NO_ECC_DHE + #if !defined(NO_ECC_DHE) && !defined(WC_NO_RNG) #undef HAVE_ECC_DHE #define HAVE_ECC_DHE #endif @@ -1845,6 +1867,10 @@ extern void uITRON4_free(void *p) ; #ifndef NO_ED25519_VERIFY #undef HAVE_ED25519_VERIFY #define HAVE_ED25519_VERIFY + #ifdef WOLFSSL_ED25519_STREAMING_VERIFY + #undef WOLFSSL_ED25519_PERSISTENT_SHA + #define WOLFSSL_ED25519_PERSISTENT_SHA + #endif #endif #ifndef NO_ED25519_KEY_EXPORT #undef HAVE_ED25519_KEY_EXPORT @@ -1883,6 +1909,10 @@ extern void uITRON4_free(void *p) ; #ifndef NO_ED448_VERIFY #undef HAVE_ED448_VERIFY #define HAVE_ED448_VERIFY + #ifdef WOLFSSL_ED448_STREAMING_VERIFY + #undef WOLFSSL_ED448_PERSISTENT_SHA + #define WOLFSSL_ED448_PERSISTENT_SHA + #endif #endif #ifndef NO_ED448_KEY_EXPORT #undef HAVE_ED448_KEY_EXPORT @@ -1979,7 +2009,7 @@ extern void uITRON4_free(void *p) ; #endif /* if desktop type system and fastmath increase default max bits */ -#ifdef WOLFSSL_X86_64_BUILD +#if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD) #if defined(USE_FAST_MATH) && !defined(FP_MAX_BITS) #if MIN_FFDHE_FP_MAX_BITS <= 8192 #define FP_MAX_BITS 8192 @@ -2090,8 +2120,9 @@ extern void uITRON4_free(void *p) ; #if defined(HAVE_IO_POOL) || defined(XMALLOC_USER) || defined(NO_WOLFSSL_MEMORY) #error static memory cannot be used with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY #endif - #if !defined(USE_FAST_MATH) && !defined(NO_BIG_INT) - #error static memory requires fast math please define USE_FAST_MATH + #if !defined(WOLFSSL_SP_NO_MALLOC) && \ + !defined(USE_FAST_MATH) && !defined(NO_BIG_INT) + #error The static memory option is only supported for fast math or SP with no malloc #endif #ifdef WOLFSSL_SMALL_STACK #error static memory does not support small stack please undefine @@ -2179,6 +2210,9 @@ extern void uITRON4_free(void *p) ; #ifndef WOLFSSL_OLD_PRIME_CHECK #define WOLFSSL_OLD_PRIME_CHECK #endif + #ifndef WOLFSSL_TEST_SUBROUTINE + #define WOLFSSL_TEST_SUBROUTINE static + #endif #undef HAVE_STRINGS_H #undef HAVE_ERRNO_H #undef HAVE_THREAD_LS @@ -2211,11 +2245,15 @@ extern void uITRON4_free(void *p) ; #ifndef OPENSSL_EXTRA #define OPENSSL_EXTRA #endif - #ifndef HAVE_SESSION_TICKET + /* Session Tickets will be enabled when --enable-opensslall is used. + * Time is required for ticket expiration checking */ + #if !defined(HAVE_SESSION_TICKET) && !defined(NO_ASN_TIME) #define HAVE_SESSION_TICKET #endif + /* OCSP will be enabled in configure.ac when --enable-opensslall is used, + * but do not force all users to have it enabled. */ #ifndef HAVE_OCSP - #define HAVE_OCSP + /*#define HAVE_OCSP*/ #endif #ifndef KEEP_OUR_CERT #define KEEP_OUR_CERT @@ -2232,14 +2270,14 @@ extern void uITRON4_free(void *p) ; /* both CURVE and ED small math should be enabled */ #ifdef CURVED25519_SMALL - #define CURVE25519_SMALL - #define ED25519_SMALL + #define CURVE25519_SMALL + #define ED25519_SMALL #endif /* both CURVE and ED small math should be enabled */ #ifdef CURVED448_SMALL - #define CURVE448_SMALL - #define ED448_SMALL + #define CURVE448_SMALL + #define ED448_SMALL #endif @@ -2264,9 +2302,14 @@ extern void uITRON4_free(void *p) ; #if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA) /* added to have compatibility with SHA256() */ - #if !defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) + #if !defined(NO_OLD_SHA_NAMES) && (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) #define NO_OLD_SHA_NAMES #endif + #if !defined(NO_OLD_MD5_NAME) && (!defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) + #define NO_OLD_MD5_NAME + #endif #endif /* switch for compatibility layer functionality. Has subparts i.e. BIO/X509 @@ -2292,7 +2335,7 @@ extern void uITRON4_free(void *p) ; #endif /* support for disabling PEM to DER */ -#if !defined(WOLFSSL_NO_PEM) +#if !defined(WOLFSSL_NO_PEM) && !defined(NO_CODING) #undef WOLFSSL_PEM_TO_DER #define WOLFSSL_PEM_TO_DER #endif @@ -2373,7 +2416,9 @@ extern void uITRON4_free(void *p) ; #endif #if defined(HAVE_EX_DATA) || defined(FORTRESS) + #ifndef MAX_EX_DATA #define MAX_EX_DATA 5 /* allow for five items of ex_data */ + #endif #endif #ifdef NO_WOLFSSL_SMALL_STACK @@ -2414,6 +2459,60 @@ extern void uITRON4_free(void *p) ; #define NO_STRICT_ECDSA_LEN #endif +/* Do not allow using small stack with no malloc */ +#if defined(WOLFSSL_NO_MALLOC) && \ + (defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_SMALL_STACK_CACHE)) + #error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC) +#endif + +/* Enable DH Extra for QT, openssl all, openssh and static ephemeral */ +/* Allows export/import of DH key and params as DER */ +#if !defined(NO_DH) && !defined(WOLFSSL_DH_EXTRA) && \ + (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \ + defined(WOLFSSL_STATIC_EPHEMERAL)) + #define WOLFSSL_DH_EXTRA +#endif + +/* DH Extra is not supported on FIPS v1 or v2 (is missing DhKey .pub/.priv) */ +#if defined(WOLFSSL_DH_EXTRA) && defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2) + #undef WOLFSSL_DH_EXTRA +#endif + +/* Check for insecure build combination: + * secure renegotiation [enabled] + * extended master secret [disabled] + * session resumption [enabled] + */ +#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_EXTENDED_MASTER) && \ + (defined(HAVE_SESSION_TICKET) || !defined(NO_SESSION_CACHE)) + /* secure renegotiation requires extended master secret with resumption */ + #ifndef _MSC_VER + #warning Extended master secret must be enabled with secure renegotiation and session resumption + #else + #pragma message("Warning: Extended master secret must be enabled with secure renegotiation and session resumption") + #endif + + /* Note: "--enable-renegotiation-indication" ("HAVE_RENEGOTIATION_INDICATION") + * only sends the secure renegotiation extension, but is not actually supported. + * This was added because some TLS peers required it even if not used, so we call + * this "(FAKE Secure Renegotiation)" + */ +#endif + + +/* --------------------------------------------------------------------------- + * Depricated Algorithm Handling + * Unless allowed via a build macro, disable support + * ---------------------------------------------------------------------------*/ + +/* RC4: Per RFC7465 Feb 2015, the cipher suite has been deprecated due to a + * number of exploits capable of decrypting portions of encrypted messages. */ +#ifndef WOLFSSL_ALLOW_RC4 + #undef NO_RC4 + #define NO_RC4 +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/source/libs/libwolfssl/wolfcrypt/sha.h b/source/libs/libwolfssl/wolfcrypt/sha.h index 4d42ea7f..0df25749 100644 --- a/source/libs/libwolfssl/wolfcrypt/sha.h +++ b/source/libs/libwolfssl/wolfcrypt/sha.h @@ -1,6 +1,6 @@ /* sha.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -52,6 +52,10 @@ #include "fsl_ltc.h" #endif +#ifdef WOLFSSL_IMXRT_DCP + #include "fsl_dcp.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -72,9 +76,6 @@ #ifdef WOLFSSL_ESP32WROOM32_CRYPT #include #endif -#ifdef WOLFSSL_IMXRT_DCP - #include -#endif #if defined(WOLFSSL_SILABS_SE_ACCEL) #include #endif @@ -102,13 +103,11 @@ enum { #if defined(WOLFSSL_TI_HASH) #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" -#elif defined(WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" #else /* Sha digest */ @@ -119,6 +118,9 @@ struct wc_Sha { STM32_HASH_Context stmCtx; #elif defined(WOLFSSL_SILABS_SE_ACCEL) wc_silabs_sha_t silabsCtx; +#elif defined(WOLFSSL_IMXRT_DCP) + dcp_handle_t handle; + dcp_hash_ctx_t ctx; #else word32 buffLen; /* in bytes */ word32 loLen; /* length in bytes */ @@ -169,6 +171,9 @@ WOLFSSL_API void wc_ShaFree(wc_Sha*); WOLFSSL_API int wc_ShaGetHash(wc_Sha*, byte*); WOLFSSL_API int wc_ShaCopy(wc_Sha*, wc_Sha*); +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_ShaTransform(wc_Sha*, const byte*); +#endif #ifdef WOLFSSL_PIC32MZ_HASH WOLFSSL_API void wc_ShaSizeSet(wc_Sha* sha, word32 len); diff --git a/source/libs/libwolfssl/wolfcrypt/sha256.h b/source/libs/libwolfssl/wolfcrypt/sha256.h index 1ae4f74d..080a6480 100644 --- a/source/libs/libwolfssl/wolfcrypt/sha256.h +++ b/source/libs/libwolfssl/wolfcrypt/sha256.h @@ -1,6 +1,6 @@ /* sha256.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -61,6 +61,16 @@ #include "fsl_ltc.h" #endif +#ifdef WOLFSSL_IMXRT_DCP + #include "fsl_dcp.h" +#endif + +#if defined(WOLFSSL_PSOC6_CRYPTO) +#include "cy_crypto_core_sha.h" +#include "cy_device_headers.h" +#include "cy_crypto_common.h" +#include "cy_crypto_core.h" +#endif #ifdef __cplusplus extern "C" { @@ -122,17 +132,13 @@ enum { #ifdef WOLFSSL_TI_HASH #include "wolfssl/wolfcrypt/port/ti/ti-hash.h" -#elif defined(WOLFSSL_IMX6_CAAM) +#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" #elif defined(WOLFSSL_AFALG_HASH) #include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h" #elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) #include "wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h" -#elif defined(WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" -#elif defined(WOLFSSL_IMXRT_DCP) - #include #else /* wc_Sha256 digest */ @@ -143,6 +149,13 @@ struct wc_Sha256 { STM32_HASH_Context stmCtx; #elif defined(WOLFSSL_SILABS_SE_ACCEL) wc_silabs_sha_t silabsCtx; +#elif defined(WOLFSSL_IMXRT_DCP) + dcp_handle_t handle; + dcp_hash_ctx_t ctx; +#elif defined(WOLFSSL_PSOC6_CRYPTO) + cy_stc_crypto_sha_state_t hash_state; + cy_en_crypto_sha_mode_t sha_mode; + cy_stc_crypto_v2_sha256_buffers_t sha_buffers; #else /* alignment on digest and buffer speeds up ARMv8 crypto operations */ ALIGN16 word32 digest[WC_SHA256_DIGEST_SIZE / sizeof(word32)]; @@ -198,7 +211,9 @@ WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32); WOLFSSL_API int wc_Sha256FinalRaw(wc_Sha256*, byte*); WOLFSSL_API int wc_Sha256Final(wc_Sha256*, byte*); WOLFSSL_API void wc_Sha256Free(wc_Sha256*); - +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha256Transform(wc_Sha256*, const byte*); +#endif WOLFSSL_API int wc_Sha256GetHash(wc_Sha256*, byte*); WOLFSSL_API int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst); @@ -216,9 +231,12 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) +#if !defined(NO_OLD_SHA_NAMES) + #define SHA224 WC_SHA224 +#endif + #ifndef NO_OLD_WC_NAMES #define Sha224 wc_Sha224 - #define SHA224 WC_SHA224 #define SHA224_BLOCK_SIZE WC_SHA224_BLOCK_SIZE #define SHA224_DIGEST_SIZE WC_SHA224_DIGEST_SIZE #define SHA224_PAD_SIZE WC_SHA224_PAD_SIZE diff --git a/source/libs/libwolfssl/wolfcrypt/sha3.h b/source/libs/libwolfssl/wolfcrypt/sha3.h index d580c42b..b75351fa 100644 --- a/source/libs/libwolfssl/wolfcrypt/sha3.h +++ b/source/libs/libwolfssl/wolfcrypt/sha3.h @@ -1,6 +1,6 @@ /* sha3.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/sha512.h b/source/libs/libwolfssl/wolfcrypt/sha512.h index e68b7cd8..9547390a 100644 --- a/source/libs/libwolfssl/wolfcrypt/sha512.h +++ b/source/libs/libwolfssl/wolfcrypt/sha512.h @@ -1,6 +1,6 @@ /* sha512.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -79,6 +79,12 @@ #if defined(WOLFSSL_SILABS_SE_ACCEL) #include #endif +#if defined(WOLFSSL_PSOC6_CRYPTO) + #include "cy_crypto_core_sha.h" + #include "cy_device_headers.h" + #include "cy_crypto_common.h" + #include "cy_crypto_core.h" +#endif #if defined(_MSC_VER) #define SHA512_NOINLINE __declspec(noinline) @@ -114,13 +120,16 @@ enum { }; -#ifdef WOLFSSL_IMX6_CAAM +#if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM) #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" -#elif defined (WOLFSSL_PSOC6_CRYPTO) - #include "wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h" #else /* wc_Sha512 digest */ struct wc_Sha512 { +#ifdef WOLFSSL_PSOC6_CRYPTO + cy_stc_crypto_sha_state_t hash_state; + cy_en_crypto_sha_mode_t sha_mode; + cy_stc_crypto_v2_sha512_buffers_t sha_buffers; +#else word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)]; word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)]; word32 buffLen; /* in bytes */ @@ -143,10 +152,14 @@ struct wc_Sha512 { #if defined(WOLFSSL_SILABS_SE_ACCEL) wc_silabs_sha_t silabsCtx; #endif - +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; /* generic crypto callback context */ +#endif #if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) word32 flags; /* enum wc_HashFlags in hash.h */ #endif +#endif /* WOLFSSL_PSOC6_CRYPTO */ }; #ifndef WC_SHA512_TYPE_DEFINED @@ -180,6 +193,9 @@ WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); WOLFSSL_API int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags); #endif +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data); +#endif #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA384) diff --git a/source/libs/libwolfssl/wolfcrypt/signature.h b/source/libs/libwolfssl/wolfcrypt/signature.h index c2bacba3..39748070 100644 --- a/source/libs/libwolfssl/wolfcrypt/signature.h +++ b/source/libs/libwolfssl/wolfcrypt/signature.h @@ -1,6 +1,6 @@ /* signature.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/sp.h b/source/libs/libwolfssl/wolfcrypt/sp.h index f774b2ca..052871c5 100644 --- a/source/libs/libwolfssl/wolfcrypt/sp.h +++ b/source/libs/libwolfssl/wolfcrypt/sp.h @@ -1,6 +1,6 @@ /* sp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,9 +27,15 @@ #if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \ defined(WOLFSSL_HAVE_SP_ECC) - -#ifndef WOLFSSL_LINUXKM -#include +#ifdef _WIN32_WCE + typedef __int8 int8_t; + typedef __int32 int32_t; + typedef __int64 int64_t; + typedef unsigned __int8 uint8_t; + typedef unsigned __int32 uint32_t; + typedef unsigned __int64 uint64_t; +#elif !defined(WOLFSSL_LINUXKM) + #include #endif #include @@ -56,6 +62,10 @@ #ifdef WOLFSSL_HAVE_SP_RSA +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, byte* out, word32* outLen); WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen, @@ -74,10 +84,39 @@ WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm, byte* out, word32* outLen); +#else + +WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +WOLFSSL_LOCAL int sp_RsaPublic_3072(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_3072(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +WOLFSSL_LOCAL int sp_RsaPublic_4096(const byte* in, word32 inLen, + const mp_int* em, const mp_int* mm, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen, + const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, + const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out, + word32* outLen); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || defined(WOLFSSL_HAVE_SP_RSA) +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_ModExp_1024(mp_int* base, mp_int* exp, mp_int* mod, mp_int* res); WOLFSSL_LOCAL int sp_ModExp_1536(mp_int* base, mp_int* exp, mp_int* mod, @@ -89,10 +128,29 @@ WOLFSSL_LOCAL int sp_ModExp_3072(mp_int* base, mp_int* exp, mp_int* mod, WOLFSSL_LOCAL int sp_ModExp_4096(mp_int* base, mp_int* exp, mp_int* mod, mp_int* res); +#else + +WOLFSSL_LOCAL int sp_ModExp_1024(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_1536(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_2048(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_3072(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); +WOLFSSL_LOCAL int sp_ModExp_4096(const mp_int* base, const mp_int* exp, + const mp_int* mod, mp_int* res); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif #ifdef WOLFSSL_HAVE_SP_DH +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + WOLFSSL_LOCAL int sp_DhExp_2048(mp_int* base, const byte* exp, word32 expLen, mp_int* mod, byte* out, word32* outLen); WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen, @@ -100,10 +158,25 @@ WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen, WOLFSSL_LOCAL int sp_DhExp_4096(mp_int* base, const byte* exp, word32 expLen, mp_int* mod, byte* out, word32* outLen); +#else + +WOLFSSL_LOCAL int sp_DhExp_2048(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_DhExp_3072(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); +WOLFSSL_LOCAL int sp_DhExp_4096(const mp_int* base, const byte* exp, + word32 expLen, const mp_int* mod, byte* out, word32* outLen); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #endif /* WOLFSSL_HAVE_SP_DH */ #ifdef WOLFSSL_HAVE_SP_ECC +/* non-const versions only needed for inlined ARM assembly */ +#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \ + && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) ) + int sp_ecc_mulmod_256(mp_int* km, ecc_point* gm, ecc_point* rm, int map, void* heap); int sp_ecc_mulmod_base_256(mp_int* km, ecc_point* rm, int map, void* heap); @@ -147,15 +220,94 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ); int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym); +#else + +int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, + const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); + +int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap); +int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, + word32* outlen, void* heap); +int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, + const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, + const mp_int* pY, const mp_int* pZ, const mp_int* r, const mp_int* sm, + int* res, void* heap); +int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); +int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ); +int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym); + +int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, + const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); + +int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap); +int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, + word32* outlen, void* heap); +int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, + const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, + const mp_int* pY, const mp_int* pZ, const mp_int* r, const mp_int* sm, + int* res, void* heap); +int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); +int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, + mp_int* rX, mp_int* rY, mp_int* rZ); +int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ); +int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym); + +int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* rm, + int map, void* heap); +int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* rm, int map, + void* heap); +int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, + int inMont, ecc_point* rm, int map, void* heap); +int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, + void* heap); +int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, + ecc_point* r, int map, void* heap); +int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res); +int sp_Pairing_1024(const ecc_point* p, const ecc_point* q, mp_int* res); +int sp_Pairing_gen_precomp_1024(const ecc_point* p, byte* table, word32* len); +int sp_Pairing_precomp_1024(const ecc_point* p, const ecc_point* q, mp_int* res, + const byte* table, word32 len); +int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY); +int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, + const mp_int* privm, void* heap); + +#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */ + #ifdef WOLFSSL_SP_NONBLOCK -int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, - mp_int* rm, mp_int* sm, mp_int* km, void* heap); -int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY, - mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); -int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, - mp_int* rm, mp_int* sm, mp_int* km, void* heap); -int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY, - mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); +int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r, + const mp_int* sm, int* res, void* heap); +int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap); +int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash, word32 hashLen, + const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r, + const mp_int* sm, int* res, void* heap); #endif /* WOLFSSL_SP_NONBLOCK */ #endif /* WOLFSSL_HAVE_SP_ECC */ diff --git a/source/libs/libwolfssl/wolfcrypt/sp_int.h b/source/libs/libwolfssl/wolfcrypt/sp_int.h index 6092d5d0..92672621 100644 --- a/source/libs/libwolfssl/wolfcrypt/sp_int.h +++ b/source/libs/libwolfssl/wolfcrypt/sp_int.h @@ -1,6 +1,6 @@ /* sp_int.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -30,6 +30,7 @@ This library provides single precision (SP) integer math functions. #ifndef WOLFSSL_LINUXKM #include #endif +#include #ifdef __cplusplus extern "C" { @@ -112,29 +113,33 @@ extern "C" { #error "Size of unsigned long not detected" #endif -#if ULLONG_MAX == 18446744073709551615UL - #define SP_ULLONG_BITS 64 +#ifdef ULLONG_MAX + #if ULLONG_MAX == 18446744073709551615ULL + #define SP_ULLONG_BITS 64 - #if SP_ULLONG_BITS > SP_ULONG_BITS - typedef unsigned long long sp_uint64; - typedef long long sp_int64; - #endif -#elif ULLONG_MAX == 4294967295UL - #define SP_ULLONG_BITS 32 + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint64; + typedef long long sp_int64; + #endif + #elif ULLONG_MAX == 4294967295UL + #define SP_ULLONG_BITS 32 - #if SP_ULLONG_BITS > SP_ULONG_BITS - typedef unsigned long long sp_uint32; - typedef long long sp_int32; - #endif -#elif ULLONG_MAX == 65535 - #define SP_ULLONG_BITS 16 + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint32; + typedef long long sp_int32; + #endif + #elif ULLONG_MAX == 65535 + #define SP_ULLONG_BITS 16 - #if SP_ULLONG_BITS > SP_ULONG_BITS - typedef unsigned long long sp_uint16; - typedef long long sp_int16; + #if SP_ULLONG_BITS > SP_ULONG_BITS + typedef unsigned long long sp_uint16; + typedef long long sp_int16; + #endif + #else + #error "Size of unsigned long long not detected" #endif #else - #error "Size of unsigned long long not detected" + #define SP_ULLONG_BITS 0 #endif @@ -151,15 +156,20 @@ extern "C" { #endif -/* Detemine the number of bits to use in each word. */ +/* Determine the number of bits to use in each word. */ #ifdef SP_WORD_SIZE #elif defined(WOLFSSL_DSP_BUILD) #define SP_WORD_SIZE 32 +#elif defined(WOLFSSL_SP_X86_64) && !defined(WOLFSSL_SP_X86_64_ASM) && \ + !defined(HAVE___UINT128_T) + #define SP_WORD_SIZE 32 #elif defined(WOLFSSL_SP_X86_64_ASM) || defined(WOLFSSL_SP_X86_64) - #if SP_ULONG_BITS == 64 + #if SP_ULONG_BITS == 64 || SP_ULLONG_BITS == 64 #define SP_WORD_SIZE 64 #define HAVE_INTEL_AVX1 - #define HAVE_INTEL_AVX2 + #ifndef NO_AVX2_SUPPORT + #define HAVE_INTEL_AVX2 + #endif #elif SP_ULONG_BITS == 32 #define SP_WORD_SIZE 32 #undef WOLFSSL_SP_ASM @@ -167,6 +177,8 @@ extern "C" { #define SP_WORD_SIZE 16 #undef WOLFSSL_SP_ASM #endif +#elif defined(WOLFSSL_SP_X86) + #define SP_WORD_SIZE 32 #elif defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM64) #define SP_WORD_SIZE 64 #elif defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM32) @@ -248,8 +260,10 @@ extern "C" { #elif SP_WORD_SIZE == 64 typedef sp_uint64 sp_int_digit; typedef sp_int64 sp_sint_digit; +#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) typedef sp_uint128 sp_int_word; typedef sp_int128 sp_int_sword; +#endif #define SP_MASK 0xffffffffffffffffUL #else @@ -300,6 +314,25 @@ extern "C" { /* Mask of word size. */ #define SP_WORD_MASK (SP_WORD_SIZE - 1) +/* For debugging only - format string for different digit sizes. */ +#if SP_WORD_SIZE == 64 + #if SP_ULONG_BITS == 64 + #define SP_PRINT_FMT "%016lx" + #else + #define SP_PRINT_FMT "%016llx" + #endif +#elif SP_WORD_SIZE == 32 + #if SP_UINT_BITS == 32 + #define SP_PRINT_FMT "%08x" + #else + #define SP_PRINT_FMT "%08lx" + #endif +#elif SP_WORD_SIZE == 16 + #define SP_PRINT_FMT "%04x" +#elif SP_WORD_SIZE == 8 + #define SP_PRINT_FMT "%02x" +#endif + #if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK) /* Non-blocking ECC operation context. */ @@ -333,6 +366,9 @@ typedef struct sp_ecc_ctx { !defined(WOLFSSL_HAVE_SP_ECC) #if !defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA) #define SP_INT_DIGITS (((6144 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(WOLFCRYPT_HAVE_SAKKE) + #define SP_INT_DIGITS \ + (((2 * (1024 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) #elif defined(HAVE_ECC) #define SP_INT_DIGITS \ (((2 * ( 521 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) @@ -342,7 +378,10 @@ typedef struct sp_ecc_ctx { #define SP_INT_DIGITS ((( 256 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) #endif #elif !defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_HAVE_SP_DH) - #ifdef WOLFSSL_SP_MATH_ALL + #if defined(WOLFCRYPT_HAVE_SAKKE) + #define SP_INT_DIGITS \ + (((2 * (1024 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) + #elif defined(WOLFSSL_SP_MATH_ALL) #define SP_INT_DIGITS \ (((2 * ( 521 + SP_WORD_SIZE) + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) #elif defined(WOLFSSL_SP_384) @@ -363,7 +402,8 @@ typedef struct sp_ecc_ctx { #define SP_INT_DIGITS (((3072 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) #endif #else - #if defined(WOLFSSL_HAVE_SP_DH) + #if defined(WOLFSSL_HAVE_SP_DH) || \ + (defined(WOLFSSL_HAVE_SP_RSA) && defined(WOLFSSL_KEY_GEN)) #define SP_INT_DIGITS (((4096 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) #else #define SP_INT_DIGITS (((2048 + SP_WORD_SIZE) / SP_WORD_SIZE) + 1) @@ -376,26 +416,26 @@ typedef struct sp_ecc_ctx { #define SP_INT_MAX_BITS (SP_INT_DIGITS * SP_WORD_SIZE) #endif +#if SP_WORD_SIZE < 32 + /* Maximum number of digits in a number to mul or sqr. */ + #define SP_MUL_SQR_DIGITS (SP_INT_MAX_BITS / 2 / SP_WORD_SIZE) + /* Maximum value of partial in mul/sqr. */ + #define SP_MUL_SQR_MAX_PARTIAL \ + (SP_MUL_SQR_DIGITS * ((1 << SP_WORD_SIZE) - 1)) + /* Maximim value in an sp_int_word. */ + #define SP_INT_WORD_MAX ((1 << (SP_WORD_SIZE * 2)) - 1) -/* For debugging only - format string for different digit sizes. */ -#if SP_WORD_SIZE == 64 - #if SP_ULONG_BITS == 64 - #define SP_PRINT_FMT "%016lx" - #else - #define SP_PRINT_FMT "%016llx" + #if SP_MUL_SQR_MAX_PARTIAL > SP_INT_WORD_MAX + /* The sum of the partials in the multiplicaiton/square can exceed the + * size of a word. This will overflow the word and loose data. + * Use an implementation that handles carry after every add and uses an + * extra temporary word for overflowing high word. + */ + #define SP_WORD_OVERFLOW #endif -#elif SP_WORD_SIZE == 32 - #if SP_UINT_BITS == 32 - #define SP_PRINT_FMT "%08x" - #else - #define SP_PRINT_FMT "%08lx" - #endif -#elif SP_WORD_SIZE == 16 - #define SP_PRINT_FMT "%04x" -#elif SP_WORD_SIZE == 8 - #define SP_PRINT_FMT "%02x" #endif + #ifndef NO_FILESYSTEM /* Output is formatted to be used with script that checks calculations. */ @@ -471,7 +511,7 @@ typedef struct sp_ecc_ctx { #define sp_print_digit(a, s) #define sp_print_int(a, s) -#endif +#endif /* !NO_FILESYSTEM */ /* Returns whether multi-precision number is odd * @@ -500,6 +540,8 @@ typedef struct sp_ecc_ctx { * @return 0 when not zero. */ #define sp_iszero(a) ((a)->used == 0) + +#ifndef WOLFSSL_SP_INT_NEGATIVE /* Returns whether multi-precision number has the value one. * * Assumes a is not NULL. @@ -509,6 +551,20 @@ typedef struct sp_ecc_ctx { * @return 0 when not one. */ #define sp_isone(a) (((a)->used == 1) && ((a)->dp[0] == 1)) +#else +/* Returns whether multi-precision number has the value of positive one. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isone(a) \ + (((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == MP_ZPOS)) +#endif + +#ifndef WOLFSSL_SP_INT_NEGATIVE /* Returns whether multi-precision number has the value 'd'. * * Assumes a is not NULL. @@ -518,7 +574,23 @@ typedef struct sp_ecc_ctx { * @return 1 when one. * @return 0 when not one. */ -#define sp_isword(a, d) (((a)->used == 1) && ((a)->dp[0] == d)) +#define sp_isword(a, d) \ + ((((d) == 0) && sp_iszero(a)) || (((a)->used == 1) && ((a)->dp[0] == (d)))) +#else +/* Returns whether multi-precision number has the value 'd'. + * + * Assumes a is not NULL. + * + * @param [in] a SP integer to check. + * @param [in] d SP integer digit. + * @return 1 when one. + * @return 0 when not one. + */ +#define sp_isword(a, d) \ + ((((d) == 0) && sp_iszero(a)) || \ + (((a)->used == 1) && ((a)->dp[0] == (d)) && ((a)->sign == MP_ZPOS))) +#endif + #ifndef WOLFSSL_SP_INT_NEGATIVE /* Calculate the absolute value of the multi-precision number. * @@ -552,6 +624,7 @@ typedef struct sp_ecc_ctx { */ #define sp_isneg(a) ((a)->sign == MP_NEG) #endif + /* Updates the used count to exclude leading zeros. * * Assumes a is not NULL. @@ -575,23 +648,15 @@ typedef struct sp_ecc_ctx { #define CheckFastMathSettings() (SP_WORD_SIZE == CheckRunTimeFastMath()) -#ifdef WOLFSSL_SP_INT_NEGATIVE - #ifdef HAVE_WOLF_BIGINT - #define SP_INT_EXTRA_OVERHEAD sizeof(int) + sizeof(struct WC_BIGINT) - #else - #define SP_INT_EXTRA_OVERHEAD sizeof(int) - #endif -#elif defined(HAVE_WOLF_BIGINT) - #define SP_INT_EXTRA_OVERHEAD sizeof(struct WC_BIGINT) -#else - #define SP_INT_EXTRA_OVERHEAD 0 -#endif -#define WOLFSSL_SP_INT_OVERHEAD \ - (sizeof(int) + sizeof(int) + SP_INT_EXTRA_OVERHEAD) - +/* The number of bytes to a sp_int with 'cnt' digits. + * Must have at least one digit. + */ #define MP_INT_SIZEOF(cnt) \ - (WOLFSSL_SP_INT_OVERHEAD + ((cnt) * SP_WORD_SIZEOF)) - + (sizeof(sp_int) - (SP_INT_DIGITS - (((cnt) == 0) ? 1 : (cnt))) * \ + sizeof(sp_int_digit)) +/* The address of the next sp_int after one with 'cnt' digits. */ +#define MP_INT_NEXT(t, cnt) \ + (sp_int*)(((byte*)(t)) + MP_INT_SIZEOF(cnt)) /** * A reuslt of NO. @@ -612,9 +677,9 @@ typedef struct sp_ecc_ctx { #endif /** Radix is base 10 or decimal. */ -#define MP_RADIX_DEC 10 +#define MP_RADIX_DEC 10 /** Radix is base 16 or hexadecimal. */ -#define MP_RADIX_HEX 16 +#define MP_RADIX_HEX 16 /** Result of comparison is that the first number is greater than second. */ #define MP_GT 1 @@ -623,16 +688,21 @@ typedef struct sp_ecc_ctx { /** Result of comparison is that the first number is less than second. */ #define MP_LT -1 +/* ERROR VALUES */ /** Error value on success. */ -#define MP_OKAY 0 +#define MP_OKAY 0 /** Error value when dynamic memory allocation fails. */ -#define MP_MEM -2 +#define MP_MEM -2 /** Error value when value passed is not able to be used. */ -#define MP_VAL -3 +#define MP_VAL -3 /** Error value when non-blocking operation is returning after partial * completion. */ -#define FP_WOULDBLOCK -4 +#define FP_WOULDBLOCK -4 +/* Unused error. Defined for backward compatability. */ +#define MP_NOT_INF -5 +/* Unused error. Defined for backward compatability. */ +#define MP_RANGE MP_NOT_INF /* Number of bits in each word/digit. */ #define DIGIT_BIT SP_WORD_SIZE @@ -708,18 +778,20 @@ MP_API void sp_clear(sp_int* a); MP_API void sp_forcezero(sp_int* a); MP_API int sp_init_copy (sp_int* r, sp_int* a); -MP_API int sp_copy(sp_int* a, sp_int* r); +MP_API int sp_copy(const sp_int* a, sp_int* r); MP_API int sp_exch(sp_int* a, sp_int* b); MP_API int sp_cond_swap_ct(mp_int * a, mp_int * b, int c, int m); #ifdef WOLFSSL_SP_INT_NEGATIVE MP_API int sp_abs(sp_int* a, sp_int* b); #endif +#ifdef WOLFSSL_SP_MATH_ALL MP_API int sp_cmp_mag(sp_int* a, sp_int* b); +#endif MP_API int sp_cmp(sp_int* a, sp_int* b); MP_API int sp_is_bit_set(sp_int* a, unsigned int b); -MP_API int sp_count_bits(sp_int* a); +MP_API int sp_count_bits(const sp_int* a); #if defined(HAVE_ECC) && defined(HAVE_COMP_KEY) MP_API int sp_cnt_lsb(sp_int* a); #endif @@ -733,22 +805,33 @@ MP_API int sp_cmp_d(sp_int* a, sp_int_digit d); MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r); MP_API int sp_sub_d(sp_int* a, sp_int_digit d, sp_int* r); MP_API int sp_mul_d(sp_int* a, sp_int_digit d, sp_int* r); +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) MP_API int sp_div_d(sp_int* a, sp_int_digit d, sp_int* r, sp_int_digit* rem); +#endif #if defined(WOLFSSL_SP_MATH_ALL) || (defined(HAVE_ECC) && \ defined(HAVE_COMP_KEY)) MP_API int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r); #endif -MP_API int sp_div_2_mod_ct (sp_int* a, sp_int* b, sp_int* c); #if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) +MP_API int sp_div_2_mod_ct (sp_int* a, sp_int* b, sp_int* c); MP_API int sp_div_2(sp_int* a, sp_int* r); #endif MP_API int sp_add(sp_int* a, sp_int* b, sp_int* r); MP_API int sp_sub(sp_int* a, sp_int* b, sp_int* r); +#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \ + (!defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_CUSTOM_CURVES)) || \ + defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) MP_API int sp_addmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) MP_API int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); +#endif +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) MP_API int sp_submod_ct (sp_int* a, sp_int* b, sp_int* c, sp_int* d); MP_API int sp_addmod_ct (sp_int* a, sp_int* b, sp_int* c, sp_int* d); +#endif MP_API int sp_lshd(sp_int* a, int s); MP_API void sp_rshd(sp_int* a, int c); @@ -763,16 +846,22 @@ MP_API int sp_mul(sp_int* a, sp_int* b, sp_int* r); MP_API int sp_mulmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r); MP_API int sp_invmod(sp_int* a, sp_int* m, sp_int* r); +#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC) MP_API int sp_invmod_mont_ct(sp_int* a, sp_int* m, sp_int* r, sp_int_digit mp); +#endif MP_API int sp_exptmod_ex(sp_int* b, sp_int* e, int digits, sp_int* m, sp_int* r); MP_API int sp_exptmod(sp_int* b, sp_int* e, sp_int* m, sp_int* r); +#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) MP_API int sp_exptmod_nct(sp_int* b, sp_int* e, sp_int* m, sp_int* r); +#endif +#ifdef WOLFSSL_SP_MATH_ALL MP_API int sp_div_2d(sp_int* a, int e, sp_int* r, sp_int* rem); MP_API int sp_mod_2d(sp_int* a, int e, sp_int* r); MP_API int sp_mul_2d(sp_int* a, int e, sp_int* r); +#endif MP_API int sp_sqr(sp_int* a, sp_int* r); MP_API int sp_sqrmod(sp_int* a, sp_int* m, sp_int* r); @@ -781,23 +870,31 @@ MP_API int sp_mont_red(sp_int* a, sp_int* m, sp_int_digit mp); MP_API int sp_mont_setup(sp_int* m, sp_int_digit* rho); MP_API int sp_mont_norm(sp_int* norm, sp_int* m); -MP_API int sp_unsigned_bin_size(sp_int* a); +MP_API int sp_unsigned_bin_size(const sp_int* a); MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz); MP_API int sp_to_unsigned_bin(sp_int* a, byte* out); MP_API int sp_to_unsigned_bin_len(sp_int* a, byte* out, int outSz); +#ifdef WOLFSSL_SP_MATH_ALL MP_API int sp_to_unsigned_bin_at_pos(int o, sp_int* a, unsigned char* out); +#endif MP_API int sp_read_radix(sp_int* a, const char* in, int radix); MP_API int sp_tohex(sp_int* a, char* str); MP_API int sp_todecimal(mp_int* a, char* str); +#if defined(WOLFSSL_SP_MATH_ALL) || defined(WC_MP_TO_RADIX) MP_API int sp_toradix(mp_int* a, char* str, int radix); MP_API int sp_radix_size(mp_int* a, int radix, int* size); +#endif MP_API int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap); MP_API int sp_prime_is_prime(mp_int* a, int t, int* result); MP_API int sp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) MP_API int sp_gcd(sp_int* a, sp_int* b, sp_int* r); +#endif +#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING) MP_API int sp_lcm(sp_int* a, sp_int* b, sp_int* r); +#endif WOLFSSL_API word32 CheckRunTimeFastMath(void); @@ -892,8 +989,12 @@ WOLFSSL_API word32 CheckRunTimeFastMath(void); #define mp_gcd sp_gcd #define mp_lcm sp_lcm +#ifdef WOLFSSL_DEBUG_MATH +#define mp_dump(d, a, v) sp_print(a, d) #endif +#endif /* WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libs/libwolfssl/wolfcrypt/srp.h b/source/libs/libwolfssl/wolfcrypt/srp.h index 521ed4fb..d5b9d181 100644 --- a/source/libs/libwolfssl/wolfcrypt/srp.h +++ b/source/libs/libwolfssl/wolfcrypt/srp.h @@ -1,6 +1,6 @@ /* srp.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -246,7 +246,7 @@ WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size); * * The public ephemeral value is known as: * A at the client side. A = g ^ a % N - * B at the server side. B = (k * v + (g ˆ b % N)) % N + * B at the server side. B = (k * v + (g ^ b % N)) % N * This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier. * * @param[in,out] srp the Srp structure. diff --git a/source/libs/libwolfssl/wolfcrypt/tfm.h b/source/libs/libwolfssl/wolfcrypt/tfm.h index 6c5bc869..1f080762 100644 --- a/source/libs/libwolfssl/wolfcrypt/tfm.h +++ b/source/libs/libwolfssl/wolfcrypt/tfm.h @@ -1,6 +1,6 @@ /* tfm.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -70,7 +70,12 @@ #define TFM_X86_64 #endif #endif -#if defined(TFM_X86_64) +#if defined(__aarch64__) && defined(__APPLE__) + #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM) + #define TFM_AARCH_64 + #endif +#endif +#if defined(TFM_X86_64) || defined(TFM_AARCH_64) #if !defined(FP_64BIT) #define FP_64BIT #endif @@ -422,13 +427,16 @@ MP_API void fp_free(fp_int* a); /* zero/one/even/odd/neg/word ? */ #define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO) #define fp_isone(a) \ - ((((a)->used == 1) && ((a)->dp[0] == 1)) ? FP_YES : FP_NO) -#define fp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO) -#define fp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO) -#define fp_isneg(a) (((a)->sign != 0) ? FP_YES : FP_NO) -#define fp_isword(a, w) \ - ((((a)->used == 1) && ((a)->dp[0] == w)) || ((w == 0) && ((a)->used == 0)) \ + ((((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == FP_ZPOS)) \ ? FP_YES : FP_NO) +#define fp_iseven(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO) +#define fp_isodd(a) \ + (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO) +#define fp_isneg(a) (((a)->sign != FP_ZPOS) ? FP_YES : FP_NO) +#define fp_isword(a, w) \ + (((((a)->used == 1) && ((a)->dp[0] == w)) || \ + ((w == 0) && ((a)->used == 0))) ? FP_YES : FP_NO) /* set to a small digit */ void fp_set(fp_int *a, fp_digit b); @@ -440,7 +448,7 @@ int fp_is_bit_set(fp_int *a, fp_digit b); int fp_set_bit (fp_int * a, fp_digit b); /* copy from a to b */ -void fp_copy(fp_int *a, fp_int *b); +void fp_copy(const fp_int *a, fp_int *b); void fp_init_copy(fp_int *a, fp_int *b); /* clamp digits */ @@ -643,19 +651,15 @@ int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y); /*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/ /* radix conversions */ -int fp_count_bits(fp_int *a); +int fp_count_bits(const fp_int *a); int fp_leading_bit(fp_int *a); -int fp_unsigned_bin_size(fp_int *a); +int fp_unsigned_bin_size(const fp_int *a); int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c); int fp_to_unsigned_bin(fp_int *a, unsigned char *b); int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c); int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b); -/*int fp_signed_bin_size(fp_int *a);*/ -/*void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c);*/ -/*void fp_to_signed_bin(fp_int *a, unsigned char *b);*/ - /*int fp_read_radix(fp_int *a, char *str, int radix);*/ /*int fp_toradix(fp_int *a, char *str, int radix);*/ /*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/ @@ -771,17 +775,17 @@ MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d); MP_API int mp_cmp(mp_int *a, mp_int *b); MP_API int mp_cmp_d(mp_int *a, mp_digit b); -MP_API int mp_unsigned_bin_size(mp_int * a); +MP_API int mp_unsigned_bin_size(const mp_int * a); MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c); MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b); MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b); MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c); MP_API int mp_sub_d(fp_int *a, fp_digit b, fp_int *c); -MP_API int mp_copy(fp_int* a, fp_int* b); +MP_API int mp_copy(const fp_int* a, fp_int* b); MP_API int mp_isodd(mp_int* a); MP_API int mp_iszero(mp_int* a); -MP_API int mp_count_bits(mp_int *a); +MP_API int mp_count_bits(const mp_int *a); MP_API int mp_leading_bit(mp_int *a); MP_API int mp_set_int(mp_int *a, unsigned long b); MP_API int mp_is_bit_set (mp_int * a, mp_digit b); diff --git a/source/libs/libwolfssl/wolfcrypt/types.h b/source/libs/libwolfssl/wolfcrypt/types.h index 8862c5a8..667bd76d 100644 --- a/source/libs/libwolfssl/wolfcrypt/types.h +++ b/source/libs/libwolfssl/wolfcrypt/types.h @@ -1,6 +1,6 @@ /* types.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -48,8 +48,14 @@ decouple library dependencies with standard string, memory and so on. * (with minimal depencencies). */ #if defined(HAVE_EX_DATA) || defined(FORTRESS) + #ifdef HAVE_EX_DATA_CLEANUP_HOOKS + typedef void (*wolfSSL_ex_data_cleanup_routine_t)(void *data); + #endif typedef struct WOLFSSL_CRYPTO_EX_DATA { void* ex_data[MAX_EX_DATA]; + #ifdef HAVE_EX_DATA_CLEANUP_HOOKS + wolfSSL_ex_data_cleanup_routine_t ex_data_cleanup_routines[MAX_EX_DATA]; + #endif } WOLFSSL_CRYPTO_EX_DATA; #endif @@ -64,12 +70,18 @@ decouple library dependencies with standard string, memory and so on. #ifndef WOLFSSL_TYPES #ifndef byte typedef unsigned char byte; + typedef signed char sword8; + typedef unsigned char word8; #endif #ifdef WC_16BIT_CPU + typedef int sword16; typedef unsigned int word16; + typedef long sword32; typedef unsigned long word32; #else + typedef short sword16; typedef unsigned short word16; + typedef int sword32; typedef unsigned int word32; #endif typedef byte word24[3]; @@ -86,12 +98,16 @@ decouple library dependencies with standard string, memory and so on. /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */ #if defined(_MSC_VER) || defined(HAVE_LIMITS_H) - #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) + /* make sure both SIZEOF_LONG_LONG and SIZEOF_LONG are set, + * otherwise causes issues with CTC_SETTINGS */ + #if !defined(SIZEOF_LONG_LONG) || !defined(SIZEOF_LONG) #include - #if defined(ULONG_MAX) && (ULONG_MAX == 0xffffffffUL) + #if !defined(SIZEOF_LONG) && defined(ULONG_MAX) && \ + (ULONG_MAX == 0xffffffffUL) #define SIZEOF_LONG 4 #endif - #if defined(ULLONG_MAX) && (ULLONG_MAX == 0xffffffffffffffffULL) + #if !defined(SIZEOF_LONG_LONG) && defined(ULLONG_MAX) && \ + (ULLONG_MAX == 0xffffffffffffffffULL) #define SIZEOF_LONG_LONG 8 #endif #endif @@ -114,32 +130,36 @@ decouple library dependencies with standard string, memory and so on. #if defined(_MSC_VER) || defined(__BCPLUSPLUS__) #define WORD64_AVAILABLE #define W64LIT(x) x##ui64 + typedef __int64 sword64; typedef unsigned __int64 word64; #elif defined(__EMSCRIPTEN__) #define WORD64_AVAILABLE #define W64LIT(x) x##ull + typedef long long sword64; typedef unsigned long long word64; #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long sword64; typedef unsigned long word64; #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long long sword64; typedef unsigned long long word64; #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL + typedef long long sword64; typedef unsigned long long word64; #endif -#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU) +#if defined(WORD64_AVAILABLE) && !defined(WC_16BIT_CPU) /* These platforms have 64-bit CPU registers. */ #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \ defined(__aarch64__) || defined(__sparc64__) || defined(__s390x__ ) || \ - (defined(__riscv_xlen) && (__riscv_xlen == 64)) - typedef word64 wolfssl_word; + (defined(__riscv_xlen) && (__riscv_xlen == 64)) || defined(_M_ARM64) #define WC_64BIT_CPU #elif (defined(sun) || defined(__sun)) && \ (defined(LP64) || defined(_LP64)) @@ -147,16 +167,25 @@ decouple library dependencies with standard string, memory and so on. * and int uses 32 bits. When using Solaris Studio sparc and __sparc are * available for 32 bit detection but __sparc64__ could be missed. This * uses LP64 for checking 64 bit CPU arch. */ - typedef word64 wolfssl_word; #define WC_64BIT_CPU #else - typedef word32 wolfssl_word; - #ifdef WORD64_AVAILABLE - #define WOLFCRYPT_SLOW_WORD64 - #endif #define WC_32BIT_CPU #endif + #if defined(NO_64BIT) + typedef word32 wolfssl_word; + #undef WORD64_AVAILABLE + #else + #ifdef WC_64BIT_CPU + typedef word64 wolfssl_word; + #else + typedef word32 wolfssl_word; + #ifdef WORD64_AVAILABLE + #define WOLFCRYPT_SLOW_WORD64 + #endif + #endif + #endif + #elif defined(WC_16BIT_CPU) #undef WORD64_AVAILABLE typedef word16 wolfssl_word; @@ -168,7 +197,16 @@ decouple library dependencies with standard string, memory and so on. typedef word32 wolfssl_word; #define MP_16BIT /* for mp_int, mp_word needs to be twice as big as mp_digit, no 64 bit type so make mp_digit 16 bit */ - #define WC_32BIT_CPU +#endif + +#ifdef WC_PTR_TYPE /* Allow user suppied type */ + typedef WC_PTR_TYPE wc_ptr_t; +#elif defined(HAVE_UINTPTR_T) + #include + typedef uintptr_t wc_ptr_t; +#else /* fallback to architecture size_t for pointer size */ + #include /* included for getting size_t type */ + typedef size_t wc_ptr_t; #endif enum { @@ -200,6 +238,8 @@ decouple library dependencies with standard string, memory and so on. #else #define WC_INLINE inline #endif + #elif defined(__CCRX__) + #define WC_INLINE inline #else #define WC_INLINE #endif @@ -225,6 +265,8 @@ decouple library dependencies with standard string, memory and so on. #elif defined(__MWERKS__) && TARGET_CPU_PPC #define PPC_INTRINSICS #define FAST_ROTATE + #elif defined(__CCRX__) + #define FAST_ROTATE #elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) /* GCC does peephole optimizations which should result in using rotate instructions */ @@ -247,22 +289,23 @@ decouple library dependencies with standard string, memory and so on. #define THREAD_LS_T #endif - /* GCC 7 has new switch() fall-through detection */ - /* default to FALL_THROUGH stub */ #ifndef FALL_THROUGH - #define FALL_THROUGH - - #if defined(__GNUC__) - #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) - #undef FALL_THROUGH - #if defined(WOLFSSL_LINUXKM) && defined(fallthrough) - #define FALL_THROUGH fallthrough - #else - #define FALL_THROUGH __attribute__ ((fallthrough)); + /* GCC 7 has new switch() fall-through detection */ + #if defined(__GNUC__) + #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) + #if defined(WOLFSSL_LINUXKM) && defined(fallthrough) + #define FALL_THROUGH fallthrough + #else + #define FALL_THROUGH ; __attribute__ ((fallthrough)) + #endif #endif #endif - #endif #endif /* FALL_THROUGH */ + #if !defined(FALL_THROUGH) || defined(__XC32) + /* use stub for fall through by default or for Microchip compiler */ + #undef FALL_THROUGH + #define FALL_THROUGH + #endif /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ @@ -401,15 +444,7 @@ decouple library dependencies with standard string, memory and so on. #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK) #define DECLARE_VAR_IS_HEAP_ALLOC #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ - VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); - #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ - VAR_TYPE* VAR_NAME = ({ \ - VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ - if (ptr && INIT_VALUE) { \ - XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \ - } \ - ptr; \ - }) + VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT) #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ int idx##VAR_NAME, inner_idx_##VAR_NAME; \ @@ -442,8 +477,6 @@ decouple library dependencies with standard string, memory and so on. #undef DECLARE_VAR_IS_HEAP_ALLOC #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_SIZE] - #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ - VAR_TYPE* VAR_NAME = (VAR_TYPE*)INIT_VALUE #define DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_ITEMS][VAR_SIZE] #define FREE_VAR(VAR_NAME, HEAP) /* nothing to free, its stack */ @@ -523,6 +556,8 @@ decouple library dependencies with standard string, memory and so on. #endif #if defined(WOLFSSL_DEOS) #define XSTRNCASECMP(s1,s2,n) strnicmp((s1),(s2),(n)) + #elif defined(WOLFSSL_CMSIS_RTOSv2) + #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) #else #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) #endif @@ -553,17 +588,17 @@ decouple library dependencies with standard string, memory and so on. { va_list ap; int ret; - + if ((int)n <= 0) return -1; - + va_start(ap, format); - - ret = vsnprintf(s, n, format, ap); + + ret = XVSNPRINTF(s, n, format, ap); if (ret < 0) ret = -1; - + va_end(ap); - + return ret; } #define XSNPRINTF _xsnprintf_ @@ -594,7 +629,7 @@ decouple library dependencies with standard string, memory and so on. if ((int)bufsize <= 0) return -1; va_start(ap, format); - ret = vsnprintf(buffer, bufsize, format, ap); + ret = XVSNPRINTF(buffer, bufsize, format, ap); if (ret >= (int)bufsize) ret = -1; va_end(ap); @@ -656,6 +691,8 @@ decouple library dependencies with standard string, memory and so on. #endif #ifdef OPENSSL_ALL #define XISALNUM(c) isalnum((c)) + #define XISASCII(c) isascii((c)) + #define XISSPACE(c) isspace((c)) #endif /* needed by wolfSSL_check_domain_name() */ #define XTOLOWER(c) tolower((c)) @@ -756,6 +793,8 @@ decouple library dependencies with standard string, memory and so on. DYNAMIC_TYPE_NAME_ENTRY = 90, DYNAMIC_TYPE_CURVE448 = 91, DYNAMIC_TYPE_ED448 = 92, + DYNAMIC_TYPE_AES = 93, + DYNAMIC_TYPE_CMAC = 94, DYNAMIC_TYPE_SNIFFER_SERVER = 1000, DYNAMIC_TYPE_SNIFFER_SESSION = 1001, DYNAMIC_TYPE_SNIFFER_PB = 1002, @@ -784,8 +823,9 @@ decouple library dependencies with standard string, memory and so on. WC_ALGO_TYPE_RNG = 4, WC_ALGO_TYPE_SEED = 5, WC_ALGO_TYPE_HMAC = 6, + WC_ALGO_TYPE_CMAC = 7, - WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_HMAC + WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_CMAC }; /* hash types */ @@ -861,14 +901,18 @@ decouple library dependencies with standard string, memory and so on. WC_PK_TYPE_ECDH = 3, WC_PK_TYPE_ECDSA_SIGN = 4, WC_PK_TYPE_ECDSA_VERIFY = 5, - WC_PK_TYPE_ED25519 = 6, + WC_PK_TYPE_ED25519_SIGN = 6, WC_PK_TYPE_CURVE25519 = 7, WC_PK_TYPE_RSA_KEYGEN = 8, WC_PK_TYPE_EC_KEYGEN = 9, WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10, WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11, - - WC_PK_TYPE_MAX = WC_PK_TYPE_EC_CHECK_PRIV_KEY + WC_PK_TYPE_ED448 = 12, + WC_PK_TYPE_CURVE448 = 13, + WC_PK_TYPE_ED25519_VERIFY = 14, + WC_PK_TYPE_ED25519_KEYGEN = 15, + WC_PK_TYPE_CURVE25519_KEYGEN = 16, + WC_PK_TYPE_MAX = WC_PK_TYPE_CURVE25519_KEYGEN }; @@ -911,6 +955,12 @@ decouple library dependencies with standard string, memory and so on. * Xilinx RSA operations require alignment */ #if defined(WOLFSSL_AESNI) || defined(WOLFSSL_ARMASM) || \ defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_AFALG_XILINX) + #ifndef WOLFSSL_USE_ALIGN + #define WOLFSSL_USE_ALIGN + #endif + #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM || USE_INTEL_SPEEDUP || WOLFSSL_AFALG_XILINX */ + + #ifdef WOLFSSL_USE_ALIGN #if !defined(ALIGN16) #if defined(__IAR_SYSTEMS_ICC__) || defined(__GNUC__) #define ALIGN16 __attribute__ ( (aligned (16))) @@ -983,7 +1033,15 @@ decouple library dependencies with standard string, memory and so on. #ifndef ALIGN256 #define ALIGN256 #endif - #endif /* WOLFSSL_AESNI || WOLFSSL_ARMASM */ + #endif /* WOLFSSL_USE_ALIGN */ + + #if !defined(PEDANTIC_EXTENSION) + #if defined(__GNUC__) + #define PEDANTIC_EXTENSION __extension__ + #else + #define PEDANTIC_EXTENSION + #endif + #endif /* !PEDANTIC_EXTENSION */ #ifndef TRUE @@ -1031,6 +1089,14 @@ decouple library dependencies with standard string, memory and so on. #define WC_MP_TO_RADIX #endif + #if defined(__GNUC__) && __GNUC__ > 5 + #define PRAGMA_GCC_IGNORE(str) _Pragma(str); + #define PRAGMA_GCC_POP _Pragma("GCC diagnostic pop"); + #else + #define PRAGMA_GCC_IGNORE(str) + #define PRAGMA_GCC_POP + #endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/source/libs/libwolfssl/wolfcrypt/visibility.h b/source/libs/libwolfssl/wolfcrypt/visibility.h index 8ed57fb9..46a31a44 100644 --- a/source/libs/libwolfssl/wolfcrypt/visibility.h +++ b/source/libs/libwolfssl/wolfcrypt/visibility.h @@ -1,6 +1,6 @@ /* visibility.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -43,7 +43,8 @@ */ #if defined(BUILDING_WOLFSSL) - #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) + #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \ + defined(_WIN32_WCE) #if defined(WOLFSSL_DLL) #define WOLFSSL_API __declspec(dllexport) #else @@ -61,7 +62,8 @@ #define WOLFSSL_LOCAL #endif /* HAVE_VISIBILITY */ #else /* BUILDING_WOLFSSL */ - #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) + #if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || \ + defined(_WIN32_WCE) #if defined(WOLFSSL_DLL) #define WOLFSSL_API __declspec(dllimport) #else diff --git a/source/libs/libwolfssl/wolfcrypt/wc_encrypt.h b/source/libs/libwolfssl/wolfcrypt/wc_encrypt.h index b83fbe02..71487fba 100644 --- a/source/libs/libwolfssl/wolfcrypt/wc_encrypt.h +++ b/source/libs/libwolfssl/wolfcrypt/wc_encrypt.h @@ -1,6 +1,6 @@ /* wc_encrypt.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -60,6 +60,22 @@ #endif +#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ + (HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \ + (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))) + /* In FIPS cert 3389 and CAVP selftest v1 build, these enums are + * not in aes.h. Define them here outside the fips boundary. + */ + #ifndef GCM_NONCE_MID_SZ + /* The usual default nonce size for AES-GCM. */ + #define GCM_NONCE_MID_SZ 12 + #endif + #ifndef CCM_NONCE_MIN_SZ + #define CCM_NONCE_MIN_SZ 7 + #endif +#endif + + #if !defined(NO_AES) && defined(HAVE_AES_CBC) WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, const byte* key, word32 keySz, diff --git a/source/libs/libwolfssl/wolfcrypt/wc_pkcs11.h b/source/libs/libwolfssl/wolfcrypt/wc_pkcs11.h index 15412bfb..65bf50a6 100644 --- a/source/libs/libwolfssl/wolfcrypt/wc_pkcs11.h +++ b/source/libs/libwolfssl/wolfcrypt/wc_pkcs11.h @@ -1,6 +1,6 @@ /* wc_pkcs11.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/wc_port.h b/source/libs/libwolfssl/wolfcrypt/wc_port.h index 5564d993..996b99f5 100644 --- a/source/libs/libwolfssl/wolfcrypt/wc_port.h +++ b/source/libs/libwolfssl/wolfcrypt/wc_port.h @@ -1,6 +1,6 @@ /* wc_port.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -82,6 +82,10 @@ _Pragma("GCC diagnostic ignored \"-Wpointer-sign\""); _Pragma("GCC diagnostic ignored \"-Wbad-function-cast\""); _Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\""); + _Pragma("GCC diagnostic ignored \"-Wtype-limits\""); + + /* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native include/linux/types.h: */ + #define _GCC_STDINT_H #include #include @@ -323,7 +327,11 @@ #endif #if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \ !defined(NO_FILESYSTEM) - #include /* for close of BIO */ + #ifdef FUSION_RTOS + #include + #else + #include /* for close of BIO */ + #endif #endif #endif @@ -487,6 +495,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END VSEEK_END #define XBADFILE -1 #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(LSR_FS) #include #define XFILE struct fs_file* @@ -499,7 +508,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XFCLOSE fs_close #define XSEEK_END 0 #define XBADFILE NULL - #define XFGETS(b,s,f) -2 /* Not ported yet */ + #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) #define XFILE MQX_FILE_PTR #define XFOPEN fopen @@ -512,11 +522,10 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END IO_SEEK_END #define XBADFILE NULL #define XFGETS fgets + #elif defined(WOLFSSL_DEOS) #define NO_FILESYSTEM #warning "TODO - DDC-I Certifiable Fast File System for Deos is not integrated" - //#define XFILE bfd * - #elif defined(MICRIUM) #include #define XFILE FS_FILE* @@ -530,6 +539,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END FS_SEEK_END #define XBADFILE NULL #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(WOLFSSL_NUCLEUS_1_2) #include "fal/inc/fal.h" #define XFILE FILE* @@ -542,6 +552,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XFCLOSE fclose #define XSEEK_END PSEEK_END #define XBADFILE NULL + #elif defined(WOLFSSL_APACHE_MYNEWT) #include #define XFILE struct fs_file* @@ -556,6 +567,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END 2 #define XBADFILE NULL #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(WOLFSSL_ZEPHYR) #include @@ -606,6 +618,57 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END 0 #define XBADFILE NULL #define XFGETS(b,s,f) f_gets((b), (s), (f)) +#elif defined (_WIN32_WCE) + /* stdio, WINCE case */ + #include + #define XFILE FILE* + #define XFOPEN fopen + #define XFDOPEN fdopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND(F) XFSEEK(F, 0, SEEK_SET) + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL + #define XFGETS fgets + #define XVSNPRINTF _vsnprintf + +#elif defined(FUSION_RTOS) + #include + #include + #include + #include + #include + #include + #define XFILE FCL_FILE* + #define XFOPEN FCL_FOPEN + #define XFSEEK FCL_FSEEK + #define XFTELL FCL_FTELL + #define XREWIND FCL_REWIND + #define XFREAD FCL_FREAD + #define XFWRITE FCL_FWRITE + #define XFCLOSE FCL_FCLOSE + #define XSEEK_END SEEK_END + #define XBADFILE NULL + #define XFGETS FCL_FGETS + #define XFPUTS FCL_FPUTS + #define XFPRINTF FCL_FPRINTF + #define XVFPRINTF FCL_VFPRINTF + #define XVSNPRINTF FCL_VSNPRINTF + #define XSNPRINTF FCL_SNPRINTF + #define XSPRINTF FCL_SPRINTF + #define DIR FCL_DIR + #define stat FCL_STAT + #define opendir FCL_OPENDIR + #define closedir FCL_CLOSEDIR + #define readdir FCL_READDIR + #define dirent fclDirent + #define strncasecmp FCL_STRNCASECMP + + /* FUSION SPECIFIC ERROR CODE */ + #define FUSION_IO_SEND_E FCL_EWOULDBLOCK #elif defined(WOLFSSL_USER_FILESYSTEM) /* To be defined in user_settings.h */ @@ -629,16 +692,61 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END SEEK_END #define XBADFILE NULL #define XFGETS fgets + #define XFPRINTF fprintf - #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ + #if !defined(NO_WOLFSSL_DIR)\ && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) + #if defined(USE_WINDOWS_API) + #include + #define XSTAT _stat + #define XS_ISREG(s) (s & _S_IFREG) + #define SEPARATOR_CHAR ';' + + #elif defined(INTIME_RTOS) + #include + #define XSTAT _stat64 + #define XS_ISREG(s) S_ISREG(s) + #define SEPARATOR_CHAR ';' + #define XWRITE write + #define XREAD read + #define XCLOSE close + + #elif defined(WOLFSSL_ZEPHYR) + #define XSTAT fs_stat + #define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE) + #define SEPARATOR_CHAR ':' + #elif defined(WOLFSSL_TELIT_M2MB) + #define XSTAT m2mb_fs_stat + #define XS_ISREG(s) (s & M2MB_S_IFREG) + #define SEPARATOR_CHAR ':' + #else #include #include #include #define XWRITE write #define XREAD read #define XCLOSE close + #define XSTAT stat + #define XS_ISREG(s) S_ISREG(s) + #define SEPARATOR_CHAR ':' #endif + #endif +#endif + +/* Defaults, user may over-ride with user_settings.h or in a porting section + * above + */ +#ifndef XVFPRINTF + #define XVFPRINTF vfprintf +#endif +#ifndef XVSNPRINTF + #define XVSNPRINTF vsnprintf +#endif +#ifndef XFPUTS + #define XFPUTS fputs +#endif +#ifndef XSPRINTF + #define XSPRINTF sprintf #endif #ifndef MAX_FILENAME_SZ @@ -657,6 +765,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #ifdef USE_WINDOWS_API WIN32_FIND_DATAA FindFileData; HANDLE hFind; + struct XSTAT s; #elif defined(WOLFSSL_ZEPHYR) struct fs_dirent entry; struct fs_dir_t dir; @@ -667,10 +776,17 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); M2MB_DIR_T* dir; struct M2MB_DIRENT* entry; struct M2MB_STAT s; + #elif defined(INTIME_RTOS) + struct stat64 s; + struct _find64 FindFileData; + #define IntimeFindFirst(name, data) (0 == _findfirst64(name, data)) + #define IntimeFindNext(data) (0 == _findnext64(data)) + #define IntimeFindClose(data) (0 == _findclose64(data)) + #define IntimeFilename(ctx) ctx->FindFileData.f_filename #else struct dirent* entry; DIR* dir; - struct stat s; + struct XSTAT s; #endif char name[MAX_FILENAME_SZ]; } ReadDirCtx; @@ -681,6 +797,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name); WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx); #endif /* !NO_WOLFSSL_DIR */ + #define WC_ISFILEEXIST_NOFILE -1 + + WOLFSSL_API int wc_FileExists(const char* fname); #endif /* !NO_FILESYSTEM */ @@ -696,6 +815,10 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #endif /* max */ #endif /* USE_WINDOWS_API */ +#ifdef __QNXNTO__ + #define WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MAX +#endif /* TIME SECTION */ /* Time functions */ @@ -742,10 +865,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XGMTIME(c, t) rtpsys_gmtime((c)) #elif defined(WOLFSSL_DEOS) - #define XTIME(t1) deos_time((t1)) - #define WOLFSSL_GMTIME - #define USE_WOLF_TM - #define USE_WOLF_TIME_T + #include #elif defined(MICRIUM) #include @@ -797,9 +917,32 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #elif defined(_WIN32_WCE) #include + #include /* For file system */ + + time_t windows_time(time_t* timer); + + #define FindNextFileA(h, d) FindNextFile(h, (LPWIN32_FIND_DATAW) d) + #define FindFirstFileA(fn, d) FindFirstFile((LPCWSTR) fn, \ + (LPWIN32_FIND_DATAW) d) #define XTIME(t1) windows_time((t1)) #define WOLFSSL_GMTIME + /* if struct tm is not defined in WINCE SDK */ + #ifndef _TM_DEFINED + struct tm { + int tm_sec; /* seconds */ + int tm_min; /* minutes */ + int tm_hour; /* hours */ + int tm_mday; /* day of month (month specific) */ + int tm_mon; /* month */ + int tm_year; /* year */ + int tm_wday; /* day of week (out of 1-7)*/ + int tm_yday; /* day of year (out of 365) */ + int tm_isdst; /* is it daylight savings */ + }; + #define _TM_DEFINED + #endif + #elif defined(WOLFSSL_APACHE_MYNEWT) #include "os/os_time.h" #define XTIME(t1) mynewt_time((t1)) diff --git a/source/libs/libwolfssl/wolfcrypt/wolfevent.h b/source/libs/libwolfssl/wolfcrypt/wolfevent.h index 572e21bb..83df5cfd 100644 --- a/source/libs/libwolfssl/wolfcrypt/wolfevent.h +++ b/source/libs/libwolfssl/wolfcrypt/wolfevent.h @@ -1,6 +1,6 @@ /* wolfevent.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/source/libs/libwolfssl/wolfcrypt/wolfmath.h b/source/libs/libwolfssl/wolfcrypt/wolfmath.h index 3d9830a1..3430033e 100644 --- a/source/libs/libwolfssl/wolfcrypt/wolfmath.h +++ b/source/libs/libwolfssl/wolfcrypt/wolfmath.h @@ -1,6 +1,6 @@ /* wolfmath.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -50,23 +50,23 @@ This library provides big integer math functions. ((defined(HAVE_ECC) && defined(ECC_TIMING_RESISTANT)) || \ (defined(USE_FAST_MATH) && defined(TFM_TIMING_RESISTANT))) - extern const wolfssl_word wc_off_on_addr[2]; + extern const wc_ptr_t wc_off_on_addr[2]; #endif /* common math functions */ -MP_API int get_digit_count(mp_int* a); -MP_API mp_digit get_digit(mp_int* a, int n); +MP_API int get_digit_count(const mp_int* a); +MP_API mp_digit get_digit(const mp_int* a, int n); MP_API int get_rand_digit(WC_RNG* rng, mp_digit* d); WOLFSSL_API int mp_cond_copy(mp_int* a, int copy, mp_int* b); WOLFSSL_API int mp_rand(mp_int* a, int digits, WC_RNG* rng); -enum { - /* format type */ - WC_TYPE_HEX_STR = 1, - WC_TYPE_UNSIGNED_BIN = 2, -}; +#define WC_TYPE_HEX_STR 1 +#define WC_TYPE_UNSIGNED_BIN 2 +#if defined(WOLFSSL_QNX_CAAM) + #define WC_TYPE_BLACK_KEY 3 +#endif WOLFSSL_API int wc_export_int(mp_int* mp, byte* buf, word32* len, word32 keySz, int encType); diff --git a/source/libs/libwolfssl/wolfio.h b/source/libs/libwolfssl/wolfio.h index 58abb969..d5b973dc 100644 --- a/source/libs/libwolfssl/wolfio.h +++ b/source/libs/libwolfssl/wolfio.h @@ -1,6 +1,6 @@ /* io.h * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2021 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -133,6 +133,10 @@ #elif defined(HAVE_NETX) #include "nx_api.h" #include "errno.h" + #elif defined(FUSION_RTOS) + #include + #include + #include #elif !defined(WOLFSSL_NO_SOCK) #include #include @@ -244,13 +248,17 @@ #define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED #define SOCKET_ECONNABORTED NU_NOT_CONNECTED #elif defined(WOLFSSL_DEOS) - #define SOCKET_EWOULDBLOCK EAGAIN - #define SOCKET_EAGAIN EAGAIN - #define SOCKET_ECONNRESET EINTR - #define SOCKET_EINTR EINTR - #define SOCKET_EPIPE EPIPE - #define SOCKET_ECONNREFUSED SOCKET_ERROR - #define SOCKET_ECONNABORTED SOCKET_ERROR + /* `sockaddr_storage` is not defined in DEOS. This workaround will + * work for IPV4, but not IPV6 + */ + #define sockaddr_storage sockaddr_in + #define SOCKET_EWOULDBLOCK EAGAIN + #define SOCKET_EAGAIN EAGAIN + #define SOCKET_ECONNRESET EINTR + #define SOCKET_EINTR EINTR + #define SOCKET_EPIPE EPIPE + #define SOCKET_ECONNREFUSED SOCKET_ERROR + #define SOCKET_ECONNABORTED SOCKET_ERROR #elif defined(HAVE_NETX) #define SOCKET_EWOULDBLOCK NX_NOT_CONNECTED #define SOCKET_EAGAIN NX_NOT_CONNECTED @@ -259,6 +267,14 @@ #define SOCKET_EPIPE NX_NOT_CONNECTED #define SOCKET_ECONNREFUSED NX_NOT_CONNECTED #define SOCKET_ECONNABORTED NX_NOT_CONNECTED +#elif defined(FUSION_RTOS) + #define SOCKET_EWOULDBLOCK FCL_EWOULDBLOCK + #define SOCKET_EAGAIN FCL_EAGAIN + #define SOCKET_ECONNRESET FNS_ECONNRESET + #define SOCKET_EINTR FCL_EINTR + #define SOCKET_EPIPE FCL_EPIPE + #define SOCKET_ECONNREFUSED FCL_ECONNREFUSED + #define SOCKET_ECONNABORTED FNS_ECONNABORTED #else #define SOCKET_EWOULDBLOCK EWOULDBLOCK #define SOCKET_EAGAIN EAGAIN @@ -290,6 +306,9 @@ #elif defined(WOLFSSL_NUCLEUS_1_2) #define SEND_FUNCTION NU_Send #define RECV_FUNCTION NU_Recv +#elif defined(FUSION_RTOS) + #define SEND_FUNCTION FNS_SEND + #define RECV_FUNCTION FNS_RECV #elif defined(WOLFSSL_ZEPHYR) #ifndef WOLFSSL_MAX_SEND_SZ #define WOLFSSL_MAX_SEND_SZ 256 @@ -372,6 +391,13 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags); #define CloseSocket(s) closesocket(s) #endif #define StartTCP() +#elif defined(FUSION_RTOS) + #ifndef CloseSocket + #define CloseSocket(s) do { \ + int err; \ + FNS_CLOSE(s, &err); \ + } while(0) + #endif #else #ifndef CloseSocket #define CloseSocket(s) close(s) @@ -502,9 +528,9 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); } conn; WOLFSSL_CTX *ctx; WOLFSSL *ssl; - uint8_t *input_databuf; - uint8_t *output_databuf; - uint8_t *ssl_rx_databuf; + byte *input_databuf; + byte *output_databuf; + byte *ssl_rx_databuf; int ssl_rb_len; int ssl_rb_off; struct process *process; @@ -512,7 +538,7 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); tcp_socket_event_callback_t event_callback; int closing; uip_ipaddr_t peer_addr; - uint16_t peer_port; + word16 peer_port; }; typedef struct uip_wolfssl_ctx uip_wolfssl_ctx; @@ -591,11 +617,30 @@ WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags); #define XINET_PTON(a,b,c) InetPton((a),(b),(c)) #endif #endif + #ifndef XHTONS - #define XHTONS(a) htons((a)) + #if !defined(WOLFSSL_NO_SOCK) && (defined(USE_WOLFSSL_IO) || defined(HAVE_HTTP_CLIENT)) + #define XHTONS(a) htons((a)) + #else + /* we don't have sockets, so define our own htons and ntohs */ + #ifdef BIG_ENDIAN_ORDER + #define XHTONS(a) (a) + #else + #define XHTONS(a) ((((a) >> 8) & 0xff) | (((a) & 0xff) << 8)) + #endif + #endif #endif #ifndef XNTOHS - #define XNTOHS(a) ntohs((a)) + #if !defined(WOLFSSL_NO_SOCK) && (defined(USE_WOLFSSL_IO) || defined(HAVE_HTTP_CLIENT)) + #define XNTOHS(a) ntohs((a)) + #else + /* we don't have sockets, so define our own htons and ntohs */ + #ifdef BIG_ENDIAN_ORDER + #define XNTOHS(a) (a) + #else + #define XNTOHS(a) ((((a) >> 8) & 0xff) | (((a) & 0xff) << 8)) + #endif + #endif #endif #ifndef WOLFSSL_IP4