diff --git a/.gitignore b/.gitignore index 2e0a1c76b..b20170ad6 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ ## Build generated build/ +.build DerivedData/ ## Various settings diff --git a/Blink.xcodeproj/project.pbxproj b/Blink.xcodeproj/project.pbxproj index aee210608..ed5cbf4e2 100644 --- a/Blink.xcodeproj/project.pbxproj +++ b/Blink.xcodeproj/project.pbxproj @@ -3,7 +3,7 @@ archiveVersion = 1; classes = { }; - objectVersion = 46; + objectVersion = 52; objects = { /* Begin PBXBuildFile section */ @@ -11,15 +11,11 @@ 0716B5741CFFAB9300268B5B /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0716B52C1CFFAB9300268B5B /* LaunchScreen.storyboard */; }; 0732F04D1D062B9A00AB5438 /* locales.bundle in Resources */ = {isa = PBXBuildFile; fileRef = 0732F04A1D062B9A00AB5438 /* locales.bundle */; }; 0732F04E1D062B9A00AB5438 /* term.html in Resources */ = {isa = PBXBuildFile; fileRef = 0732F04B1D062B9A00AB5438 /* term.html */; }; - 0732F0BE1D062BB400AB5438 /* libssh2.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F05F1D062BB300AB5438 /* libssh2.framework */; }; - 0732F0D11D062BB400AB5438 /* openssl.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F0841D062BB300AB5438 /* openssl.framework */; }; 0732F11E1D062DDB00AB5438 /* UICKeyChainStore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F1171D062CA000AB5438 /* UICKeyChainStore.framework */; }; 0732F11F1D062DDB00AB5438 /* UICKeyChainStore.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F1171D062CA000AB5438 /* UICKeyChainStore.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; 0732F1271D06323A00AB5438 /* libz.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F1261D06323A00AB5438 /* libz.tbd */; }; 0732F1291D06324200AB5438 /* libcurses.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F1281D06324200AB5438 /* libcurses.tbd */; }; 074F30791D062A2800A73445 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 074F30781D062A2800A73445 /* main.m */; }; - 076FBD501DB6BD9400F6D997 /* libmoshios.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 076FBD4F1DB6BD9400F6D997 /* libmoshios.framework */; }; - 076FBD521DB6BE1D00F6D997 /* libprotobuf.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 076FBD511DB6BE1D00F6D997 /* libprotobuf.a */; }; 079635871D0E6602000473B1 /* TermView.m in Sources */ = {isa = PBXBuildFile; fileRef = 079635841D0E6602000473B1 /* TermView.m */; }; 07E3AEB01D8F6758007BC086 /* BKFeedbackViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 07E3AEAF1D8F6758007BC086 /* BKFeedbackViewController.m */; }; 07E3AEB31D8F6775007BC086 /* BKSupportViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 07E3AEB21D8F6775007BC086 /* BKSupportViewController.m */; }; @@ -34,10 +30,6 @@ 07F670751D05EEE200C0A53C /* Session.m in Sources */ = {isa = PBXBuildFile; fileRef = 07F6706C1D05EEE200C0A53C /* Session.m */; }; 07F670761D05EEE200C0A53C /* SSHCopyIDSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 07F6706E1D05EEE200C0A53C /* SSHCopyIDSession.m */; }; 07F670771D05EEE200C0A53C /* SSHSession.m in Sources */ = {isa = PBXBuildFile; fileRef = 07F670701D05EEE200C0A53C /* SSHSession.m */; }; - 22A9494B2067FD5E003A0666 /* files.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 22A949492067FD5E003A0666 /* files.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - 22A9494C2067FD5E003A0666 /* tar.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 22A9494A2067FD5E003A0666 /* tar.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - 22E1F3352036EE87001FCC5C /* openssl.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 22E1F3332036EE86001FCC5C /* openssl.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - 22E1F3362036EE87001FCC5C /* libssh2.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 22E1F3342036EE86001FCC5C /* libssh2.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; 803B99D72582869200DC99C8 /* BKNotificationsView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 803B99D62582869200DC99C8 /* BKNotificationsView.swift */; }; 803B99E3258381B200DC99C8 /* SettingsHostingController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 803B99E2258381B200DC99C8 /* SettingsHostingController.swift */; }; 85A34307200A837A009324F1 /* webfontloader.js in Resources */ = {isa = PBXBuildFile; fileRef = 85A34303200A837A009324F1 /* webfontloader.js */; }; @@ -74,12 +66,6 @@ C9B2E0351D6B612400B89F69 /* BKSettingsFileDownloader.m in Sources */ = {isa = PBXBuildFile; fileRef = C9B2E0131D6B612300B89F69 /* BKSettingsFileDownloader.m */; }; D2036B6323967F2F0013D2A3 /* BindingConfigView.swift in Sources */ = {isa = PBXBuildFile; fileRef = D2036B6223967F2F0013D2A3 /* BindingConfigView.swift */; }; D2060A5420E2644400CF5122 /* SSHClient.m in Sources */ = {isa = PBXBuildFile; fileRef = D2060A5320E2644400CF5122 /* SSHClient.m */; }; - D2071B732150E4AA000156D7 /* ssh-add.m in Sources */ = {isa = PBXBuildFile; fileRef = D2071B722150E4AA000156D7 /* ssh-add.m */; }; - D2071B7B2150EBC1000156D7 /* authfile.c in Sources */ = {isa = PBXBuildFile; fileRef = D2071B7A2150EBC1000156D7 /* authfile.c */; }; - D2071B7E2150EE77000156D7 /* authfd.c in Sources */ = {isa = PBXBuildFile; fileRef = D2071B7C2150EE77000156D7 /* authfd.c */; }; - D2071B812150FFD1000156D7 /* match.c in Sources */ = {isa = PBXBuildFile; fileRef = D2071B7F2150FFD0000156D7 /* match.c */; }; - D2071B83215101DC000156D7 /* blink-compat.c in Sources */ = {isa = PBXBuildFile; fileRef = D2071B82215101DC000156D7 /* blink-compat.c */; }; - D2071B86215135A9000156D7 /* openssl-compat.c in Sources */ = {isa = PBXBuildFile; fileRef = D2071B84215135A9000156D7 /* openssl-compat.c */; }; D2094662204D3FC5003C4F72 /* cacert.pem in Resources */ = {isa = PBXBuildFile; fileRef = D209465B204D3FC5003C4F72 /* cacert.pem */; }; D20CBA4F2360319600D93301 /* NSCoder+CodingKey.swift in Sources */ = {isa = PBXBuildFile; fileRef = D265FBC8231905AC0017EAC4 /* NSCoder+CodingKey.swift */; }; D20CBA57236031D700D93301 /* CompleteUtilsTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D20CBA56236031D700D93301 /* CompleteUtilsTests.swift */; }; @@ -107,6 +93,36 @@ D21A3FE721943BE200269705 /* dark-app-ipad-76pt@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = D21A3FD621943BE200269705 /* dark-app-ipad-76pt@2x.png */; }; D2334D1C21495DAE00D26AC3 /* udptunnel.m in Sources */ = {isa = PBXBuildFile; fileRef = D2334D1321495DAE00D26AC3 /* udptunnel.m */; }; D2334D1D21495DAE00D26AC3 /* host2ip.c in Sources */ = {isa = PBXBuildFile; fileRef = D2334D1421495DAE00D26AC3 /* host2ip.c */; }; + D2334EEE25C1C28F00385378 /* awk.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECF25C1C04700385378 /* awk.xcframework */; }; + D2334EEF25C1C28F00385378 /* awk.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECF25C1C04700385378 /* awk.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EF025C1C28F00385378 /* curl_ios.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECE25C1C04700385378 /* curl_ios.xcframework */; }; + D2334EF125C1C28F00385378 /* curl_ios.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECE25C1C04700385378 /* curl_ios.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EF225C1C28F00385378 /* files.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECA25C1C04700385378 /* files.xcframework */; }; + D2334EF325C1C28F00385378 /* files.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECA25C1C04700385378 /* files.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EF425C1C28F00385378 /* ios_system.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ED025C1C04700385378 /* ios_system.xcframework */; }; + D2334EF525C1C28F00385378 /* ios_system.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ED025C1C04700385378 /* ios_system.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EF625C1C28F00385378 /* LibSSH.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC425C1C04700385378 /* LibSSH.xcframework */; }; + D2334EF725C1C28F00385378 /* LibSSH.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC425C1C04700385378 /* LibSSH.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EF825C1C28F00385378 /* mosh.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC525C1C04700385378 /* mosh.xcframework */; }; + D2334EF925C1C28F00385378 /* mosh.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC525C1C04700385378 /* mosh.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EFA25C1C28F00385378 /* network_ios.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC625C1C04700385378 /* network_ios.xcframework */; }; + D2334EFB25C1C28F00385378 /* network_ios.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC625C1C04700385378 /* network_ios.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EFC25C1C28F00385378 /* openssl.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECC25C1C04700385378 /* openssl.xcframework */; }; + D2334EFD25C1C28F00385378 /* openssl.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECC25C1C04700385378 /* openssl.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334EFE25C1C28F00385378 /* Protobuf_C_.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECB25C1C04700385378 /* Protobuf_C_.xcframework */; }; + D2334EFF25C1C28F00385378 /* Protobuf_C_.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECB25C1C04700385378 /* Protobuf_C_.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F0025C1C28F00385378 /* shell.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC925C1C04700385378 /* shell.xcframework */; }; + D2334F0125C1C28F00385378 /* shell.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC925C1C04700385378 /* shell.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F0225C1C28F00385378 /* ssh_cmd.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC825C1C04700385378 /* ssh_cmd.xcframework */; }; + D2334F0325C1C28F00385378 /* ssh_cmd.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC825C1C04700385378 /* ssh_cmd.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F0425C1C28F00385378 /* tar.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECD25C1C04700385378 /* tar.xcframework */; }; + D2334F0525C1C28F00385378 /* tar.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334ECD25C1C04700385378 /* tar.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F0625C1C28F00385378 /* text.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC725C1C04700385378 /* text.xcframework */; }; + D2334F0725C1C28F00385378 /* text.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334EC725C1C04700385378 /* text.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F0C25C1C3C600385378 /* OpenSSH.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334F0A25C1C3A000385378 /* OpenSSH.xcframework */; }; + D2334F0D25C1C3C600385378 /* OpenSSH.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334F0A25C1C3A000385378 /* OpenSSH.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; + D2334F1925C1C4E100385378 /* libssh2.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2334F1825C1C4D100385378 /* libssh2.xcframework */; }; + D2334F1A25C1C4E100385378 /* libssh2.xcframework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2334F1825C1C4D100385378 /* libssh2.xcframework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; D23742CA21106ADF00366359 /* bench.m in Sources */ = {isa = PBXBuildFile; fileRef = D23742C921106ADF00366359 /* bench.m */; }; D23A7B25233C934900B3B66D /* UIColor+isLight.swift in Sources */ = {isa = PBXBuildFile; fileRef = D23A7B24233C934900B3B66D /* UIColor+isLight.swift */; }; D23AA645223EA3C40020FA77 /* BKXCallBackUrlConfigurationViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = D23AA644223EA3C40020FA77 /* BKXCallBackUrlConfigurationViewController.m */; }; @@ -141,7 +157,6 @@ D24AFD59222410E700CFD3C1 /* MBProgressHUD.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = 0732F10D1D062BF700AB5438 /* MBProgressHUD.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; D2512AC520BD4C3000A80257 /* curl_ios_static.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2E4F92E20B2BB4500B30F7B /* curl_ios_static.framework */; }; D25D58102358897B00D1BCAE /* Complete.swift in Sources */ = {isa = PBXBuildFile; fileRef = D25D580F2358897B00D1BCAE /* Complete.swift */; }; - D263489820BEBFE000A8E89F /* libsshd.a in Frameworks */ = {isa = PBXBuildFile; fileRef = D263489720BEBFE000A8E89F /* libsshd.a */; }; D265FBBD2317DD3C0017EAC4 /* BlinkTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D265FBBC2317DD3C0017EAC4 /* BlinkTests.swift */; }; D265FBC52317E5090017EAC4 /* SessionParamsTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D265FBC42317E5090017EAC4 /* SessionParamsTests.swift */; }; D265FBC62317E54C0017EAC4 /* SessionParams.swift in Sources */ = {isa = PBXBuildFile; fileRef = D248E67D22DE14100057FE67 /* SessionParams.swift */; }; @@ -156,46 +171,10 @@ D2903F3C239BBF5D005F991B /* KeyShortcut.swift in Sources */ = {isa = PBXBuildFile; fileRef = D2903F3B239BBF5D005F991B /* KeyShortcut.swift */; }; D29392B72004D785001FB2AA /* hterm_all.patches.js in Resources */ = {isa = PBXBuildFile; fileRef = D29392B62004D785001FB2AA /* hterm_all.patches.js */; }; D29568B921BE629100480A83 /* bk_getopts.c in Sources */ = {isa = PBXBuildFile; fileRef = D29568B821BE629100480A83 /* bk_getopts.c */; }; - D2961970214F89360070935A /* ssh-agent.m in Sources */ = {isa = PBXBuildFile; fileRef = D296196F214F89210070935A /* ssh-agent.m */; }; - D2961975214F8A580070935A /* sshbuf.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961972214F8A580070935A /* sshbuf.c */; }; - D296197C214F8ABE0070935A /* atomicio.c in Sources */ = {isa = PBXBuildFile; fileRef = D296197A214F8ABD0070935A /* atomicio.c */; }; - D296197F214F91550070935A /* sshkey.c in Sources */ = {isa = PBXBuildFile; fileRef = D296197D214F91550070935A /* sshkey.c */; }; - D2961983214F968A0070935A /* cipher.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961981214F96890070935A /* cipher.c */; }; - D2961989214F96A10070935A /* chacha.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961987214F96A10070935A /* chacha.c */; }; - D296198A214F96A10070935A /* poly1305.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961988214F96A10070935A /* poly1305.c */; }; - D296198D214F96D50070935A /* digest-openssl.c in Sources */ = {isa = PBXBuildFile; fileRef = D296198B214F96D50070935A /* digest-openssl.c */; }; - D296199A214F995D0070935A /* blocks.c in Sources */ = {isa = PBXBuildFile; fileRef = D296198F214F995D0070935A /* blocks.c */; }; - D296199B214F995D0070935A /* ge25519_base.data in Resources */ = {isa = PBXBuildFile; fileRef = D2961990214F995D0070935A /* ge25519_base.data */; }; - D296199C214F995D0070935A /* ed25519.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961991214F995D0070935A /* ed25519.c */; }; - D296199D214F995D0070935A /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961995214F995D0070935A /* hash.c */; }; - D296199E214F995D0070935A /* sc25519.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961996214F995D0070935A /* sc25519.c */; }; - D296199F214F995D0070935A /* ge25519.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961997214F995D0070935A /* ge25519.c */; }; - D29619A0214F995D0070935A /* fe25519.c in Sources */ = {isa = PBXBuildFile; fileRef = D2961999214F995D0070935A /* fe25519.c */; }; - D29619A4214F99A30070935A /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619A3214F99A30070935A /* rsa.c */; }; - D29619A7214FA7D40070935A /* bcrypt-pbkdf.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619A6214FA7D30070935A /* bcrypt-pbkdf.c */; }; - D29619A9214FB4110070935A /* base64.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619A8214FB4110070935A /* base64.c */; }; - D29619AD214FB5EA0070935A /* ssh-ed25519.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619AA214FB5EA0070935A /* ssh-ed25519.c */; }; - D29619AE214FB5EA0070935A /* ssh-rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619AB214FB5EA0070935A /* ssh-rsa.c */; }; - D29619AF214FB5EA0070935A /* ssh-ecdsa.c in Sources */ = {isa = PBXBuildFile; fileRef = D29619AC214FB5EA0070935A /* ssh-ecdsa.c */; }; D298D67D2110803600992CA4 /* SSHClientPortListener.m in Sources */ = {isa = PBXBuildFile; fileRef = D298D67C2110803600992CA4 /* SSHClientPortListener.m */; }; D29D6C3122DB9CA700A84173 /* TermController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D29D6C3022DB9CA700A84173 /* TermController.swift */; }; D29FE54A208DC860004679D0 /* commandDictionary.plist in Resources */ = {isa = PBXBuildFile; fileRef = D29FE548208DC860004679D0 /* commandDictionary.plist */; }; D29FE54B208DC860004679D0 /* extraCommandsDictionary.plist in Resources */ = {isa = PBXBuildFile; fileRef = D29FE549208DC860004679D0 /* extraCommandsDictionary.plist */; }; - D2A3F4EA20690B71006BB305 /* text.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E120690B70006BB305 /* text.framework */; }; - D2A3F4EC20690B71006BB305 /* shell.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E320690B70006BB305 /* shell.framework */; }; - D2A3F4F020690B71006BB305 /* tar.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E720690B71006BB305 /* tar.framework */; }; - D2A3F4F120690B71006BB305 /* network_ios.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E820690B71006BB305 /* network_ios.framework */; }; - D2A3F4F220690B71006BB305 /* curl_ios.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E920690B71006BB305 /* curl_ios.framework */; }; - D2A3F4F620690C24006BB305 /* awk.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4F520690C24006BB305 /* awk.framework */; }; - D2A3F4F820690CB0006BB305 /* awk.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4F520690C24006BB305 /* awk.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F4F920690CDF006BB305 /* ios_system.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4F320690BE6006BB305 /* ios_system.framework */; }; - D2A3F4FA20690CDF006BB305 /* ios_system.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4F320690BE6006BB305 /* ios_system.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F4FC20690D08006BB305 /* shell.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E320690B70006BB305 /* shell.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F4FE20690D23006BB305 /* text.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E120690B70006BB305 /* text.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F50020690D44006BB305 /* network_ios.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E820690B71006BB305 /* network_ios.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F50320690D7E006BB305 /* ssh_cmd.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E620690B71006BB305 /* ssh_cmd.framework */; }; - D2A3F50420690D7E006BB305 /* ssh_cmd.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E620690B71006BB305 /* ssh_cmd.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; - D2A3F50620690D8A006BB305 /* curl_ios.framework in Embed Frameworks */ = {isa = PBXBuildFile; fileRef = D2A3F4E920690B71006BB305 /* curl_ios.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; }; D2A5221E230D279B0010AC04 /* SmarterTermInput.swift in Sources */ = {isa = PBXBuildFile; fileRef = D2A5221D230D279B0010AC04 /* SmarterTermInput.swift */; }; D2A52227231304FF0010AC04 /* UIGestureRecognizer.swift in Sources */ = {isa = PBXBuildFile; fileRef = D2A52226231304FE0010AC04 /* UIGestureRecognizer.swift */; }; D2A86D6920EB86F2000DF1DA /* SSHClientOptions.m in Sources */ = {isa = PBXBuildFile; fileRef = D2A86D6820EB86F2000DF1DA /* SSHClientOptions.m */; }; @@ -338,19 +317,23 @@ dstPath = ""; dstSubfolderSpec = 10; files = ( - 22A9494B2067FD5E003A0666 /* files.framework in Embed Frameworks */, + D2334F0125C1C28F00385378 /* shell.xcframework in Embed Frameworks */, D24AFD59222410E700CFD3C1 /* MBProgressHUD.framework in Embed Frameworks */, - D2A3F4FC20690D08006BB305 /* shell.framework in Embed Frameworks */, - 22A9494C2067FD5E003A0666 /* tar.framework in Embed Frameworks */, - 22E1F3352036EE87001FCC5C /* openssl.framework in Embed Frameworks */, - 22E1F3362036EE87001FCC5C /* libssh2.framework in Embed Frameworks */, - D2A3F4F820690CB0006BB305 /* awk.framework in Embed Frameworks */, - D2A3F50020690D44006BB305 /* network_ios.framework in Embed Frameworks */, + D2334EFF25C1C28F00385378 /* Protobuf_C_.xcframework in Embed Frameworks */, 0732F11F1D062DDB00AB5438 /* UICKeyChainStore.framework in Embed Frameworks */, - D2A3F4FA20690CDF006BB305 /* ios_system.framework in Embed Frameworks */, - D2A3F50420690D7E006BB305 /* ssh_cmd.framework in Embed Frameworks */, - D2A3F4FE20690D23006BB305 /* text.framework in Embed Frameworks */, - D2A3F50620690D8A006BB305 /* curl_ios.framework in Embed Frameworks */, + D2334F0725C1C28F00385378 /* text.xcframework in Embed Frameworks */, + D2334EFD25C1C28F00385378 /* openssl.xcframework in Embed Frameworks */, + D2334EF725C1C28F00385378 /* LibSSH.xcframework in Embed Frameworks */, + D2334EF525C1C28F00385378 /* ios_system.xcframework in Embed Frameworks */, + D2334F0525C1C28F00385378 /* tar.xcframework in Embed Frameworks */, + D2334F1A25C1C4E100385378 /* libssh2.xcframework in Embed Frameworks */, + D2334F0325C1C28F00385378 /* ssh_cmd.xcframework in Embed Frameworks */, + D2334F0D25C1C3C600385378 /* OpenSSH.xcframework in Embed Frameworks */, + D2334EEF25C1C28F00385378 /* awk.xcframework in Embed Frameworks */, + D2334EF125C1C28F00385378 /* curl_ios.xcframework in Embed Frameworks */, + D2334EF925C1C28F00385378 /* mosh.xcframework in Embed Frameworks */, + D2334EF325C1C28F00385378 /* files.xcframework in Embed Frameworks */, + D2334EFB25C1C28F00385378 /* network_ios.xcframework in Embed Frameworks */, ); name = "Embed Frameworks"; runOnlyForDeploymentPostprocessing = 0; @@ -364,15 +347,11 @@ 0716B53C1CFFAB9300268B5B /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 0732F04A1D062B9A00AB5438 /* locales.bundle */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.plug-in"; path = locales.bundle; sourceTree = ""; }; 0732F04B1D062B9A00AB5438 /* term.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = term.html; sourceTree = ""; }; - 0732F05F1D062BB300AB5438 /* libssh2.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = libssh2.framework; sourceTree = ""; }; - 0732F0841D062BB300AB5438 /* openssl.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = openssl.framework; sourceTree = ""; }; 0732F1051D062BF700AB5438 /* MBProgressHUD.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = MBProgressHUD.xcodeproj; path = MBProgressHUD/MBProgressHUD.xcodeproj; sourceTree = ""; }; 0732F1101D062C9F00AB5438 /* UICKeyChainStore.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = UICKeyChainStore.xcodeproj; path = UICKeyChainStore/Lib/UICKeyChainStore.xcodeproj; sourceTree = ""; }; 0732F1261D06323A00AB5438 /* libz.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libz.tbd; path = usr/lib/libz.tbd; sourceTree = SDKROOT; }; 0732F1281D06324200AB5438 /* libcurses.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libcurses.tbd; path = usr/lib/libcurses.tbd; sourceTree = SDKROOT; }; 074F30781D062A2800A73445 /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = ""; }; - 076FBD4F1DB6BD9400F6D997 /* libmoshios.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = libmoshios.framework; sourceTree = ""; }; - 076FBD511DB6BE1D00F6D997 /* libprotobuf.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libprotobuf.a; sourceTree = ""; }; 0795F29B1DC11C6B00CC8B83 /* Blink.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = Blink.entitlements; sourceTree = ""; }; 079635831D0E6602000473B1 /* TermView.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TermView.h; sourceTree = ""; }; 079635841D0E6602000473B1 /* TermView.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = TermView.m; sourceTree = ""; }; @@ -398,10 +377,6 @@ 07F6706E1D05EEE200C0A53C /* SSHCopyIDSession.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SSHCopyIDSession.m; sourceTree = ""; }; 07F6706F1D05EEE200C0A53C /* SSHSession.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SSHSession.h; sourceTree = ""; }; 07F670701D05EEE200C0A53C /* SSHSession.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SSHSession.m; sourceTree = ""; }; - 22A949492067FD5E003A0666 /* files.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = files.framework; sourceTree = ""; }; - 22A9494A2067FD5E003A0666 /* tar.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = tar.framework; sourceTree = ""; }; - 22E1F3332036EE86001FCC5C /* openssl.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = openssl.framework; sourceTree = ""; }; - 22E1F3342036EE86001FCC5C /* libssh2.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = libssh2.framework; sourceTree = ""; }; 803B99D62582869200DC99C8 /* BKNotificationsView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BKNotificationsView.swift; sourceTree = ""; }; 803B99E2258381B200DC99C8 /* SettingsHostingController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SettingsHostingController.swift; sourceTree = ""; }; 85A34303200A837A009324F1 /* webfontloader.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = webfontloader.js; sourceTree = ""; }; @@ -465,18 +440,6 @@ D2036B6223967F2F0013D2A3 /* BindingConfigView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BindingConfigView.swift; sourceTree = ""; }; D2060A5220E2644400CF5122 /* SSHClient.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SSHClient.h; sourceTree = ""; }; D2060A5320E2644400CF5122 /* SSHClient.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = SSHClient.m; sourceTree = ""; }; - D2071B722150E4AA000156D7 /* ssh-add.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = "ssh-add.m"; sourceTree = ""; }; - D2071B742150E51F000156D7 /* pathnames.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = pathnames.h; sourceTree = ""; }; - D2071B752150E5A3000156D7 /* blink-compat.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "blink-compat.h"; sourceTree = ""; }; - D2071B792150EBC1000156D7 /* authfile.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = authfile.h; sourceTree = ""; }; - D2071B7A2150EBC1000156D7 /* authfile.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = authfile.c; sourceTree = ""; }; - D2071B7C2150EE77000156D7 /* authfd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = authfd.c; sourceTree = ""; }; - D2071B7D2150EE77000156D7 /* authfd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = authfd.h; sourceTree = ""; }; - D2071B7F2150FFD0000156D7 /* match.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = match.c; sourceTree = ""; }; - D2071B802150FFD0000156D7 /* match.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = match.h; sourceTree = ""; }; - D2071B82215101DC000156D7 /* blink-compat.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "blink-compat.c"; sourceTree = ""; }; - D2071B84215135A9000156D7 /* openssl-compat.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "openssl-compat.c"; sourceTree = ""; }; - D2071B87215135EF000156D7 /* openssl-compat.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "openssl-compat.h"; sourceTree = ""; }; D209465B204D3FC5003C4F72 /* cacert.pem */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = cacert.pem; sourceTree = ""; }; D20CBA56236031D700D93301 /* CompleteUtilsTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CompleteUtilsTests.swift; sourceTree = ""; }; D20CBA592360324100D93301 /* CompleteUtils.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CompleteUtils.swift; sourceTree = ""; }; @@ -505,6 +468,21 @@ D2334D1321495DAE00D26AC3 /* udptunnel.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = udptunnel.m; sourceTree = ""; }; D2334D1421495DAE00D26AC3 /* host2ip.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = host2ip.c; sourceTree = ""; }; D2334D1521495DAE00D26AC3 /* host2ip.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = host2ip.h; sourceTree = ""; }; + D2334EC425C1C04700385378 /* LibSSH.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = LibSSH.xcframework; path = xcfs/.build/artifacts/xcfs/LibSSH.xcframework; sourceTree = SOURCE_ROOT; }; + D2334EC525C1C04700385378 /* mosh.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = mosh.xcframework; path = xcfs/.build/artifacts/xcfs/mosh.xcframework; sourceTree = SOURCE_ROOT; }; + D2334EC625C1C04700385378 /* network_ios.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = network_ios.xcframework; path = xcfs/.build/artifacts/xcfs/network_ios.xcframework; sourceTree = SOURCE_ROOT; }; + D2334EC725C1C04700385378 /* text.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = text.xcframework; path = xcfs/.build/artifacts/xcfs/text.xcframework; sourceTree = SOURCE_ROOT; }; + D2334EC825C1C04700385378 /* ssh_cmd.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = ssh_cmd.xcframework; path = xcfs/.build/artifacts/xcfs/ssh_cmd.xcframework; sourceTree = SOURCE_ROOT; }; + D2334EC925C1C04700385378 /* shell.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = shell.xcframework; path = xcfs/.build/artifacts/xcfs/shell.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECA25C1C04700385378 /* files.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = files.xcframework; path = xcfs/.build/artifacts/xcfs/files.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECB25C1C04700385378 /* Protobuf_C_.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = Protobuf_C_.xcframework; path = xcfs/.build/artifacts/xcfs/Protobuf_C_.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECC25C1C04700385378 /* openssl.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = openssl.xcframework; path = xcfs/.build/artifacts/xcfs/openssl.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECD25C1C04700385378 /* tar.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = tar.xcframework; path = xcfs/.build/artifacts/xcfs/tar.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECE25C1C04700385378 /* curl_ios.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = curl_ios.xcframework; path = xcfs/.build/artifacts/xcfs/curl_ios.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ECF25C1C04700385378 /* awk.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = awk.xcframework; path = xcfs/.build/artifacts/xcfs/awk.xcframework; sourceTree = SOURCE_ROOT; }; + D2334ED025C1C04700385378 /* ios_system.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = ios_system.xcframework; path = xcfs/.build/artifacts/xcfs/ios_system.xcframework; sourceTree = SOURCE_ROOT; }; + D2334F0A25C1C3A000385378 /* OpenSSH.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = OpenSSH.xcframework; path = xcfs/.build/artifacts/xcfs/OpenSSH.xcframework; sourceTree = SOURCE_ROOT; }; + D2334F1825C1C4D100385378 /* libssh2.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = libssh2.xcframework; path = xcfs/.build/artifacts/xcfs/libssh2.xcframework; sourceTree = SOURCE_ROOT; }; D235579622CE07D20094AADB /* Blink-bridge.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "Blink-bridge.h"; sourceTree = ""; }; D23742C921106ADF00366359 /* bench.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = bench.m; sourceTree = ""; }; D23A7B24233C934900B3B66D /* UIColor+isLight.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIColor+isLight.swift"; sourceTree = ""; }; @@ -539,14 +517,6 @@ D2496F402003941B00E75FE9 /* term.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = term.js; sourceTree = ""; }; D2499BEB2362EFD40009C701 /* cpp.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = cpp.cpp; sourceTree = ""; }; D25D580F2358897B00D1BCAE /* Complete.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Complete.swift; sourceTree = ""; }; - D263488A20BEBF5800A8E89F /* libsshpp.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; path = libsshpp.hpp; sourceTree = ""; }; - D263488B20BEBF5800A8E89F /* legacy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = legacy.h; sourceTree = ""; }; - D263488C20BEBF5800A8E89F /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = callbacks.h; sourceTree = ""; }; - D263488D20BEBF5800A8E89F /* libssh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = libssh.h; sourceTree = ""; }; - D263488E20BEBF5800A8E89F /* sftp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sftp.h; sourceTree = ""; }; - D263488F20BEBF5800A8E89F /* ssh2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ssh2.h; sourceTree = ""; }; - D263489020BEBF5800A8E89F /* server.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = server.h; sourceTree = ""; }; - D263489720BEBFE000A8E89F /* libsshd.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libsshd.a; sourceTree = ""; }; D265FBBA2317DD3C0017EAC4 /* BlinkTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = BlinkTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; D265FBBC2317DD3C0017EAC4 /* BlinkTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BlinkTests.swift; sourceTree = ""; }; D265FBBE2317DD3C0017EAC4 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; @@ -566,59 +536,12 @@ D29392B62004D785001FB2AA /* hterm_all.patches.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = hterm_all.patches.js; sourceTree = ""; }; D29568B721BE629100480A83 /* bk_getopts.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = bk_getopts.h; sourceTree = ""; }; D29568B821BE629100480A83 /* bk_getopts.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = bk_getopts.c; sourceTree = ""; }; - D296196F214F89210070935A /* ssh-agent.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = "ssh-agent.m"; sourceTree = ""; }; - D2961971214F8A580070935A /* sshbuf.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = sshbuf.h; sourceTree = ""; }; - D2961972214F8A580070935A /* sshbuf.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = sshbuf.c; sourceTree = ""; }; - D2961974214F8A580070935A /* ssherr.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = ssherr.h; sourceTree = ""; }; - D2961978214F8AA30070935A /* authfd-old.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "authfd-old.c"; sourceTree = ""; }; - D296197A214F8ABD0070935A /* atomicio.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = atomicio.c; sourceTree = ""; }; - D296197B214F8ABE0070935A /* atomicio.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = atomicio.h; sourceTree = ""; }; - D296197D214F91550070935A /* sshkey.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = sshkey.c; sourceTree = ""; }; - D296197E214F91550070935A /* sshkey.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = sshkey.h; sourceTree = ""; }; - D2961980214F94110070935A /* crypto_api.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = crypto_api.h; sourceTree = ""; }; - D2961981214F96890070935A /* cipher.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = cipher.c; sourceTree = ""; }; - D2961982214F968A0070935A /* cipher.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = cipher.h; sourceTree = ""; }; - D2961985214F96A10070935A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = chacha.h; sourceTree = ""; }; - D2961986214F96A10070935A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = poly1305.h; sourceTree = ""; }; - D2961987214F96A10070935A /* chacha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = chacha.c; sourceTree = ""; }; - D2961988214F96A10070935A /* poly1305.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = poly1305.c; sourceTree = ""; }; - D296198B214F96D50070935A /* digest-openssl.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "digest-openssl.c"; sourceTree = ""; }; - D296198C214F96D50070935A /* digest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = digest.h; sourceTree = ""; }; - D296198F214F995D0070935A /* blocks.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = blocks.c; sourceTree = ""; }; - D2961990214F995D0070935A /* ge25519_base.data */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = ge25519_base.data; sourceTree = ""; }; - D2961991214F995D0070935A /* ed25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ed25519.c; sourceTree = ""; }; - D2961992214F995D0070935A /* sc25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sc25519.h; sourceTree = ""; }; - D2961993214F995D0070935A /* ge25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ge25519.h; sourceTree = ""; }; - D2961994214F995D0070935A /* fe25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = fe25519.h; sourceTree = ""; }; - D2961995214F995D0070935A /* hash.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = hash.c; sourceTree = ""; }; - D2961996214F995D0070935A /* sc25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = sc25519.c; sourceTree = ""; }; - D2961997214F995D0070935A /* ge25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ge25519.c; sourceTree = ""; }; - D2961998214F995D0070935A /* crypto_api.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto_api.h; sourceTree = ""; }; - D2961999214F995D0070935A /* fe25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = fe25519.c; sourceTree = ""; }; - D29619A1214F99750070935A /* blf.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = blf.h; sourceTree = ""; }; - D29619A2214F99A30070935A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = rsa.h; sourceTree = ""; }; - D29619A3214F99A30070935A /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = rsa.c; sourceTree = ""; }; - D29619A5214FA0C40070935A /* ssh2.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = ssh2.h; sourceTree = ""; }; - D29619A6214FA7D30070935A /* bcrypt-pbkdf.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "bcrypt-pbkdf.c"; sourceTree = ""; }; - D29619A8214FB4110070935A /* base64.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = base64.c; sourceTree = ""; }; - D29619AA214FB5EA0070935A /* ssh-ed25519.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "ssh-ed25519.c"; sourceTree = ""; }; - D29619AB214FB5EA0070935A /* ssh-rsa.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "ssh-rsa.c"; sourceTree = ""; }; - D29619AC214FB5EA0070935A /* ssh-ecdsa.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = "ssh-ecdsa.c"; sourceTree = ""; }; D298D67B2110803600992CA4 /* SSHClientPortListener.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SSHClientPortListener.h; sourceTree = ""; }; D298D67C2110803600992CA4 /* SSHClientPortListener.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = SSHClientPortListener.m; sourceTree = ""; }; D29D6C3022DB9CA700A84173 /* TermController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TermController.swift; sourceTree = ""; }; D29FE548208DC860004679D0 /* commandDictionary.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = commandDictionary.plist; sourceTree = ""; }; D29FE549208DC860004679D0 /* extraCommandsDictionary.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = extraCommandsDictionary.plist; sourceTree = ""; }; D2A0C63E20AAD98D001CF38F /* ios_error.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = ios_error.h; sourceTree = ""; }; - D2A3F4E120690B70006BB305 /* text.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = text.framework; sourceTree = ""; }; - D2A3F4E220690B70006BB305 /* awk.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = awk.framework; sourceTree = ""; }; - D2A3F4E320690B70006BB305 /* shell.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = shell.framework; sourceTree = ""; }; - D2A3F4E620690B71006BB305 /* ssh_cmd.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = ssh_cmd.framework; sourceTree = ""; }; - D2A3F4E720690B71006BB305 /* tar.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = tar.framework; sourceTree = ""; }; - D2A3F4E820690B71006BB305 /* network_ios.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = network_ios.framework; sourceTree = ""; }; - D2A3F4E920690B71006BB305 /* curl_ios.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = curl_ios.framework; sourceTree = ""; }; - D2A3F4F320690BE6006BB305 /* ios_system.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = ios_system.framework; sourceTree = ""; }; - D2A3F4F520690C24006BB305 /* awk.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = awk.framework; sourceTree = ""; }; D2A5221D230D279B0010AC04 /* SmarterTermInput.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SmarterTermInput.swift; sourceTree = ""; }; D2A52226231304FE0010AC04 /* UIGestureRecognizer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UIGestureRecognizer.swift; sourceTree = ""; }; D2A86D6720EB86F2000DF1DA /* SSHClientOptions.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SSHClientOptions.h; sourceTree = ""; }; @@ -694,26 +617,28 @@ isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( + D2334EFE25C1C28F00385378 /* Protobuf_C_.xcframework in Frameworks */, + D2334EF025C1C28F00385378 /* curl_ios.xcframework in Frameworks */, D28DB3AC210B110C008A1139 /* libcompression.tbd in Frameworks */, + D2334F0225C1C28F00385378 /* ssh_cmd.xcframework in Frameworks */, + D2334F0625C1C28F00385378 /* text.xcframework in Frameworks */, + D2334EFC25C1C28F00385378 /* openssl.xcframework in Frameworks */, + D2334EEE25C1C28F00385378 /* awk.xcframework in Frameworks */, + D2334EF825C1C28F00385378 /* mosh.xcframework in Frameworks */, + D2334F0025C1C28F00385378 /* shell.xcframework in Frameworks */, + D2334F1925C1C4E100385378 /* libssh2.xcframework in Frameworks */, + D2334F0C25C1C3C600385378 /* OpenSSH.xcframework in Frameworks */, + D2334EF425C1C28F00385378 /* ios_system.xcframework in Frameworks */, D2512AC520BD4C3000A80257 /* curl_ios_static.framework in Frameworks */, 0732F1291D06324200AB5438 /* libcurses.tbd in Frameworks */, + D2334EF625C1C28F00385378 /* LibSSH.xcframework in Frameworks */, 0732F1271D06323A00AB5438 /* libz.tbd in Frameworks */, - D2A3F4F920690CDF006BB305 /* ios_system.framework in Frameworks */, - 076FBD521DB6BE1D00F6D997 /* libprotobuf.a in Frameworks */, 0732F11E1D062DDB00AB5438 /* UICKeyChainStore.framework in Frameworks */, - D2A3F4EC20690B71006BB305 /* shell.framework in Frameworks */, + D2334EFA25C1C28F00385378 /* network_ios.xcframework in Frameworks */, D24AFD58222410E700CFD3C1 /* MBProgressHUD.framework in Frameworks */, - D2A3F4F020690B71006BB305 /* tar.framework in Frameworks */, - D2A3F50320690D7E006BB305 /* ssh_cmd.framework in Frameworks */, B700AED81DD0F2C200100EBF /* CloudKit.framework in Frameworks */, - D2A3F4EA20690B71006BB305 /* text.framework in Frameworks */, - D2A3F4F620690C24006BB305 /* awk.framework in Frameworks */, - D263489820BEBFE000A8E89F /* libsshd.a in Frameworks */, - 0732F0D11D062BB400AB5438 /* openssl.framework in Frameworks */, - 0732F0BE1D062BB400AB5438 /* libssh2.framework in Frameworks */, - 076FBD501DB6BD9400F6D997 /* libmoshios.framework in Frameworks */, - D2A3F4F120690B71006BB305 /* network_ios.framework in Frameworks */, - D2A3F4F220690B71006BB305 /* curl_ios.framework in Frameworks */, + D2334F0425C1C28F00385378 /* tar.xcframework in Frameworks */, + D2334EF225C1C28F00385378 /* files.xcframework in Frameworks */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -801,52 +726,32 @@ 0732F04F1D062BB300AB5438 /* Frameworks */ = { isa = PBXGroup; children = ( + D2334ECF25C1C04700385378 /* awk.xcframework */, + D2334ECE25C1C04700385378 /* curl_ios.xcframework */, + D2334F0A25C1C3A000385378 /* OpenSSH.xcframework */, + D2334F1825C1C4D100385378 /* libssh2.xcframework */, + D2334ECA25C1C04700385378 /* files.xcframework */, + D2334ED025C1C04700385378 /* ios_system.xcframework */, + D2334EC425C1C04700385378 /* LibSSH.xcframework */, + D2334EC525C1C04700385378 /* mosh.xcframework */, + D2334EC625C1C04700385378 /* network_ios.xcframework */, + D2334ECC25C1C04700385378 /* openssl.xcframework */, + D2334ECB25C1C04700385378 /* Protobuf_C_.xcframework */, + D2334EC925C1C04700385378 /* shell.xcframework */, + D2334EC825C1C04700385378 /* ssh_cmd.xcframework */, + D2334ECD25C1C04700385378 /* tar.xcframework */, + D2334EC725C1C04700385378 /* text.xcframework */, D28DB3AB210B110B008A1139 /* libcompression.tbd */, D2E4F92920B2BB4500B30F7B /* curl_ios_static.xcodeproj */, - D2A3F4F520690C24006BB305 /* awk.framework */, - D2A3F4F320690BE6006BB305 /* ios_system.framework */, - D2A3F4E920690B71006BB305 /* curl_ios.framework */, - 22A949492067FD5E003A0666 /* files.framework */, - 22A9494A2067FD5E003A0666 /* tar.framework */, - D2A3F4E220690B70006BB305 /* awk.framework */, - D2A3F4E820690B71006BB305 /* network_ios.framework */, - D2A3F4E320690B70006BB305 /* shell.framework */, - D2A3F4E620690B71006BB305 /* ssh_cmd.framework */, - D2A3F4E720690B71006BB305 /* tar.framework */, - D2A3F4E120690B70006BB305 /* text.framework */, - 22E1F3342036EE86001FCC5C /* libssh2.framework */, - 22E1F3332036EE86001FCC5C /* openssl.framework */, B700AED71DD0F2C200100EBF /* CloudKit.framework */, - 076FBD4F1DB6BD9400F6D997 /* libmoshios.framework */, 0732F1281D06324200AB5438 /* libcurses.tbd */, 0732F1261D06323A00AB5438 /* libz.tbd */, 0732F1101D062C9F00AB5438 /* UICKeyChainStore.xcodeproj */, 0732F1051D062BF700AB5438 /* MBProgressHUD.xcodeproj */, - 0732F0541D062BB300AB5438 /* include */, - 0732F0561D062BB300AB5438 /* lib */, - 0732F05F1D062BB300AB5438 /* libssh2.framework */, - 0732F0841D062BB300AB5438 /* openssl.framework */, ); path = Frameworks; sourceTree = ""; }; - 0732F0541D062BB300AB5438 /* include */ = { - isa = PBXGroup; - children = ( - D263488920BEBF5800A8E89F /* libssh */, - ); - path = include; - sourceTree = ""; - }; - 0732F0561D062BB300AB5438 /* lib */ = { - isa = PBXGroup; - children = ( - D263489720BEBFE000A8E89F /* libsshd.a */, - 076FBD511DB6BE1D00F6D997 /* libprotobuf.a */, - ); - path = lib; - sourceTree = ""; - }; 0732F1061D062BF700AB5438 /* Products */ = { isa = PBXGroup; children = ( @@ -1145,20 +1050,6 @@ path = KeyViews; sourceTree = ""; }; - D263488920BEBF5800A8E89F /* libssh */ = { - isa = PBXGroup; - children = ( - D263488A20BEBF5800A8E89F /* libsshpp.hpp */, - D263488B20BEBF5800A8E89F /* legacy.h */, - D263488C20BEBF5800A8E89F /* callbacks.h */, - D263488D20BEBF5800A8E89F /* libssh.h */, - D263488E20BEBF5800A8E89F /* sftp.h */, - D263488F20BEBF5800A8E89F /* ssh2.h */, - D263489020BEBF5800A8E89F /* server.h */, - ); - path = libssh; - sourceTree = ""; - }; D265FBBB2317DD3C0017EAC4 /* BlinkTests */ = { isa = PBXGroup; children = ( @@ -1178,79 +1069,6 @@ path = Foundation; sourceTree = ""; }; - D2961968214F89060070935A /* openssh */ = { - isa = PBXGroup; - children = ( - D2071B87215135EF000156D7 /* openssl-compat.h */, - D2071B84215135A9000156D7 /* openssl-compat.c */, - D2071B7F2150FFD0000156D7 /* match.c */, - D2071B802150FFD0000156D7 /* match.h */, - D2071B7C2150EE77000156D7 /* authfd.c */, - D2071B7D2150EE77000156D7 /* authfd.h */, - D2071B7A2150EBC1000156D7 /* authfile.c */, - D2071B792150EBC1000156D7 /* authfile.h */, - D29619AC214FB5EA0070935A /* ssh-ecdsa.c */, - D29619AA214FB5EA0070935A /* ssh-ed25519.c */, - D29619AB214FB5EA0070935A /* ssh-rsa.c */, - D29619A8214FB4110070935A /* base64.c */, - D29619A6214FA7D30070935A /* bcrypt-pbkdf.c */, - D29619A5214FA0C40070935A /* ssh2.h */, - D29619A3214F99A30070935A /* rsa.c */, - D29619A2214F99A30070935A /* rsa.h */, - D29619A1214F99750070935A /* blf.h */, - D296198E214F995D0070935A /* ed25519 */, - D296198B214F96D50070935A /* digest-openssl.c */, - D296198C214F96D50070935A /* digest.h */, - D2961984214F96A10070935A /* chapoly */, - D2961981214F96890070935A /* cipher.c */, - D2961982214F968A0070935A /* cipher.h */, - D2961980214F94110070935A /* crypto_api.h */, - D296197D214F91550070935A /* sshkey.c */, - D296197E214F91550070935A /* sshkey.h */, - D296197A214F8ABD0070935A /* atomicio.c */, - D296197B214F8ABE0070935A /* atomicio.h */, - D2961978214F8AA30070935A /* authfd-old.c */, - D2961972214F8A580070935A /* sshbuf.c */, - D2961971214F8A580070935A /* sshbuf.h */, - D2961974214F8A580070935A /* ssherr.h */, - D2071B722150E4AA000156D7 /* ssh-add.m */, - D296196F214F89210070935A /* ssh-agent.m */, - D2071B742150E51F000156D7 /* pathnames.h */, - D2071B82215101DC000156D7 /* blink-compat.c */, - D2071B752150E5A3000156D7 /* blink-compat.h */, - ); - path = openssh; - sourceTree = ""; - }; - D2961984214F96A10070935A /* chapoly */ = { - isa = PBXGroup; - children = ( - D2961985214F96A10070935A /* chacha.h */, - D2961986214F96A10070935A /* poly1305.h */, - D2961987214F96A10070935A /* chacha.c */, - D2961988214F96A10070935A /* poly1305.c */, - ); - path = chapoly; - sourceTree = ""; - }; - D296198E214F995D0070935A /* ed25519 */ = { - isa = PBXGroup; - children = ( - D296198F214F995D0070935A /* blocks.c */, - D2961990214F995D0070935A /* ge25519_base.data */, - D2961991214F995D0070935A /* ed25519.c */, - D2961992214F995D0070935A /* sc25519.h */, - D2961993214F995D0070935A /* ge25519.h */, - D2961994214F995D0070935A /* fe25519.h */, - D2961995214F995D0070935A /* hash.c */, - D2961996214F995D0070935A /* sc25519.c */, - D2961997214F995D0070935A /* ge25519.c */, - D2961998214F995D0070935A /* crypto_api.h */, - D2961999214F995D0070935A /* fe25519.c */, - ); - path = ed25519; - sourceTree = ""; - }; D2A52225231304A90010AC04 /* UIKit */ = { isa = PBXGroup; children = ( @@ -1337,7 +1155,6 @@ D2F330C520A6C8E20074ADD7 /* Commands */ = { isa = PBXGroup; children = ( - D2961968214F89060070935A /* openssh */, D2334D1221495DAE00D26AC3 /* udptunnel */, D240806020BC8DF800F30099 /* tool_main.c */, D2F330D320A6F1DF0074ADD7 /* clear.m */, @@ -1591,7 +1408,6 @@ D29FE54A208DC860004679D0 /* commandDictionary.plist in Resources */, D21A3FD821943BE200269705 /* dark-notification-ipad-20pt.png in Resources */, C94437601D831CD30096F84E /* Themes in Resources */, - D296199B214F995D0070935A /* ge25519_base.data in Resources */, D29FE54B208DC860004679D0 /* extraCommandsDictionary.plist in Resources */, D21A3FD921943BE200269705 /* dark-settings-iphone-29pt@3x.png in Resources */, D21A3FE021943BE200269705 /* dark-notification-iphone-20pt@3x.png in Resources */, @@ -1643,8 +1459,6 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - D296197F214F91550070935A /* sshkey.c in Sources */, - D2961989214F96A10070935A /* chacha.c in Sources */, D241CBDF23040734003D64A5 /* KBKeyAccessibilityElement.swift in Sources */, D2D75EE021AFDA10007336B6 /* LayoutManager.m in Sources */, B7A4876D1DC7C709007BA809 /* BKSettingsViewController.m in Sources */, @@ -1657,9 +1471,7 @@ 07F670731D05EEE200C0A53C /* MoshSession.m in Sources */, 07F670721D05EEE200C0A53C /* MCPSession.m in Sources */, D23742CA21106ADF00366359 /* bench.m in Sources */, - D2071B83215101DC000156D7 /* blink-compat.c in Sources */, D240806120BC8DF800F30099 /* tool_main.c in Sources */, - D29619AD214FB5EA0070935A /* ssh-ed25519.c in Sources */, B7D6A6291E2D43A800EDF7B0 /* BKSmartKeysConfigViewController.m in Sources */, D23AA645223EA3C40020FA77 /* BKXCallBackUrlConfigurationViewController.m in Sources */, D2C2441B238E44AB0082C69C /* NavView.swift in Sources */, @@ -1667,14 +1479,11 @@ D241CBDE23040734003D64A5 /* KBKeyValue.swift in Sources */, D2179F2D2136A5DC00B0850A /* GeoManager.m in Sources */, D2C2441E238E44AB0082C69C /* Checkmark.swift in Sources */, - D296199E214F995D0070935A /* sc25519.c in Sources */, - D2961970214F89360070935A /* ssh-agent.m in Sources */, D2B1F8DD23265A0600634D67 /* CommandsHUDView.swift in Sources */, D2903F3C239BBF5D005F991B /* KeyShortcut.swift in Sources */, C9B2E0301D6B612400B89F69 /* BKPubKey.m in Sources */, D27BBA1C20529FFF00AEA303 /* TermStream.m in Sources */, D2036B6323967F2F0013D2A3 /* BindingConfigView.swift in Sources */, - D296198D214F96D50070935A /* digest-openssl.c in Sources */, D25D58102358897B00D1BCAE /* Complete.swift in Sources */, B7D4503C1DD4706000CE0DBE /* Reachability.m in Sources */, B752EE2E1DFEF45300E305C8 /* BKSecurityConfigurationViewController.m in Sources */, @@ -1683,7 +1492,6 @@ D2CF27292428A791009885ED /* KBTracker.swift in Sources */, 07F670771D05EEE200C0A53C /* SSHSession.m in Sources */, D241CBD323040734003D64A5 /* KBSound.swift in Sources */, - D29619AF214FB5EA0070935A /* ssh-ecdsa.c in Sources */, 07F670761D05EEE200C0A53C /* SSHCopyIDSession.m in Sources */, D2C244352390FEEF0082C69C /* KeyBindingAction.swift in Sources */, D241CBDA23040734003D64A5 /* KBTraits.swift in Sources */, @@ -1693,34 +1501,25 @@ D241CBD823040734003D64A5 /* KBLayout.swift in Sources */, D2B1F8DF23265A4700634D67 /* CommandControl.swift in Sources */, D2A52227231304FF0010AC04 /* UIGestureRecognizer.swift in Sources */, - D296198A214F96A10070935A /* poly1305.c in Sources */, - D2961975214F8A580070935A /* sshbuf.c in Sources */, - D296199D214F995D0070935A /* hash.c in Sources */, - D2071B812150FFD1000156D7 /* match.c in Sources */, D2C24425238E44AB0082C69C /* KeyModifierPicker.swift in Sources */, C989E5561D6CC4A1003E0079 /* BKAppearanceViewController.m in Sources */, D2D8DD9823C8506900BFF223 /* LockView.swift in Sources */, C989E54B1D6CC488003E0079 /* BKHostsViewController.m in Sources */, B7A487691DC7C48D007BA809 /* UIDevice+DeviceName.m in Sources */, - D2071B732150E4AA000156D7 /* ssh-add.m in Sources */, D298D67D2110803600992CA4 /* SSHClientPortListener.m in Sources */, D2C2441D238E44AB0082C69C /* DefaultRow.swift in Sources */, D2C0F31020E64FAD00E48F3A /* SSHClientConnectedChannel.m in Sources */, - D2071B86215135A9000156D7 /* openssl-compat.c in Sources */, D241CBDC23040734003D64A5 /* KBKeyViewVertical2.swift in Sources */, D2C24423238E44AB0082C69C /* KBWebView.swift in Sources */, D2C24417238E44AB0082C69C /* KeyConfig.swift in Sources */, D28F301A21AD8A6B00E5259F /* DeviceInfo.m in Sources */, - D29619AE214FB5EA0070935A /* ssh-rsa.c in Sources */, D2179F2F2136DBC600B0850A /* geo.m in Sources */, - D2961983214F968A0070935A /* cipher.c in Sources */, D2C24414238E44AB0082C69C /* KeyAction.swift in Sources */, D28B0337243EF5F2008F38F6 /* Set+UIScene.swift in Sources */, D241CBD423040734003D64A5 /* KBView.swift in Sources */, D2F330DA20A7127B0074ADD7 /* open.m in Sources */, C9B2E0321D6B612400B89F69 /* BKFont.m in Sources */, D2C24412238E44AB0082C69C /* KeyModifier.swift in Sources */, - D29619A0214F995D0070935A /* fe25519.c in Sources */, 074F30791D062A2800A73445 /* main.m in Sources */, D2A5221E230D279B0010AC04 /* SmarterTermInput.swift in Sources */, D23D258823438B15002850CA /* UIColor.swift in Sources */, @@ -1741,7 +1540,6 @@ D241CBD223040734003D64A5 /* KBDevice.swift in Sources */, D2334D1C21495DAE00D26AC3 /* udptunnel.m in Sources */, C9B2E0311D6B612400B89F69 /* BKDefaults.m in Sources */, - D296199A214F995D0070935A /* blocks.c in Sources */, D242157822E878950037E5A6 /* UIColor+Codable.swift in Sources */, 07F670751D05EEE200C0A53C /* Session.m in Sources */, C989E5581D6CC4A1003E0079 /* BKThemeCreateViewController.m in Sources */, @@ -1751,13 +1549,11 @@ D23E142B20A970C3000FCF5C /* BlinkPaths.m in Sources */, D2D6D78620527651003CBEC4 /* TermDevice.m in Sources */, D2D8DD8523C71CC500BFF223 /* LocalAuth.swift in Sources */, - D296199C214F995D0070935A /* ed25519.c in Sources */, D2C24424238E44AB0082C69C /* KBWebViewBase.m in Sources */, C9B2E0331D6B612400B89F69 /* BKHosts.m in Sources */, D2F330D220A6EF030074ADD7 /* showkey.m in Sources */, D2BC514D2355C3AE0034FDD4 /* History.swift in Sources */, D2C24437239104250082C69C /* ShortcutsConfigView.swift in Sources */, - D2071B7E2150EE77000156D7 /* authfd.c in Sources */, C989E54A1D6CC488003E0079 /* BKHostsDetailViewController.m in Sources */, C989E5651D6CC95A003E0079 /* BKPubKeyCreateViewController.m in Sources */, 07E3AEB01D8F6758007BC086 /* BKFeedbackViewController.m in Sources */, @@ -1765,7 +1561,6 @@ C989E54C1D6CC488003E0079 /* BKPredictionViewController.m in Sources */, D248E67622DDDF130057FE67 /* UIStateRestorable.swift in Sources */, C9B2E0341D6B612400B89F69 /* BKTheme.m in Sources */, - D29619A7214FA7D40070935A /* bcrypt-pbkdf.c in Sources */, D241CBD123040734003D64A5 /* KBKeyViewArrows.swift in Sources */, C989E5671D6CC95A003E0079 /* BKPubKeyViewController.m in Sources */, D2334D1D21495DAE00D26AC3 /* host2ip.c in Sources */, @@ -1787,23 +1582,18 @@ D2887A5622DC676F00701BD5 /* SpaceController.swift in Sources */, D2AC6749220303D900177BC5 /* openurl.m in Sources */, D2CB353B23339D5C00088765 /* UIView+Touches.swift in Sources */, - D296197C214F8ABE0070935A /* atomicio.c in Sources */, D2887A5E22DCA6D500701BD5 /* SceneDelegate.swift in Sources */, C989E5661D6CC95A003E0079 /* BKPubKeyDetailsViewController.m in Sources */, - D296199F214F995D0070935A /* ge25519.c in Sources */, D2C2441F238E44AB0082C69C /* Row.swift in Sources */, - D2071B7B2150EBC1000156D7 /* authfile.c in Sources */, D248E67E22DE14100057FE67 /* SessionParams.swift in Sources */, D23A7B25233C934900B3B66D /* UIColor+isLight.swift in Sources */, D2499BEC2362EFD40009C701 /* cpp.cpp in Sources */, D20CBA5A2360324100D93301 /* CompleteUtils.swift in Sources */, - D29619A9214FB4110070935A /* base64.c in Sources */, D265FBC9231905AC0017EAC4 /* NSCoder+CodingKey.swift in Sources */, D241CBE023040734003D64A5 /* KBKeyViewSymbol.swift in Sources */, D2060A5420E2644400CF5122 /* SSHClient.m in Sources */, D2C244332390FB830082C69C /* KeyBinding.swift in Sources */, D2C8D30A21B544B100AC39C3 /* say.m in Sources */, - D29619A4214F99A30070935A /* rsa.c in Sources */, D2C2441A238E44AB0082C69C /* KeySection.swift in Sources */, 079635871D0E6602000473B1 /* TermView.m in Sources */, D241CBE6230562E9003D64A5 /* KBSizes.swift in Sources */, @@ -1871,7 +1661,11 @@ "$(inherited)", ); INFOPLIST_FILE = BlinkTests/Info.plist; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + "@loader_path/Frameworks", + ); MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = Com.CarlosCabanero.BlinkTests; @@ -1900,7 +1694,11 @@ DEVELOPMENT_TEAM = HV2S48975V; GCC_C_LANGUAGE_STANDARD = gnu11; INFOPLIST_FILE = BlinkTests/Info.plist; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + "@loader_path/Frameworks", + ); MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = Com.CarlosCabanero.BlinkTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -2007,7 +1805,8 @@ IPHONEOS_DEPLOYMENT_TARGET = 13.0; MTL_ENABLE_DEBUG_INFO = NO; SDKROOT = iphoneos; - SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule"; + SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_OPTIMIZATION_LEVEL = "-O"; SWIFT_VERSION = 5.0; VALIDATE_PRODUCT = YES; VALID_ARCHS = arm64; @@ -2039,8 +1838,11 @@ ); HEADER_SEARCH_PATHS = $SOURCE_ROOT/Frameworks/include; INFOPLIST_FILE = Blink/Info.plist; - IPHONEOS_DEPLOYMENT_TARGET = 13.2; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks"; + IPHONEOS_DEPLOYMENT_TARGET = 14.1; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); LIBRARY_SEARCH_PATHS = ( "$(inherited)", "$(PROJECT_DIR)/Frameworks/lib", @@ -2080,8 +1882,11 @@ GCC_PREPROCESSOR_DEFINITIONS = ""; HEADER_SEARCH_PATHS = $SOURCE_ROOT/Frameworks/include; INFOPLIST_FILE = Blink/Info.plist; - IPHONEOS_DEPLOYMENT_TARGET = 13.2; - LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks"; + IPHONEOS_DEPLOYMENT_TARGET = 14.1; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); LIBRARY_SEARCH_PATHS = ( "$(inherited)", "$(PROJECT_DIR)/Frameworks/lib", diff --git a/Blink/AppDelegate.m b/Blink/AppDelegate.m index c945b89db..7559138e5 100644 --- a/Blink/AppDelegate.m +++ b/Blink/AppDelegate.m @@ -72,7 +72,7 @@ void __setupProcessEnv() { setenv("TERM", "xterm-256color", forceOverwrite); ssh_threads_set_callbacks(ssh_threads_get_pthread()); - ssh_init(); +// ssh_init(); } - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { diff --git a/Blink/Commands/openssh/atomicio.c b/Blink/Commands/openssh/atomicio.c deleted file mode 100644 index 092c2a38d..000000000 --- a/Blink/Commands/openssh/atomicio.c +++ /dev/null @@ -1,166 +0,0 @@ -/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */ -/* - * Copyright (c) 2006 Damien Miller. All rights reserved. - * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. - * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "atomicio.h" - -#if !defined(IOV_MAX) -#define IOV_MAX UIO_MAXIOV -#endif - -/* - * ensure all of data on socket comes through. f==read || f==vwrite - */ -size_t -atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, - int (*cb)(void *, size_t), void *cb_arg) -{ - char *s = _s; - size_t pos = 0; - ssize_t res; - struct pollfd pfd; - -#ifndef BROKEN_READ_COMPARISON - pfd.fd = fd; - pfd.events = f == read ? POLLIN : POLLOUT; -#endif - while (n > pos) { - res = (f) (fd, s + pos, n - pos); - switch (res) { - case -1: - if (errno == EINTR) - continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { -#ifndef BROKEN_READ_COMPARISON - (void)poll(&pfd, 1, -1); -#endif - continue; - } - return 0; - case 0: - errno = EPIPE; - return pos; - default: - pos += (size_t)res; - if (cb != NULL && cb(cb_arg, (size_t)res) == -1) { - errno = EINTR; - return pos; - } - } - } - return pos; -} - -size_t -atomicio(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n) -{ - return atomicio6(f, fd, _s, n, NULL, NULL); -} - -/* - * ensure all of data on socket comes through. f==readv || f==writev - */ -size_t -atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, - const struct iovec *_iov, int iovcnt, - int (*cb)(void *, size_t), void *cb_arg) -{ - size_t pos = 0, rem; - ssize_t res; - struct iovec iov_array[IOV_MAX], *iov = iov_array; - struct pollfd pfd; - - if (iovcnt < 0 || iovcnt > IOV_MAX) { - errno = EINVAL; - return 0; - } - /* Make a copy of the iov array because we may modify it below */ - memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov)); - -#ifndef BROKEN_READV_COMPARISON - pfd.fd = fd; - pfd.events = f == readv ? POLLIN : POLLOUT; -#endif - for (; iovcnt > 0 && iov[0].iov_len > 0;) { - res = (f) (fd, iov, iovcnt); - switch (res) { - case -1: - if (errno == EINTR) - continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { -#ifndef BROKEN_READV_COMPARISON - (void)poll(&pfd, 1, -1); -#endif - continue; - } - return 0; - case 0: - errno = EPIPE; - return pos; - default: - rem = (size_t)res; - pos += rem; - /* skip completed iov entries */ - while (iovcnt > 0 && rem >= iov[0].iov_len) { - rem -= iov[0].iov_len; - iov++; - iovcnt--; - } - /* This shouldn't happen... */ - if (rem > 0 && (iovcnt <= 0 || rem > iov[0].iov_len)) { - errno = EFAULT; - return 0; - } - if (iovcnt == 0) - break; - /* update pointer in partially complete iov */ - iov[0].iov_base = ((char *)iov[0].iov_base) + rem; - iov[0].iov_len -= rem; - } - if (cb != NULL && cb(cb_arg, (size_t)res) == -1) { - errno = EINTR; - return pos; - } - } - return pos; -} - -size_t -atomiciov(ssize_t (*f) (int, const struct iovec *, int), int fd, - const struct iovec *_iov, int iovcnt) -{ - return atomiciov6(f, fd, _iov, iovcnt, NULL, NULL); -} diff --git a/Blink/Commands/openssh/atomicio.h b/Blink/Commands/openssh/atomicio.h deleted file mode 100644 index 0d728ac86..000000000 --- a/Blink/Commands/openssh/atomicio.h +++ /dev/null @@ -1,51 +0,0 @@ -/* $OpenBSD: atomicio.h,v 1.11 2010/09/22 22:58:51 djm Exp $ */ - -/* - * Copyright (c) 2006 Damien Miller. All rights reserved. - * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _ATOMICIO_H -#define _ATOMICIO_H - -/* - * Ensure all of data on socket comes through. f==read || f==vwrite - */ -size_t -atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, - int (*cb)(void *, size_t), void *); -size_t atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); - -#define vwrite (ssize_t (*)(int, void *, size_t))write - -/* - * ensure all of data on socket comes through. f==readv || f==writev - */ -size_t -atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, - const struct iovec *_iov, int iovcnt, int (*cb)(void *, size_t), void *); -size_t atomiciov(ssize_t (*)(int, const struct iovec *, int), - int, const struct iovec *, int); - -#endif /* _ATOMICIO_H */ diff --git a/Blink/Commands/openssh/authfd-old.c b/Blink/Commands/openssh/authfd-old.c deleted file mode 100644 index 7060e3c69..000000000 --- a/Blink/Commands/openssh/authfd-old.c +++ /dev/null @@ -1,408 +0,0 @@ -/* $OpenBSD: authfd.c,v 1.105 2017/07/01 13:50:45 djm Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * Functions for connecting the local authentication agent. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * SSH2 implementation, - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include -#include -//#include "../debug.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "atomicio.h" -#include "sshbuf.h" -#include "sshkey.h" -//#include "cipher.h" -//#include "ssh2.h" -#include "ssherr.h" -#include "authfd.h" - -#define MAX_AGENT_IDENTITIES 2048 /* Max keys in agent reply */ -#define MAX_AGENT_REPLY_LEN (256 * 1024) /* Max bytes in agent reply */ - -/* macro to check for "agent failure" message */ -#define agent_failed(x) \ - ((x == SSH_AGENT_FAILURE) || \ - (x == SSH_COM_AGENT2_FAILURE) || \ - (x == SSH2_AGENT_FAILURE)) - -static inline uint32_t -get_u32(const void *vp) -{ - const u_char *p = (const u_char *)vp; - uint32_t v; - - v = (uint32_t)p[0] << 24; - v |= (uint32_t)p[1] << 16; - v |= (uint32_t)p[2] << 8; - v |= (uint32_t)p[3]; - - return (v); -} - -static inline void -put_u32(void *vp, uint32_t v) -{ - u_char *p = (u_char *)vp; - - p[0] = (u_char)(v >> 24) & 0xff; - p[1] = (u_char)(v >> 16) & 0xff; - p[2] = (u_char)(v >> 8) & 0xff; - p[3] = (u_char)v & 0xff; -} - -/* Communicate with agent: send request and read reply */ -static int -ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) -{ - int r; - size_t l, len; - char buf[1024]; - - /* Get the length of the message, and format it in the buffer. */ - len = sshbuf_len(request); - put_u32(buf, len); - - /* Send the length and then the packet to the agent. */ - if (atomicio(vwrite, sock, buf, 4) != 4 || - atomicio(vwrite, sock, (u_char *)sshbuf_ptr(request), - sshbuf_len(request)) != sshbuf_len(request)) - return SSH_ERR_AGENT_COMMUNICATION; - /* - * Wait for response from the agent. First read the length of the - * response packet. - */ - if (atomicio(read, sock, buf, 4) != 4) - return SSH_ERR_AGENT_COMMUNICATION; - - /* Extract the length, and check it for sanity. */ - len = get_u32(buf); - if (len > MAX_AGENT_REPLY_LEN) - return SSH_ERR_INVALID_FORMAT; - - /* Read the rest of the response in to the buffer. */ - sshbuf_reset(reply); - while (len > 0) { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - if (atomicio(read, sock, buf, l) != l) - return SSH_ERR_AGENT_COMMUNICATION; - if ((r = sshbuf_put(reply, buf, l)) != 0) - return r; - len -= l; - } - return 0; -} - -/* encode signature algoritm in flag bits, so we can keep the msg format */ -static u_int -agent_encode_alg(const struct sshkey *key, const char *alg) -{ - if (alg != NULL && key->type == KEY_RSA) { - if (strcmp(alg, "rsa-sha2-256") == 0) - return SSH_AGENT_RSA_SHA2_256; - else if (strcmp(alg, "rsa-sha2-512") == 0) - return SSH_AGENT_RSA_SHA2_512; - } - return 0; -} - -void -ssh_free_x509chain(struct ssh_x509chain *chain) -{ - size_t i; - for (i = 0; i < chain->ncerts; ++i) { - memset_s(chain->certs[i], chain->certlen[i], 0x0, chain->certlen[i]); -// explicit_bzero(chain->certs[i], chain->certlen[i]); - free(chain->certs[i]); - } - free(chain->certs); - free(chain->certlen); - free(chain); -} - -int -ssh_agent_get_x509(int sock, const struct sshkey *key, - struct ssh_x509chain **pchain) -{ - struct sshbuf *msg; - u_char *blob = NULL; - size_t blen = 0, len = 0; - u_int count, i; - struct ssh_x509chain *chain = NULL; - u_int flags = 0; - int r; - uint8_t type; - - *pchain = NULL; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) - goto out; - - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_X509)) != 0 || - (r = sshbuf_put_string(msg, blob, blen)) != 0 || - (r = sshbuf_put_u32(msg, flags)) != 0) - goto out; - - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH2_AGENT_X509_RESPONSE) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - chain = calloc(1, sizeof (*chain)); - if (chain == NULL) { - sshbuf_free(msg); - return (SSH_ERR_ALLOC_FAIL); - } - - if ((r = sshbuf_get_u32(msg, &count)) != 0) - goto out; - - chain->ncerts = count; - // VERIFY3U(count, <, 1024); // TODO: FIX - chain->certs = calloc(count, sizeof (u_char *)); -// VERIFY(chain->certs != NULL); // TODO: FIX - chain->certlen = calloc(count, sizeof (size_t)); -// VERIFY(chain->certlen != NULL); // TODO: FIX - - for (i = 0; i < count; ++i) { - if ((r = sshbuf_get_string(msg, &chain->certs[i], &len)) != 0) - goto out; - chain->certlen[i] = len; - } - - *pchain = chain; - chain = NULL; - r = 0; -out: - if (chain != NULL) - ssh_free_x509chain(chain); - if (blob != NULL) { - memset_s(blob, blen, 0x0, blen); -// explicit_bzero(blob, blen); - free(blob); - } - sshbuf_free(msg); - return r; -} - -/* ask agent to sign data, returns err.h code on error, 0 on success */ -int -ssh_agent_sign(int sock, const struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg, u_int compat) -{ - struct sshbuf *msg; - u_char *blob = NULL, type; - size_t blen = 0, len = 0; - u_int flags = 0; - int r = SSH_ERR_INTERNAL_ERROR; - - *sigp = NULL; - *lenp = 0; - - if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) - return SSH_ERR_INVALID_ARGUMENT; - /*if (compat & SSH_BUG_SIGBLOB) - flags |= SSH_AGENT_OLD_SIGNATURE;*/ - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) - goto out; - flags |= agent_encode_alg(key, alg); - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || - (r = sshbuf_put_string(msg, blob, blen)) != 0 || - (r = sshbuf_put_string(msg, data, datalen)) != 0 || - (r = sshbuf_put_u32(msg, flags)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH2_AGENT_SIGN_RESPONSE) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_get_string(msg, sigp, &len)) != 0) - goto out; - *lenp = len; - r = 0; - out: - if (blob != NULL) { - memset_s(blob, blen, 0x0, blen); -// explicit_bzero(blob, blen); - free(blob); - } - sshbuf_free(msg); - return r; -} - -static int -deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) -{ - int r; - char *comment = NULL; - const u_char *blob; - size_t blen; - - if ((r = sshbuf_get_string_direct(ids, &blob, &blen)) != 0 || - (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0) - goto out; - if ((r = sshkey_from_blob(blob, blen, keyp)) != 0) - goto out; - if (commentp != NULL) { - *commentp = comment; - comment = NULL; - } - r = 0; - out: - free(comment); - return r; -} - -/* - * Fetch list of identities held by the agent. - */ -int -ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) -{ - u_char type; - uint32_t num, i; - struct sshbuf *msg; - struct ssh_identitylist *idl = NULL; - int r; - - /* - * Send a message to the agent requesting for a list of the - * identities it can represent. - */ - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0) - goto out; - - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - - /* Get message type, and verify that we got a proper answer. */ - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* Get the number of entries in the response and check it for sanity. */ - if ((r = sshbuf_get_u32(msg, &num)) != 0) - goto out; - if (num > MAX_AGENT_IDENTITIES) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (num == 0) { - r = SSH_ERR_AGENT_NO_IDENTITIES; - goto out; - } - - /* Deserialise the response into a list of keys/comments */ - if ((idl = calloc(1, sizeof(*idl))) == NULL || - (idl->keys = calloc(num, sizeof(*idl->keys))) == NULL || - (idl->comments = calloc(num, sizeof(*idl->comments))) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - for (i = 0; i < num;) { - if ((r = deserialise_identity2(msg, &(idl->keys[i]), - &(idl->comments[i]))) != 0) { - if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { - /* Gracefully skip unknown key types */ - num--; - continue; - } else - goto out; - } - i++; - } - idl->nkeys = num; - *idlp = idl; - idl = NULL; - r = 0; - out: - sshbuf_free(msg); - if (idl != NULL) - ssh_free_identitylist(idl); - return r; -} - -void -ssh_free_identitylist(struct ssh_identitylist *idl) -{ - size_t i; - - if (idl == NULL) - return; - for (i = 0; i < idl->nkeys; i++) { - if (idl->keys != NULL) - sshkey_free(idl->keys[i]); - if (idl->comments != NULL) - free(idl->comments[i]); - } - free(idl->keys); - free(idl->comments); - free(idl); -} diff --git a/Blink/Commands/openssh/authfd.c b/Blink/Commands/openssh/authfd.c deleted file mode 100644 index dd37548aa..000000000 --- a/Blink/Commands/openssh/authfd.c +++ /dev/null @@ -1,585 +0,0 @@ -/* $OpenBSD: authfd.c,v 1.111 2018/07/09 21:59:10 markus Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * Functions for connecting the local authentication agent. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * SSH2 implementation, - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" - -#define WITH_OPENSSL - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -//#include "xmalloc.h" -#include "ssh2.h" -#include "sshbuf.h" -#include "sshkey.h" -#include "authfd.h" -#include "cipher.h" -//#include "compat.h" -//#include "log.h" -#include "atomicio.h" -//#include "misc.h" -#include "ssherr.h" - -#include "blink-compat.h" - - -#define MAX_AGENT_IDENTITIES 2048 /* Max keys in agent reply */ -#define MAX_AGENT_REPLY_LEN (256 * 1024) /* Max bytes in agent reply */ - -/* macro to check for "agent failure" message */ -#define agent_failed(x) \ - ((x == SSH_AGENT_FAILURE) || \ - (x == SSH_COM_AGENT2_FAILURE) || \ - (x == SSH2_AGENT_FAILURE)) - -/* Convert success/failure response from agent to a err.h status */ -static int -decode_reply(u_char type) -{ - if (agent_failed(type)) - return SSH_ERR_AGENT_FAILURE; - else if (type == SSH_AGENT_SUCCESS) - return 0; - else - return SSH_ERR_INVALID_FORMAT; -} - -/* Returns the number of the authentication fd, or -1 if there is none. */ -int -ssh_get_authentication_socket(int *fdp) -{ - const char *authsocket; - int sock, oerrno; - struct sockaddr_un sunaddr; - - if (fdp != NULL) - *fdp = -1; - - authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); - if (!authsocket) - return SSH_ERR_AGENT_NOT_PRESENT; - - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); - - if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) - return SSH_ERR_SYSTEM_ERROR; - - /* close on exec */ - if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 || - connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { - oerrno = errno; - close(sock); - errno = oerrno; - return SSH_ERR_SYSTEM_ERROR; - } - if (fdp != NULL) - *fdp = sock; - else - close(sock); - return 0; -} - -/* Communicate with agent: send request and read reply */ -static int -ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) -{ - int r; - size_t l, len; - char buf[1024]; - - /* Get the length of the message, and format it in the buffer. */ - len = sshbuf_len(request); - POKE_U32(buf, len); - - /* Send the length and then the packet to the agent. */ - if (atomicio(vwrite, sock, buf, 4) != 4 || - atomicio(vwrite, sock, sshbuf_mutable_ptr(request), - sshbuf_len(request)) != sshbuf_len(request)) - return SSH_ERR_AGENT_COMMUNICATION; - /* - * Wait for response from the agent. First read the length of the - * response packet. - */ - if (atomicio(read, sock, buf, 4) != 4) - return SSH_ERR_AGENT_COMMUNICATION; - - /* Extract the length, and check it for sanity. */ - len = PEEK_U32(buf); - if (len > MAX_AGENT_REPLY_LEN) - return SSH_ERR_INVALID_FORMAT; - - /* Read the rest of the response in to the buffer. */ - sshbuf_reset(reply); - while (len > 0) { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - if (atomicio(read, sock, buf, l) != l) - return SSH_ERR_AGENT_COMMUNICATION; - if ((r = sshbuf_put(reply, buf, l)) != 0) - return r; - len -= l; - } - return 0; -} - -/* - * Closes the agent socket if it should be closed (depends on how it was - * obtained). The argument must have been returned by - * ssh_get_authentication_socket(). - */ -void -ssh_close_authentication_socket(int sock) -{ - if (getenv(SSH_AUTHSOCKET_ENV_NAME)) - close(sock); -} - -/* Lock/unlock agent */ -int -ssh_lock_agent(int sock, int lock, const char *password) -{ - int r; - u_char type = lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK; - struct sshbuf *msg; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = sshbuf_put_cstring(msg, password)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); - out: - sshbuf_free(msg); - return r; -} - - -static int -deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) -{ - int r; - char *comment = NULL; - const u_char *blob; - size_t blen; - - if ((r = sshbuf_get_string_direct(ids, &blob, &blen)) != 0 || - (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0) - goto out; - if ((r = sshkey_from_blob(blob, blen, keyp)) != 0) - goto out; - if (commentp != NULL) { - *commentp = comment; - comment = NULL; - } - r = 0; - out: - free(comment); - return r; -} - -/* - * Fetch list of identities held by the agent. - */ -int -ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) -{ - u_char type; - u_int32_t num, i; - struct sshbuf *msg; - struct ssh_identitylist *idl = NULL; - int r; - - /* - * Send a message to the agent requesting for a list of the - * identities it can represent. - */ - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0) - goto out; - - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - - /* Get message type, and verify that we got a proper answer. */ - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* Get the number of entries in the response and check it for sanity. */ - if ((r = sshbuf_get_u32(msg, &num)) != 0) - goto out; - if (num > MAX_AGENT_IDENTITIES) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (num == 0) { - r = SSH_ERR_AGENT_NO_IDENTITIES; - goto out; - } - - /* Deserialise the response into a list of keys/comments */ - if ((idl = calloc(1, sizeof(*idl))) == NULL || - (idl->keys = calloc(num, sizeof(*idl->keys))) == NULL || - (idl->comments = calloc(num, sizeof(*idl->comments))) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - for (i = 0; i < num;) { - if ((r = deserialise_identity2(msg, &(idl->keys[i]), - &(idl->comments[i]))) != 0) { - if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { - /* Gracefully skip unknown key types */ - num--; - continue; - } else - goto out; - } - i++; - } - idl->nkeys = num; - *idlp = idl; - idl = NULL; - r = 0; - out: - sshbuf_free(msg); - if (idl != NULL) - ssh_free_identitylist(idl); - return r; -} - -void -ssh_free_identitylist(struct ssh_identitylist *idl) -{ - size_t i; - - if (idl == NULL) - return; - for (i = 0; i < idl->nkeys; i++) { - if (idl->keys != NULL) - sshkey_free(idl->keys[i]); - if (idl->comments != NULL) - free(idl->comments[i]); - } - free(idl); -} - -/* - * Sends a challenge (typically from a server via ssh(1)) to the agent, - * and waits for a response from the agent. - * Returns true (non-zero) if the agent gave the correct answer, zero - * otherwise. - */ - - -/* encode signature algorithm in flag bits, so we can keep the msg format */ -static u_int -agent_encode_alg(const struct sshkey *key, const char *alg) -{ - if (alg != NULL && key->type == KEY_RSA) { - if (strcmp(alg, "rsa-sha2-256") == 0) - return SSH_AGENT_RSA_SHA2_256; - else if (strcmp(alg, "rsa-sha2-512") == 0) - return SSH_AGENT_RSA_SHA2_512; - } - return 0; -} - -/* ask agent to sign data, returns err.h code on error, 0 on success */ -int -ssh_agent_sign(int sock, const struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg, u_int compat) -{ - struct sshbuf *msg; - u_char *sig = NULL, type = 0; - size_t len = 0; - u_int flags = 0; - int r = SSH_ERR_INTERNAL_ERROR; - - *sigp = NULL; - *lenp = 0; - - if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) - return SSH_ERR_INVALID_ARGUMENT; - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - flags |= agent_encode_alg(key, alg); - if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || - (r = sshkey_puts(key, msg)) != 0 || - (r = sshbuf_put_string(msg, data, datalen)) != 0 || - (r = sshbuf_put_u32(msg, flags)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH2_AGENT_SIGN_RESPONSE) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_get_string(msg, &sig, &len)) != 0) - goto out; - /* Check what we actually got back from the agent. */ - if ((r = sshkey_check_sigtype(sig, len, alg)) != 0) - goto out; - /* success */ - *sigp = sig; - *lenp = len; - sig = NULL; - len = 0; - r = 0; - out: - freezero(sig, len); - sshbuf_free(msg); - return r; -} - -/* Encode key for a message to the agent. */ - - -static int -encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign) -{ - int r; - - if (life != 0) { - if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_LIFETIME)) != 0 || - (r = sshbuf_put_u32(m, life)) != 0) - goto out; - } - if (confirm != 0) { - if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_CONFIRM)) != 0) - goto out; - } - if (maxsign != 0) { - if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_MAXSIGN)) != 0 || - (r = sshbuf_put_u32(m, maxsign)) != 0) - goto out; - } - r = 0; - out: - return r; -} - -/* - * Adds an identity to the authentication server. - * This call is intended only for use by ssh-add(1) and like applications. - */ -int -ssh_add_identity_constrained(int sock, const struct sshkey *key, - const char *comment, u_int life, u_int confirm, u_int maxsign) -{ - struct sshbuf *msg; - int r, constrained = (life || confirm || maxsign); - u_char type; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: - case KEY_DSA: - case KEY_DSA_CERT: - case KEY_ECDSA: - case KEY_ECDSA_CERT: -#endif - case KEY_ED25519: - case KEY_ED25519_CERT: - case KEY_XMSS: - case KEY_XMSS_CERT: - type = constrained ? - SSH2_AGENTC_ADD_ID_CONSTRAINED : - SSH2_AGENTC_ADD_IDENTITY; - if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = sshkey_private_serialize_maxsign(key, msg, maxsign, - NULL)) != 0 || - (r = sshbuf_put_cstring(msg, comment)) != 0) - goto out; - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if (constrained && - (r = encode_constraints(msg, life, confirm, maxsign)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); - out: - sshbuf_free(msg); - return r; -} - -/* - * Removes an identity from the authentication server. - * This call is intended only for use by ssh-add(1) and like applications. - */ -int -ssh_remove_identity(int sock, struct sshkey *key) -{ - struct sshbuf *msg; - int r; - u_char type, *blob = NULL; - size_t blen; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - - if (key->type != KEY_UNSPEC) { - if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) - goto out; - if ((r = sshbuf_put_u8(msg, - SSH2_AGENTC_REMOVE_IDENTITY)) != 0 || - (r = sshbuf_put_string(msg, blob, blen)) != 0) - goto out; - } else { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); - out: - if (blob != NULL) { - explicit_bzero(blob, blen); - free(blob); - } - sshbuf_free(msg); - return r; -} - -/* - * Add/remove an token-based identity from the authentication server. - * This call is intended only for use by ssh-add(1) and like applications. - */ -int -ssh_update_card(int sock, int add, const char *reader_id, const char *pin, - u_int life, u_int confirm) -{ - struct sshbuf *msg; - int r, constrained = (life || confirm); - u_char type; - - if (add) { - type = constrained ? - SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED : - SSH_AGENTC_ADD_SMARTCARD_KEY; - } else - type = SSH_AGENTC_REMOVE_SMARTCARD_KEY; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = sshbuf_put_cstring(msg, reader_id)) != 0 || - (r = sshbuf_put_cstring(msg, pin)) != 0) - goto out; - if (constrained && - (r = encode_constraints(msg, life, confirm, 0)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); - out: - sshbuf_free(msg); - return r; -} - -/* - * Removes all identities from the agent. - * This call is intended only for use by ssh-add(1) and like applications. - * - * This supports the SSH protocol 1 message to because, when clearing all - * keys from an agent, we generally want to clear both protocol v1 and v2 - * keys. - */ -int -ssh_remove_all_identities(int sock, int version) -{ - struct sshbuf *msg; - u_char type = (version == 1) ? - SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES : - SSH2_AGENTC_REMOVE_ALL_IDENTITIES; - int r; - - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, type)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); - out: - sshbuf_free(msg); - return r; -} diff --git a/Blink/Commands/openssh/authfd.h b/Blink/Commands/openssh/authfd.h deleted file mode 100644 index a032fd542..000000000 --- a/Blink/Commands/openssh/authfd.h +++ /dev/null @@ -1,90 +0,0 @@ -/* $OpenBSD: authfd.h,v 1.44 2018/07/12 04:35:25 djm Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * Functions to interface with the SSH_AUTHENTICATION_FD socket. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#ifndef AUTHFD_H -#define AUTHFD_H - -/* List of identities returned by ssh_fetch_identitylist() */ -struct ssh_identitylist { - size_t nkeys; - struct sshkey **keys; - char **comments; -}; - -int ssh_get_authentication_socket(int *fdp); -void ssh_close_authentication_socket(int sock); - -int ssh_lock_agent(int sock, int lock, const char *password); -int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); -void ssh_free_identitylist(struct ssh_identitylist *idl); -int ssh_add_identity_constrained(int sock, const struct sshkey *key, - const char *comment, u_int life, u_int confirm, u_int maxsign); -int ssh_remove_identity(int sock, struct sshkey *key); -int ssh_update_card(int sock, int add, const char *reader_id, - const char *pin, u_int life, u_int confirm); -int ssh_remove_all_identities(int sock, int version); - -int ssh_agent_sign(int sock, const struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg, u_int compat); - -/* Messages for the authentication agent connection. */ -#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 -#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 -#define SSH_AGENTC_RSA_CHALLENGE 3 -#define SSH_AGENT_RSA_RESPONSE 4 -#define SSH_AGENT_FAILURE 5 -#define SSH_AGENT_SUCCESS 6 -#define SSH_AGENTC_ADD_RSA_IDENTITY 7 -#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 -#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 - -/* private OpenSSH extensions for SSH2 */ -#define SSH2_AGENTC_REQUEST_IDENTITIES 11 -#define SSH2_AGENT_IDENTITIES_ANSWER 12 -#define SSH2_AGENTC_SIGN_REQUEST 13 -#define SSH2_AGENT_SIGN_RESPONSE 14 -#define SSH2_AGENTC_ADD_IDENTITY 17 -#define SSH2_AGENTC_REMOVE_IDENTITY 18 -#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 - -/* smartcard */ -#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 -#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 - -/* lock/unlock the agent */ -#define SSH_AGENTC_LOCK 22 -#define SSH_AGENTC_UNLOCK 23 - -/* add key with constraints */ -#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 -#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 -#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 - -#define SSH_AGENT_CONSTRAIN_LIFETIME 1 -#define SSH_AGENT_CONSTRAIN_CONFIRM 2 -#define SSH_AGENT_CONSTRAIN_MAXSIGN 3 - -/* extended failure messages */ -#define SSH2_AGENT_FAILURE 30 - -/* additional error code for ssh.com's ssh-agent2 */ -#define SSH_COM_AGENT2_FAILURE 102 - -#define SSH_AGENT_OLD_SIGNATURE 0x01 -#define SSH_AGENT_RSA_SHA2_256 0x02 -#define SSH_AGENT_RSA_SHA2_512 0x04 - -#endif /* AUTHFD_H */ diff --git a/Blink/Commands/openssh/authfile.c b/Blink/Commands/openssh/authfile.c deleted file mode 100644 index 7e3c630f5..000000000 --- a/Blink/Commands/openssh/authfile.c +++ /dev/null @@ -1,534 +0,0 @@ -/* $OpenBSD: authfile.c,v 1.130 2018/07/09 21:59:10 markus Exp $ */ -/* - * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "cipher.h" -#include "ssh2.h" -//#include "log.h" -#include "authfile.h" -//#include "misc.h" -#include "atomicio.h" -#include "sshkey.h" -#include "sshbuf.h" -#include "ssherr.h" -//#include "krl.h" - -#include "blink-compat.h" - -#define MAX_KEY_FILE_SIZE (1024 * 1024) - -/* Save a key blob to a file */ -static int -sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) -{ - int fd, oerrno; - - if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) - return SSH_ERR_SYSTEM_ERROR; - if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf), - sshbuf_len(keybuf)) != sshbuf_len(keybuf)) { - oerrno = errno; - close(fd); - unlink(filename); - errno = oerrno; - return SSH_ERR_SYSTEM_ERROR; - } - close(fd); - return 0; -} - -int -sshkey_save_private(struct sshkey *key, const char *filename, - const char *passphrase, const char *comment, - int force_new_format, const char *new_format_cipher, int new_format_rounds) -{ - struct sshbuf *keyblob = NULL; - int r; - - if ((keyblob = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment, - force_new_format, new_format_cipher, new_format_rounds)) != 0) - goto out; - if ((r = sshkey_save_private_blob(keyblob, filename)) != 0) - goto out; - r = 0; - out: - sshbuf_free(keyblob); - return r; -} - -/* Load a key from a fd into a buffer */ -int -sshkey_load_file(int fd, struct sshbuf *blob) -{ - u_char buf[1024]; - size_t len; - struct stat st; - int r; - - if (fstat(fd, &st) < 0) - return SSH_ERR_SYSTEM_ERROR; - if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && - st.st_size > MAX_KEY_FILE_SIZE) - return SSH_ERR_INVALID_FORMAT; - for (;;) { - if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) { - if (errno == EPIPE) - break; - r = SSH_ERR_SYSTEM_ERROR; - goto out; - } - if ((r = sshbuf_put(blob, buf, len)) != 0) - goto out; - if (sshbuf_len(blob) > MAX_KEY_FILE_SIZE) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - } - if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && - st.st_size != (off_t)sshbuf_len(blob)) { - r = SSH_ERR_FILE_CHANGED; - goto out; - } - r = 0; - - out: - explicit_bzero(buf, sizeof(buf)); - if (r != 0) - sshbuf_reset(blob); - return r; -} - - -/* XXX remove error() calls from here? */ -int -sshkey_perm_ok(int fd, const char *filename) -{ - struct stat st; - - if (fstat(fd, &st) < 0) - return SSH_ERR_SYSTEM_ERROR; - /* - * if a key owned by the user is accessed, then we check the - * permissions of the file. if the key owned by a different user, - * then we don't care. - */ -#ifdef HAVE_CYGWIN - if (check_ntsec(filename)) -#endif - if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("Permissions 0%3.3o for '%s' are too open.", - (u_int)st.st_mode & 0777, filename); - error("It is required that your private key files are NOT accessible by others."); - error("This private key will be ignored."); - return SSH_ERR_KEY_BAD_PERMISSIONS; - } - return 0; -} - -/* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */ -int -sshkey_load_private_type(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, char **commentp, int *perm_ok) -{ - int fd, r; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((fd = open(filename, O_RDONLY)) < 0) { - if (perm_ok != NULL) - *perm_ok = 0; - return SSH_ERR_SYSTEM_ERROR; - } - if (sshkey_perm_ok(fd, filename) != 0) { - if (perm_ok != NULL) - *perm_ok = 0; - r = SSH_ERR_KEY_BAD_PERMISSIONS; - goto out; - } - if (perm_ok != NULL) - *perm_ok = 1; - - r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); - if (r == 0 && keyp && *keyp) - r = sshkey_set_filename(*keyp, filename); - out: - close(fd); - return r; -} - -int -sshkey_load_private_type_fd(int fd, int type, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - struct sshbuf *buffer = NULL; - int r; - - if (keyp != NULL) - *keyp = NULL; - if ((buffer = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_load_file(fd, buffer)) != 0 || - (r = sshkey_parse_private_fileblob_type(buffer, type, - passphrase, keyp, commentp)) != 0) - goto out; - - /* success */ - r = 0; - out: - sshbuf_free(buffer); - return r; -} - -/* XXX this is almost identical to sshkey_load_private_type() */ -int -sshkey_load_private(const char *filename, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - struct sshbuf *buffer = NULL; - int r, fd; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((fd = open(filename, O_RDONLY)) < 0) - return SSH_ERR_SYSTEM_ERROR; - if (sshkey_perm_ok(fd, filename) != 0) { - r = SSH_ERR_KEY_BAD_PERMISSIONS; - goto out; - } - - if ((buffer = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_load_file(fd, buffer)) != 0 || - (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp, - commentp)) != 0) - goto out; - if (keyp && *keyp && - (r = sshkey_set_filename(*keyp, filename)) != 0) - goto out; - r = 0; - out: - close(fd); - sshbuf_free(buffer); - return r; -} - -static int -sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) -{ - FILE *f; - char *line = NULL, *cp; - size_t linesize = 0; - int r; - - if (commentp != NULL) - *commentp = NULL; - if ((f = fopen(filename, "r")) == NULL) - return SSH_ERR_SYSTEM_ERROR; - while (getline(&line, &linesize, f) != -1) { - cp = line; - switch (*cp) { - case '#': - case '\n': - case '\0': - continue; - } - /* Abort loading if this looks like a private key */ - if (strncmp(cp, "-----BEGIN", 10) == 0 || - strcmp(cp, "SSH PRIVATE KEY FILE") == 0) - break; - /* Skip leading whitespace. */ - for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) - ; - if (*cp) { - if ((r = sshkey_read(k, &cp)) == 0) { - cp[strcspn(cp, "\r\n")] = '\0'; - if (commentp) { - *commentp = strdup(*cp ? - cp : filename); - if (*commentp == NULL) - r = SSH_ERR_ALLOC_FAIL; - } - free(line); - fclose(f); - return r; - } - } - } - free(line); - fclose(f); - return SSH_ERR_INVALID_FORMAT; -} - -/* load public key from any pubkey file */ -int -sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) -{ - struct sshkey *pub = NULL; - char *file = NULL; - int r; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) { - if (keyp != NULL) { - *keyp = pub; - pub = NULL; - } - r = 0; - goto out; - } - sshkey_free(pub); - - /* try .pub suffix */ - if (asprintf(&file, "%s.pub", filename) == -1) - return SSH_ERR_ALLOC_FAIL; - if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) { - if (keyp != NULL) { - *keyp = pub; - pub = NULL; - } - r = 0; - } - out: - free(file); - sshkey_free(pub); - return r; -} - -/* Load the certificate associated with the named private key */ -int -sshkey_load_cert(const char *filename, struct sshkey **keyp) -{ - struct sshkey *pub = NULL; - char *file = NULL; - int r = SSH_ERR_INTERNAL_ERROR; - - if (keyp != NULL) - *keyp = NULL; - - if (asprintf(&file, "%s-cert.pub", filename) == -1) - return SSH_ERR_ALLOC_FAIL; - - if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { - goto out; - } - if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) - goto out; - /* success */ - if (keyp != NULL) { - *keyp = pub; - pub = NULL; - } - r = 0; - out: - free(file); - sshkey_free(pub); - return r; -} - -/* Load private key and certificate */ -int -sshkey_load_private_cert(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, int *perm_ok) -{ - struct sshkey *key = NULL, *cert = NULL; - int r; - - if (keyp != NULL) - *keyp = NULL; - - switch (type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_DSA: - case KEY_ECDSA: -#endif /* WITH_OPENSSL */ - case KEY_ED25519: -// case KEY_XMSS: - case KEY_UNSPEC: - break; - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } - - if ((r = sshkey_load_private_type(type, filename, - passphrase, &key, NULL, perm_ok)) != 0 || - (r = sshkey_load_cert(filename, &cert)) != 0) - goto out; - - /* Make sure the private key matches the certificate */ - if (sshkey_equal_public(key, cert) == 0) { - r = SSH_ERR_KEY_CERT_MISMATCH; - goto out; - } - - if ((r = sshkey_to_certified(key)) != 0 || - (r = sshkey_cert_copy(cert, key)) != 0) - goto out; - r = 0; - if (keyp != NULL) { - *keyp = key; - key = NULL; - } - out: - sshkey_free(key); - sshkey_free(cert); - return r; -} - -/* - * Returns success if the specified "key" is listed in the file "filename", - * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error. - * If "strict_type" is set then the key type must match exactly, - * otherwise a comparison that ignores certficiate data is performed. - * If "check_ca" is set and "key" is a certificate, then its CA key is - * also checked and sshkey_in_file() will return success if either is found. - */ -int -sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, - int check_ca) -{ - FILE *f; - char *line = NULL, *cp; - size_t linesize = 0; - int r = 0; - struct sshkey *pub = NULL; - - int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = - strict_type ? sshkey_equal : sshkey_equal_public; - - if ((f = fopen(filename, "r")) == NULL) - return SSH_ERR_SYSTEM_ERROR; - - while (getline(&line, &linesize, f) != -1) { - cp = line; - - /* Skip leading whitespace. */ - for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) - ; - - /* Skip comments and empty lines */ - switch (*cp) { - case '#': - case '\n': - case '\0': - continue; - } - - if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_read(pub, &cp)) != 0) - goto out; - if (sshkey_compare(key, pub) || - (check_ca && sshkey_is_cert(key) && - sshkey_compare(key->cert->signature_key, pub))) { - r = 0; - goto out; - } - sshkey_free(pub); - pub = NULL; - } - r = SSH_ERR_KEY_NOT_FOUND; - out: - free(line); - sshkey_free(pub); - fclose(f); - return r; -} - -/* - * Checks whether the specified key is revoked, returning 0 if not, - * SSH_ERR_KEY_REVOKED if it is or another error code if something - * unexpected happened. - * This will check both the key and, if it is a certificate, its CA key too. - * "revoked_keys_file" may be a KRL or a one-per-line list of public keys. - */ -int -sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) -{ - int r; - - // BLINK: TODO r = ssh_krl_file_contains_key(revoked_keys_file, key); - /* If this was not a KRL to begin with then continue below */ - if (r != SSH_ERR_KRL_BAD_MAGIC) - return r; - - /* - * If the file is not a KRL or we can't handle KRLs then attempt to - * parse the file as a flat list of keys. - */ - switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) { - case 0: - /* Key found => revoked */ - return SSH_ERR_KEY_REVOKED; - case SSH_ERR_KEY_NOT_FOUND: - /* Key not found => not revoked */ - return 0; - default: - /* Some other error occurred */ - return r; - } -} - diff --git a/Blink/Commands/openssh/authfile.h b/Blink/Commands/openssh/authfile.h deleted file mode 100644 index 624d269f1..000000000 --- a/Blink/Commands/openssh/authfile.h +++ /dev/null @@ -1,52 +0,0 @@ -/* $OpenBSD: authfile.h,v 1.21 2015/01/08 10:14:08 djm Exp $ */ - -/* - * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef AUTHFILE_H -#define AUTHFILE_H - -struct sshbuf; -struct sshkey; - -/* XXX document these */ -/* XXX some of these could probably be merged/retired */ - -int sshkey_save_private(struct sshkey *, const char *, - const char *, const char *, int, const char *, int); -int sshkey_load_file(int, struct sshbuf *); -int sshkey_load_cert(const char *, struct sshkey **); -int sshkey_load_public(const char *, struct sshkey **, char **); -int sshkey_load_private(const char *, const char *, struct sshkey **, char **); -int sshkey_load_private_cert(int, const char *, const char *, - struct sshkey **, int *); -int sshkey_load_private_type(int, const char *, const char *, - struct sshkey **, char **, int *); -int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, - struct sshkey **keyp, char **commentp); -int sshkey_perm_ok(int, const char *); -int sshkey_in_file(struct sshkey *, const char *, int, int); -int sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file); - -#endif diff --git a/Blink/Commands/openssh/base64.c b/Blink/Commands/openssh/base64.c deleted file mode 100644 index b6ebbd70f..000000000 --- a/Blink/Commands/openssh/base64.c +++ /dev/null @@ -1,313 +0,0 @@ -/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */ - -/* - * Copyright (c) 1996 by Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS - * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE - * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL - * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR - * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS - * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS - * SOFTWARE. - */ - -/* - * Portions Copyright (c) 1995 by International Business Machines, Inc. - * - * International Business Machines, Inc. (hereinafter called IBM) grants - * permission under its copyrights to use, copy, modify, and distribute this - * Software with or without fee, provided that the above copyright notice and - * all paragraphs of this notice appear in all copies, and that the name of IBM - * not be used in connection with the marketing of any product incorporating - * the Software or modifications thereof, without specific, written prior - * permission. - * - * To the extent it has a right to do so, IBM grants an immunity from suit - * under its patents, if any, for the use, sale or manufacture of products to - * the extent that such products are used for performing Domain Name System - * dynamic updates in TCP/IP networks by means of the Software. No immunity is - * granted for any product per se or for any other function of any product. - * - * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, - * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, - * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN - * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. - */ - -/* OPENBSD ORIGINAL: lib/libc/net/base64.c */ - -#if (!defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP)) || (!defined(HAVE_B64_PTON) && !defined(HAVE___B64_PTON)) - -#include -#include -#include -#include -#include - -#include -#include - -#include -#include - -#include "sshbuf.h" - -static const char Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -static const char Pad64 = '='; - -/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) - The following encoding technique is taken from RFC 1521 by Borenstein - and Freed. It is reproduced here in a slightly edited form for - convenience. - - A 65-character subset of US-ASCII is used, enabling 6 bits to be - represented per printable character. (The extra 65th character, "=", - is used to signify a special processing function.) - - The encoding process represents 24-bit groups of input bits as output - strings of 4 encoded characters. Proceeding from left to right, a - 24-bit input group is formed by concatenating 3 8-bit input groups. - These 24 bits are then treated as 4 concatenated 6-bit groups, each - of which is translated into a single digit in the base64 alphabet. - - Each 6-bit group is used as an index into an array of 64 printable - characters. The character referenced by the index is placed in the - output string. - - Table 1: The Base64 Alphabet - - Value Encoding Value Encoding Value Encoding Value Encoding - 0 A 17 R 34 i 51 z - 1 B 18 S 35 j 52 0 - 2 C 19 T 36 k 53 1 - 3 D 20 U 37 l 54 2 - 4 E 21 V 38 m 55 3 - 5 F 22 W 39 n 56 4 - 6 G 23 X 40 o 57 5 - 7 H 24 Y 41 p 58 6 - 8 I 25 Z 42 q 59 7 - 9 J 26 a 43 r 60 8 - 10 K 27 b 44 s 61 9 - 11 L 28 c 45 t 62 + - 12 M 29 d 46 u 63 / - 13 N 30 e 47 v - 14 O 31 f 48 w (pad) = - 15 P 32 g 49 x - 16 Q 33 h 50 y - - Special processing is performed if fewer than 24 bits are available - at the end of the data being encoded. A full encoding quantum is - always completed at the end of a quantity. When fewer than 24 input - bits are available in an input group, zero bits are added (on the - right) to form an integral number of 6-bit groups. Padding at the - end of the data is performed using the '=' character. - - Since all base64 input is an integral number of octets, only the - ------------------------------------------------- - following cases can arise: - - (1) the final quantum of encoding input is an integral - multiple of 24 bits; here, the final unit of encoded - output will be an integral multiple of 4 characters - with no "=" padding, - (2) the final quantum of encoding input is exactly 8 bits; - here, the final unit of encoded output will be two - characters followed by two "=" padding characters, or - (3) the final quantum of encoding input is exactly 16 bits; - here, the final unit of encoded output will be three - characters followed by one "=" padding character. - */ - -#if !defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP) -int -b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize) -{ - size_t datalength = 0; - u_char input[3]; - u_char output[4]; - u_int i; - - while (2 < srclength) { - input[0] = *src++; - input[1] = *src++; - input[2] = *src++; - srclength -= 3; - - output[0] = input[0] >> 2; - output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); - output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); - output[3] = input[2] & 0x3f; - - if (datalength + 4 > targsize) - return (-1); - target[datalength++] = Base64[output[0]]; - target[datalength++] = Base64[output[1]]; - target[datalength++] = Base64[output[2]]; - target[datalength++] = Base64[output[3]]; - } - - /* Now we worry about padding. */ - if (0 != srclength) { - /* Get what's left. */ - input[0] = input[1] = input[2] = '\0'; - for (i = 0; i < srclength; i++) - input[i] = *src++; - - output[0] = input[0] >> 2; - output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); - output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); - - if (datalength + 4 > targsize) - return (-1); - target[datalength++] = Base64[output[0]]; - target[datalength++] = Base64[output[1]]; - if (srclength == 1) - target[datalength++] = Pad64; - else - target[datalength++] = Base64[output[2]]; - target[datalength++] = Pad64; - } - if (datalength >= targsize) - return (-1); - target[datalength] = '\0'; /* Returned value doesn't count \0. */ - return (datalength); -} -#endif /* !defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP) */ - -#if !defined(HAVE_B64_PTON) && !defined(HAVE___B64_PTON) - -/* skips all whitespace anywhere. - converts characters, four at a time, starting at (or after) - src from base - 64 numbers into three 8 bit bytes in the target area. - it returns the number of data bytes stored at the target, or -1 on error. - */ - -int -b64_pton(char const *src, u_char *target, size_t targsize) -{ - u_int tarindex, state; - int ch; - char *pos; - - state = 0; - tarindex = 0; - - while ((ch = *src++) != '\0') { - if (isspace(ch)) /* Skip whitespace anywhere. */ - continue; - - if (ch == Pad64) - break; - - pos = strchr(Base64, ch); - if (pos == 0) /* A non-base64 character. */ - return (-1); - - switch (state) { - case 0: - if (target) { - if (tarindex >= targsize) - return (-1); - target[tarindex] = (pos - Base64) << 2; - } - state = 1; - break; - case 1: - if (target) { - if (tarindex + 1 >= targsize) - return (-1); - target[tarindex] |= (pos - Base64) >> 4; - target[tarindex+1] = ((pos - Base64) & 0x0f) - << 4 ; - } - tarindex++; - state = 2; - break; - case 2: - if (target) { - if (tarindex + 1 >= targsize) - return (-1); - target[tarindex] |= (pos - Base64) >> 2; - target[tarindex+1] = ((pos - Base64) & 0x03) - << 6; - } - tarindex++; - state = 3; - break; - case 3: - if (target) { - if (tarindex >= targsize) - return (-1); - target[tarindex] |= (pos - Base64); - } - tarindex++; - state = 0; - break; - } - } - - /* - * We are done decoding Base-64 chars. Let's see if we ended - * on a byte boundary, and/or with erroneous trailing characters. - */ - - if (ch == Pad64) { /* We got a pad char. */ - ch = *src++; /* Skip it, get next. */ - switch (state) { - case 0: /* Invalid = in first position */ - case 1: /* Invalid = in second position */ - return (-1); - - case 2: /* Valid, means one byte of info */ - /* Skip any number of spaces. */ - for (; ch != '\0'; ch = *src++) - if (!isspace(ch)) - break; - /* Make sure there is another trailing = sign. */ - if (ch != Pad64) - return (-1); - ch = *src++; /* Skip the = */ - /* Fall through to "single trailing =" case. */ - /* FALLTHROUGH */ - - case 3: /* Valid, means two bytes of info */ - /* - * We know this char is an =. Is there anything but - * whitespace after it? - */ - for (; ch != '\0'; ch = *src++) - if (!isspace(ch)) - return (-1); - - /* - * Now make sure for cases 2 and 3 that the "extra" - * bits that slopped past the last full byte were - * zeros. If we don't check them, they become a - * subliminal channel. - */ - if (target && target[tarindex] != 0) - return (-1); - } - } else { - /* - * We ended by seeing the end of the string. Make sure we - * have no partial bytes lying around. - */ - if (state != 0) - return (-1); - } - - return (tarindex); -} - -#endif /* !defined(HAVE_B64_PTON) && !defined(HAVE___B64_PTON) */ -#endif diff --git a/Blink/Commands/openssh/bcrypt-pbkdf.c b/Blink/Commands/openssh/bcrypt-pbkdf.c deleted file mode 100644 index 53d9fe737..000000000 --- a/Blink/Commands/openssh/bcrypt-pbkdf.c +++ /dev/null @@ -1,172 +0,0 @@ -/* $OpenBSD: bcrypt_pbkdf.c,v 1.13 2015/01/12 03:20:04 tedu Exp $ */ -/* - * Copyright (c) 2013 Ted Unangst - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "blf.h" - -#include "ed25519/crypto_api.h" -#ifdef SHA512_DIGEST_LENGTH -# undef SHA512_DIGEST_LENGTH -#endif -#define SHA512_DIGEST_LENGTH crypto_hash_sha512_BYTES - -#define MINIMUM(a,b) (((a) < (b)) ? (a) : (b)) - -#define explicit_bzero(data, len) memset_s(data, len, 0x0, len) - -/* - * pkcs #5 pbkdf2 implementation using the "bcrypt" hash - * - * The bcrypt hash function is derived from the bcrypt password hashing - * function with the following modifications: - * 1. The input password and salt are preprocessed with SHA512. - * 2. The output length is expanded to 256 bits. - * 3. Subsequently the magic string to be encrypted is lengthened and modifed - * to "OxychromaticBlowfishSwatDynamite" - * 4. The hash function is defined to perform 64 rounds of initial state - * expansion. (More rounds are performed by iterating the hash.) - * - * Note that this implementation pulls the SHA512 operations into the caller - * as a performance optimization. - * - * One modification from official pbkdf2. Instead of outputting key material - * linearly, we mix it. pbkdf2 has a known weakness where if one uses it to - * generate (e.g.) 512 bits of key material for use as two 256 bit keys, an - * attacker can merely run once through the outer loop, but the user - * always runs it twice. Shuffling output bytes requires computing the - * entirety of the key material to assemble any subkey. This is something a - * wise caller could do; we just do it for you. - */ - -#define BCRYPT_WORDS 8 -#define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4) - -static void -bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) -{ - blf_ctx state; - uint8_t ciphertext[BCRYPT_HASHSIZE] = - "OxychromaticBlowfishSwatDynamite"; - uint32_t cdata[BCRYPT_WORDS]; - int i; - uint16_t j; - size_t shalen = SHA512_DIGEST_LENGTH; - - /* key expansion */ - Blowfish_initstate(&state); - Blowfish_expandstate(&state, sha2salt, shalen, sha2pass, shalen); - for (i = 0; i < 64; i++) { - Blowfish_expand0state(&state, sha2salt, shalen); - Blowfish_expand0state(&state, sha2pass, shalen); - } - - /* encryption */ - j = 0; - for (i = 0; i < BCRYPT_WORDS; i++) - cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext), - &j); - for (i = 0; i < 64; i++) - blf_enc(&state, cdata, sizeof(cdata) / sizeof(uint64_t)); - - /* copy out */ - for (i = 0; i < BCRYPT_WORDS; i++) { - out[4 * i + 3] = (cdata[i] >> 24) & 0xff; - out[4 * i + 2] = (cdata[i] >> 16) & 0xff; - out[4 * i + 1] = (cdata[i] >> 8) & 0xff; - out[4 * i + 0] = cdata[i] & 0xff; - } - - /* zap */ - explicit_bzero(ciphertext, sizeof(ciphertext)); - explicit_bzero(cdata, sizeof(cdata)); - explicit_bzero(&state, sizeof(state)); -} - -int -bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, - uint8_t *key, size_t keylen, unsigned int rounds) -{ - uint8_t sha2pass[SHA512_DIGEST_LENGTH]; - uint8_t sha2salt[SHA512_DIGEST_LENGTH]; - uint8_t out[BCRYPT_HASHSIZE]; - uint8_t tmpout[BCRYPT_HASHSIZE]; - uint8_t *countsalt; - size_t i, j, amt, stride; - uint32_t count; - size_t origkeylen = keylen; - - /* nothing crazy */ - if (rounds < 1) - return -1; - if (passlen == 0 || saltlen == 0 || keylen == 0 || - keylen > sizeof(out) * sizeof(out) || saltlen > 1<<20) - return -1; - if ((countsalt = calloc(1, saltlen + 4)) == NULL) - return -1; - stride = (keylen + sizeof(out) - 1) / sizeof(out); - amt = (keylen + stride - 1) / stride; - - memcpy(countsalt, salt, saltlen); - - /* collapse password */ - crypto_hash_sha512(sha2pass, (const u_char *)pass, passlen); - - /* generate key, sizeof(out) at a time */ - for (count = 1; keylen > 0; count++) { - countsalt[saltlen + 0] = (count >> 24) & 0xff; - countsalt[saltlen + 1] = (count >> 16) & 0xff; - countsalt[saltlen + 2] = (count >> 8) & 0xff; - countsalt[saltlen + 3] = count & 0xff; - - /* first round, salt is salt */ - crypto_hash_sha512(sha2salt, countsalt, saltlen + 4); - - bcrypt_hash(sha2pass, sha2salt, tmpout); - memcpy(out, tmpout, sizeof(out)); - - for (i = 1; i < rounds; i++) { - /* subsequent rounds, salt is previous output */ - crypto_hash_sha512(sha2salt, tmpout, sizeof(tmpout)); - bcrypt_hash(sha2pass, sha2salt, tmpout); - for (j = 0; j < sizeof(out); j++) - out[j] ^= tmpout[j]; - } - - /* - * pbkdf2 deviation: output the key material non-linearly. - */ - amt = MINIMUM(amt, keylen); - for (i = 0; i < amt; i++) { - size_t dest = i * stride + (count - 1); - if (dest >= origkeylen) - break; - key[dest] = out[i]; - } - keylen -= i; - } - - /* zap */ - explicit_bzero(out, sizeof(out)); - free(countsalt); - - return 0; -} diff --git a/Blink/Commands/openssh/blf.h b/Blink/Commands/openssh/blf.h deleted file mode 100644 index 1eeff8008..000000000 --- a/Blink/Commands/openssh/blf.h +++ /dev/null @@ -1,91 +0,0 @@ -/* $OpenBSD: blf.h,v 1.7 2007/03/14 17:59:41 grunk Exp $ */ -/* - * Blowfish - a fast block cipher designed by Bruce Schneier - * - * Copyright 1997 Niels Provos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Niels Provos. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _BLF_H_ -#define _BLF_H_ - -#include - -#if !defined(HAVE_BCRYPT_PBKDF) && !defined(HAVE_BLH_H) - -/* Schneier specifies a maximum key length of 56 bytes. - * This ensures that every key bit affects every cipher - * bit. However, the subkeys can hold up to 72 bytes. - * Warning: For normal blowfish encryption only 56 bytes - * of the key affect all cipherbits. - */ - -#define BLF_N 16 /* Number of Subkeys */ -#define BLF_MAXKEYLEN ((BLF_N-2)*4) /* 448 bits */ -#define BLF_MAXUTILIZED ((BLF_N+2)*4) /* 576 bits */ - -/* Blowfish context */ -typedef struct BlowfishContext { - uint32_t S[4][256]; /* S-Boxes */ - uint32_t P[BLF_N + 2]; /* Subkeys */ -} blf_ctx; - -/* Raw access to customized Blowfish - * blf_key is just: - * Blowfish_initstate( state ) - * Blowfish_expand0state( state, key, keylen ) - */ - -void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *); -void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *); -void Blowfish_initstate(blf_ctx *); -void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t); -void Blowfish_expandstate -(blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); - -/* Standard Blowfish */ - -void blf_key(blf_ctx *, const uint8_t *, uint16_t); -void blf_enc(blf_ctx *, uint32_t *, uint16_t); -void blf_dec(blf_ctx *, uint32_t *, uint16_t); - -void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t); -void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t); - -void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); -void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); - -/* Converts uint8_t to uint32_t */ -uint32_t Blowfish_stream2word(const uint8_t *, uint16_t , uint16_t *); - -int bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, - size_t saltlen, uint8_t *key, size_t keylen, unsigned int rounds); - -#endif /* !defined(HAVE_BCRYPT_PBKDF) && !defined(HAVE_BLH_H) */ -#endif /* _BLF_H */ - diff --git a/Blink/Commands/openssh/blink-compat.c b/Blink/Commands/openssh/blink-compat.c deleted file mode 100644 index 8e4c0d881..000000000 --- a/Blink/Commands/openssh/blink-compat.c +++ /dev/null @@ -1,85 +0,0 @@ -#include -#include -#include -#include - - -#include "blink-compat.h" - - -void -freezero(void *ptr, size_t sz) -{ - if (ptr == NULL) - return; - explicit_bzero(ptr, sz); - free(ptr); -} - -void -lowercase(char *s) -{ - for (; *s; s++) - *s = tolower((u_char)*s); -} - -long -convtime(const char *s) -{ - long total, secs, multiplier = 1; - const char *p; - char *endp; - - errno = 0; - total = 0; - p = s; - - if (p == NULL || *p == '\0') - return -1; - - while (*p) { - secs = strtol(p, &endp, 10); - if (p == endp || - (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) || - secs < 0) - return -1; - - switch (*endp++) { - case '\0': - endp--; - break; - case 's': - case 'S': - break; - case 'm': - case 'M': - multiplier = MINUTES; - break; - case 'h': - case 'H': - multiplier = HOURS; - break; - case 'd': - case 'D': - multiplier = DAYS; - break; - case 'w': - case 'W': - multiplier = WEEKS; - break; - default: - return -1; - } - if (secs >= LONG_MAX / multiplier) - return -1; - secs *= multiplier; - if (total >= LONG_MAX - secs) - return -1; - total += secs; - if (total < 0) - return -1; - p = endp; - } - - return total; -} diff --git a/Blink/Commands/openssh/blink-compat.h b/Blink/Commands/openssh/blink-compat.h deleted file mode 100644 index c9c4715b6..000000000 --- a/Blink/Commands/openssh/blink-compat.h +++ /dev/null @@ -1,85 +0,0 @@ -////////////////////////////////////////////////////////////////////////////////// -// -// B L I N K -// -// Copyright (C) 2016-2018 Blink Mobile Shell Project -// -// This file is part of Blink. -// -// Blink is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// Blink is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with Blink. If not, see . -// -// In addition, Blink is also subject to certain additional terms under -// GNU GPL version 3 section 7. -// -// You should have received a copy of these additional terms immediately -// following the terms and conditions of the GNU General Public License -// which accompanied the Blink Source Code. If not, see -// . -// -//////////////////////////////////////////////////////////////////////////////// - - -#ifndef blink_compat_h -#define blink_compat_h -#include -#include -#include -#include -#include -#include -#include "ios_error.h" - -#define fatal printf -#define verbose printf -#define error printf - - -#define debug printf -#define debug2 printf -#define debug3 printf - -#define explicit_bzero(data, len) memset_s(data, len, 0x0, len) - -#define xstrdup strdup - -#define SSH_LISTEN_BACKLOG 128 -#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK" -#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID" - -#define SECONDS 1 -#define MINUTES (SECONDS * 60) -#define HOURS (MINUTES * 60) -#define DAYS (HOURS * 24) -#define WEEKS (DAYS * 7) - - -/* readpass.c */ - -#define RP_ECHO 0x0001 -#define RP_ALLOW_STDIN 0x0002 -#define RP_ALLOW_EOF 0x0004 -#define RP_USE_ASKPASS 0x0008 - -char *read_passphrase(const char *, int); -int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); - -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) -#define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) -#define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) - -long convtime(const char *s); -void freezero(void *ptr, size_t sz); -void lowercase(char *s); - -#endif /* blink_compat_h */ diff --git a/Blink/Commands/openssh/chapoly/chacha.c b/Blink/Commands/openssh/chapoly/chacha.c deleted file mode 100644 index 74221ec6b..000000000 --- a/Blink/Commands/openssh/chapoly/chacha.c +++ /dev/null @@ -1,217 +0,0 @@ -/* -chacha-merged.c version 20080118 -D. J. Bernstein -Public domain. -*/ - -#include "chacha.h" - -/* $OpenBSD: chacha.c,v 1.1 2013/11/21 00:45:44 djm Exp $ */ - -typedef unsigned char u8; -typedef unsigned int u32; - -typedef struct chacha_ctx chacha_ctx; - -#define U8C(v) (v##U) -#define U32C(v) (v##U) - -#define U8V(v) ((u8)(v) & U8C(0xFF)) -#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF)) - -#define ROTL32(v, n) \ - (U32V((v) << (n)) | ((v) >> (32 - (n)))) - -#define U8TO32_LITTLE(p) \ - (((u32)((p)[0]) ) | \ - ((u32)((p)[1]) << 8) | \ - ((u32)((p)[2]) << 16) | \ - ((u32)((p)[3]) << 24)) - -#define U32TO8_LITTLE(p, v) \ - do { \ - (p)[0] = U8V((v) ); \ - (p)[1] = U8V((v) >> 8); \ - (p)[2] = U8V((v) >> 16); \ - (p)[3] = U8V((v) >> 24); \ - } while (0) - -#define ROTATE(v,c) (ROTL32(v,c)) -#define XOR(v,w) ((v) ^ (w)) -#define PLUS(v,w) (U32V((v) + (w))) -#define PLUSONE(v) (PLUS((v),1)) - -#define QUARTERROUND(a,b,c,d) \ - a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ - c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ - a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ - c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); - -static const char sigma[16] = "expand 32-byte k"; -static const char tau[16] = "expand 16-byte k"; - -void -chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits) -{ - const char *constants; - - x->input[4] = U8TO32_LITTLE(k + 0); - x->input[5] = U8TO32_LITTLE(k + 4); - x->input[6] = U8TO32_LITTLE(k + 8); - x->input[7] = U8TO32_LITTLE(k + 12); - if (kbits == 256) { /* recommended */ - k += 16; - constants = sigma; - } else { /* kbits == 128 */ - constants = tau; - } - x->input[8] = U8TO32_LITTLE(k + 0); - x->input[9] = U8TO32_LITTLE(k + 4); - x->input[10] = U8TO32_LITTLE(k + 8); - x->input[11] = U8TO32_LITTLE(k + 12); - x->input[0] = U8TO32_LITTLE(constants + 0); - x->input[1] = U8TO32_LITTLE(constants + 4); - x->input[2] = U8TO32_LITTLE(constants + 8); - x->input[3] = U8TO32_LITTLE(constants + 12); -} - -void -chacha_ivsetup(chacha_ctx *x, const u8 *iv, const u8 *counter) -{ - x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0); - x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4); - x->input[14] = U8TO32_LITTLE(iv + 0); - x->input[15] = U8TO32_LITTLE(iv + 4); -} - -void -chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u32 bytes) -{ - u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; - u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; - u8 *ctarget = NULL; - u8 tmp[64]; - u_int i; - - if (!bytes) return; - - j0 = x->input[0]; - j1 = x->input[1]; - j2 = x->input[2]; - j3 = x->input[3]; - j4 = x->input[4]; - j5 = x->input[5]; - j6 = x->input[6]; - j7 = x->input[7]; - j8 = x->input[8]; - j9 = x->input[9]; - j10 = x->input[10]; - j11 = x->input[11]; - j12 = x->input[12]; - j13 = x->input[13]; - j14 = x->input[14]; - j15 = x->input[15]; - - for (;;) { - if (bytes < 64) { - for (i = 0;i < bytes;++i) tmp[i] = m[i]; - m = tmp; - ctarget = c; - c = tmp; - } - x0 = j0; - x1 = j1; - x2 = j2; - x3 = j3; - x4 = j4; - x5 = j5; - x6 = j6; - x7 = j7; - x8 = j8; - x9 = j9; - x10 = j10; - x11 = j11; - x12 = j12; - x13 = j13; - x14 = j14; - x15 = j15; - for (i = 20;i > 0;i -= 2) { - QUARTERROUND( x0, x4, x8,x12) - QUARTERROUND( x1, x5, x9,x13) - QUARTERROUND( x2, x6,x10,x14) - QUARTERROUND( x3, x7,x11,x15) - QUARTERROUND( x0, x5,x10,x15) - QUARTERROUND( x1, x6,x11,x12) - QUARTERROUND( x2, x7, x8,x13) - QUARTERROUND( x3, x4, x9,x14) - } - x0 = PLUS(x0,j0); - x1 = PLUS(x1,j1); - x2 = PLUS(x2,j2); - x3 = PLUS(x3,j3); - x4 = PLUS(x4,j4); - x5 = PLUS(x5,j5); - x6 = PLUS(x6,j6); - x7 = PLUS(x7,j7); - x8 = PLUS(x8,j8); - x9 = PLUS(x9,j9); - x10 = PLUS(x10,j10); - x11 = PLUS(x11,j11); - x12 = PLUS(x12,j12); - x13 = PLUS(x13,j13); - x14 = PLUS(x14,j14); - x15 = PLUS(x15,j15); - - x0 = XOR(x0,U8TO32_LITTLE(m + 0)); - x1 = XOR(x1,U8TO32_LITTLE(m + 4)); - x2 = XOR(x2,U8TO32_LITTLE(m + 8)); - x3 = XOR(x3,U8TO32_LITTLE(m + 12)); - x4 = XOR(x4,U8TO32_LITTLE(m + 16)); - x5 = XOR(x5,U8TO32_LITTLE(m + 20)); - x6 = XOR(x6,U8TO32_LITTLE(m + 24)); - x7 = XOR(x7,U8TO32_LITTLE(m + 28)); - x8 = XOR(x8,U8TO32_LITTLE(m + 32)); - x9 = XOR(x9,U8TO32_LITTLE(m + 36)); - x10 = XOR(x10,U8TO32_LITTLE(m + 40)); - x11 = XOR(x11,U8TO32_LITTLE(m + 44)); - x12 = XOR(x12,U8TO32_LITTLE(m + 48)); - x13 = XOR(x13,U8TO32_LITTLE(m + 52)); - x14 = XOR(x14,U8TO32_LITTLE(m + 56)); - x15 = XOR(x15,U8TO32_LITTLE(m + 60)); - - j12 = PLUSONE(j12); - if (!j12) { - j13 = PLUSONE(j13); - /* stopping at 2^70 bytes per nonce is user's responsibility */ - } - - U32TO8_LITTLE(c + 0,x0); - U32TO8_LITTLE(c + 4,x1); - U32TO8_LITTLE(c + 8,x2); - U32TO8_LITTLE(c + 12,x3); - U32TO8_LITTLE(c + 16,x4); - U32TO8_LITTLE(c + 20,x5); - U32TO8_LITTLE(c + 24,x6); - U32TO8_LITTLE(c + 28,x7); - U32TO8_LITTLE(c + 32,x8); - U32TO8_LITTLE(c + 36,x9); - U32TO8_LITTLE(c + 40,x10); - U32TO8_LITTLE(c + 44,x11); - U32TO8_LITTLE(c + 48,x12); - U32TO8_LITTLE(c + 52,x13); - U32TO8_LITTLE(c + 56,x14); - U32TO8_LITTLE(c + 60,x15); - - if (bytes <= 64) { - if (bytes < 64) { - for (i = 0;i < bytes;++i) ctarget[i] = c[i]; - } - x->input[12] = j12; - x->input[13] = j13; - return; - } - bytes -= 64; - c += 64; - m += 64; - } -} diff --git a/Blink/Commands/openssh/chapoly/chacha.h b/Blink/Commands/openssh/chapoly/chacha.h deleted file mode 100644 index 762052565..000000000 --- a/Blink/Commands/openssh/chapoly/chacha.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: chacha.h,v 1.4 2016/08/27 04:04:56 guenther Exp $ */ - -/* -chacha-merged.c version 20080118 -D. J. Bernstein -Public domain. -*/ - -#ifndef CHACHA_H -#define CHACHA_H - -#include -#include - -struct chacha_ctx { - u_int input[16]; -}; - -#define CHACHA_MINKEYLEN 16 -#define CHACHA_NONCELEN 8 -#define CHACHA_CTRLEN 8 -#define CHACHA_STATELEN (CHACHA_NONCELEN+CHACHA_CTRLEN) -#define CHACHA_BLOCKLEN 64 - -void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) - __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN))); -void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) - __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN))) - __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN))); -void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, - u_char *c, u_int bytes) - __attribute__((__bounded__(__buffer__, 2, 4))) - __attribute__((__bounded__(__buffer__, 3, 4))); - -#endif /* CHACHA_H */ - diff --git a/Blink/Commands/openssh/chapoly/poly1305.c b/Blink/Commands/openssh/chapoly/poly1305.c deleted file mode 100644 index e6ed10c8a..000000000 --- a/Blink/Commands/openssh/chapoly/poly1305.c +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Public Domain poly1305 from Andrew Moon - * poly1305-donna-unrolled.c from https://github.com/floodyberry/poly1305-donna - */ - -/* $OpenBSD: poly1305.c,v 1.3 2013/12/19 22:57:13 djm Exp $ */ - - -#include -#include - -#include "poly1305.h" - -#define mul32x32_64(a,b) ((uint64_t)(a) * (b)) - -#define U8TO32_LE(p) \ - (((uint32_t)((p)[0])) | \ - ((uint32_t)((p)[1]) << 8) | \ - ((uint32_t)((p)[2]) << 16) | \ - ((uint32_t)((p)[3]) << 24)) - -#define U32TO8_LE(p, v) \ - do { \ - (p)[0] = (uint8_t)((v)); \ - (p)[1] = (uint8_t)((v) >> 8); \ - (p)[2] = (uint8_t)((v) >> 16); \ - (p)[3] = (uint8_t)((v) >> 24); \ - } while (0) - -void -poly1305_auth(unsigned char out[POLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) { - uint32_t t0,t1,t2,t3; - uint32_t h0,h1,h2,h3,h4; - uint32_t r0,r1,r2,r3,r4; - uint32_t s1,s2,s3,s4; - uint32_t b, nb; - size_t j; - uint64_t t[5]; - uint64_t f0,f1,f2,f3; - uint32_t g0,g1,g2,g3,g4; - uint64_t c; - unsigned char mp[16]; - - /* clamp key */ - t0 = U8TO32_LE(key+0); - t1 = U8TO32_LE(key+4); - t2 = U8TO32_LE(key+8); - t3 = U8TO32_LE(key+12); - - /* precompute multipliers */ - r0 = t0 & 0x3ffffff; t0 >>= 26; t0 |= t1 << 6; - r1 = t0 & 0x3ffff03; t1 >>= 20; t1 |= t2 << 12; - r2 = t1 & 0x3ffc0ff; t2 >>= 14; t2 |= t3 << 18; - r3 = t2 & 0x3f03fff; t3 >>= 8; - r4 = t3 & 0x00fffff; - - s1 = r1 * 5; - s2 = r2 * 5; - s3 = r3 * 5; - s4 = r4 * 5; - - /* init state */ - h0 = 0; - h1 = 0; - h2 = 0; - h3 = 0; - h4 = 0; - - /* full blocks */ - if (inlen < 16) goto poly1305_donna_atmost15bytes; -poly1305_donna_16bytes: - m += 16; - inlen -= 16; - - t0 = U8TO32_LE(m-16); - t1 = U8TO32_LE(m-12); - t2 = U8TO32_LE(m-8); - t3 = U8TO32_LE(m-4); - - h0 += t0 & 0x3ffffff; - h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - h4 += (t3 >> 8) | (1 << 24); - - -poly1305_donna_mul: - t[0] = mul32x32_64(h0,r0) + mul32x32_64(h1,s4) + mul32x32_64(h2,s3) + mul32x32_64(h3,s2) + mul32x32_64(h4,s1); - t[1] = mul32x32_64(h0,r1) + mul32x32_64(h1,r0) + mul32x32_64(h2,s4) + mul32x32_64(h3,s3) + mul32x32_64(h4,s2); - t[2] = mul32x32_64(h0,r2) + mul32x32_64(h1,r1) + mul32x32_64(h2,r0) + mul32x32_64(h3,s4) + mul32x32_64(h4,s3); - t[3] = mul32x32_64(h0,r3) + mul32x32_64(h1,r2) + mul32x32_64(h2,r1) + mul32x32_64(h3,r0) + mul32x32_64(h4,s4); - t[4] = mul32x32_64(h0,r4) + mul32x32_64(h1,r3) + mul32x32_64(h2,r2) + mul32x32_64(h3,r1) + mul32x32_64(h4,r0); - - h0 = (uint32_t)t[0] & 0x3ffffff; c = (t[0] >> 26); - t[1] += c; h1 = (uint32_t)t[1] & 0x3ffffff; b = (uint32_t)(t[1] >> 26); - t[2] += b; h2 = (uint32_t)t[2] & 0x3ffffff; b = (uint32_t)(t[2] >> 26); - t[3] += b; h3 = (uint32_t)t[3] & 0x3ffffff; b = (uint32_t)(t[3] >> 26); - t[4] += b; h4 = (uint32_t)t[4] & 0x3ffffff; b = (uint32_t)(t[4] >> 26); - h0 += b * 5; - - if (inlen >= 16) goto poly1305_donna_16bytes; - - /* final bytes */ -poly1305_donna_atmost15bytes: - if (!inlen) goto poly1305_donna_finish; - - for (j = 0; j < inlen; j++) mp[j] = m[j]; - mp[j++] = 1; - for (; j < 16; j++) mp[j] = 0; - inlen = 0; - - t0 = U8TO32_LE(mp+0); - t1 = U8TO32_LE(mp+4); - t2 = U8TO32_LE(mp+8); - t3 = U8TO32_LE(mp+12); - - h0 += t0 & 0x3ffffff; - h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - h4 += (t3 >> 8); - - goto poly1305_donna_mul; - -poly1305_donna_finish: - b = h0 >> 26; h0 = h0 & 0x3ffffff; - h1 += b; b = h1 >> 26; h1 = h1 & 0x3ffffff; - h2 += b; b = h2 >> 26; h2 = h2 & 0x3ffffff; - h3 += b; b = h3 >> 26; h3 = h3 & 0x3ffffff; - h4 += b; b = h4 >> 26; h4 = h4 & 0x3ffffff; - h0 += b * 5; b = h0 >> 26; h0 = h0 & 0x3ffffff; - h1 += b; - - g0 = h0 + 5; b = g0 >> 26; g0 &= 0x3ffffff; - g1 = h1 + b; b = g1 >> 26; g1 &= 0x3ffffff; - g2 = h2 + b; b = g2 >> 26; g2 &= 0x3ffffff; - g3 = h3 + b; b = g3 >> 26; g3 &= 0x3ffffff; - g4 = h4 + b - (1 << 26); - - b = (g4 >> 31) - 1; - nb = ~b; - h0 = (h0 & nb) | (g0 & b); - h1 = (h1 & nb) | (g1 & b); - h2 = (h2 & nb) | (g2 & b); - h3 = (h3 & nb) | (g3 & b); - h4 = (h4 & nb) | (g4 & b); - - f0 = ((h0 ) | (h1 << 26)) + (uint64_t)U8TO32_LE(&key[16]); - f1 = ((h1 >> 6) | (h2 << 20)) + (uint64_t)U8TO32_LE(&key[20]); - f2 = ((h2 >> 12) | (h3 << 14)) + (uint64_t)U8TO32_LE(&key[24]); - f3 = ((h3 >> 18) | (h4 << 8)) + (uint64_t)U8TO32_LE(&key[28]); - - U32TO8_LE(&out[ 0], f0); f1 += (f0 >> 32); - U32TO8_LE(&out[ 4], f1); f2 += (f1 >> 32); - U32TO8_LE(&out[ 8], f2); f3 += (f2 >> 32); - U32TO8_LE(&out[12], f3); -} diff --git a/Blink/Commands/openssh/chapoly/poly1305.h b/Blink/Commands/openssh/chapoly/poly1305.h deleted file mode 100644 index f7db5f8d7..000000000 --- a/Blink/Commands/openssh/chapoly/poly1305.h +++ /dev/null @@ -1,22 +0,0 @@ -/* $OpenBSD: poly1305.h,v 1.4 2014/05/02 03:27:54 djm Exp $ */ - -/* - * Public Domain poly1305 from Andrew Moon - * poly1305-donna-unrolled.c from https://github.com/floodyberry/poly1305-donna - */ - -#ifndef POLY1305_H -#define POLY1305_H - -#include - -#define POLY1305_KEYLEN 32 -#define POLY1305_TAGLEN 16 - -void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, - const u_char key[POLY1305_KEYLEN]) - __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) - __attribute__((__bounded__(__buffer__, 2, 3))) - __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); - -#endif /* POLY1305_H */ diff --git a/Blink/Commands/openssh/cipher.c b/Blink/Commands/openssh/cipher.c deleted file mode 100644 index 2b767b136..000000000 --- a/Blink/Commands/openssh/cipher.c +++ /dev/null @@ -1,841 +0,0 @@ -/* $OpenBSD: cipher.c,v 1.102 2016/08/03 05:41:57 djm Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * - * Copyright (c) 1999 Niels Provos. All rights reserved. - * Copyright (c) 1999, 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include - -#include -#include -#include - -#include "cipher.h" -/*#include "misc.h"*/ -#include "sshbuf.h" -#include "ssherr.h" -#include "digest.h" -#include "sshkey.h" - -/*#include "openbsd-compat/openssl-compat.h"*/ - -#define WITH_OPENSSL 1 -#define OPENSSL_HAVE_EVPGCM 1 -#define OPENSSL_HAVE_EVPCTR 1 - -#ifdef WITH_SSH1 -extern const EVP_CIPHER *evp_ssh1_bf(void); -extern const EVP_CIPHER *evp_ssh1_3des(void); -extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); -#endif - -static inline uint32_t -get_u32(const void *vp) -{ - const u_char *p = (const u_char *)vp; - uint32_t v; - - v = (uint32_t)p[0] << 24; - v |= (uint32_t)p[1] << 16; - v |= (uint32_t)p[2] << 8; - v |= (uint32_t)p[3]; - - return (v); -} - -struct sshcipher_ctx { - int plaintext; - int encrypt; - EVP_CIPHER_CTX *evp; - struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ - struct aesctr_ctx ac_ctx; /* XXX union with evp? */ - const struct sshcipher *cipher; -}; - -struct sshcipher { - char *name; - int number; /* for ssh1 only */ - u_int block_size; - u_int key_len; - u_int iv_len; /* defaults to block_size */ - u_int auth_len; - u_int discard_len; - u_int flags; -#define CFLAG_CBC (1<<0) -#define CFLAG_CHACHAPOLY (1<<1) -#define CFLAG_AESCTR (1<<2) -#define CFLAG_NONE (1<<3) -#ifdef WITH_OPENSSL - const EVP_CIPHER *(*evptype)(void); -#else - void *ignored; -#endif -}; - -static const struct sshcipher ciphers[] = { -#ifdef WITH_SSH1 - { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, -# ifndef OPENSSL_NO_BF - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, -# endif /* OPENSSL_NO_BF */ -#endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL - { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, -# ifndef OPENSSL_NO_BF - { "blowfish-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, -# endif /* OPENSSL_NO_BF */ -# ifndef OPENSSL_NO_CAST - { "cast128-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, -# endif /* OPENSSL_NO_CAST */ -# ifndef OPENSSL_NO_RC4 - { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, - { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, - { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, -# endif /* OPENSSL_NO_RC4 */ - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, - { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr }, -# ifdef OPENSSL_HAVE_EVPGCM - { "aes128-gcm", - SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, - { "aes256-gcm", - SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, -# endif /* OPENSSL_HAVE_EVPGCM */ -#else /* WITH_OPENSSL */ - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, CFLAG_NONE, NULL }, -#endif /* WITH_OPENSSL */ - { "chacha20-poly1305", - SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, - - { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL } -}; - -/*--*/ - -/* Returns a comma-separated list of supported ciphers. */ -char * -cipher_alg_list(char sep, int auth_only) -{ - char *tmp, *ret = NULL; - size_t nlen, rlen = 0; - const struct sshcipher *c; - - for (c = ciphers; c->name != NULL; c++) { - if (c->number != SSH_CIPHER_SSH2) - continue; - if (auth_only && c->auth_len == 0) - continue; - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(c->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, c->name, nlen + 1); - rlen += nlen; - } - return ret; -} - -u_int -cipher_blocksize(const struct sshcipher *c) -{ - return (c->block_size); -} - -u_int -cipher_keylen(const struct sshcipher *c) -{ - return (c->key_len); -} - -u_int -cipher_seclen(const struct sshcipher *c) -{ - if (strcmp("3des-cbc", c->name) == 0) - return 14; - return cipher_keylen(c); -} - -u_int -cipher_authlen(const struct sshcipher *c) -{ - return (c->auth_len); -} - -u_int -cipher_ivlen(const struct sshcipher *c) -{ - /* - * Default is cipher block size, except for chacha20+poly1305 that - * needs no IV. XXX make iv_len == -1 default? - */ - return (c->iv_len != 0 || (c->flags & CFLAG_CHACHAPOLY) != 0) ? - c->iv_len : c->block_size; -} - -u_int -cipher_get_number(const struct sshcipher *c) -{ - return (c->number); -} - -u_int -cipher_is_cbc(const struct sshcipher *c) -{ - return (c->flags & CFLAG_CBC) != 0; -} - -u_int -cipher_ctx_is_plaintext(struct sshcipher_ctx *cc) -{ - return cc->plaintext; -} - -u_int -cipher_ctx_get_number(struct sshcipher_ctx *cc) -{ - return cc->cipher->number; -} - -u_int -cipher_mask_ssh1(int client) -{ - u_int mask = 0; - mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ - mask |= 1 << SSH_CIPHER_BLOWFISH; - if (client) { - mask |= 1 << SSH_CIPHER_DES; - } - return mask; -} - -const struct sshcipher * -cipher_by_name(const char *name) -{ - const struct sshcipher *c; - for (c = ciphers; c->name != NULL; c++) - if (strcmp(c->name, name) == 0) - return c; - return NULL; -} - -const struct sshcipher * -cipher_by_number(int id) -{ - const struct sshcipher *c; - for (c = ciphers; c->name != NULL; c++) - if (c->number == id) - return c; - return NULL; -} - -#define CIPHER_SEP "," -int -ciphers_valid(const char *names) -{ - const struct sshcipher *c; - char *cipher_list, *cp; - char *p; - - if (names == NULL || strcmp(names, "") == 0) - return 0; - if ((cipher_list = cp = strdup(names)) == NULL) - return 0; - for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; - (p = strsep(&cp, CIPHER_SEP))) { - c = cipher_by_name(p); - if (c == NULL || c->number != SSH_CIPHER_SSH2) { - free(cipher_list); - return 0; - } - } - free(cipher_list); - return 1; -} - -/* - * Parses the name of the cipher. Returns the number of the corresponding - * cipher, or -1 on error. - */ - -int -cipher_number(const char *name) -{ - const struct sshcipher *c; - if (name == NULL) - return -1; - for (c = ciphers; c->name != NULL; c++) - if (strcasecmp(c->name, name) == 0) - return c->number; - return -1; -} - -char * -cipher_name(int id) -{ - const struct sshcipher *c = cipher_by_number(id); - return (c==NULL) ? "" : c->name; -} - -const char * -cipher_warning_message(const struct sshcipher_ctx *cc) -{ - if (cc == NULL || cc->cipher == NULL) - return NULL; - if (cc->cipher->number == SSH_CIPHER_DES) - return "use of DES is strongly discouraged due to " - "cryptographic weaknesses"; - return NULL; -} - -int -cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, - const u_char *key, u_int keylen, const u_char *iv, u_int ivlen, - int do_encrypt) -{ - struct sshcipher_ctx *cc = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; -#ifdef WITH_OPENSSL - const EVP_CIPHER *type; - int klen; - u_char *junk, *discard; -#endif - - *ccp = NULL; - if ((cc = calloc(sizeof(*cc), 1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - - if (cipher->number == SSH_CIPHER_DES) { - if (keylen > 8) - keylen = 8; - } - - cc->plaintext = (cipher->number == SSH_CIPHER_NONE); - cc->encrypt = do_encrypt; - - if (keylen < cipher->key_len || - (iv != NULL && ivlen < cipher_ivlen(cipher))) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - - cc->cipher = cipher; - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { - ret = chachapoly_init(&cc->cp_ctx, key, keylen); - goto out; - } -#ifndef WITH_OPENSSL - if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { - aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen); - aesctr_ivsetup(&cc->ac_ctx, iv); - ret = 0; - goto out; - } - if ((cc->cipher->flags & CFLAG_NONE) != 0) { - ret = 0; - goto out; - } - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; -#else /* WITH_OPENSSL */ - type = (*cipher->evptype)(); - if ((cc->evp = EVP_CIPHER_CTX_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, - (do_encrypt == CIPHER_ENCRYPT)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (cipher_authlen(cipher) && - !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, - -1, (u_char *)iv)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - klen = EVP_CIPHER_CTX_key_length(cc->evp); - if (klen > 0 && keylen != (u_int)klen) { - if (EVP_CIPHER_CTX_set_key_length(cc->evp, keylen) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - } - if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - if (cipher->discard_len > 0) { - if ((junk = malloc(cipher->discard_len)) == NULL || - (discard = malloc(cipher->discard_len)) == NULL) { - free(junk); - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - ret = EVP_Cipher(cc->evp, discard, junk, cipher->discard_len); - memset_s(discard, cipher->discard_len, 0x0, cipher->discard_len); -// explicit_bzero(discard, cipher->discard_len); - free(junk); - free(discard); - if (ret != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - } - ret = 0; -#endif /* WITH_OPENSSL */ - out: - if (ret == 0) { - /* success */ - *ccp = cc; - } else { - if (cc != NULL) { -#ifdef WITH_OPENSSL - if (cc->evp != NULL) - EVP_CIPHER_CTX_free(cc->evp); -#endif /* WITH_OPENSSL */ - memset_s(cc, sizeof(*cc), 0x0, sizeof(*cc)); -// explicit_bzero(cc, sizeof(*cc)); - free(cc); - } - } - return ret; -} - -/* - * cipher_crypt() operates as following: - * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'. - * Theses bytes are treated as additional authenticated data for - * authenticated encryption modes. - * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. - * Use 'authlen' bytes at offset 'len'+'aadlen' as the authentication tag. - * This tag is written on encryption and verified on decryption. - * Both 'aadlen' and 'authlen' can be set to 0. - */ -int -cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, - const u_char *src, u_int len, u_int aadlen, u_int authlen) -{ - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { - return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, - len, aadlen, authlen, cc->encrypt); - } -#ifndef WITH_OPENSSL - if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { - if (aadlen) - memcpy(dest, src, aadlen); - aesctr_encrypt_bytes(&cc->ac_ctx, src + aadlen, - dest + aadlen, len); - return 0; - } - if ((cc->cipher->flags & CFLAG_NONE) != 0) { - memcpy(dest, src, aadlen + len); - return 0; - } - return SSH_ERR_INVALID_ARGUMENT; -#else - if (authlen) { - u_char lastiv[1]; - - if (authlen != cipher_authlen(cc->cipher)) - return SSH_ERR_INVALID_ARGUMENT; - /* increment IV */ - if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, - 1, lastiv)) - return SSH_ERR_LIBCRYPTO_ERROR; - /* set tag on decyption */ - if (!cc->encrypt && - !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_TAG, - authlen, (u_char *)src + aadlen + len)) - return SSH_ERR_LIBCRYPTO_ERROR; - } - if (aadlen) { - if (authlen && - EVP_Cipher(cc->evp, NULL, (u_char *)src, aadlen) < 0) - return SSH_ERR_LIBCRYPTO_ERROR; - memcpy(dest, src, aadlen); - } - if (len % cc->cipher->block_size) - return SSH_ERR_INVALID_ARGUMENT; - if (EVP_Cipher(cc->evp, dest + aadlen, (u_char *)src + aadlen, - len) < 0) - return SSH_ERR_LIBCRYPTO_ERROR; - if (authlen) { - /* compute tag (on encrypt) or verify tag (on decrypt) */ - if (EVP_Cipher(cc->evp, NULL, NULL, 0) < 0) - return cc->encrypt ? - SSH_ERR_LIBCRYPTO_ERROR : SSH_ERR_MAC_INVALID; - if (cc->encrypt && - !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_GET_TAG, - authlen, dest + aadlen + len)) - return SSH_ERR_LIBCRYPTO_ERROR; - } - return 0; -#endif -} - -/* Extract the packet length, including any decryption necessary beforehand */ -int -cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, - const u_char *cp, u_int len) -{ - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - return chachapoly_get_length(&cc->cp_ctx, plenp, seqnr, - cp, len); - if (len < 4) - return SSH_ERR_MESSAGE_INCOMPLETE; - *plenp = get_u32(cp); - return 0; -} - -void -cipher_free(struct sshcipher_ctx *cc) -{ - if (cc == NULL) - return; - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { - memset_s(&cc->cp_ctx, sizeof(cc->cp_ctx), 0x0, sizeof(cc->cp_ctx)); - //explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); - } else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { - memset_s(&cc->ac_ctx, sizeof(cc->ac_ctx), 0x0, sizeof(cc->ac_ctx)); - //explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); - } -#ifdef WITH_OPENSSL - if (cc->evp != NULL) { - EVP_CIPHER_CTX_free(cc->evp); - cc->evp = NULL; - } -#endif - memset_s(cc, sizeof(*cc), 0x0, sizeof(*cc)); -// explicit_bzero(cc, sizeof(*cc)); - free(cc); -} - -/* - * Selects the cipher, and keys if by computing the MD5 checksum of the - * passphrase and using the resulting 16 bytes as the key. - */ -int -cipher_set_key_string(struct sshcipher_ctx **ccp, - const struct sshcipher *cipher, const char *passphrase, int do_encrypt) -{ - u_char digest[16]; - int r = SSH_ERR_INTERNAL_ERROR; - - if ((r = ssh_digest_memory(SSH_DIGEST_MD5, - passphrase, strlen(passphrase), - digest, sizeof(digest))) != 0) - goto out; - - r = cipher_init(ccp, cipher, digest, 16, NULL, 0, do_encrypt); - out: - memset_s(digest, sizeof(digest), 0x0, sizeof(digest)); -// explicit_bzero(digest, sizeof(digest)); - return r; -} - -/* - * Exports an IV from the sshcipher_ctx required to export the key - * state back from the unprivileged child to the privileged parent - * process. - */ -int -cipher_get_keyiv_len(const struct sshcipher_ctx *cc) -{ - const struct sshcipher *c = cc->cipher; - int ivlen = 0; - - if (c->number == SSH_CIPHER_3DES) - ivlen = 24; - else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - ivlen = 0; - else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) - ivlen = sizeof(cc->ac_ctx.ctr); -#ifdef WITH_OPENSSL - else - ivlen = EVP_CIPHER_CTX_iv_length(cc->evp); -#endif /* WITH_OPENSSL */ - return (ivlen); -} - -int -cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) -{ - const struct sshcipher *c = cc->cipher; -#ifdef WITH_OPENSSL - int evplen; -#endif - - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { - if (len != 0) - return SSH_ERR_INVALID_ARGUMENT; - return 0; - } - if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { - if (len != sizeof(cc->ac_ctx.ctr)) - return SSH_ERR_INVALID_ARGUMENT; - memcpy(iv, cc->ac_ctx.ctr, len); - return 0; - } - if ((cc->cipher->flags & CFLAG_NONE) != 0) - return 0; - - switch (c->number) { -#ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: - case SSH_CIPHER_DES: - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(cc->evp); - if (evplen == 0) - return 0; - else if (evplen < 0) - return SSH_ERR_LIBCRYPTO_ERROR; - if ((u_int)evplen != len) - return SSH_ERR_INVALID_ARGUMENT; -#ifndef OPENSSL_HAVE_EVPCTR - if (c->evptype == evp_aes_128_ctr) - ssh_aes_ctr_iv(cc->evp, 0, iv, len); - else -#endif - if (cipher_authlen(c)) { - if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, - len, iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else - memcpy(iv, cc->evp->iv, len); - break; -#endif -#ifdef WITH_SSH1 - case SSH_CIPHER_3DES: - return ssh1_3des_iv(cc->evp, 0, iv, 24); -#endif - default: - return SSH_ERR_INVALID_ARGUMENT; - } - return 0; -} - -int -cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) -{ - const struct sshcipher *c = cc->cipher; -#ifdef WITH_OPENSSL - int evplen = 0; -#endif - - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - return 0; - if ((cc->cipher->flags & CFLAG_NONE) != 0) - return 0; - - switch (c->number) { -#ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: - case SSH_CIPHER_DES: - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(cc->evp); - if (evplen <= 0) - return SSH_ERR_LIBCRYPTO_ERROR; -#ifndef OPENSSL_HAVE_EVPCTR - /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ - if (c->evptype == evp_aes_128_ctr) - ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); - else -#endif - if (cipher_authlen(c)) { - /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ - if (!EVP_CIPHER_CTX_ctrl(cc->evp, - EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else - memcpy(cc->evp->iv, iv, evplen); - break; -#endif -#ifdef WITH_SSH1 - case SSH_CIPHER_3DES: - return ssh1_3des_iv(cc->evp, 1, (u_char *)iv, 24); -#endif - default: - return SSH_ERR_INVALID_ARGUMENT; - } - return 0; -} - -#ifdef WITH_OPENSSL -#define EVP_X_STATE(evp) (evp)->cipher_data -#define EVP_X_STATE_LEN(evp) (evp)->cipher->ctx_size -#endif - -int -cipher_get_keycontext(const struct sshcipher_ctx *cc, u_char *dat) -{ -#if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_RC4) - const struct sshcipher *c = cc->cipher; - int plen = 0; - - if (c->evptype == EVP_rc4) { - plen = EVP_X_STATE_LEN(cc->evp); - if (dat == NULL) - return (plen); - memcpy(dat, EVP_X_STATE(cc->evp), plen); - } - return (plen); -#else - return 0; -#endif -} - -void -cipher_set_keycontext(struct sshcipher_ctx *cc, const u_char *dat) -{ -#if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_RC4) - const struct sshcipher *c = cc->cipher; - int plen; - - if (c->evptype == EVP_rc4) { - plen = EVP_X_STATE_LEN(cc->evp); - memcpy(EVP_X_STATE(cc->evp), dat, plen); - } -#endif -} - - -int -chachapoly_init(struct chachapoly_ctx *ctx, - const u_char *key, u_int keylen) -{ - if (keylen != (32 + 32)) /* 2 x 256 bit keys */ - return SSH_ERR_INVALID_ARGUMENT; - chacha_keysetup(&ctx->main_ctx, key, 256); - chacha_keysetup(&ctx->header_ctx, key + 32, 256); - return 0; -} - -/* - * chachapoly_crypt() operates as following: - * En/decrypt with header key 'aadlen' bytes from 'src', storing result - * to 'dest'. The ciphertext here is treated as additional authenticated - * data for MAC calculation. - * En/decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. Use - * POLY1305_TAGLEN bytes at offset 'len'+'aadlen' as the authentication - * tag. This tag is written on encryption and verified on decryption. - */ -int -chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, - const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) -{ - u_char seqbuf[8]; - const u_char one[8] = { 1, 0, 0, 0, 0, 0, 0, 0 }; /* NB little-endian */ - u_char expected_tag[POLY1305_TAGLEN], poly_key[POLY1305_KEYLEN]; - int r = SSH_ERR_INTERNAL_ERROR; - - /* - * Run ChaCha20 once to generate the Poly1305 key. The IV is the - * packet sequence number. - */ - memset(poly_key, 0, sizeof(poly_key)); - POKE_U64(seqbuf, seqnr); - chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); - chacha_encrypt_bytes(&ctx->main_ctx, - poly_key, poly_key, sizeof(poly_key)); - - /* If decrypting, check tag before anything else */ - if (!do_encrypt) { - const u_char *tag = src + aadlen + len; - - poly1305_auth(expected_tag, src, aadlen + len, poly_key); - if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) != 0) { - r = SSH_ERR_MAC_INVALID; - goto out; - } - } - - /* Crypt additional data */ - if (aadlen) { - chacha_ivsetup(&ctx->header_ctx, seqbuf, NULL); - chacha_encrypt_bytes(&ctx->header_ctx, src, dest, aadlen); - } - - /* Set Chacha's block counter to 1 */ - chacha_ivsetup(&ctx->main_ctx, seqbuf, one); - chacha_encrypt_bytes(&ctx->main_ctx, src + aadlen, - dest + aadlen, len); - - /* If encrypting, calculate and append tag */ - if (do_encrypt) { - poly1305_auth(dest + aadlen + len, dest, aadlen + len, - poly_key); - } - r = 0; - out: - memset_s(expected_tag, sizeof(expected_tag), 0x0, sizeof(expected_tag)); - //explicit_bzero(expected_tag, sizeof(expected_tag)); - memset_s(seqbuf, sizeof(seqbuf), 0x0, sizeof(seqbuf)); -// explicit_bzero(seqbuf, sizeof(seqbuf)); - memset_s(poly_key, sizeof(poly_key), 0x0, sizeof(poly_key)); -// explicit_bzero(poly_key, sizeof(poly_key)); - return r; -} - -/* Decrypt and extract the encrypted packet length */ -int -chachapoly_get_length(struct chachapoly_ctx *ctx, - u_int *plenp, u_int seqnr, const u_char *cp, u_int len) -{ - u_char buf[4], seqbuf[8]; - - if (len < 4) - return SSH_ERR_MESSAGE_INCOMPLETE; - POKE_U64(seqbuf, seqnr); - chacha_ivsetup(&ctx->header_ctx, seqbuf, NULL); - chacha_encrypt_bytes(&ctx->header_ctx, cp, buf, 4); - *plenp = PEEK_U32(buf); - return 0; -} diff --git a/Blink/Commands/openssh/cipher.h b/Blink/Commands/openssh/cipher.h deleted file mode 100644 index d574274b8..000000000 --- a/Blink/Commands/openssh/cipher.h +++ /dev/null @@ -1,143 +0,0 @@ -/* $OpenBSD: cipher.h,v 1.49 2016/08/03 05:41:57 djm Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef CIPHER_H -#define CIPHER_H - -#include -#include - -/*#include "cipher-chachapoly.h"*/ -#include "chapoly/chacha.h" -#include "chapoly/poly1305.h" - -#define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */ - -struct chachapoly_ctx { - struct chacha_ctx main_ctx, header_ctx; -}; - -int chachapoly_init(struct chachapoly_ctx *cpctx, - const u_char *key, u_int keylen) - __attribute__((__bounded__(__buffer__, 2, 3))); -int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, - u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, - int do_encrypt); -int chachapoly_get_length(struct chachapoly_ctx *cpctx, - u_int *plenp, u_int seqnr, const u_char *cp, u_int len) - __attribute__((__bounded__(__buffer__, 4, 5))); - -/*#include "cipher-aesctr.h"*/ -/*#include "rijndael.h"*/ -#define AES_MAXKEYBITS (256) -#define AES_MAXKEYBYTES (AES_MAXKEYBITS/8) -/* for 256-bit keys, fewer for less */ -#define AES_MAXROUNDS 14 - -typedef unsigned char u8; -typedef unsigned short u16; -typedef unsigned int u32; - -#define AES_BLOCK_SIZE 16 - -typedef struct aesctr_ctx { - int rounds; /* keylen-dependent #rounds */ - u32 ek[4*(AES_MAXROUNDS + 1)]; /* encrypt key schedule */ - u8 ctr[AES_BLOCK_SIZE]; /* counter */ -} aesctr_ctx; - -void aesctr_keysetup(aesctr_ctx *x,const u8 *k,u32 kbits,u32 ivbits); -void aesctr_ivsetup(aesctr_ctx *x,const u8 *iv); -void aesctr_encrypt_bytes(aesctr_ctx *x,const u8 *m,u8 *c,u32 bytes); - -/* - * Cipher types for SSH-1. New types can be added, but old types should not - * be removed for compatibility. The maximum allowed value is 31. - */ -#define SSH_CIPHER_SSH2 -3 -#define SSH_CIPHER_INVALID -2 /* No valid cipher selected. */ -#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ -#define SSH_CIPHER_NONE 0 /* no encryption */ -#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ -#define SSH_CIPHER_DES 2 /* DES CBC */ -#define SSH_CIPHER_3DES 3 /* 3DES CBC */ -#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ -#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ -#define SSH_CIPHER_BLOWFISH 6 -#define SSH_CIPHER_RESERVED 7 -#define SSH_CIPHER_MAX 31 - -#define CIPHER_ENCRYPT 1 -#define CIPHER_DECRYPT 0 - -struct sshcipher; -struct sshcipher_ctx; - -u_int cipher_mask_ssh1(int); -const struct sshcipher *cipher_by_name(const char *); -const struct sshcipher *cipher_by_number(int); -int cipher_number(const char *); -char *cipher_name(int); -const char *cipher_warning_message(const struct sshcipher_ctx *); -int ciphers_valid(const char *); -char *cipher_alg_list(char, int); -int cipher_init(struct sshcipher_ctx **, const struct sshcipher *, - const u_char *, u_int, const u_char *, u_int, int); -int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, - u_int, u_int, u_int); -int cipher_get_length(struct sshcipher_ctx *, u_int *, u_int, - const u_char *, u_int); -void cipher_free(struct sshcipher_ctx *); -int cipher_set_key_string(struct sshcipher_ctx **, - const struct sshcipher *, const char *, int); -u_int cipher_blocksize(const struct sshcipher *); -u_int cipher_keylen(const struct sshcipher *); -u_int cipher_seclen(const struct sshcipher *); -u_int cipher_authlen(const struct sshcipher *); -u_int cipher_ivlen(const struct sshcipher *); -u_int cipher_is_cbc(const struct sshcipher *); - -u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -u_int cipher_ctx_get_number(struct sshcipher_ctx *); - -u_int cipher_get_number(const struct sshcipher *); -int cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int); -int cipher_set_keyiv(struct sshcipher_ctx *, const u_char *); -int cipher_get_keyiv_len(const struct sshcipher_ctx *); -int cipher_get_keycontext(const struct sshcipher_ctx *, u_char *); -void cipher_set_keycontext(struct sshcipher_ctx *, const u_char *); - -#endif /* CIPHER_H */ diff --git a/Blink/Commands/openssh/crypto_api.h b/Blink/Commands/openssh/crypto_api.h deleted file mode 100644 index 0860dade2..000000000 --- a/Blink/Commands/openssh/crypto_api.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */ - -/* - * Assembled from generated headers and source files by Markus Friedl. - * Placed in the public domain. - */ - -#ifndef crypto_api_h -#define crypto_api_h - -//#include "includes.h" - -#ifdef HAVE_STDINT_H -# include -#endif -#include - -typedef int32_t crypto_int32; -typedef uint32_t crypto_uint32; - -#define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len)) - -#define crypto_hash_sha512_BYTES 64U - -int crypto_hash_sha512(unsigned char *, const unsigned char *, - unsigned long long); - -int crypto_verify_32(const unsigned char *, const unsigned char *); - -#define crypto_sign_ed25519_SECRETKEYBYTES 64U -#define crypto_sign_ed25519_PUBLICKEYBYTES 32U -#define crypto_sign_ed25519_BYTES 64U - -int crypto_sign_ed25519(unsigned char *, unsigned long long *, - const unsigned char *, unsigned long long, const unsigned char *); -int crypto_sign_ed25519_open(unsigned char *, unsigned long long *, - const unsigned char *, unsigned long long, const unsigned char *); -int crypto_sign_ed25519_keypair(unsigned char *, unsigned char *); - -#endif /* crypto_api_h */ diff --git a/Blink/Commands/openssh/digest-openssl.c b/Blink/Commands/openssh/digest-openssl.c deleted file mode 100644 index e54af5b36..000000000 --- a/Blink/Commands/openssh/digest-openssl.c +++ /dev/null @@ -1,192 +0,0 @@ -/* $OpenBSD: digest-openssl.c,v 1.5 2014/12/21 22:27:56 djm Exp $ */ -/* - * Copyright (c) 2013 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include - -#include - -/*#include "openbsd-compat/openssl-compat.h"*/ - -#include "sshbuf.h" -#include "digest.h" -#include "ssherr.h" - -struct ssh_digest_ctx { - int alg; - EVP_MD_CTX mdctx; -}; - -struct ssh_digest { - int id; - const char *name; - size_t digest_len; - const EVP_MD *(*mdfunc)(void); -}; - -/* NB. Indexed directly by algorithm number */ -const struct ssh_digest digests[] = { - { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, - { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, - { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, - { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, - { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, - { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, - { -1, NULL, 0, NULL }, -}; - -static const struct ssh_digest * -ssh_digest_by_alg(int alg) -{ - if (alg < 0 || alg >= SSH_DIGEST_MAX) - return NULL; - if (digests[alg].id != alg) /* sanity */ - return NULL; - if (digests[alg].mdfunc == NULL) - return NULL; - return &(digests[alg]); -} - -int -ssh_digest_alg_by_name(const char *name) -{ - int alg; - - for (alg = 0; digests[alg].id != -1; alg++) { - if (strcasecmp(name, digests[alg].name) == 0) - return digests[alg].id; - } - return -1; -} - -const char * -ssh_digest_alg_name(int alg) -{ - const struct ssh_digest *digest = ssh_digest_by_alg(alg); - - return digest == NULL ? NULL : digest->name; -} - -size_t -ssh_digest_bytes(int alg) -{ - const struct ssh_digest *digest = ssh_digest_by_alg(alg); - - return digest == NULL ? 0 : digest->digest_len; -} - -size_t -ssh_digest_blocksize(struct ssh_digest_ctx *ctx) -{ - return EVP_MD_CTX_block_size(&ctx->mdctx); -} - -struct ssh_digest_ctx * -ssh_digest_start(int alg) -{ - const struct ssh_digest *digest = ssh_digest_by_alg(alg); - struct ssh_digest_ctx *ret; - - if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) - return NULL; - ret->alg = alg; - EVP_MD_CTX_init(&ret->mdctx); - if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { - free(ret); - return NULL; - } - return ret; -} - -int -ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) -{ - if (from->alg != to->alg) - return SSH_ERR_INVALID_ARGUMENT; - /* we have bcopy-style order while openssl has memcpy-style */ - if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; -} - -int -ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) -{ - if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; -} - -int -ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const struct sshbuf *b) -{ - return ssh_digest_update(ctx, sshbuf_ptr(b), sshbuf_len(b)); -} - -int -ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) -{ - const struct ssh_digest *digest = ssh_digest_by_alg(ctx->alg); - u_int l = dlen; - - if (dlen > UINT_MAX) - return SSH_ERR_INVALID_ARGUMENT; - if (dlen < digest->digest_len) /* No truncation allowed */ - return SSH_ERR_INVALID_ARGUMENT; - if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - if (l != digest->digest_len) /* sanity */ - return SSH_ERR_INTERNAL_ERROR; - return 0; -} - -void -ssh_digest_free(struct ssh_digest_ctx *ctx) -{ - if (ctx != NULL) { - EVP_MD_CTX_cleanup(&ctx->mdctx); - memset_s(ctx, sizeof(*ctx), 0x0, sizeof(*ctx)); -// explicit_bzero(ctx, sizeof(*ctx)); - free(ctx); - } -} - -int -ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) -{ - const struct ssh_digest *digest = ssh_digest_by_alg(alg); - u_int mdlen; - - if (digest == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (dlen > UINT_MAX) - return SSH_ERR_INVALID_ARGUMENT; - if (dlen < digest->digest_len) - return SSH_ERR_INVALID_ARGUMENT; - mdlen = dlen; - if (!EVP_Digest(m, mlen, d, &mdlen, digest->mdfunc(), NULL)) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; -} - -int -ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen) -{ - return ssh_digest_memory(alg, sshbuf_ptr(b), sshbuf_len(b), d, dlen); -} diff --git a/Blink/Commands/openssh/digest.h b/Blink/Commands/openssh/digest.h deleted file mode 100644 index 3c6bab854..000000000 --- a/Blink/Commands/openssh/digest.h +++ /dev/null @@ -1,73 +0,0 @@ -/* $OpenBSD: digest.h,v 1.7 2014/12/21 22:27:56 djm Exp $ */ -/* - * Copyright (c) 2013 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _DIGEST_H -#define _DIGEST_H - -/* Maximum digest output length */ -#define SSH_DIGEST_MAX_LENGTH 64 - -/* Digest algorithms */ -enum sshdigest_types { - SSH_DIGEST_MD5 = 0, - SSH_DIGEST_RIPEMD160 = 1, - SSH_DIGEST_SHA1 = 2, - SSH_DIGEST_SHA256 = 3, - SSH_DIGEST_SHA384 = 4, - SSH_DIGEST_SHA512 = 5, - SSH_DIGEST_MAX -}; - -struct sshbuf; -struct ssh_digest_ctx; - -/* Looks up a digest algorithm by name */ -int ssh_digest_alg_by_name(const char *name); - -/* Returns the algorithm name for a digest identifier */ -const char *ssh_digest_alg_name(int alg); - -/* Returns the algorithm's digest length in bytes or 0 for invalid algorithm */ -size_t ssh_digest_bytes(int alg); - -/* Returns the block size of the digest, e.g. for implementing HMAC */ -size_t ssh_digest_blocksize(struct ssh_digest_ctx *ctx); - -/* Copies internal state of digest of 'from' to 'to' */ -int ssh_digest_copy_state(struct ssh_digest_ctx *from, - struct ssh_digest_ctx *to); - -/* One-shot API */ -int ssh_digest_memory(int alg, const void *m, size_t mlen, - u_char *d, size_t dlen) - __attribute__((__bounded__(__buffer__, 2, 3))) - __attribute__((__bounded__(__buffer__, 4, 5))); -int ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen) - __attribute__((__bounded__(__buffer__, 3, 4))); - -/* Update API */ -struct ssh_digest_ctx *ssh_digest_start(int alg); -int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) - __attribute__((__bounded__(__buffer__, 2, 3))); -int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, - const struct sshbuf *b); -int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) - __attribute__((__bounded__(__buffer__, 2, 3))); -void ssh_digest_free(struct ssh_digest_ctx *ctx); - -#endif /* _DIGEST_H */ - diff --git a/Blink/Commands/openssh/ed25519/blocks.c b/Blink/Commands/openssh/ed25519/blocks.c deleted file mode 100644 index ba569b00a..000000000 --- a/Blink/Commands/openssh/ed25519/blocks.c +++ /dev/null @@ -1,246 +0,0 @@ -/* $OpenBSD: blocks.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Author: Daniel J. Bernstein - * Copied from nacl-20110221/crypto_hashblocks/sha512/ref/blocks.c - */ - -#include "crypto_api.h" - -typedef unsigned long long uint64; - -static uint64 load_bigendian(const unsigned char *x) -{ - return - (uint64) (x[7]) \ - | (((uint64) (x[6])) << 8) \ - | (((uint64) (x[5])) << 16) \ - | (((uint64) (x[4])) << 24) \ - | (((uint64) (x[3])) << 32) \ - | (((uint64) (x[2])) << 40) \ - | (((uint64) (x[1])) << 48) \ - | (((uint64) (x[0])) << 56) - ; -} - -static void store_bigendian(unsigned char *x,uint64 u) -{ - x[7] = u; u >>= 8; - x[6] = u; u >>= 8; - x[5] = u; u >>= 8; - x[4] = u; u >>= 8; - x[3] = u; u >>= 8; - x[2] = u; u >>= 8; - x[1] = u; u >>= 8; - x[0] = u; -} - -#define SHR(x,c) ((x) >> (c)) -#define ROTR(x,c) (((x) >> (c)) | ((x) << (64 - (c)))) - -#define Ch(x,y,z) ((x & y) ^ (~x & z)) -#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z)) -#define Sigma0(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define Sigma1(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) -#define sigma0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x,7)) -#define sigma1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x,6)) - -#define M(w0,w14,w9,w1) w0 = sigma1(w14) + w9 + sigma0(w1) + w0; - -#define EXPAND \ - M(w0 ,w14,w9 ,w1 ) \ - M(w1 ,w15,w10,w2 ) \ - M(w2 ,w0 ,w11,w3 ) \ - M(w3 ,w1 ,w12,w4 ) \ - M(w4 ,w2 ,w13,w5 ) \ - M(w5 ,w3 ,w14,w6 ) \ - M(w6 ,w4 ,w15,w7 ) \ - M(w7 ,w5 ,w0 ,w8 ) \ - M(w8 ,w6 ,w1 ,w9 ) \ - M(w9 ,w7 ,w2 ,w10) \ - M(w10,w8 ,w3 ,w11) \ - M(w11,w9 ,w4 ,w12) \ - M(w12,w10,w5 ,w13) \ - M(w13,w11,w6 ,w14) \ - M(w14,w12,w7 ,w15) \ - M(w15,w13,w8 ,w0 ) - -#define F(w,k) \ - T1 = h + Sigma1(e) + Ch(e,f,g) + k + w; \ - T2 = Sigma0(a) + Maj(a,b,c); \ - h = g; \ - g = f; \ - f = e; \ - e = d + T1; \ - d = c; \ - c = b; \ - b = a; \ - a = T1 + T2; - -int crypto_hashblocks_sha512(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen) -{ - uint64 state[8]; - uint64 a; - uint64 b; - uint64 c; - uint64 d; - uint64 e; - uint64 f; - uint64 g; - uint64 h; - uint64 T1; - uint64 T2; - - a = load_bigendian(statebytes + 0); state[0] = a; - b = load_bigendian(statebytes + 8); state[1] = b; - c = load_bigendian(statebytes + 16); state[2] = c; - d = load_bigendian(statebytes + 24); state[3] = d; - e = load_bigendian(statebytes + 32); state[4] = e; - f = load_bigendian(statebytes + 40); state[5] = f; - g = load_bigendian(statebytes + 48); state[6] = g; - h = load_bigendian(statebytes + 56); state[7] = h; - - while (inlen >= 128) { - uint64 w0 = load_bigendian(in + 0); - uint64 w1 = load_bigendian(in + 8); - uint64 w2 = load_bigendian(in + 16); - uint64 w3 = load_bigendian(in + 24); - uint64 w4 = load_bigendian(in + 32); - uint64 w5 = load_bigendian(in + 40); - uint64 w6 = load_bigendian(in + 48); - uint64 w7 = load_bigendian(in + 56); - uint64 w8 = load_bigendian(in + 64); - uint64 w9 = load_bigendian(in + 72); - uint64 w10 = load_bigendian(in + 80); - uint64 w11 = load_bigendian(in + 88); - uint64 w12 = load_bigendian(in + 96); - uint64 w13 = load_bigendian(in + 104); - uint64 w14 = load_bigendian(in + 112); - uint64 w15 = load_bigendian(in + 120); - - F(w0 ,0x428a2f98d728ae22ULL) - F(w1 ,0x7137449123ef65cdULL) - F(w2 ,0xb5c0fbcfec4d3b2fULL) - F(w3 ,0xe9b5dba58189dbbcULL) - F(w4 ,0x3956c25bf348b538ULL) - F(w5 ,0x59f111f1b605d019ULL) - F(w6 ,0x923f82a4af194f9bULL) - F(w7 ,0xab1c5ed5da6d8118ULL) - F(w8 ,0xd807aa98a3030242ULL) - F(w9 ,0x12835b0145706fbeULL) - F(w10,0x243185be4ee4b28cULL) - F(w11,0x550c7dc3d5ffb4e2ULL) - F(w12,0x72be5d74f27b896fULL) - F(w13,0x80deb1fe3b1696b1ULL) - F(w14,0x9bdc06a725c71235ULL) - F(w15,0xc19bf174cf692694ULL) - - EXPAND - - F(w0 ,0xe49b69c19ef14ad2ULL) - F(w1 ,0xefbe4786384f25e3ULL) - F(w2 ,0x0fc19dc68b8cd5b5ULL) - F(w3 ,0x240ca1cc77ac9c65ULL) - F(w4 ,0x2de92c6f592b0275ULL) - F(w5 ,0x4a7484aa6ea6e483ULL) - F(w6 ,0x5cb0a9dcbd41fbd4ULL) - F(w7 ,0x76f988da831153b5ULL) - F(w8 ,0x983e5152ee66dfabULL) - F(w9 ,0xa831c66d2db43210ULL) - F(w10,0xb00327c898fb213fULL) - F(w11,0xbf597fc7beef0ee4ULL) - F(w12,0xc6e00bf33da88fc2ULL) - F(w13,0xd5a79147930aa725ULL) - F(w14,0x06ca6351e003826fULL) - F(w15,0x142929670a0e6e70ULL) - - EXPAND - - F(w0 ,0x27b70a8546d22ffcULL) - F(w1 ,0x2e1b21385c26c926ULL) - F(w2 ,0x4d2c6dfc5ac42aedULL) - F(w3 ,0x53380d139d95b3dfULL) - F(w4 ,0x650a73548baf63deULL) - F(w5 ,0x766a0abb3c77b2a8ULL) - F(w6 ,0x81c2c92e47edaee6ULL) - F(w7 ,0x92722c851482353bULL) - F(w8 ,0xa2bfe8a14cf10364ULL) - F(w9 ,0xa81a664bbc423001ULL) - F(w10,0xc24b8b70d0f89791ULL) - F(w11,0xc76c51a30654be30ULL) - F(w12,0xd192e819d6ef5218ULL) - F(w13,0xd69906245565a910ULL) - F(w14,0xf40e35855771202aULL) - F(w15,0x106aa07032bbd1b8ULL) - - EXPAND - - F(w0 ,0x19a4c116b8d2d0c8ULL) - F(w1 ,0x1e376c085141ab53ULL) - F(w2 ,0x2748774cdf8eeb99ULL) - F(w3 ,0x34b0bcb5e19b48a8ULL) - F(w4 ,0x391c0cb3c5c95a63ULL) - F(w5 ,0x4ed8aa4ae3418acbULL) - F(w6 ,0x5b9cca4f7763e373ULL) - F(w7 ,0x682e6ff3d6b2b8a3ULL) - F(w8 ,0x748f82ee5defb2fcULL) - F(w9 ,0x78a5636f43172f60ULL) - F(w10,0x84c87814a1f0ab72ULL) - F(w11,0x8cc702081a6439ecULL) - F(w12,0x90befffa23631e28ULL) - F(w13,0xa4506cebde82bde9ULL) - F(w14,0xbef9a3f7b2c67915ULL) - F(w15,0xc67178f2e372532bULL) - - EXPAND - - F(w0 ,0xca273eceea26619cULL) - F(w1 ,0xd186b8c721c0c207ULL) - F(w2 ,0xeada7dd6cde0eb1eULL) - F(w3 ,0xf57d4f7fee6ed178ULL) - F(w4 ,0x06f067aa72176fbaULL) - F(w5 ,0x0a637dc5a2c898a6ULL) - F(w6 ,0x113f9804bef90daeULL) - F(w7 ,0x1b710b35131c471bULL) - F(w8 ,0x28db77f523047d84ULL) - F(w9 ,0x32caab7b40c72493ULL) - F(w10,0x3c9ebe0a15c9bebcULL) - F(w11,0x431d67c49c100d4cULL) - F(w12,0x4cc5d4becb3e42b6ULL) - F(w13,0x597f299cfc657e2aULL) - F(w14,0x5fcb6fab3ad6faecULL) - F(w15,0x6c44198c4a475817ULL) - - a += state[0]; - b += state[1]; - c += state[2]; - d += state[3]; - e += state[4]; - f += state[5]; - g += state[6]; - h += state[7]; - - state[0] = a; - state[1] = b; - state[2] = c; - state[3] = d; - state[4] = e; - state[5] = f; - state[6] = g; - state[7] = h; - - in += 128; - inlen -= 128; - } - - store_bigendian(statebytes + 0,state[0]); - store_bigendian(statebytes + 8,state[1]); - store_bigendian(statebytes + 16,state[2]); - store_bigendian(statebytes + 24,state[3]); - store_bigendian(statebytes + 32,state[4]); - store_bigendian(statebytes + 40,state[5]); - store_bigendian(statebytes + 48,state[6]); - store_bigendian(statebytes + 56,state[7]); - - return inlen; -} diff --git a/Blink/Commands/openssh/ed25519/crypto_api.h b/Blink/Commands/openssh/ed25519/crypto_api.h deleted file mode 100644 index db6940ab9..000000000 --- a/Blink/Commands/openssh/ed25519/crypto_api.h +++ /dev/null @@ -1,46 +0,0 @@ -/* $OpenBSD: crypto_api.h,v 1.3 2013/12/17 10:36:38 markus Exp $ */ - -/* - * Assembled from generated headers and source files by Markus Friedl. - * Placed in the public domain. - */ - -#ifndef crypto_api_h -#define crypto_api_h - -#include -#include - -typedef int32_t crypto_int32; -typedef uint32_t crypto_uint32; - -uint32_t arc4random(void); -void arc4random_buf(void *_buf, size_t n); -uint32_t arc4random_uniform(uint32_t upper_bound); - -#define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len)) - -#define crypto_hashblocks_sha512_STATEBYTES 64U -#define crypto_hashblocks_sha512_BLOCKBYTES 128U - -int crypto_hashblocks_sha512(unsigned char *, const unsigned char *, - unsigned long long); - -#define crypto_hash_sha512_BYTES 64U - -int crypto_hash_sha512(unsigned char *, const unsigned char *, - unsigned long long); - -int crypto_verify_32(const unsigned char *, const unsigned char *); - -#define crypto_sign_ed25519_SECRETKEYBYTES 64U -#define crypto_sign_ed25519_PUBLICKEYBYTES 32U -#define crypto_sign_ed25519_BYTES 64U - -int crypto_sign_ed25519(unsigned char *, unsigned long long *, - const unsigned char *, unsigned long long, const unsigned char *); -int crypto_sign_ed25519_open(unsigned char *, unsigned long long *, - const unsigned char *, unsigned long long, const unsigned char *); -int crypto_sign_ed25519_keypair(unsigned char *, unsigned char *); - -#endif /* crypto_api_h */ diff --git a/Blink/Commands/openssh/ed25519/ed25519.c b/Blink/Commands/openssh/ed25519/ed25519.c deleted file mode 100644 index 1bde1587e..000000000 --- a/Blink/Commands/openssh/ed25519/ed25519.c +++ /dev/null @@ -1,144 +0,0 @@ -/* $OpenBSD: ed25519.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/ed25519.c - */ - -//#include "includes.h" -#include "crypto_api.h" - -#include "ge25519.h" - -static void get_hram(unsigned char *hram, const unsigned char *sm, const unsigned char *pk, unsigned char *playground, unsigned long long smlen) -{ - unsigned long long i; - - for (i = 0;i < 32;++i) playground[i] = sm[i]; - for (i = 32;i < 64;++i) playground[i] = pk[i-32]; - for (i = 64;i < smlen;++i) playground[i] = sm[i]; - - crypto_hash_sha512(hram,playground,smlen); -} - - -int crypto_sign_ed25519_keypair( - unsigned char *pk, - unsigned char *sk - ) -{ - sc25519 scsk; - ge25519 gepk; - unsigned char extsk[64]; - int i; - - randombytes(sk, 32); - crypto_hash_sha512(extsk, sk, 32); - extsk[0] &= 248; - extsk[31] &= 127; - extsk[31] |= 64; - - sc25519_from32bytes(&scsk,extsk); - - ge25519_scalarmult_base(&gepk, &scsk); - ge25519_pack(pk, &gepk); - for(i=0;i<32;i++) - sk[32 + i] = pk[i]; - return 0; -} - -int crypto_sign_ed25519( - unsigned char *sm,unsigned long long *smlen, - const unsigned char *m,unsigned long long mlen, - const unsigned char *sk - ) -{ - sc25519 sck, scs, scsk; - ge25519 ger; - unsigned char r[32]; - unsigned char s[32]; - unsigned char extsk[64]; - unsigned long long i; - unsigned char hmg[crypto_hash_sha512_BYTES]; - unsigned char hram[crypto_hash_sha512_BYTES]; - - crypto_hash_sha512(extsk, sk, 32); - extsk[0] &= 248; - extsk[31] &= 127; - extsk[31] |= 64; - - *smlen = mlen+64; - for(i=0;i>= 31; /* 1: yes; 0: no */ - return x; -} - -static crypto_uint32 ge(crypto_uint32 a,crypto_uint32 b) /* 16-bit inputs */ -{ - unsigned int x = a; - x -= (unsigned int) b; /* 0..65535: yes; 4294901761..4294967295: no */ - x >>= 31; /* 0: yes; 1: no */ - x ^= 1; /* 1: yes; 0: no */ - return x; -} - -static crypto_uint32 times19(crypto_uint32 a) -{ - return (a << 4) + (a << 1) + a; -} - -static crypto_uint32 times38(crypto_uint32 a) -{ - return (a << 5) + (a << 2) + (a << 1); -} - -static void reduce_add_sub(fe25519 *r) -{ - crypto_uint32 t; - int i,rep; - - for(rep=0;rep<4;rep++) - { - t = r->v[31] >> 7; - r->v[31] &= 127; - t = times19(t); - r->v[0] += t; - for(i=0;i<31;i++) - { - t = r->v[i] >> 8; - r->v[i+1] += t; - r->v[i] &= 255; - } - } -} - -static void reduce_mul(fe25519 *r) -{ - crypto_uint32 t; - int i,rep; - - for(rep=0;rep<2;rep++) - { - t = r->v[31] >> 7; - r->v[31] &= 127; - t = times19(t); - r->v[0] += t; - for(i=0;i<31;i++) - { - t = r->v[i] >> 8; - r->v[i+1] += t; - r->v[i] &= 255; - } - } -} - -/* reduction modulo 2^255-19 */ -void fe25519_freeze(fe25519 *r) -{ - int i; - crypto_uint32 m = equal(r->v[31],127); - for(i=30;i>0;i--) - m &= equal(r->v[i],255); - m &= ge(r->v[0],237); - - m = -m; - - r->v[31] -= m&127; - for(i=30;i>0;i--) - r->v[i] -= m&255; - r->v[0] -= m&237; -} - -void fe25519_unpack(fe25519 *r, const unsigned char x[32]) -{ - int i; - for(i=0;i<32;i++) r->v[i] = x[i]; - r->v[31] &= 127; -} - -/* Assumes input x being reduced below 2^255 */ -void fe25519_pack(unsigned char r[32], const fe25519 *x) -{ - int i; - fe25519 y = *x; - fe25519_freeze(&y); - for(i=0;i<32;i++) - r[i] = y.v[i]; -} - -int fe25519_iszero(const fe25519 *x) -{ - int i; - int r; - fe25519 t = *x; - fe25519_freeze(&t); - r = equal(t.v[0],0); - for(i=1;i<32;i++) - r &= equal(t.v[i],0); - return r; -} - -int fe25519_iseq_vartime(const fe25519 *x, const fe25519 *y) -{ - int i; - fe25519 t1 = *x; - fe25519 t2 = *y; - fe25519_freeze(&t1); - fe25519_freeze(&t2); - for(i=0;i<32;i++) - if(t1.v[i] != t2.v[i]) return 0; - return 1; -} - -void fe25519_cmov(fe25519 *r, const fe25519 *x, unsigned char b) -{ - int i; - crypto_uint32 mask = b; - mask = -mask; - for(i=0;i<32;i++) r->v[i] ^= mask & (x->v[i] ^ r->v[i]); -} - -unsigned char fe25519_getparity(const fe25519 *x) -{ - fe25519 t = *x; - fe25519_freeze(&t); - return t.v[0] & 1; -} - -void fe25519_setone(fe25519 *r) -{ - int i; - r->v[0] = 1; - for(i=1;i<32;i++) r->v[i]=0; -} - -void fe25519_setzero(fe25519 *r) -{ - int i; - for(i=0;i<32;i++) r->v[i]=0; -} - -void fe25519_neg(fe25519 *r, const fe25519 *x) -{ - fe25519 t; - int i; - for(i=0;i<32;i++) t.v[i]=x->v[i]; - fe25519_setzero(r); - fe25519_sub(r, r, &t); -} - -void fe25519_add(fe25519 *r, const fe25519 *x, const fe25519 *y) -{ - int i; - for(i=0;i<32;i++) r->v[i] = x->v[i] + y->v[i]; - reduce_add_sub(r); -} - -void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y) -{ - int i; - crypto_uint32 t[32]; - t[0] = x->v[0] + 0x1da; - t[31] = x->v[31] + 0xfe; - for(i=1;i<31;i++) t[i] = x->v[i] + 0x1fe; - for(i=0;i<32;i++) r->v[i] = t[i] - y->v[i]; - reduce_add_sub(r); -} - -void fe25519_mul(fe25519 *r, const fe25519 *x, const fe25519 *y) -{ - int i,j; - crypto_uint32 t[63]; - for(i=0;i<63;i++)t[i] = 0; - - for(i=0;i<32;i++) - for(j=0;j<32;j++) - t[i+j] += x->v[i] * y->v[j]; - - for(i=32;i<63;i++) - r->v[i-32] = t[i-32] + times38(t[i]); - r->v[31] = t[31]; /* result now in r[0]...r[31] */ - - reduce_mul(r); -} - -void fe25519_square(fe25519 *r, const fe25519 *x) -{ - fe25519_mul(r, x, x); -} - -void fe25519_invert(fe25519 *r, const fe25519 *x) -{ - fe25519 z2; - fe25519 z9; - fe25519 z11; - fe25519 z2_5_0; - fe25519 z2_10_0; - fe25519 z2_20_0; - fe25519 z2_50_0; - fe25519 z2_100_0; - fe25519 t0; - fe25519 t1; - int i; - - /* 2 */ fe25519_square(&z2,x); - /* 4 */ fe25519_square(&t1,&z2); - /* 8 */ fe25519_square(&t0,&t1); - /* 9 */ fe25519_mul(&z9,&t0,x); - /* 11 */ fe25519_mul(&z11,&z9,&z2); - /* 22 */ fe25519_square(&t0,&z11); - /* 2^5 - 2^0 = 31 */ fe25519_mul(&z2_5_0,&t0,&z9); - - /* 2^6 - 2^1 */ fe25519_square(&t0,&z2_5_0); - /* 2^7 - 2^2 */ fe25519_square(&t1,&t0); - /* 2^8 - 2^3 */ fe25519_square(&t0,&t1); - /* 2^9 - 2^4 */ fe25519_square(&t1,&t0); - /* 2^10 - 2^5 */ fe25519_square(&t0,&t1); - /* 2^10 - 2^0 */ fe25519_mul(&z2_10_0,&t0,&z2_5_0); - - /* 2^11 - 2^1 */ fe25519_square(&t0,&z2_10_0); - /* 2^12 - 2^2 */ fe25519_square(&t1,&t0); - /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { fe25519_square(&t0,&t1); fe25519_square(&t1,&t0); } - /* 2^20 - 2^0 */ fe25519_mul(&z2_20_0,&t1,&z2_10_0); - - /* 2^21 - 2^1 */ fe25519_square(&t0,&z2_20_0); - /* 2^22 - 2^2 */ fe25519_square(&t1,&t0); - /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { fe25519_square(&t0,&t1); fe25519_square(&t1,&t0); } - /* 2^40 - 2^0 */ fe25519_mul(&t0,&t1,&z2_20_0); - - /* 2^41 - 2^1 */ fe25519_square(&t1,&t0); - /* 2^42 - 2^2 */ fe25519_square(&t0,&t1); - /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { fe25519_square(&t1,&t0); fe25519_square(&t0,&t1); } - /* 2^50 - 2^0 */ fe25519_mul(&z2_50_0,&t0,&z2_10_0); - - /* 2^51 - 2^1 */ fe25519_square(&t0,&z2_50_0); - /* 2^52 - 2^2 */ fe25519_square(&t1,&t0); - /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { fe25519_square(&t0,&t1); fe25519_square(&t1,&t0); } - /* 2^100 - 2^0 */ fe25519_mul(&z2_100_0,&t1,&z2_50_0); - - /* 2^101 - 2^1 */ fe25519_square(&t1,&z2_100_0); - /* 2^102 - 2^2 */ fe25519_square(&t0,&t1); - /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { fe25519_square(&t1,&t0); fe25519_square(&t0,&t1); } - /* 2^200 - 2^0 */ fe25519_mul(&t1,&t0,&z2_100_0); - - /* 2^201 - 2^1 */ fe25519_square(&t0,&t1); - /* 2^202 - 2^2 */ fe25519_square(&t1,&t0); - /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { fe25519_square(&t0,&t1); fe25519_square(&t1,&t0); } - /* 2^250 - 2^0 */ fe25519_mul(&t0,&t1,&z2_50_0); - - /* 2^251 - 2^1 */ fe25519_square(&t1,&t0); - /* 2^252 - 2^2 */ fe25519_square(&t0,&t1); - /* 2^253 - 2^3 */ fe25519_square(&t1,&t0); - /* 2^254 - 2^4 */ fe25519_square(&t0,&t1); - /* 2^255 - 2^5 */ fe25519_square(&t1,&t0); - /* 2^255 - 21 */ fe25519_mul(r,&t1,&z11); -} - -void fe25519_pow2523(fe25519 *r, const fe25519 *x) -{ - fe25519 z2; - fe25519 z9; - fe25519 z11; - fe25519 z2_5_0; - fe25519 z2_10_0; - fe25519 z2_20_0; - fe25519 z2_50_0; - fe25519 z2_100_0; - fe25519 t; - int i; - - /* 2 */ fe25519_square(&z2,x); - /* 4 */ fe25519_square(&t,&z2); - /* 8 */ fe25519_square(&t,&t); - /* 9 */ fe25519_mul(&z9,&t,x); - /* 11 */ fe25519_mul(&z11,&z9,&z2); - /* 22 */ fe25519_square(&t,&z11); - /* 2^5 - 2^0 = 31 */ fe25519_mul(&z2_5_0,&t,&z9); - - /* 2^6 - 2^1 */ fe25519_square(&t,&z2_5_0); - /* 2^10 - 2^5 */ for (i = 1;i < 5;i++) { fe25519_square(&t,&t); } - /* 2^10 - 2^0 */ fe25519_mul(&z2_10_0,&t,&z2_5_0); - - /* 2^11 - 2^1 */ fe25519_square(&t,&z2_10_0); - /* 2^20 - 2^10 */ for (i = 1;i < 10;i++) { fe25519_square(&t,&t); } - /* 2^20 - 2^0 */ fe25519_mul(&z2_20_0,&t,&z2_10_0); - - /* 2^21 - 2^1 */ fe25519_square(&t,&z2_20_0); - /* 2^40 - 2^20 */ for (i = 1;i < 20;i++) { fe25519_square(&t,&t); } - /* 2^40 - 2^0 */ fe25519_mul(&t,&t,&z2_20_0); - - /* 2^41 - 2^1 */ fe25519_square(&t,&t); - /* 2^50 - 2^10 */ for (i = 1;i < 10;i++) { fe25519_square(&t,&t); } - /* 2^50 - 2^0 */ fe25519_mul(&z2_50_0,&t,&z2_10_0); - - /* 2^51 - 2^1 */ fe25519_square(&t,&z2_50_0); - /* 2^100 - 2^50 */ for (i = 1;i < 50;i++) { fe25519_square(&t,&t); } - /* 2^100 - 2^0 */ fe25519_mul(&z2_100_0,&t,&z2_50_0); - - /* 2^101 - 2^1 */ fe25519_square(&t,&z2_100_0); - /* 2^200 - 2^100 */ for (i = 1;i < 100;i++) { fe25519_square(&t,&t); } - /* 2^200 - 2^0 */ fe25519_mul(&t,&t,&z2_100_0); - - /* 2^201 - 2^1 */ fe25519_square(&t,&t); - /* 2^250 - 2^50 */ for (i = 1;i < 50;i++) { fe25519_square(&t,&t); } - /* 2^250 - 2^0 */ fe25519_mul(&t,&t,&z2_50_0); - - /* 2^251 - 2^1 */ fe25519_square(&t,&t); - /* 2^252 - 2^2 */ fe25519_square(&t,&t); - /* 2^252 - 3 */ fe25519_mul(r,&t,x); -} diff --git a/Blink/Commands/openssh/ed25519/fe25519.h b/Blink/Commands/openssh/ed25519/fe25519.h deleted file mode 100644 index 41b3cbb49..000000000 --- a/Blink/Commands/openssh/ed25519/fe25519.h +++ /dev/null @@ -1,70 +0,0 @@ -/* $OpenBSD: fe25519.h,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.h - */ - -#ifndef FE25519_H -#define FE25519_H - -#include "crypto_api.h" - -#define fe25519 crypto_sign_ed25519_ref_fe25519 -#define fe25519_freeze crypto_sign_ed25519_ref_fe25519_freeze -#define fe25519_unpack crypto_sign_ed25519_ref_fe25519_unpack -#define fe25519_pack crypto_sign_ed25519_ref_fe25519_pack -#define fe25519_iszero crypto_sign_ed25519_ref_fe25519_iszero -#define fe25519_iseq_vartime crypto_sign_ed25519_ref_fe25519_iseq_vartime -#define fe25519_cmov crypto_sign_ed25519_ref_fe25519_cmov -#define fe25519_setone crypto_sign_ed25519_ref_fe25519_setone -#define fe25519_setzero crypto_sign_ed25519_ref_fe25519_setzero -#define fe25519_neg crypto_sign_ed25519_ref_fe25519_neg -#define fe25519_getparity crypto_sign_ed25519_ref_fe25519_getparity -#define fe25519_add crypto_sign_ed25519_ref_fe25519_add -#define fe25519_sub crypto_sign_ed25519_ref_fe25519_sub -#define fe25519_mul crypto_sign_ed25519_ref_fe25519_mul -#define fe25519_square crypto_sign_ed25519_ref_fe25519_square -#define fe25519_invert crypto_sign_ed25519_ref_fe25519_invert -#define fe25519_pow2523 crypto_sign_ed25519_ref_fe25519_pow2523 - -typedef struct -{ - crypto_uint32 v[32]; -} -fe25519; - -void fe25519_freeze(fe25519 *r); - -void fe25519_unpack(fe25519 *r, const unsigned char x[32]); - -void fe25519_pack(unsigned char r[32], const fe25519 *x); - -int fe25519_iszero(const fe25519 *x); - -int fe25519_iseq_vartime(const fe25519 *x, const fe25519 *y); - -void fe25519_cmov(fe25519 *r, const fe25519 *x, unsigned char b); - -void fe25519_setone(fe25519 *r); - -void fe25519_setzero(fe25519 *r); - -void fe25519_neg(fe25519 *r, const fe25519 *x); - -unsigned char fe25519_getparity(const fe25519 *x); - -void fe25519_add(fe25519 *r, const fe25519 *x, const fe25519 *y); - -void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y); - -void fe25519_mul(fe25519 *r, const fe25519 *x, const fe25519 *y); - -void fe25519_square(fe25519 *r, const fe25519 *x); - -void fe25519_invert(fe25519 *r, const fe25519 *x); - -void fe25519_pow2523(fe25519 *r, const fe25519 *x); - -#endif diff --git a/Blink/Commands/openssh/ed25519/ge25519.c b/Blink/Commands/openssh/ed25519/ge25519.c deleted file mode 100644 index 2ce29d0e7..000000000 --- a/Blink/Commands/openssh/ed25519/ge25519.c +++ /dev/null @@ -1,319 +0,0 @@ -/* $OpenBSD: ge25519.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.c - */ - -#include "fe25519.h" -#include "sc25519.h" -#include "ge25519.h" - -/* - * Arithmetic on the twisted Edwards curve -x^2 + y^2 = 1 + dx^2y^2 - * with d = -(121665/121666) = 37095705934669439343138083508754565189542113879843219016388785533085940283555 - * Base point: (15112221349535400772501151409588531511454012693041857206046113283949847762202,46316835694926478169428394003475163141307993866256225615783033603165251855960); - */ - -/* d */ -static const fe25519 ge25519_ecd = {{0xA3, 0x78, 0x59, 0x13, 0xCA, 0x4D, 0xEB, 0x75, 0xAB, 0xD8, 0x41, 0x41, 0x4D, 0x0A, 0x70, 0x00, - 0x98, 0xE8, 0x79, 0x77, 0x79, 0x40, 0xC7, 0x8C, 0x73, 0xFE, 0x6F, 0x2B, 0xEE, 0x6C, 0x03, 0x52}}; -/* 2*d */ -static const fe25519 ge25519_ec2d = {{0x59, 0xF1, 0xB2, 0x26, 0x94, 0x9B, 0xD6, 0xEB, 0x56, 0xB1, 0x83, 0x82, 0x9A, 0x14, 0xE0, 0x00, - 0x30, 0xD1, 0xF3, 0xEE, 0xF2, 0x80, 0x8E, 0x19, 0xE7, 0xFC, 0xDF, 0x56, 0xDC, 0xD9, 0x06, 0x24}}; -/* sqrt(-1) */ -static const fe25519 ge25519_sqrtm1 = {{0xB0, 0xA0, 0x0E, 0x4A, 0x27, 0x1B, 0xEE, 0xC4, 0x78, 0xE4, 0x2F, 0xAD, 0x06, 0x18, 0x43, 0x2F, - 0xA7, 0xD7, 0xFB, 0x3D, 0x99, 0x00, 0x4D, 0x2B, 0x0B, 0xDF, 0xC1, 0x4F, 0x80, 0x24, 0x83, 0x2B}}; - -#define ge25519_p3 ge25519 - -typedef struct -{ - fe25519 x; - fe25519 z; - fe25519 y; - fe25519 t; -} ge25519_p1p1; - -typedef struct -{ - fe25519 x; - fe25519 y; - fe25519 z; -} ge25519_p2; - -typedef struct -{ - fe25519 x; - fe25519 y; -} ge25519_aff; - - -/* Packed coordinates of the base point */ -const ge25519 ge25519_base = {{{0x1A, 0xD5, 0x25, 0x8F, 0x60, 0x2D, 0x56, 0xC9, 0xB2, 0xA7, 0x25, 0x95, 0x60, 0xC7, 0x2C, 0x69, - 0x5C, 0xDC, 0xD6, 0xFD, 0x31, 0xE2, 0xA4, 0xC0, 0xFE, 0x53, 0x6E, 0xCD, 0xD3, 0x36, 0x69, 0x21}}, - {{0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0xA3, 0xDD, 0xB7, 0xA5, 0xB3, 0x8A, 0xDE, 0x6D, 0xF5, 0x52, 0x51, 0x77, 0x80, 0x9F, 0xF0, 0x20, - 0x7D, 0xE3, 0xAB, 0x64, 0x8E, 0x4E, 0xEA, 0x66, 0x65, 0x76, 0x8B, 0xD7, 0x0F, 0x5F, 0x87, 0x67}}}; - -/* Multiples of the base point in affine representation */ -static const ge25519_aff ge25519_base_multiples_affine[425] = { -#include "ge25519_base.data" -}; - -static void p1p1_to_p2(ge25519_p2 *r, const ge25519_p1p1 *p) -{ - fe25519_mul(&r->x, &p->x, &p->t); - fe25519_mul(&r->y, &p->y, &p->z); - fe25519_mul(&r->z, &p->z, &p->t); -} - -static void p1p1_to_p3(ge25519_p3 *r, const ge25519_p1p1 *p) -{ - p1p1_to_p2((ge25519_p2 *)r, p); - fe25519_mul(&r->t, &p->x, &p->y); -} - -static void ge25519_mixadd2(ge25519_p3 *r, const ge25519_aff *q) -{ - fe25519 a,b,t1,t2,c,d,e,f,g,h,qt; - fe25519_mul(&qt, &q->x, &q->y); - fe25519_sub(&a, &r->y, &r->x); /* A = (Y1-X1)*(Y2-X2) */ - fe25519_add(&b, &r->y, &r->x); /* B = (Y1+X1)*(Y2+X2) */ - fe25519_sub(&t1, &q->y, &q->x); - fe25519_add(&t2, &q->y, &q->x); - fe25519_mul(&a, &a, &t1); - fe25519_mul(&b, &b, &t2); - fe25519_sub(&e, &b, &a); /* E = B-A */ - fe25519_add(&h, &b, &a); /* H = B+A */ - fe25519_mul(&c, &r->t, &qt); /* C = T1*k*T2 */ - fe25519_mul(&c, &c, &ge25519_ec2d); - fe25519_add(&d, &r->z, &r->z); /* D = Z1*2 */ - fe25519_sub(&f, &d, &c); /* F = D-C */ - fe25519_add(&g, &d, &c); /* G = D+C */ - fe25519_mul(&r->x, &e, &f); - fe25519_mul(&r->y, &h, &g); - fe25519_mul(&r->z, &g, &f); - fe25519_mul(&r->t, &e, &h); -} - -static void add_p1p1(ge25519_p1p1 *r, const ge25519_p3 *p, const ge25519_p3 *q) -{ - fe25519 a, b, c, d, t; - - fe25519_sub(&a, &p->y, &p->x); /* A = (Y1-X1)*(Y2-X2) */ - fe25519_sub(&t, &q->y, &q->x); - fe25519_mul(&a, &a, &t); - fe25519_add(&b, &p->x, &p->y); /* B = (Y1+X1)*(Y2+X2) */ - fe25519_add(&t, &q->x, &q->y); - fe25519_mul(&b, &b, &t); - fe25519_mul(&c, &p->t, &q->t); /* C = T1*k*T2 */ - fe25519_mul(&c, &c, &ge25519_ec2d); - fe25519_mul(&d, &p->z, &q->z); /* D = Z1*2*Z2 */ - fe25519_add(&d, &d, &d); - fe25519_sub(&r->x, &b, &a); /* E = B-A */ - fe25519_sub(&r->t, &d, &c); /* F = D-C */ - fe25519_add(&r->z, &d, &c); /* G = D+C */ - fe25519_add(&r->y, &b, &a); /* H = B+A */ -} - -/* See http://www.hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#doubling-dbl-2008-hwcd */ -static void dbl_p1p1(ge25519_p1p1 *r, const ge25519_p2 *p) -{ - fe25519 a,b,c,d; - fe25519_square(&a, &p->x); - fe25519_square(&b, &p->y); - fe25519_square(&c, &p->z); - fe25519_add(&c, &c, &c); - fe25519_neg(&d, &a); - - fe25519_add(&r->x, &p->x, &p->y); - fe25519_square(&r->x, &r->x); - fe25519_sub(&r->x, &r->x, &a); - fe25519_sub(&r->x, &r->x, &b); - fe25519_add(&r->z, &d, &b); - fe25519_sub(&r->t, &r->z, &c); - fe25519_sub(&r->y, &d, &b); -} - -/* Constant-time version of: if(b) r = p */ -static void cmov_aff(ge25519_aff *r, const ge25519_aff *p, unsigned char b) -{ - fe25519_cmov(&r->x, &p->x, b); - fe25519_cmov(&r->y, &p->y, b); -} - -static unsigned char equal(signed char b,signed char c) -{ - unsigned char ub = b; - unsigned char uc = c; - unsigned char x = ub ^ uc; /* 0: yes; 1..255: no */ - crypto_uint32 y = x; /* 0: yes; 1..255: no */ - y -= 1; /* 4294967295: yes; 0..254: no */ - y >>= 31; /* 1: yes; 0: no */ - return y; -} - -static unsigned char negative(signed char b) -{ - unsigned long long x = b; /* 18446744073709551361..18446744073709551615: yes; 0..255: no */ - x >>= 63; /* 1: yes; 0: no */ - return x; -} - -static void choose_t(ge25519_aff *t, unsigned long long pos, signed char b) -{ - /* constant time */ - fe25519 v; - *t = ge25519_base_multiples_affine[5*pos+0]; - cmov_aff(t, &ge25519_base_multiples_affine[5*pos+1],equal(b,1) | equal(b,-1)); - cmov_aff(t, &ge25519_base_multiples_affine[5*pos+2],equal(b,2) | equal(b,-2)); - cmov_aff(t, &ge25519_base_multiples_affine[5*pos+3],equal(b,3) | equal(b,-3)); - cmov_aff(t, &ge25519_base_multiples_affine[5*pos+4],equal(b,-4)); - fe25519_neg(&v, &t->x); - fe25519_cmov(&t->x, &v, negative(b)); -} - -static void setneutral(ge25519 *r) -{ - fe25519_setzero(&r->x); - fe25519_setone(&r->y); - fe25519_setone(&r->z); - fe25519_setzero(&r->t); -} - -/* ******************************************************************** - * EXPORTED FUNCTIONS - ******************************************************************** */ - -/* return 0 on success, -1 otherwise */ -int ge25519_unpackneg_vartime(ge25519_p3 *r, const unsigned char p[32]) -{ - unsigned char par; - fe25519 t, chk, num, den, den2, den4, den6; - fe25519_setone(&r->z); - par = p[31] >> 7; - fe25519_unpack(&r->y, p); - fe25519_square(&num, &r->y); /* x = y^2 */ - fe25519_mul(&den, &num, &ge25519_ecd); /* den = dy^2 */ - fe25519_sub(&num, &num, &r->z); /* x = y^2-1 */ - fe25519_add(&den, &r->z, &den); /* den = dy^2+1 */ - - /* Computation of sqrt(num/den) */ - /* 1.: computation of num^((p-5)/8)*den^((7p-35)/8) = (num*den^7)^((p-5)/8) */ - fe25519_square(&den2, &den); - fe25519_square(&den4, &den2); - fe25519_mul(&den6, &den4, &den2); - fe25519_mul(&t, &den6, &num); - fe25519_mul(&t, &t, &den); - - fe25519_pow2523(&t, &t); - /* 2. computation of r->x = t * num * den^3 */ - fe25519_mul(&t, &t, &num); - fe25519_mul(&t, &t, &den); - fe25519_mul(&t, &t, &den); - fe25519_mul(&r->x, &t, &den); - - /* 3. Check whether sqrt computation gave correct result, multiply by sqrt(-1) if not: */ - fe25519_square(&chk, &r->x); - fe25519_mul(&chk, &chk, &den); - if (!fe25519_iseq_vartime(&chk, &num)) - fe25519_mul(&r->x, &r->x, &ge25519_sqrtm1); - - /* 4. Now we have one of the two square roots, except if input was not a square */ - fe25519_square(&chk, &r->x); - fe25519_mul(&chk, &chk, &den); - if (!fe25519_iseq_vartime(&chk, &num)) - return -1; - - /* 5. Choose the desired square root according to parity: */ - if(fe25519_getparity(&r->x) != (1-par)) - fe25519_neg(&r->x, &r->x); - - fe25519_mul(&r->t, &r->x, &r->y); - return 0; -} - -void ge25519_pack(unsigned char r[32], const ge25519_p3 *p) -{ - fe25519 tx, ty, zi; - fe25519_invert(&zi, &p->z); - fe25519_mul(&tx, &p->x, &zi); - fe25519_mul(&ty, &p->y, &zi); - fe25519_pack(r, &ty); - r[31] ^= fe25519_getparity(&tx) << 7; -} - -int ge25519_isneutral_vartime(const ge25519_p3 *p) -{ - int ret = 1; - if(!fe25519_iszero(&p->x)) ret = 0; - if(!fe25519_iseq_vartime(&p->y, &p->z)) ret = 0; - return ret; -} - -/* computes [s1]p1 + [s2]p2 */ -void ge25519_double_scalarmult_vartime(ge25519_p3 *r, const ge25519_p3 *p1, const sc25519 *s1, const ge25519_p3 *p2, const sc25519 *s2) -{ - ge25519_p1p1 tp1p1; - ge25519_p3 pre[16]; - unsigned char b[127]; - int i; - - /* precomputation s2 s1 */ - setneutral(pre); /* 00 00 */ - pre[1] = *p1; /* 00 01 */ - dbl_p1p1(&tp1p1,(ge25519_p2 *)p1); p1p1_to_p3( &pre[2], &tp1p1); /* 00 10 */ - add_p1p1(&tp1p1,&pre[1], &pre[2]); p1p1_to_p3( &pre[3], &tp1p1); /* 00 11 */ - pre[4] = *p2; /* 01 00 */ - add_p1p1(&tp1p1,&pre[1], &pre[4]); p1p1_to_p3( &pre[5], &tp1p1); /* 01 01 */ - add_p1p1(&tp1p1,&pre[2], &pre[4]); p1p1_to_p3( &pre[6], &tp1p1); /* 01 10 */ - add_p1p1(&tp1p1,&pre[3], &pre[4]); p1p1_to_p3( &pre[7], &tp1p1); /* 01 11 */ - dbl_p1p1(&tp1p1,(ge25519_p2 *)p2); p1p1_to_p3( &pre[8], &tp1p1); /* 10 00 */ - add_p1p1(&tp1p1,&pre[1], &pre[8]); p1p1_to_p3( &pre[9], &tp1p1); /* 10 01 */ - dbl_p1p1(&tp1p1,(ge25519_p2 *)&pre[5]); p1p1_to_p3(&pre[10], &tp1p1); /* 10 10 */ - add_p1p1(&tp1p1,&pre[3], &pre[8]); p1p1_to_p3(&pre[11], &tp1p1); /* 10 11 */ - add_p1p1(&tp1p1,&pre[4], &pre[8]); p1p1_to_p3(&pre[12], &tp1p1); /* 11 00 */ - add_p1p1(&tp1p1,&pre[1],&pre[12]); p1p1_to_p3(&pre[13], &tp1p1); /* 11 01 */ - add_p1p1(&tp1p1,&pre[2],&pre[12]); p1p1_to_p3(&pre[14], &tp1p1); /* 11 10 */ - add_p1p1(&tp1p1,&pre[3],&pre[12]); p1p1_to_p3(&pre[15], &tp1p1); /* 11 11 */ - - sc25519_2interleave2(b,s1,s2); - - /* scalar multiplication */ - *r = pre[b[126]]; - for(i=125;i>=0;i--) - { - dbl_p1p1(&tp1p1, (ge25519_p2 *)r); - p1p1_to_p2((ge25519_p2 *) r, &tp1p1); - dbl_p1p1(&tp1p1, (ge25519_p2 *)r); - if(b[i]!=0) - { - p1p1_to_p3(r, &tp1p1); - add_p1p1(&tp1p1, r, &pre[b[i]]); - } - if(i != 0) p1p1_to_p2((ge25519_p2 *)r, &tp1p1); - else p1p1_to_p3(r, &tp1p1); - } -} - -void ge25519_scalarmult_base(ge25519_p3 *r, const sc25519 *s) -{ - signed char b[85]; - int i; - ge25519_aff t; - sc25519_window3(b,s); - - choose_t((ge25519_aff *)r, 0, b[0]); - fe25519_setone(&r->z); - fe25519_mul(&r->t, &r->x, &r->y); - for(i=1;i<85;i++) - { - choose_t(&t, (unsigned long long) i, b[i]); - ge25519_mixadd2(r, &t); - } -} diff --git a/Blink/Commands/openssh/ed25519/ge25519.h b/Blink/Commands/openssh/ed25519/ge25519.h deleted file mode 100644 index a09763760..000000000 --- a/Blink/Commands/openssh/ed25519/ge25519.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: ge25519.h,v 1.4 2015/02/16 18:26:26 miod Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.h - */ - -#ifndef GE25519_H -#define GE25519_H - -#include "fe25519.h" -#include "sc25519.h" - -#define ge25519 crypto_sign_ed25519_ref_ge25519 -#define ge25519_base crypto_sign_ed25519_ref_ge25519_base -#define ge25519_unpackneg_vartime crypto_sign_ed25519_ref_unpackneg_vartime -#define ge25519_pack crypto_sign_ed25519_ref_pack -#define ge25519_isneutral_vartime crypto_sign_ed25519_ref_isneutral_vartime -#define ge25519_double_scalarmult_vartime crypto_sign_ed25519_ref_double_scalarmult_vartime -#define ge25519_scalarmult_base crypto_sign_ed25519_ref_scalarmult_base - -typedef struct -{ - fe25519 x; - fe25519 y; - fe25519 z; - fe25519 t; -} ge25519; - -extern const ge25519 ge25519_base; - -int ge25519_unpackneg_vartime(ge25519 *r, const unsigned char p[32]); - -void ge25519_pack(unsigned char r[32], const ge25519 *p); - -int ge25519_isneutral_vartime(const ge25519 *p); - -void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const sc25519 *s1, const ge25519 *p2, const sc25519 *s2); - -void ge25519_scalarmult_base(ge25519 *r, const sc25519 *s); - -#endif diff --git a/Blink/Commands/openssh/ed25519/ge25519_base.data b/Blink/Commands/openssh/ed25519/ge25519_base.data deleted file mode 100644 index 66fb1b61c..000000000 --- a/Blink/Commands/openssh/ed25519/ge25519_base.data +++ /dev/null @@ -1,858 +0,0 @@ -/* $OpenBSD: ge25519_base.data,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519_base.data - */ - -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, 0xb2, 0xa7, 0x25, 0x95, 0x60, 0xc7, 0x2c, 0x69, 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21}} , - {{0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66}}}, -{{{0x0e, 0xce, 0x43, 0x28, 0x4e, 0xa1, 0xc5, 0x83, 0x5f, 0xa4, 0xd7, 0x15, 0x45, 0x8e, 0x0d, 0x08, 0xac, 0xe7, 0x33, 0x18, 0x7d, 0x3b, 0x04, 0x3d, 0x6c, 0x04, 0x5a, 0x9f, 0x4c, 0x38, 0xab, 0x36}} , - {{0xc9, 0xa3, 0xf8, 0x6a, 0xae, 0x46, 0x5f, 0x0e, 0x56, 0x51, 0x38, 0x64, 0x51, 0x0f, 0x39, 0x97, 0x56, 0x1f, 0xa2, 0xc9, 0xe8, 0x5e, 0xa2, 0x1d, 0xc2, 0x29, 0x23, 0x09, 0xf3, 0xcd, 0x60, 0x22}}}, -{{{0x5c, 0xe2, 0xf8, 0xd3, 0x5f, 0x48, 0x62, 0xac, 0x86, 0x48, 0x62, 0x81, 0x19, 0x98, 0x43, 0x63, 0x3a, 0xc8, 0xda, 0x3e, 0x74, 0xae, 0xf4, 0x1f, 0x49, 0x8f, 0x92, 0x22, 0x4a, 0x9c, 0xae, 0x67}} , - {{0xd4, 0xb4, 0xf5, 0x78, 0x48, 0x68, 0xc3, 0x02, 0x04, 0x03, 0x24, 0x67, 0x17, 0xec, 0x16, 0x9f, 0xf7, 0x9e, 0x26, 0x60, 0x8e, 0xa1, 0x26, 0xa1, 0xab, 0x69, 0xee, 0x77, 0xd1, 0xb1, 0x67, 0x12}}}, -{{{0x70, 0xf8, 0xc9, 0xc4, 0x57, 0xa6, 0x3a, 0x49, 0x47, 0x15, 0xce, 0x93, 0xc1, 0x9e, 0x73, 0x1a, 0xf9, 0x20, 0x35, 0x7a, 0xb8, 0xd4, 0x25, 0x83, 0x46, 0xf1, 0xcf, 0x56, 0xdb, 0xa8, 0x3d, 0x20}} , - {{0x2f, 0x11, 0x32, 0xca, 0x61, 0xab, 0x38, 0xdf, 0xf0, 0x0f, 0x2f, 0xea, 0x32, 0x28, 0xf2, 0x4c, 0x6c, 0x71, 0xd5, 0x80, 0x85, 0xb8, 0x0e, 0x47, 0xe1, 0x95, 0x15, 0xcb, 0x27, 0xe8, 0xd0, 0x47}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xc8, 0x84, 0xa5, 0x08, 0xbc, 0xfd, 0x87, 0x3b, 0x99, 0x8b, 0x69, 0x80, 0x7b, 0xc6, 0x3a, 0xeb, 0x93, 0xcf, 0x4e, 0xf8, 0x5c, 0x2d, 0x86, 0x42, 0xb6, 0x71, 0xd7, 0x97, 0x5f, 0xe1, 0x42, 0x67}} , - {{0xb4, 0xb9, 0x37, 0xfc, 0xa9, 0x5b, 0x2f, 0x1e, 0x93, 0xe4, 0x1e, 0x62, 0xfc, 0x3c, 0x78, 0x81, 0x8f, 0xf3, 0x8a, 0x66, 0x09, 0x6f, 0xad, 0x6e, 0x79, 0x73, 0xe5, 0xc9, 0x00, 0x06, 0xd3, 0x21}}}, -{{{0xf8, 0xf9, 0x28, 0x6c, 0x6d, 0x59, 0xb2, 0x59, 0x74, 0x23, 0xbf, 0xe7, 0x33, 0x8d, 0x57, 0x09, 0x91, 0x9c, 0x24, 0x08, 0x15, 0x2b, 0xe2, 0xb8, 0xee, 0x3a, 0xe5, 0x27, 0x06, 0x86, 0xa4, 0x23}} , - {{0xeb, 0x27, 0x67, 0xc1, 0x37, 0xab, 0x7a, 0xd8, 0x27, 0x9c, 0x07, 0x8e, 0xff, 0x11, 0x6a, 0xb0, 0x78, 0x6e, 0xad, 0x3a, 0x2e, 0x0f, 0x98, 0x9f, 0x72, 0xc3, 0x7f, 0x82, 0xf2, 0x96, 0x96, 0x70}}}, -{{{0x81, 0x6b, 0x88, 0xe8, 0x1e, 0xc7, 0x77, 0x96, 0x0e, 0xa1, 0xa9, 0x52, 0xe0, 0xd8, 0x0e, 0x61, 0x9e, 0x79, 0x2d, 0x95, 0x9c, 0x8d, 0x96, 0xe0, 0x06, 0x40, 0x5d, 0x87, 0x28, 0x5f, 0x98, 0x70}} , - {{0xf1, 0x79, 0x7b, 0xed, 0x4f, 0x44, 0xb2, 0xe7, 0x08, 0x0d, 0xc2, 0x08, 0x12, 0xd2, 0x9f, 0xdf, 0xcd, 0x93, 0x20, 0x8a, 0xcf, 0x33, 0xca, 0x6d, 0x89, 0xb9, 0x77, 0xc8, 0x93, 0x1b, 0x4e, 0x60}}}, -{{{0x26, 0x4f, 0x7e, 0x97, 0xf6, 0x40, 0xdd, 0x4f, 0xfc, 0x52, 0x78, 0xf9, 0x90, 0x31, 0x03, 0xe6, 0x7d, 0x56, 0x39, 0x0b, 0x1d, 0x56, 0x82, 0x85, 0xf9, 0x1a, 0x42, 0x17, 0x69, 0x6c, 0xcf, 0x39}} , - {{0x69, 0xd2, 0x06, 0x3a, 0x4f, 0x39, 0x2d, 0xf9, 0x38, 0x40, 0x8c, 0x4c, 0xe7, 0x05, 0x12, 0xb4, 0x78, 0x8b, 0xf8, 0xc0, 0xec, 0x93, 0xde, 0x7a, 0x6b, 0xce, 0x2c, 0xe1, 0x0e, 0xa9, 0x34, 0x44}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x0b, 0xa4, 0x3c, 0xb0, 0x0f, 0x7a, 0x51, 0xf1, 0x78, 0xd6, 0xd9, 0x6a, 0xfd, 0x46, 0xe8, 0xb8, 0xa8, 0x79, 0x1d, 0x87, 0xf9, 0x90, 0xf2, 0x9c, 0x13, 0x29, 0xf8, 0x0b, 0x20, 0x64, 0xfa, 0x05}} , - {{0x26, 0x09, 0xda, 0x17, 0xaf, 0x95, 0xd6, 0xfb, 0x6a, 0x19, 0x0d, 0x6e, 0x5e, 0x12, 0xf1, 0x99, 0x4c, 0xaa, 0xa8, 0x6f, 0x79, 0x86, 0xf4, 0x72, 0x28, 0x00, 0x26, 0xf9, 0xea, 0x9e, 0x19, 0x3d}}}, -{{{0x87, 0xdd, 0xcf, 0xf0, 0x5b, 0x49, 0xa2, 0x5d, 0x40, 0x7a, 0x23, 0x26, 0xa4, 0x7a, 0x83, 0x8a, 0xb7, 0x8b, 0xd2, 0x1a, 0xbf, 0xea, 0x02, 0x24, 0x08, 0x5f, 0x7b, 0xa9, 0xb1, 0xbe, 0x9d, 0x37}} , - {{0xfc, 0x86, 0x4b, 0x08, 0xee, 0xe7, 0xa0, 0xfd, 0x21, 0x45, 0x09, 0x34, 0xc1, 0x61, 0x32, 0x23, 0xfc, 0x9b, 0x55, 0x48, 0x53, 0x99, 0xf7, 0x63, 0xd0, 0x99, 0xce, 0x01, 0xe0, 0x9f, 0xeb, 0x28}}}, -{{{0x47, 0xfc, 0xab, 0x5a, 0x17, 0xf0, 0x85, 0x56, 0x3a, 0x30, 0x86, 0x20, 0x28, 0x4b, 0x8e, 0x44, 0x74, 0x3a, 0x6e, 0x02, 0xf1, 0x32, 0x8f, 0x9f, 0x3f, 0x08, 0x35, 0xe9, 0xca, 0x16, 0x5f, 0x6e}} , - {{0x1c, 0x59, 0x1c, 0x65, 0x5d, 0x34, 0xa4, 0x09, 0xcd, 0x13, 0x9c, 0x70, 0x7d, 0xb1, 0x2a, 0xc5, 0x88, 0xaf, 0x0b, 0x60, 0xc7, 0x9f, 0x34, 0x8d, 0xd6, 0xb7, 0x7f, 0xea, 0x78, 0x65, 0x8d, 0x77}}}, -{{{0x56, 0xa5, 0xc2, 0x0c, 0xdd, 0xbc, 0xb8, 0x20, 0x6d, 0x57, 0x61, 0xb5, 0xfb, 0x78, 0xb5, 0xd4, 0x49, 0x54, 0x90, 0x26, 0xc1, 0xcb, 0xe9, 0xe6, 0xbf, 0xec, 0x1d, 0x4e, 0xed, 0x07, 0x7e, 0x5e}} , - {{0xc7, 0xf6, 0x6c, 0x56, 0x31, 0x20, 0x14, 0x0e, 0xa8, 0xd9, 0x27, 0xc1, 0x9a, 0x3d, 0x1b, 0x7d, 0x0e, 0x26, 0xd3, 0x81, 0xaa, 0xeb, 0xf5, 0x6b, 0x79, 0x02, 0xf1, 0x51, 0x5c, 0x75, 0x55, 0x0f}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x0a, 0x34, 0xcd, 0x82, 0x3c, 0x33, 0x09, 0x54, 0xd2, 0x61, 0x39, 0x30, 0x9b, 0xfd, 0xef, 0x21, 0x26, 0xd4, 0x70, 0xfa, 0xee, 0xf9, 0x31, 0x33, 0x73, 0x84, 0xd0, 0xb3, 0x81, 0xbf, 0xec, 0x2e}} , - {{0xe8, 0x93, 0x8b, 0x00, 0x64, 0xf7, 0x9c, 0xb8, 0x74, 0xe0, 0xe6, 0x49, 0x48, 0x4d, 0x4d, 0x48, 0xb6, 0x19, 0xa1, 0x40, 0xb7, 0xd9, 0x32, 0x41, 0x7c, 0x82, 0x37, 0xa1, 0x2d, 0xdc, 0xd2, 0x54}}}, -{{{0x68, 0x2b, 0x4a, 0x5b, 0xd5, 0xc7, 0x51, 0x91, 0x1d, 0xe1, 0x2a, 0x4b, 0xc4, 0x47, 0xf1, 0xbc, 0x7a, 0xb3, 0xcb, 0xc8, 0xb6, 0x7c, 0xac, 0x90, 0x05, 0xfd, 0xf3, 0xf9, 0x52, 0x3a, 0x11, 0x6b}} , - {{0x3d, 0xc1, 0x27, 0xf3, 0x59, 0x43, 0x95, 0x90, 0xc5, 0x96, 0x79, 0xf5, 0xf4, 0x95, 0x65, 0x29, 0x06, 0x9c, 0x51, 0x05, 0x18, 0xda, 0xb8, 0x2e, 0x79, 0x7e, 0x69, 0x59, 0x71, 0x01, 0xeb, 0x1a}}}, -{{{0x15, 0x06, 0x49, 0xb6, 0x8a, 0x3c, 0xea, 0x2f, 0x34, 0x20, 0x14, 0xc3, 0xaa, 0xd6, 0xaf, 0x2c, 0x3e, 0xbd, 0x65, 0x20, 0xe2, 0x4d, 0x4b, 0x3b, 0xeb, 0x9f, 0x4a, 0xc3, 0xad, 0xa4, 0x3b, 0x60}} , - {{0xbc, 0x58, 0xe6, 0xc0, 0x95, 0x2a, 0x2a, 0x81, 0x9a, 0x7a, 0xf3, 0xd2, 0x06, 0xbe, 0x48, 0xbc, 0x0c, 0xc5, 0x46, 0xe0, 0x6a, 0xd4, 0xac, 0x0f, 0xd9, 0xcc, 0x82, 0x34, 0x2c, 0xaf, 0xdb, 0x1f}}}, -{{{0xf7, 0x17, 0x13, 0xbd, 0xfb, 0xbc, 0xd2, 0xec, 0x45, 0xb3, 0x15, 0x31, 0xe9, 0xaf, 0x82, 0x84, 0x3d, 0x28, 0xc6, 0xfc, 0x11, 0xf5, 0x41, 0xb5, 0x8b, 0xd3, 0x12, 0x76, 0x52, 0xe7, 0x1a, 0x3c}} , - {{0x4e, 0x36, 0x11, 0x07, 0xa2, 0x15, 0x20, 0x51, 0xc4, 0x2a, 0xc3, 0x62, 0x8b, 0x5e, 0x7f, 0xa6, 0x0f, 0xf9, 0x45, 0x85, 0x6c, 0x11, 0x86, 0xb7, 0x7e, 0xe5, 0xd7, 0xf9, 0xc3, 0x91, 0x1c, 0x05}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xea, 0xd6, 0xde, 0x29, 0x3a, 0x00, 0xb9, 0x02, 0x59, 0xcb, 0x26, 0xc4, 0xba, 0x99, 0xb1, 0x97, 0x2f, 0x8e, 0x00, 0x92, 0x26, 0x4f, 0x52, 0xeb, 0x47, 0x1b, 0x89, 0x8b, 0x24, 0xc0, 0x13, 0x7d}} , - {{0xd5, 0x20, 0x5b, 0x80, 0xa6, 0x80, 0x20, 0x95, 0xc3, 0xe9, 0x9f, 0x8e, 0x87, 0x9e, 0x1e, 0x9e, 0x7a, 0xc7, 0xcc, 0x75, 0x6c, 0xa5, 0xf1, 0x91, 0x1a, 0xa8, 0x01, 0x2c, 0xab, 0x76, 0xa9, 0x59}}}, -{{{0xde, 0xc9, 0xb1, 0x31, 0x10, 0x16, 0xaa, 0x35, 0x14, 0x6a, 0xd4, 0xb5, 0x34, 0x82, 0x71, 0xd2, 0x4a, 0x5d, 0x9a, 0x1f, 0x53, 0x26, 0x3c, 0xe5, 0x8e, 0x8d, 0x33, 0x7f, 0xff, 0xa9, 0xd5, 0x17}} , - {{0x89, 0xaf, 0xf6, 0xa4, 0x64, 0xd5, 0x10, 0xe0, 0x1d, 0xad, 0xef, 0x44, 0xbd, 0xda, 0x83, 0xac, 0x7a, 0xa8, 0xf0, 0x1c, 0x07, 0xf9, 0xc3, 0x43, 0x6c, 0x3f, 0xb7, 0xd3, 0x87, 0x22, 0x02, 0x73}}}, -{{{0x64, 0x1d, 0x49, 0x13, 0x2f, 0x71, 0xec, 0x69, 0x87, 0xd0, 0x42, 0xee, 0x13, 0xec, 0xe3, 0xed, 0x56, 0x7b, 0xbf, 0xbd, 0x8c, 0x2f, 0x7d, 0x7b, 0x9d, 0x28, 0xec, 0x8e, 0x76, 0x2f, 0x6f, 0x08}} , - {{0x22, 0xf5, 0x5f, 0x4d, 0x15, 0xef, 0xfc, 0x4e, 0x57, 0x03, 0x36, 0x89, 0xf0, 0xeb, 0x5b, 0x91, 0xd6, 0xe2, 0xca, 0x01, 0xa5, 0xee, 0x52, 0xec, 0xa0, 0x3c, 0x8f, 0x33, 0x90, 0x5a, 0x94, 0x72}}}, -{{{0x8a, 0x4b, 0xe7, 0x38, 0xbc, 0xda, 0xc2, 0xb0, 0x85, 0xe1, 0x4a, 0xfe, 0x2d, 0x44, 0x84, 0xcb, 0x20, 0x6b, 0x2d, 0xbf, 0x11, 0x9c, 0xd7, 0xbe, 0xd3, 0x3e, 0x5f, 0xbf, 0x68, 0xbc, 0xa8, 0x07}} , - {{0x01, 0x89, 0x28, 0x22, 0x6a, 0x78, 0xaa, 0x29, 0x03, 0xc8, 0x74, 0x95, 0x03, 0x3e, 0xdc, 0xbd, 0x07, 0x13, 0xa8, 0xa2, 0x20, 0x2d, 0xb3, 0x18, 0x70, 0x42, 0xfd, 0x7a, 0xc4, 0xd7, 0x49, 0x72}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x02, 0xff, 0x32, 0x2b, 0x5c, 0x93, 0x54, 0x32, 0xe8, 0x57, 0x54, 0x1a, 0x8b, 0x33, 0x60, 0x65, 0xd3, 0x67, 0xa4, 0xc1, 0x26, 0xc4, 0xa4, 0x34, 0x1f, 0x9b, 0xa7, 0xa9, 0xf4, 0xd9, 0x4f, 0x5b}} , - {{0x46, 0x8d, 0xb0, 0x33, 0x54, 0x26, 0x5b, 0x68, 0xdf, 0xbb, 0xc5, 0xec, 0xc2, 0xf9, 0x3c, 0x5a, 0x37, 0xc1, 0x8e, 0x27, 0x47, 0xaa, 0x49, 0x5a, 0xf8, 0xfb, 0x68, 0x04, 0x23, 0xd1, 0xeb, 0x40}}}, -{{{0x65, 0xa5, 0x11, 0x84, 0x8a, 0x67, 0x9d, 0x9e, 0xd1, 0x44, 0x68, 0x7a, 0x34, 0xe1, 0x9f, 0xa3, 0x54, 0xcd, 0x07, 0xca, 0x79, 0x1f, 0x54, 0x2f, 0x13, 0x70, 0x4e, 0xee, 0xa2, 0xfa, 0xe7, 0x5d}} , - {{0x36, 0xec, 0x54, 0xf8, 0xce, 0xe4, 0x85, 0xdf, 0xf6, 0x6f, 0x1d, 0x90, 0x08, 0xbc, 0xe8, 0xc0, 0x92, 0x2d, 0x43, 0x6b, 0x92, 0xa9, 0x8e, 0xab, 0x0a, 0x2e, 0x1c, 0x1e, 0x64, 0x23, 0x9f, 0x2c}}}, -{{{0xa7, 0xd6, 0x2e, 0xd5, 0xcc, 0xd4, 0xcb, 0x5a, 0x3b, 0xa7, 0xf9, 0x46, 0x03, 0x1d, 0xad, 0x2b, 0x34, 0x31, 0x90, 0x00, 0x46, 0x08, 0x82, 0x14, 0xc4, 0xe0, 0x9c, 0xf0, 0xe3, 0x55, 0x43, 0x31}} , - {{0x60, 0xd6, 0xdd, 0x78, 0xe6, 0xd4, 0x22, 0x42, 0x1f, 0x00, 0xf9, 0xb1, 0x6a, 0x63, 0xe2, 0x92, 0x59, 0xd1, 0x1a, 0xb7, 0x00, 0x54, 0x29, 0xc9, 0xc1, 0xf6, 0x6f, 0x7a, 0xc5, 0x3c, 0x5f, 0x65}}}, -{{{0x27, 0x4f, 0xd0, 0x72, 0xb1, 0x11, 0x14, 0x27, 0x15, 0x94, 0x48, 0x81, 0x7e, 0x74, 0xd8, 0x32, 0xd5, 0xd1, 0x11, 0x28, 0x60, 0x63, 0x36, 0x32, 0x37, 0xb5, 0x13, 0x1c, 0xa0, 0x37, 0xe3, 0x74}} , - {{0xf1, 0x25, 0x4e, 0x11, 0x96, 0x67, 0xe6, 0x1c, 0xc2, 0xb2, 0x53, 0xe2, 0xda, 0x85, 0xee, 0xb2, 0x9f, 0x59, 0xf3, 0xba, 0xbd, 0xfa, 0xcf, 0x6e, 0xf9, 0xda, 0xa4, 0xb3, 0x02, 0x8f, 0x64, 0x08}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x34, 0x94, 0xf2, 0x64, 0x54, 0x47, 0x37, 0x07, 0x40, 0x8a, 0x20, 0xba, 0x4a, 0x55, 0xd7, 0x3f, 0x47, 0xba, 0x25, 0x23, 0x14, 0xb0, 0x2c, 0xe8, 0x55, 0xa8, 0xa6, 0xef, 0x51, 0xbd, 0x6f, 0x6a}} , - {{0x71, 0xd6, 0x16, 0x76, 0xb2, 0x06, 0xea, 0x79, 0xf5, 0xc4, 0xc3, 0x52, 0x7e, 0x61, 0xd1, 0xe1, 0xad, 0x70, 0x78, 0x1d, 0x16, 0x11, 0xf8, 0x7c, 0x2b, 0xfc, 0x55, 0x9f, 0x52, 0xf8, 0xf5, 0x16}}}, -{{{0x34, 0x96, 0x9a, 0xf6, 0xc5, 0xe0, 0x14, 0x03, 0x24, 0x0e, 0x4c, 0xad, 0x9e, 0x9a, 0x70, 0x23, 0x96, 0xb2, 0xf1, 0x2e, 0x9d, 0xc3, 0x32, 0x9b, 0x54, 0xa5, 0x73, 0xde, 0x88, 0xb1, 0x3e, 0x24}} , - {{0xf6, 0xe2, 0x4c, 0x1f, 0x5b, 0xb2, 0xaf, 0x82, 0xa5, 0xcf, 0x81, 0x10, 0x04, 0xef, 0xdb, 0xa2, 0xcc, 0x24, 0xb2, 0x7e, 0x0b, 0x7a, 0xeb, 0x01, 0xd8, 0x52, 0xf4, 0x51, 0x89, 0x29, 0x79, 0x37}}}, -{{{0x74, 0xde, 0x12, 0xf3, 0x68, 0xb7, 0x66, 0xc3, 0xee, 0x68, 0xdc, 0x81, 0xb5, 0x55, 0x99, 0xab, 0xd9, 0x28, 0x63, 0x6d, 0x8b, 0x40, 0x69, 0x75, 0x6c, 0xcd, 0x5c, 0x2a, 0x7e, 0x32, 0x7b, 0x29}} , - {{0x02, 0xcc, 0x22, 0x74, 0x4d, 0x19, 0x07, 0xc0, 0xda, 0xb5, 0x76, 0x51, 0x2a, 0xaa, 0xa6, 0x0a, 0x5f, 0x26, 0xd4, 0xbc, 0xaf, 0x48, 0x88, 0x7f, 0x02, 0xbc, 0xf2, 0xe1, 0xcf, 0xe9, 0xdd, 0x15}}}, -{{{0xed, 0xb5, 0x9a, 0x8c, 0x9a, 0xdd, 0x27, 0xf4, 0x7f, 0x47, 0xd9, 0x52, 0xa7, 0xcd, 0x65, 0xa5, 0x31, 0x22, 0xed, 0xa6, 0x63, 0x5b, 0x80, 0x4a, 0xad, 0x4d, 0xed, 0xbf, 0xee, 0x49, 0xb3, 0x06}} , - {{0xf8, 0x64, 0x8b, 0x60, 0x90, 0xe9, 0xde, 0x44, 0x77, 0xb9, 0x07, 0x36, 0x32, 0xc2, 0x50, 0xf5, 0x65, 0xdf, 0x48, 0x4c, 0x37, 0xaa, 0x68, 0xab, 0x9a, 0x1f, 0x3e, 0xff, 0x89, 0x92, 0xa0, 0x07}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x7d, 0x4f, 0x9c, 0x19, 0xc0, 0x4a, 0x31, 0xec, 0xf9, 0xaa, 0xeb, 0xb2, 0x16, 0x9c, 0xa3, 0x66, 0x5f, 0xd1, 0xd4, 0xed, 0xb8, 0x92, 0x1c, 0xab, 0xda, 0xea, 0xd9, 0x57, 0xdf, 0x4c, 0x2a, 0x48}} , - {{0x4b, 0xb0, 0x4e, 0x6e, 0x11, 0x3b, 0x51, 0xbd, 0x6a, 0xfd, 0xe4, 0x25, 0xa5, 0x5f, 0x11, 0x3f, 0x98, 0x92, 0x51, 0x14, 0xc6, 0x5f, 0x3c, 0x0b, 0xa8, 0xf7, 0xc2, 0x81, 0x43, 0xde, 0x91, 0x73}}}, -{{{0x3c, 0x8f, 0x9f, 0x33, 0x2a, 0x1f, 0x43, 0x33, 0x8f, 0x68, 0xff, 0x1f, 0x3d, 0x73, 0x6b, 0xbf, 0x68, 0xcc, 0x7d, 0x13, 0x6c, 0x24, 0x4b, 0xcc, 0x4d, 0x24, 0x0d, 0xfe, 0xde, 0x86, 0xad, 0x3b}} , - {{0x79, 0x51, 0x81, 0x01, 0xdc, 0x73, 0x53, 0xe0, 0x6e, 0x9b, 0xea, 0x68, 0x3f, 0x5c, 0x14, 0x84, 0x53, 0x8d, 0x4b, 0xc0, 0x9f, 0x9f, 0x89, 0x2b, 0x8c, 0xba, 0x86, 0xfa, 0xf2, 0xcd, 0xe3, 0x2d}}}, -{{{0x06, 0xf9, 0x29, 0x5a, 0xdb, 0x3d, 0x84, 0x52, 0xab, 0xcc, 0x6b, 0x60, 0x9d, 0xb7, 0x4a, 0x0e, 0x36, 0x63, 0x91, 0xad, 0xa0, 0x95, 0xb0, 0x97, 0x89, 0x4e, 0xcf, 0x7d, 0x3c, 0xe5, 0x7c, 0x28}} , - {{0x2e, 0x69, 0x98, 0xfd, 0xc6, 0xbd, 0xcc, 0xca, 0xdf, 0x9a, 0x44, 0x7e, 0x9d, 0xca, 0x89, 0x6d, 0xbf, 0x27, 0xc2, 0xf8, 0xcd, 0x46, 0x00, 0x2b, 0xb5, 0x58, 0x4e, 0xb7, 0x89, 0x09, 0xe9, 0x2d}}}, -{{{0x54, 0xbe, 0x75, 0xcb, 0x05, 0xb0, 0x54, 0xb7, 0xe7, 0x26, 0x86, 0x4a, 0xfc, 0x19, 0xcf, 0x27, 0x46, 0xd4, 0x22, 0x96, 0x5a, 0x11, 0xe8, 0xd5, 0x1b, 0xed, 0x71, 0xc5, 0x5d, 0xc8, 0xaf, 0x45}} , - {{0x40, 0x7b, 0x77, 0x57, 0x49, 0x9e, 0x80, 0x39, 0x23, 0xee, 0x81, 0x0b, 0x22, 0xcf, 0xdb, 0x7a, 0x2f, 0x14, 0xb8, 0x57, 0x8f, 0xa1, 0x39, 0x1e, 0x77, 0xfc, 0x0b, 0xa6, 0xbf, 0x8a, 0x0c, 0x6c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x77, 0x3a, 0xd4, 0xd8, 0x27, 0xcf, 0xe8, 0xa1, 0x72, 0x9d, 0xca, 0xdd, 0x0d, 0x96, 0xda, 0x79, 0xed, 0x56, 0x42, 0x15, 0x60, 0xc7, 0x1c, 0x6b, 0x26, 0x30, 0xf6, 0x6a, 0x95, 0x67, 0xf3, 0x0a}} , - {{0xc5, 0x08, 0xa4, 0x2b, 0x2f, 0xbd, 0x31, 0x81, 0x2a, 0xa6, 0xb6, 0xe4, 0x00, 0x91, 0xda, 0x3d, 0xb2, 0xb0, 0x96, 0xce, 0x8a, 0xd2, 0x8d, 0x70, 0xb3, 0xd3, 0x34, 0x01, 0x90, 0x8d, 0x10, 0x21}}}, -{{{0x33, 0x0d, 0xe7, 0xba, 0x4f, 0x07, 0xdf, 0x8d, 0xea, 0x7d, 0xa0, 0xc5, 0xd6, 0xb1, 0xb0, 0xe5, 0x57, 0x1b, 0x5b, 0xf5, 0x45, 0x13, 0x14, 0x64, 0x5a, 0xeb, 0x5c, 0xfc, 0x54, 0x01, 0x76, 0x2b}} , - {{0x02, 0x0c, 0xc2, 0xaf, 0x96, 0x36, 0xfe, 0x4a, 0xe2, 0x54, 0x20, 0x6a, 0xeb, 0xb2, 0x9f, 0x62, 0xd7, 0xce, 0xa2, 0x3f, 0x20, 0x11, 0x34, 0x37, 0xe0, 0x42, 0xed, 0x6f, 0xf9, 0x1a, 0xc8, 0x7d}}}, -{{{0xd8, 0xb9, 0x11, 0xe8, 0x36, 0x3f, 0x42, 0xc1, 0xca, 0xdc, 0xd3, 0xf1, 0xc8, 0x23, 0x3d, 0x4f, 0x51, 0x7b, 0x9d, 0x8d, 0xd8, 0xe4, 0xa0, 0xaa, 0xf3, 0x04, 0xd6, 0x11, 0x93, 0xc8, 0x35, 0x45}} , - {{0x61, 0x36, 0xd6, 0x08, 0x90, 0xbf, 0xa7, 0x7a, 0x97, 0x6c, 0x0f, 0x84, 0xd5, 0x33, 0x2d, 0x37, 0xc9, 0x6a, 0x80, 0x90, 0x3d, 0x0a, 0xa2, 0xaa, 0xe1, 0xb8, 0x84, 0xba, 0x61, 0x36, 0xdd, 0x69}}}, -{{{0x6b, 0xdb, 0x5b, 0x9c, 0xc6, 0x92, 0xbc, 0x23, 0xaf, 0xc5, 0xb8, 0x75, 0xf8, 0x42, 0xfa, 0xd6, 0xb6, 0x84, 0x94, 0x63, 0x98, 0x93, 0x48, 0x78, 0x38, 0xcd, 0xbb, 0x18, 0x34, 0xc3, 0xdb, 0x67}} , - {{0x96, 0xf3, 0x3a, 0x09, 0x56, 0xb0, 0x6f, 0x7c, 0x51, 0x1e, 0x1b, 0x39, 0x48, 0xea, 0xc9, 0x0c, 0x25, 0xa2, 0x7a, 0xca, 0xe7, 0x92, 0xfc, 0x59, 0x30, 0xa3, 0x89, 0x85, 0xdf, 0x6f, 0x43, 0x38}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x79, 0x84, 0x44, 0x19, 0xbd, 0xe9, 0x54, 0xc4, 0xc0, 0x6e, 0x2a, 0xa8, 0xa8, 0x9b, 0x43, 0xd5, 0x71, 0x22, 0x5f, 0xdc, 0x01, 0xfa, 0xdf, 0xb3, 0xb8, 0x47, 0x4b, 0x0a, 0xa5, 0x44, 0xea, 0x29}} , - {{0x05, 0x90, 0x50, 0xaf, 0x63, 0x5f, 0x9d, 0x9e, 0xe1, 0x9d, 0x38, 0x97, 0x1f, 0x6c, 0xac, 0x30, 0x46, 0xb2, 0x6a, 0x19, 0xd1, 0x4b, 0xdb, 0xbb, 0x8c, 0xda, 0x2e, 0xab, 0xc8, 0x5a, 0x77, 0x6c}}}, -{{{0x2b, 0xbe, 0xaf, 0xa1, 0x6d, 0x2f, 0x0b, 0xb1, 0x8f, 0xe3, 0xe0, 0x38, 0xcd, 0x0b, 0x41, 0x1b, 0x4a, 0x15, 0x07, 0xf3, 0x6f, 0xdc, 0xb8, 0xe9, 0xde, 0xb2, 0xa3, 0x40, 0x01, 0xa6, 0x45, 0x1e}} , - {{0x76, 0x0a, 0xda, 0x8d, 0x2c, 0x07, 0x3f, 0x89, 0x7d, 0x04, 0xad, 0x43, 0x50, 0x6e, 0xd2, 0x47, 0xcb, 0x8a, 0xe6, 0x85, 0x1a, 0x24, 0xf3, 0xd2, 0x60, 0xfd, 0xdf, 0x73, 0xa4, 0x0d, 0x73, 0x0e}}}, -{{{0xfd, 0x67, 0x6b, 0x71, 0x9b, 0x81, 0x53, 0x39, 0x39, 0xf4, 0xb8, 0xd5, 0xc3, 0x30, 0x9b, 0x3b, 0x7c, 0xa3, 0xf0, 0xd0, 0x84, 0x21, 0xd6, 0xbf, 0xb7, 0x4c, 0x87, 0x13, 0x45, 0x2d, 0xa7, 0x55}} , - {{0x5d, 0x04, 0xb3, 0x40, 0x28, 0x95, 0x2d, 0x30, 0x83, 0xec, 0x5e, 0xe4, 0xff, 0x75, 0xfe, 0x79, 0x26, 0x9d, 0x1d, 0x36, 0xcd, 0x0a, 0x15, 0xd2, 0x24, 0x14, 0x77, 0x71, 0xd7, 0x8a, 0x1b, 0x04}}}, -{{{0x5d, 0x93, 0xc9, 0xbe, 0xaa, 0x90, 0xcd, 0x9b, 0xfb, 0x73, 0x7e, 0xb0, 0x64, 0x98, 0x57, 0x44, 0x42, 0x41, 0xb1, 0xaf, 0xea, 0xc1, 0xc3, 0x22, 0xff, 0x60, 0x46, 0xcb, 0x61, 0x81, 0x70, 0x61}} , - {{0x0d, 0x82, 0xb9, 0xfe, 0x21, 0xcd, 0xc4, 0xf5, 0x98, 0x0c, 0x4e, 0x72, 0xee, 0x87, 0x49, 0xf8, 0xa1, 0x95, 0xdf, 0x8f, 0x2d, 0xbd, 0x21, 0x06, 0x7c, 0x15, 0xe8, 0x12, 0x6d, 0x93, 0xd6, 0x38}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x91, 0xf7, 0x51, 0xd9, 0xef, 0x7d, 0x42, 0x01, 0x13, 0xe9, 0xb8, 0x7f, 0xa6, 0x49, 0x17, 0x64, 0x21, 0x80, 0x83, 0x2c, 0x63, 0x4c, 0x60, 0x09, 0x59, 0x91, 0x92, 0x77, 0x39, 0x51, 0xf4, 0x48}} , - {{0x60, 0xd5, 0x22, 0x83, 0x08, 0x2f, 0xff, 0x99, 0x3e, 0x69, 0x6d, 0x88, 0xda, 0xe7, 0x5b, 0x52, 0x26, 0x31, 0x2a, 0xe5, 0x89, 0xde, 0x68, 0x90, 0xb6, 0x22, 0x5a, 0xbd, 0xd3, 0x85, 0x53, 0x31}}}, -{{{0xd8, 0xce, 0xdc, 0xf9, 0x3c, 0x4b, 0xa2, 0x1d, 0x2c, 0x2f, 0x36, 0xbe, 0x7a, 0xfc, 0xcd, 0xbc, 0xdc, 0xf9, 0x30, 0xbd, 0xff, 0x05, 0xc7, 0xe4, 0x8e, 0x17, 0x62, 0xf8, 0x4d, 0xa0, 0x56, 0x79}} , - {{0x82, 0xe7, 0xf6, 0xba, 0x53, 0x84, 0x0a, 0xa3, 0x34, 0xff, 0x3c, 0xa3, 0x6a, 0xa1, 0x37, 0xea, 0xdd, 0xb6, 0x95, 0xb3, 0x78, 0x19, 0x76, 0x1e, 0x55, 0x2f, 0x77, 0x2e, 0x7f, 0xc1, 0xea, 0x5e}}}, -{{{0x83, 0xe1, 0x6e, 0xa9, 0x07, 0x33, 0x3e, 0x83, 0xff, 0xcb, 0x1c, 0x9f, 0xb1, 0xa3, 0xb4, 0xc9, 0xe1, 0x07, 0x97, 0xff, 0xf8, 0x23, 0x8f, 0xce, 0x40, 0xfd, 0x2e, 0x5e, 0xdb, 0x16, 0x43, 0x2d}} , - {{0xba, 0x38, 0x02, 0xf7, 0x81, 0x43, 0x83, 0xa3, 0x20, 0x4f, 0x01, 0x3b, 0x8a, 0x04, 0x38, 0x31, 0xc6, 0x0f, 0xc8, 0xdf, 0xd7, 0xfa, 0x2f, 0x88, 0x3f, 0xfc, 0x0c, 0x76, 0xc4, 0xa6, 0x45, 0x72}}}, -{{{0xbb, 0x0c, 0xbc, 0x6a, 0xa4, 0x97, 0x17, 0x93, 0x2d, 0x6f, 0xde, 0x72, 0x10, 0x1c, 0x08, 0x2c, 0x0f, 0x80, 0x32, 0x68, 0x27, 0xd4, 0xab, 0xdd, 0xc5, 0x58, 0x61, 0x13, 0x6d, 0x11, 0x1e, 0x4d}} , - {{0x1a, 0xb9, 0xc9, 0x10, 0xfb, 0x1e, 0x4e, 0xf4, 0x84, 0x4b, 0x8a, 0x5e, 0x7b, 0x4b, 0xe8, 0x43, 0x8c, 0x8f, 0x00, 0xb5, 0x54, 0x13, 0xc5, 0x5c, 0xb6, 0x35, 0x4e, 0x9d, 0xe4, 0x5b, 0x41, 0x6d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x15, 0x7d, 0x12, 0x48, 0x82, 0x14, 0x42, 0xcd, 0x32, 0xd4, 0x4b, 0xc1, 0x72, 0x61, 0x2a, 0x8c, 0xec, 0xe2, 0xf8, 0x24, 0x45, 0x94, 0xe3, 0xbe, 0xdd, 0x67, 0xa8, 0x77, 0x5a, 0xae, 0x5b, 0x4b}} , - {{0xcb, 0x77, 0x9a, 0x20, 0xde, 0xb8, 0x23, 0xd9, 0xa0, 0x0f, 0x8c, 0x7b, 0xa5, 0xcb, 0xae, 0xb6, 0xec, 0x42, 0x67, 0x0e, 0x58, 0xa4, 0x75, 0x98, 0x21, 0x71, 0x84, 0xb3, 0xe0, 0x76, 0x94, 0x73}}}, -{{{0xdf, 0xfc, 0x69, 0x28, 0x23, 0x3f, 0x5b, 0xf8, 0x3b, 0x24, 0x37, 0xf3, 0x1d, 0xd5, 0x22, 0x6b, 0xd0, 0x98, 0xa8, 0x6c, 0xcf, 0xff, 0x06, 0xe1, 0x13, 0xdf, 0xb9, 0xc1, 0x0c, 0xa9, 0xbf, 0x33}} , - {{0xd9, 0x81, 0xda, 0xb2, 0x4f, 0x82, 0x9d, 0x43, 0x81, 0x09, 0xf1, 0xd2, 0x01, 0xef, 0xac, 0xf4, 0x2d, 0x7d, 0x01, 0x09, 0xf1, 0xff, 0xa5, 0x9f, 0xe5, 0xca, 0x27, 0x63, 0xdb, 0x20, 0xb1, 0x53}}}, -{{{0x67, 0x02, 0xe8, 0xad, 0xa9, 0x34, 0xd4, 0xf0, 0x15, 0x81, 0xaa, 0xc7, 0x4d, 0x87, 0x94, 0xea, 0x75, 0xe7, 0x4c, 0x94, 0x04, 0x0e, 0x69, 0x87, 0xe7, 0x51, 0x91, 0x10, 0x03, 0xc7, 0xbe, 0x56}} , - {{0x32, 0xfb, 0x86, 0xec, 0x33, 0x6b, 0x2e, 0x51, 0x2b, 0xc8, 0xfa, 0x6c, 0x70, 0x47, 0x7e, 0xce, 0x05, 0x0c, 0x71, 0xf3, 0xb4, 0x56, 0xa6, 0xdc, 0xcc, 0x78, 0x07, 0x75, 0xd0, 0xdd, 0xb2, 0x6a}}}, -{{{0xc6, 0xef, 0xb9, 0xc0, 0x2b, 0x22, 0x08, 0x1e, 0x71, 0x70, 0xb3, 0x35, 0x9c, 0x7a, 0x01, 0x92, 0x44, 0x9a, 0xf6, 0xb0, 0x58, 0x95, 0xc1, 0x9b, 0x02, 0xed, 0x2d, 0x7c, 0x34, 0x29, 0x49, 0x44}} , - {{0x45, 0x62, 0x1d, 0x2e, 0xff, 0x2a, 0x1c, 0x21, 0xa4, 0x25, 0x7b, 0x0d, 0x8c, 0x15, 0x39, 0xfc, 0x8f, 0x7c, 0xa5, 0x7d, 0x1e, 0x25, 0xa3, 0x45, 0xd6, 0xab, 0xbd, 0xcb, 0xc5, 0x5e, 0x78, 0x77}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xd0, 0xd3, 0x42, 0xed, 0x1d, 0x00, 0x3c, 0x15, 0x2c, 0x9c, 0x77, 0x81, 0xd2, 0x73, 0xd1, 0x06, 0xd5, 0xc4, 0x7f, 0x94, 0xbb, 0x92, 0x2d, 0x2c, 0x4b, 0x45, 0x4b, 0xe9, 0x2a, 0x89, 0x6b, 0x2b}} , - {{0xd2, 0x0c, 0x88, 0xc5, 0x48, 0x4d, 0xea, 0x0d, 0x4a, 0xc9, 0x52, 0x6a, 0x61, 0x79, 0xe9, 0x76, 0xf3, 0x85, 0x52, 0x5c, 0x1b, 0x2c, 0xe1, 0xd6, 0xc4, 0x0f, 0x18, 0x0e, 0x4e, 0xf6, 0x1c, 0x7f}}}, -{{{0xb4, 0x04, 0x2e, 0x42, 0xcb, 0x1f, 0x2b, 0x11, 0x51, 0x7b, 0x08, 0xac, 0xaa, 0x3e, 0x9e, 0x52, 0x60, 0xb7, 0xc2, 0x61, 0x57, 0x8c, 0x84, 0xd5, 0x18, 0xa6, 0x19, 0xfc, 0xb7, 0x75, 0x91, 0x1b}} , - {{0xe8, 0x68, 0xca, 0x44, 0xc8, 0x38, 0x38, 0xcc, 0x53, 0x0a, 0x32, 0x35, 0xcc, 0x52, 0xcb, 0x0e, 0xf7, 0xc5, 0xe7, 0xec, 0x3d, 0x85, 0xcc, 0x58, 0xe2, 0x17, 0x47, 0xff, 0x9f, 0xa5, 0x30, 0x17}}}, -{{{0xe3, 0xae, 0xc8, 0xc1, 0x71, 0x75, 0x31, 0x00, 0x37, 0x41, 0x5c, 0x0e, 0x39, 0xda, 0x73, 0xa0, 0xc7, 0x97, 0x36, 0x6c, 0x5b, 0xf2, 0xee, 0x64, 0x0a, 0x3d, 0x89, 0x1e, 0x1d, 0x49, 0x8c, 0x37}} , - {{0x4c, 0xe6, 0xb0, 0xc1, 0xa5, 0x2a, 0x82, 0x09, 0x08, 0xad, 0x79, 0x9c, 0x56, 0xf6, 0xf9, 0xc1, 0xd7, 0x7c, 0x39, 0x7f, 0x93, 0xca, 0x11, 0x55, 0xbf, 0x07, 0x1b, 0x82, 0x29, 0x69, 0x95, 0x5c}}}, -{{{0x87, 0xee, 0xa6, 0x56, 0x9e, 0xc2, 0x9a, 0x56, 0x24, 0x42, 0x85, 0x4d, 0x98, 0x31, 0x1e, 0x60, 0x4d, 0x87, 0x85, 0x04, 0xae, 0x46, 0x12, 0xf9, 0x8e, 0x7f, 0xe4, 0x7f, 0xf6, 0x1c, 0x37, 0x01}} , - {{0x73, 0x4c, 0xb6, 0xc5, 0xc4, 0xe9, 0x6c, 0x85, 0x48, 0x4a, 0x5a, 0xac, 0xd9, 0x1f, 0x43, 0xf8, 0x62, 0x5b, 0xee, 0x98, 0x2a, 0x33, 0x8e, 0x79, 0xce, 0x61, 0x06, 0x35, 0xd8, 0xd7, 0xca, 0x71}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x72, 0xd3, 0xae, 0xa6, 0xca, 0x8f, 0xcd, 0xcc, 0x78, 0x8e, 0x19, 0x4d, 0xa7, 0xd2, 0x27, 0xe9, 0xa4, 0x3c, 0x16, 0x5b, 0x84, 0x80, 0xf9, 0xd0, 0xcc, 0x6a, 0x1e, 0xca, 0x1e, 0x67, 0xbd, 0x63}} , - {{0x7b, 0x6e, 0x2a, 0xd2, 0x87, 0x48, 0xff, 0xa1, 0xca, 0xe9, 0x15, 0x85, 0xdc, 0xdb, 0x2c, 0x39, 0x12, 0x91, 0xa9, 0x20, 0xaa, 0x4f, 0x29, 0xf4, 0x15, 0x7a, 0xd2, 0xf5, 0x32, 0xcc, 0x60, 0x04}}}, -{{{0xe5, 0x10, 0x47, 0x3b, 0xfa, 0x90, 0xfc, 0x30, 0xb5, 0xea, 0x6f, 0x56, 0x8f, 0xfb, 0x0e, 0xa7, 0x3b, 0xc8, 0xb2, 0xff, 0x02, 0x7a, 0x33, 0x94, 0x93, 0x2a, 0x03, 0xe0, 0x96, 0x3a, 0x6c, 0x0f}} , - {{0x5a, 0x63, 0x67, 0xe1, 0x9b, 0x47, 0x78, 0x9f, 0x38, 0x79, 0xac, 0x97, 0x66, 0x1d, 0x5e, 0x51, 0xee, 0x24, 0x42, 0xe8, 0x58, 0x4b, 0x8a, 0x03, 0x75, 0x86, 0x37, 0x86, 0xe2, 0x97, 0x4e, 0x3d}}}, -{{{0x3f, 0x75, 0x8e, 0xb4, 0xff, 0xd8, 0xdd, 0xd6, 0x37, 0x57, 0x9d, 0x6d, 0x3b, 0xbd, 0xd5, 0x60, 0x88, 0x65, 0x9a, 0xb9, 0x4a, 0x68, 0x84, 0xa2, 0x67, 0xdd, 0x17, 0x25, 0x97, 0x04, 0x8b, 0x5e}} , - {{0xbb, 0x40, 0x5e, 0xbc, 0x16, 0x92, 0x05, 0xc4, 0xc0, 0x4e, 0x72, 0x90, 0x0e, 0xab, 0xcf, 0x8a, 0xed, 0xef, 0xb9, 0x2d, 0x3b, 0xf8, 0x43, 0x5b, 0xba, 0x2d, 0xeb, 0x2f, 0x52, 0xd2, 0xd1, 0x5a}}}, -{{{0x40, 0xb4, 0xab, 0xe6, 0xad, 0x9f, 0x46, 0x69, 0x4a, 0xb3, 0x8e, 0xaa, 0xea, 0x9c, 0x8a, 0x20, 0x16, 0x5d, 0x8c, 0x13, 0xbd, 0xf6, 0x1d, 0xc5, 0x24, 0xbd, 0x90, 0x2a, 0x1c, 0xc7, 0x13, 0x3b}} , - {{0x54, 0xdc, 0x16, 0x0d, 0x18, 0xbe, 0x35, 0x64, 0x61, 0x52, 0x02, 0x80, 0xaf, 0x05, 0xf7, 0xa6, 0x42, 0xd3, 0x8f, 0x2e, 0x79, 0x26, 0xa8, 0xbb, 0xb2, 0x17, 0x48, 0xb2, 0x7a, 0x0a, 0x89, 0x14}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x20, 0xa8, 0x88, 0xe3, 0x91, 0xc0, 0x6e, 0xbb, 0x8a, 0x27, 0x82, 0x51, 0x83, 0xb2, 0x28, 0xa9, 0x83, 0xeb, 0xa6, 0xa9, 0x4d, 0x17, 0x59, 0x22, 0x54, 0x00, 0x50, 0x45, 0xcb, 0x48, 0x4b, 0x18}} , - {{0x33, 0x7c, 0xe7, 0x26, 0xba, 0x4d, 0x32, 0xfe, 0x53, 0xf4, 0xfa, 0x83, 0xe3, 0xa5, 0x79, 0x66, 0x73, 0xef, 0x80, 0x23, 0x68, 0xc2, 0x60, 0xdd, 0xa9, 0x33, 0xdc, 0x03, 0x7a, 0xe0, 0xe0, 0x3e}}}, -{{{0x34, 0x5c, 0x13, 0xfb, 0xc0, 0xe3, 0x78, 0x2b, 0x54, 0x58, 0x22, 0x9b, 0x76, 0x81, 0x7f, 0x93, 0x9c, 0x25, 0x3c, 0xd2, 0xe9, 0x96, 0x21, 0x26, 0x08, 0xf5, 0xed, 0x95, 0x11, 0xae, 0x04, 0x5a}} , - {{0xb9, 0xe8, 0xc5, 0x12, 0x97, 0x1f, 0x83, 0xfe, 0x3e, 0x94, 0x99, 0xd4, 0x2d, 0xf9, 0x52, 0x59, 0x5c, 0x82, 0xa6, 0xf0, 0x75, 0x7e, 0xe8, 0xec, 0xcc, 0xac, 0x18, 0x21, 0x09, 0x67, 0x66, 0x67}}}, -{{{0xb3, 0x40, 0x29, 0xd1, 0xcb, 0x1b, 0x08, 0x9e, 0x9c, 0xb7, 0x53, 0xb9, 0x3b, 0x71, 0x08, 0x95, 0x12, 0x1a, 0x58, 0xaf, 0x7e, 0x82, 0x52, 0x43, 0x4f, 0x11, 0x39, 0xf4, 0x93, 0x1a, 0x26, 0x05}} , - {{0x6e, 0x44, 0xa3, 0xf9, 0x64, 0xaf, 0xe7, 0x6d, 0x7d, 0xdf, 0x1e, 0xac, 0x04, 0xea, 0x3b, 0x5f, 0x9b, 0xe8, 0x24, 0x9d, 0x0e, 0xe5, 0x2e, 0x3e, 0xdf, 0xa9, 0xf7, 0xd4, 0x50, 0x71, 0xf0, 0x78}}}, -{{{0x3e, 0xa8, 0x38, 0xc2, 0x57, 0x56, 0x42, 0x9a, 0xb1, 0xe2, 0xf8, 0x45, 0xaa, 0x11, 0x48, 0x5f, 0x17, 0xc4, 0x54, 0x27, 0xdc, 0x5d, 0xaa, 0xdd, 0x41, 0xbc, 0xdf, 0x81, 0xb9, 0x53, 0xee, 0x52}} , - {{0xc3, 0xf1, 0xa7, 0x6d, 0xb3, 0x5f, 0x92, 0x6f, 0xcc, 0x91, 0xb8, 0x95, 0x05, 0xdf, 0x3c, 0x64, 0x57, 0x39, 0x61, 0x51, 0xad, 0x8c, 0x38, 0x7b, 0xc8, 0xde, 0x00, 0x34, 0xbe, 0xa1, 0xb0, 0x7e}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x25, 0x24, 0x1d, 0x8a, 0x67, 0x20, 0xee, 0x42, 0xeb, 0x38, 0xed, 0x0b, 0x8b, 0xcd, 0x46, 0x9d, 0x5e, 0x6b, 0x1e, 0x24, 0x9d, 0x12, 0x05, 0x1a, 0xcc, 0x05, 0x4e, 0x92, 0x38, 0xe1, 0x1f, 0x50}} , - {{0x4e, 0xee, 0x1c, 0x91, 0xe6, 0x11, 0xbd, 0x8e, 0x55, 0x1a, 0x18, 0x75, 0x66, 0xaf, 0x4d, 0x7b, 0x0f, 0xae, 0x6d, 0x85, 0xca, 0x82, 0x58, 0x21, 0x9c, 0x18, 0xe0, 0xed, 0xec, 0x22, 0x80, 0x2f}}}, -{{{0x68, 0x3b, 0x0a, 0x39, 0x1d, 0x6a, 0x15, 0x57, 0xfc, 0xf0, 0x63, 0x54, 0xdb, 0x39, 0xdb, 0xe8, 0x5c, 0x64, 0xff, 0xa0, 0x09, 0x4f, 0x3b, 0xb7, 0x32, 0x60, 0x99, 0x94, 0xfd, 0x94, 0x82, 0x2d}} , - {{0x24, 0xf6, 0x5a, 0x44, 0xf1, 0x55, 0x2c, 0xdb, 0xea, 0x7c, 0x84, 0x7c, 0x01, 0xac, 0xe3, 0xfd, 0xc9, 0x27, 0xc1, 0x5a, 0xb9, 0xde, 0x4f, 0x5a, 0x90, 0xdd, 0xc6, 0x67, 0xaa, 0x6f, 0x8a, 0x3a}}}, -{{{0x78, 0x52, 0x87, 0xc9, 0x97, 0x63, 0xb1, 0xdd, 0x54, 0x5f, 0xc1, 0xf8, 0xf1, 0x06, 0xa6, 0xa8, 0xa3, 0x88, 0x82, 0xd4, 0xcb, 0xa6, 0x19, 0xdd, 0xd1, 0x11, 0x87, 0x08, 0x17, 0x4c, 0x37, 0x2a}} , - {{0xa1, 0x0c, 0xf3, 0x08, 0x43, 0xd9, 0x24, 0x1e, 0x83, 0xa7, 0xdf, 0x91, 0xca, 0xbd, 0x69, 0x47, 0x8d, 0x1b, 0xe2, 0xb9, 0x4e, 0xb5, 0xe1, 0x76, 0xb3, 0x1c, 0x93, 0x03, 0xce, 0x5f, 0xb3, 0x5a}}}, -{{{0x1d, 0xda, 0xe4, 0x61, 0x03, 0x50, 0xa9, 0x8b, 0x68, 0x18, 0xef, 0xb2, 0x1c, 0x84, 0x3b, 0xa2, 0x44, 0x95, 0xa3, 0x04, 0x3b, 0xd6, 0x99, 0x00, 0xaf, 0x76, 0x42, 0x67, 0x02, 0x7d, 0x85, 0x56}} , - {{0xce, 0x72, 0x0e, 0x29, 0x84, 0xb2, 0x7d, 0xd2, 0x45, 0xbe, 0x57, 0x06, 0xed, 0x7f, 0xcf, 0xed, 0xcd, 0xef, 0x19, 0xd6, 0xbc, 0x15, 0x79, 0x64, 0xd2, 0x18, 0xe3, 0x20, 0x67, 0x3a, 0x54, 0x0b}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x52, 0xfd, 0x04, 0xc5, 0xfb, 0x99, 0xe7, 0xe8, 0xfb, 0x8c, 0xe1, 0x42, 0x03, 0xef, 0x9d, 0xd9, 0x9e, 0x4d, 0xf7, 0x80, 0xcf, 0x2e, 0xcc, 0x9b, 0x45, 0xc9, 0x7b, 0x7a, 0xbc, 0x37, 0xa8, 0x52}} , - {{0x96, 0x11, 0x41, 0x8a, 0x47, 0x91, 0xfe, 0xb6, 0xda, 0x7a, 0x54, 0x63, 0xd1, 0x14, 0x35, 0x05, 0x86, 0x8c, 0xa9, 0x36, 0x3f, 0xf2, 0x85, 0x54, 0x4e, 0x92, 0xd8, 0x85, 0x01, 0x46, 0xd6, 0x50}}}, -{{{0x53, 0xcd, 0xf3, 0x86, 0x40, 0xe6, 0x39, 0x42, 0x95, 0xd6, 0xcb, 0x45, 0x1a, 0x20, 0xc8, 0x45, 0x4b, 0x32, 0x69, 0x04, 0xb1, 0xaf, 0x20, 0x46, 0xc7, 0x6b, 0x23, 0x5b, 0x69, 0xee, 0x30, 0x3f}} , - {{0x70, 0x83, 0x47, 0xc0, 0xdb, 0x55, 0x08, 0xa8, 0x7b, 0x18, 0x6d, 0xf5, 0x04, 0x5a, 0x20, 0x0c, 0x4a, 0x8c, 0x60, 0xae, 0xae, 0x0f, 0x64, 0x55, 0x55, 0x2e, 0xd5, 0x1d, 0x53, 0x31, 0x42, 0x41}}}, -{{{0xca, 0xfc, 0x88, 0x6b, 0x96, 0x78, 0x0a, 0x8b, 0x83, 0xdc, 0xbc, 0xaf, 0x40, 0xb6, 0x8d, 0x7f, 0xef, 0xb4, 0xd1, 0x3f, 0xcc, 0xa2, 0x74, 0xc9, 0xc2, 0x92, 0x55, 0x00, 0xab, 0xdb, 0xbf, 0x4f}} , - {{0x93, 0x1c, 0x06, 0x2d, 0x66, 0x65, 0x02, 0xa4, 0x97, 0x18, 0xfd, 0x00, 0xe7, 0xab, 0x03, 0xec, 0xce, 0xc1, 0xbf, 0x37, 0xf8, 0x13, 0x53, 0xa5, 0xe5, 0x0c, 0x3a, 0xa8, 0x55, 0xb9, 0xff, 0x68}}}, -{{{0xe4, 0xe6, 0x6d, 0x30, 0x7d, 0x30, 0x35, 0xc2, 0x78, 0x87, 0xf9, 0xfc, 0x6b, 0x5a, 0xc3, 0xb7, 0x65, 0xd8, 0x2e, 0xc7, 0xa5, 0x0c, 0xc6, 0xdc, 0x12, 0xaa, 0xd6, 0x4f, 0xc5, 0x38, 0xbc, 0x0e}} , - {{0xe2, 0x3c, 0x76, 0x86, 0x38, 0xf2, 0x7b, 0x2c, 0x16, 0x78, 0x8d, 0xf5, 0xa4, 0x15, 0xda, 0xdb, 0x26, 0x85, 0xa0, 0x56, 0xdd, 0x1d, 0xe3, 0xb3, 0xfd, 0x40, 0xef, 0xf2, 0xd9, 0xa1, 0xb3, 0x04}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xdb, 0x49, 0x0e, 0xe6, 0x58, 0x10, 0x7a, 0x52, 0xda, 0xb5, 0x7d, 0x37, 0x6a, 0x3e, 0xa1, 0x78, 0xce, 0xc7, 0x1c, 0x24, 0x23, 0xdb, 0x7d, 0xfb, 0x8c, 0x8d, 0xdc, 0x30, 0x67, 0x69, 0x75, 0x3b}} , - {{0xa9, 0xea, 0x6d, 0x16, 0x16, 0x60, 0xf4, 0x60, 0x87, 0x19, 0x44, 0x8c, 0x4a, 0x8b, 0x3e, 0xfb, 0x16, 0x00, 0x00, 0x54, 0xa6, 0x9e, 0x9f, 0xef, 0xcf, 0xd9, 0xd2, 0x4c, 0x74, 0x31, 0xd0, 0x34}}}, -{{{0xa4, 0xeb, 0x04, 0xa4, 0x8c, 0x8f, 0x71, 0x27, 0x95, 0x85, 0x5d, 0x55, 0x4b, 0xb1, 0x26, 0x26, 0xc8, 0xae, 0x6a, 0x7d, 0xa2, 0x21, 0xca, 0xce, 0x38, 0xab, 0x0f, 0xd0, 0xd5, 0x2b, 0x6b, 0x00}} , - {{0xe5, 0x67, 0x0c, 0xf1, 0x3a, 0x9a, 0xea, 0x09, 0x39, 0xef, 0xd1, 0x30, 0xbc, 0x33, 0xba, 0xb1, 0x6a, 0xc5, 0x27, 0x08, 0x7f, 0x54, 0x80, 0x3d, 0xab, 0xf6, 0x15, 0x7a, 0xc2, 0x40, 0x73, 0x72}}}, -{{{0x84, 0x56, 0x82, 0xb6, 0x12, 0x70, 0x7f, 0xf7, 0xf0, 0xbd, 0x5b, 0xa9, 0xd5, 0xc5, 0x5f, 0x59, 0xbf, 0x7f, 0xb3, 0x55, 0x22, 0x02, 0xc9, 0x44, 0x55, 0x87, 0x8f, 0x96, 0x98, 0x64, 0x6d, 0x15}} , - {{0xb0, 0x8b, 0xaa, 0x1e, 0xec, 0xc7, 0xa5, 0x8f, 0x1f, 0x92, 0x04, 0xc6, 0x05, 0xf6, 0xdf, 0xa1, 0xcc, 0x1f, 0x81, 0xf5, 0x0e, 0x9c, 0x57, 0xdc, 0xe3, 0xbb, 0x06, 0x87, 0x1e, 0xfe, 0x23, 0x6c}}}, -{{{0xd8, 0x2b, 0x5b, 0x16, 0xea, 0x20, 0xf1, 0xd3, 0x68, 0x8f, 0xae, 0x5b, 0xd0, 0xa9, 0x1a, 0x19, 0xa8, 0x36, 0xfb, 0x2b, 0x57, 0x88, 0x7d, 0x90, 0xd5, 0xa6, 0xf3, 0xdc, 0x38, 0x89, 0x4e, 0x1f}} , - {{0xcc, 0x19, 0xda, 0x9b, 0x3b, 0x43, 0x48, 0x21, 0x2e, 0x23, 0x4d, 0x3d, 0xae, 0xf8, 0x8c, 0xfc, 0xdd, 0xa6, 0x74, 0x37, 0x65, 0xca, 0xee, 0x1a, 0x19, 0x8e, 0x9f, 0x64, 0x6f, 0x0c, 0x8b, 0x5a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x25, 0xb9, 0xc2, 0xf0, 0x72, 0xb8, 0x15, 0x16, 0xcc, 0x8d, 0x3c, 0x6f, 0x25, 0xed, 0xf4, 0x46, 0x2e, 0x0c, 0x60, 0x0f, 0xe2, 0x84, 0x34, 0x55, 0x89, 0x59, 0x34, 0x1b, 0xf5, 0x8d, 0xfe, 0x08}} , - {{0xf8, 0xab, 0x93, 0xbc, 0x44, 0xba, 0x1b, 0x75, 0x4b, 0x49, 0x6f, 0xd0, 0x54, 0x2e, 0x63, 0xba, 0xb5, 0xea, 0xed, 0x32, 0x14, 0xc9, 0x94, 0xd8, 0xc5, 0xce, 0xf4, 0x10, 0x68, 0xe0, 0x38, 0x27}}}, -{{{0x74, 0x1c, 0x14, 0x9b, 0xd4, 0x64, 0x61, 0x71, 0x5a, 0xb6, 0x21, 0x33, 0x4f, 0xf7, 0x8e, 0xba, 0xa5, 0x48, 0x9a, 0xc7, 0xfa, 0x9a, 0xf0, 0xb4, 0x62, 0xad, 0xf2, 0x5e, 0xcc, 0x03, 0x24, 0x1a}} , - {{0xf5, 0x76, 0xfd, 0xe4, 0xaf, 0xb9, 0x03, 0x59, 0xce, 0x63, 0xd2, 0x3b, 0x1f, 0xcd, 0x21, 0x0c, 0xad, 0x44, 0xa5, 0x97, 0xac, 0x80, 0x11, 0x02, 0x9b, 0x0c, 0xe5, 0x8b, 0xcd, 0xfb, 0x79, 0x77}}}, -{{{0x15, 0xbe, 0x9a, 0x0d, 0xba, 0x38, 0x72, 0x20, 0x8a, 0xf5, 0xbe, 0x59, 0x93, 0x79, 0xb7, 0xf6, 0x6a, 0x0c, 0x38, 0x27, 0x1a, 0x60, 0xf4, 0x86, 0x3b, 0xab, 0x5a, 0x00, 0xa0, 0xce, 0x21, 0x7d}} , - {{0x6c, 0xba, 0x14, 0xc5, 0xea, 0x12, 0x9e, 0x2e, 0x82, 0x63, 0xce, 0x9b, 0x4a, 0xe7, 0x1d, 0xec, 0xf1, 0x2e, 0x51, 0x1c, 0xf4, 0xd0, 0x69, 0x15, 0x42, 0x9d, 0xa3, 0x3f, 0x0e, 0xbf, 0xe9, 0x5c}}}, -{{{0xe4, 0x0d, 0xf4, 0xbd, 0xee, 0x31, 0x10, 0xed, 0xcb, 0x12, 0x86, 0xad, 0xd4, 0x2f, 0x90, 0x37, 0x32, 0xc3, 0x0b, 0x73, 0xec, 0x97, 0x85, 0xa4, 0x01, 0x1c, 0x76, 0x35, 0xfe, 0x75, 0xdd, 0x71}} , - {{0x11, 0xa4, 0x88, 0x9f, 0x3e, 0x53, 0x69, 0x3b, 0x1b, 0xe0, 0xf7, 0xba, 0x9b, 0xad, 0x4e, 0x81, 0x5f, 0xb5, 0x5c, 0xae, 0xbe, 0x67, 0x86, 0x37, 0x34, 0x8e, 0x07, 0x32, 0x45, 0x4a, 0x67, 0x39}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x90, 0x70, 0x58, 0x20, 0x03, 0x1e, 0x67, 0xb2, 0xc8, 0x9b, 0x58, 0xc5, 0xb1, 0xeb, 0x2d, 0x4a, 0xde, 0x82, 0x8c, 0xf2, 0xd2, 0x14, 0xb8, 0x70, 0x61, 0x4e, 0x73, 0xd6, 0x0b, 0x6b, 0x0d, 0x30}} , - {{0x81, 0xfc, 0x55, 0x5c, 0xbf, 0xa7, 0xc4, 0xbd, 0xe2, 0xf0, 0x4b, 0x8f, 0xe9, 0x7d, 0x99, 0xfa, 0xd3, 0xab, 0xbc, 0xc7, 0x83, 0x2b, 0x04, 0x7f, 0x0c, 0x19, 0x43, 0x03, 0x3d, 0x07, 0xca, 0x40}}}, -{{{0xf9, 0xc8, 0xbe, 0x8c, 0x16, 0x81, 0x39, 0x96, 0xf6, 0x17, 0x58, 0xc8, 0x30, 0x58, 0xfb, 0xc2, 0x03, 0x45, 0xd2, 0x52, 0x76, 0xe0, 0x6a, 0x26, 0x28, 0x5c, 0x88, 0x59, 0x6a, 0x5a, 0x54, 0x42}} , - {{0x07, 0xb5, 0x2e, 0x2c, 0x67, 0x15, 0x9b, 0xfb, 0x83, 0x69, 0x1e, 0x0f, 0xda, 0xd6, 0x29, 0xb1, 0x60, 0xe0, 0xb2, 0xba, 0x69, 0xa2, 0x9e, 0xbd, 0xbd, 0xe0, 0x1c, 0xbd, 0xcd, 0x06, 0x64, 0x70}}}, -{{{0x41, 0xfa, 0x8c, 0xe1, 0x89, 0x8f, 0x27, 0xc8, 0x25, 0x8f, 0x6f, 0x5f, 0x55, 0xf8, 0xde, 0x95, 0x6d, 0x2f, 0x75, 0x16, 0x2b, 0x4e, 0x44, 0xfd, 0x86, 0x6e, 0xe9, 0x70, 0x39, 0x76, 0x97, 0x7e}} , - {{0x17, 0x62, 0x6b, 0x14, 0xa1, 0x7c, 0xd0, 0x79, 0x6e, 0xd8, 0x8a, 0xa5, 0x6d, 0x8c, 0x93, 0xd2, 0x3f, 0xec, 0x44, 0x8d, 0x6e, 0x91, 0x01, 0x8c, 0x8f, 0xee, 0x01, 0x8f, 0xc0, 0xb4, 0x85, 0x0e}}}, -{{{0x02, 0x3a, 0x70, 0x41, 0xe4, 0x11, 0x57, 0x23, 0xac, 0xe6, 0xfc, 0x54, 0x7e, 0xcd, 0xd7, 0x22, 0xcb, 0x76, 0x9f, 0x20, 0xce, 0xa0, 0x73, 0x76, 0x51, 0x3b, 0xa4, 0xf8, 0xe3, 0x62, 0x12, 0x6c}} , - {{0x7f, 0x00, 0x9c, 0x26, 0x0d, 0x6f, 0x48, 0x7f, 0x3a, 0x01, 0xed, 0xc5, 0x96, 0xb0, 0x1f, 0x4f, 0xa8, 0x02, 0x62, 0x27, 0x8a, 0x50, 0x8d, 0x9a, 0x8b, 0x52, 0x0f, 0x1e, 0xcf, 0x41, 0x38, 0x19}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xf5, 0x6c, 0xd4, 0x2f, 0x0f, 0x69, 0x0f, 0x87, 0x3f, 0x61, 0x65, 0x1e, 0x35, 0x34, 0x85, 0xba, 0x02, 0x30, 0xac, 0x25, 0x3d, 0xe2, 0x62, 0xf1, 0xcc, 0xe9, 0x1b, 0xc2, 0xef, 0x6a, 0x42, 0x57}} , - {{0x34, 0x1f, 0x2e, 0xac, 0xd1, 0xc7, 0x04, 0x52, 0x32, 0x66, 0xb2, 0x33, 0x73, 0x21, 0x34, 0x54, 0xf7, 0x71, 0xed, 0x06, 0xb0, 0xff, 0xa6, 0x59, 0x6f, 0x8a, 0x4e, 0xfb, 0x02, 0xb0, 0x45, 0x6b}}}, -{{{0xf5, 0x48, 0x0b, 0x03, 0xc5, 0x22, 0x7d, 0x80, 0x08, 0x53, 0xfe, 0x32, 0xb1, 0xa1, 0x8a, 0x74, 0x6f, 0xbd, 0x3f, 0x85, 0xf4, 0xcf, 0xf5, 0x60, 0xaf, 0x41, 0x7e, 0x3e, 0x46, 0xa3, 0x5a, 0x20}} , - {{0xaa, 0x35, 0x87, 0x44, 0x63, 0x66, 0x97, 0xf8, 0x6e, 0x55, 0x0c, 0x04, 0x3e, 0x35, 0x50, 0xbf, 0x93, 0x69, 0xd2, 0x8b, 0x05, 0x55, 0x99, 0xbe, 0xe2, 0x53, 0x61, 0xec, 0xe8, 0x08, 0x0b, 0x32}}}, -{{{0xb3, 0x10, 0x45, 0x02, 0x69, 0x59, 0x2e, 0x97, 0xd9, 0x64, 0xf8, 0xdb, 0x25, 0x80, 0xdc, 0xc4, 0xd5, 0x62, 0x3c, 0xed, 0x65, 0x91, 0xad, 0xd1, 0x57, 0x81, 0x94, 0xaa, 0xa1, 0x29, 0xfc, 0x68}} , - {{0xdd, 0xb5, 0x7d, 0xab, 0x5a, 0x21, 0x41, 0x53, 0xbb, 0x17, 0x79, 0x0d, 0xd1, 0xa8, 0x0c, 0x0c, 0x20, 0x88, 0x09, 0xe9, 0x84, 0xe8, 0x25, 0x11, 0x67, 0x7a, 0x8b, 0x1a, 0xe4, 0x5d, 0xe1, 0x5d}}}, -{{{0x37, 0xea, 0xfe, 0x65, 0x3b, 0x25, 0xe8, 0xe1, 0xc2, 0xc5, 0x02, 0xa4, 0xbe, 0x98, 0x0a, 0x2b, 0x61, 0xc1, 0x9b, 0xe2, 0xd5, 0x92, 0xe6, 0x9e, 0x7d, 0x1f, 0xca, 0x43, 0x88, 0x8b, 0x2c, 0x59}} , - {{0xe0, 0xb5, 0x00, 0x1d, 0x2a, 0x6f, 0xaf, 0x79, 0x86, 0x2f, 0xa6, 0x5a, 0x93, 0xd1, 0xfe, 0xae, 0x3a, 0xee, 0xdb, 0x7c, 0x61, 0xbe, 0x7c, 0x01, 0xf9, 0xfe, 0x52, 0xdc, 0xd8, 0x52, 0xa3, 0x42}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x22, 0xaf, 0x13, 0x37, 0xbd, 0x37, 0x71, 0xac, 0x04, 0x46, 0x63, 0xac, 0xa4, 0x77, 0xed, 0x25, 0x38, 0xe0, 0x15, 0xa8, 0x64, 0x00, 0x0d, 0xce, 0x51, 0x01, 0xa9, 0xbc, 0x0f, 0x03, 0x1c, 0x04}} , - {{0x89, 0xf9, 0x80, 0x07, 0xcf, 0x3f, 0xb3, 0xe9, 0xe7, 0x45, 0x44, 0x3d, 0x2a, 0x7c, 0xe9, 0xe4, 0x16, 0x5c, 0x5e, 0x65, 0x1c, 0xc7, 0x7d, 0xc6, 0x7a, 0xfb, 0x43, 0xee, 0x25, 0x76, 0x46, 0x72}}}, -{{{0x02, 0xa2, 0xed, 0xf4, 0x8f, 0x6b, 0x0b, 0x3e, 0xeb, 0x35, 0x1a, 0xd5, 0x7e, 0xdb, 0x78, 0x00, 0x96, 0x8a, 0xa0, 0xb4, 0xcf, 0x60, 0x4b, 0xd4, 0xd5, 0xf9, 0x2d, 0xbf, 0x88, 0xbd, 0x22, 0x62}} , - {{0x13, 0x53, 0xe4, 0x82, 0x57, 0xfa, 0x1e, 0x8f, 0x06, 0x2b, 0x90, 0xba, 0x08, 0xb6, 0x10, 0x54, 0x4f, 0x7c, 0x1b, 0x26, 0xed, 0xda, 0x6b, 0xdd, 0x25, 0xd0, 0x4e, 0xea, 0x42, 0xbb, 0x25, 0x03}}}, -{{{0x51, 0x16, 0x50, 0x7c, 0xd5, 0x5d, 0xf6, 0x99, 0xe8, 0x77, 0x72, 0x4e, 0xfa, 0x62, 0xcb, 0x76, 0x75, 0x0c, 0xe2, 0x71, 0x98, 0x92, 0xd5, 0xfa, 0x45, 0xdf, 0x5c, 0x6f, 0x1e, 0x9e, 0x28, 0x69}} , - {{0x0d, 0xac, 0x66, 0x6d, 0xc3, 0x8b, 0xba, 0x16, 0xb5, 0xe2, 0xa0, 0x0d, 0x0c, 0xbd, 0xa4, 0x8e, 0x18, 0x6c, 0xf2, 0xdc, 0xf9, 0xdc, 0x4a, 0x86, 0x25, 0x95, 0x14, 0xcb, 0xd8, 0x1a, 0x04, 0x0f}}}, -{{{0x97, 0xa5, 0xdb, 0x8b, 0x2d, 0xaa, 0x42, 0x11, 0x09, 0xf2, 0x93, 0xbb, 0xd9, 0x06, 0x84, 0x4e, 0x11, 0xa8, 0xa0, 0x25, 0x2b, 0xa6, 0x5f, 0xae, 0xc4, 0xb4, 0x4c, 0xc8, 0xab, 0xc7, 0x3b, 0x02}} , - {{0xee, 0xc9, 0x29, 0x0f, 0xdf, 0x11, 0x85, 0xed, 0xce, 0x0d, 0x62, 0x2c, 0x8f, 0x4b, 0xf9, 0x04, 0xe9, 0x06, 0x72, 0x1d, 0x37, 0x20, 0x50, 0xc9, 0x14, 0xeb, 0xec, 0x39, 0xa7, 0x97, 0x2b, 0x4d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x69, 0xd1, 0x39, 0xbd, 0xfb, 0x33, 0xbe, 0xc4, 0xf0, 0x5c, 0xef, 0xf0, 0x56, 0x68, 0xfc, 0x97, 0x47, 0xc8, 0x72, 0xb6, 0x53, 0xa4, 0x0a, 0x98, 0xa5, 0xb4, 0x37, 0x71, 0xcf, 0x66, 0x50, 0x6d}} , - {{0x17, 0xa4, 0x19, 0x52, 0x11, 0x47, 0xb3, 0x5c, 0x5b, 0xa9, 0x2e, 0x22, 0xb4, 0x00, 0x52, 0xf9, 0x57, 0x18, 0xb8, 0xbe, 0x5a, 0xe3, 0xab, 0x83, 0xc8, 0x87, 0x0a, 0x2a, 0xd8, 0x8c, 0xbb, 0x54}}}, -{{{0xa9, 0x62, 0x93, 0x85, 0xbe, 0xe8, 0x73, 0x4a, 0x0e, 0xb0, 0xb5, 0x2d, 0x94, 0x50, 0xaa, 0xd3, 0xb2, 0xea, 0x9d, 0x62, 0x76, 0x3b, 0x07, 0x34, 0x4e, 0x2d, 0x70, 0xc8, 0x9a, 0x15, 0x66, 0x6b}} , - {{0xc5, 0x96, 0xca, 0xc8, 0x22, 0x1a, 0xee, 0x5f, 0xe7, 0x31, 0x60, 0x22, 0x83, 0x08, 0x63, 0xce, 0xb9, 0x32, 0x44, 0x58, 0x5d, 0x3a, 0x9b, 0xe4, 0x04, 0xd5, 0xef, 0x38, 0xef, 0x4b, 0xdd, 0x19}}}, -{{{0x4d, 0xc2, 0x17, 0x75, 0xa1, 0x68, 0xcd, 0xc3, 0xc6, 0x03, 0x44, 0xe3, 0x78, 0x09, 0x91, 0x47, 0x3f, 0x0f, 0xe4, 0x92, 0x58, 0xfa, 0x7d, 0x1f, 0x20, 0x94, 0x58, 0x5e, 0xbc, 0x19, 0x02, 0x6f}} , - {{0x20, 0xd6, 0xd8, 0x91, 0x54, 0xa7, 0xf3, 0x20, 0x4b, 0x34, 0x06, 0xfa, 0x30, 0xc8, 0x6f, 0x14, 0x10, 0x65, 0x74, 0x13, 0x4e, 0xf0, 0x69, 0x26, 0xce, 0xcf, 0x90, 0xf4, 0xd0, 0xc5, 0xc8, 0x64}}}, -{{{0x26, 0xa2, 0x50, 0x02, 0x24, 0x72, 0xf1, 0xf0, 0x4e, 0x2d, 0x93, 0xd5, 0x08, 0xe7, 0xae, 0x38, 0xf7, 0x18, 0xa5, 0x32, 0x34, 0xc2, 0xf0, 0xa6, 0xec, 0xb9, 0x61, 0x7b, 0x64, 0x99, 0xac, 0x71}} , - {{0x25, 0xcf, 0x74, 0x55, 0x1b, 0xaa, 0xa9, 0x38, 0x41, 0x40, 0xd5, 0x95, 0x95, 0xab, 0x1c, 0x5e, 0xbc, 0x41, 0x7e, 0x14, 0x30, 0xbe, 0x13, 0x89, 0xf4, 0xe5, 0xeb, 0x28, 0xc0, 0xc2, 0x96, 0x3a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x2b, 0x77, 0x45, 0xec, 0x67, 0x76, 0x32, 0x4c, 0xb9, 0xdf, 0x25, 0x32, 0x6b, 0xcb, 0xe7, 0x14, 0x61, 0x43, 0xee, 0xba, 0x9b, 0x71, 0xef, 0xd2, 0x48, 0x65, 0xbb, 0x1b, 0x8a, 0x13, 0x1b, 0x22}} , - {{0x84, 0xad, 0x0c, 0x18, 0x38, 0x5a, 0xba, 0xd0, 0x98, 0x59, 0xbf, 0x37, 0xb0, 0x4f, 0x97, 0x60, 0x20, 0xb3, 0x9b, 0x97, 0xf6, 0x08, 0x6c, 0xa4, 0xff, 0xfb, 0xb7, 0xfa, 0x95, 0xb2, 0x51, 0x79}}}, -{{{0x28, 0x5c, 0x3f, 0xdb, 0x6b, 0x18, 0x3b, 0x5c, 0xd1, 0x04, 0x28, 0xde, 0x85, 0x52, 0x31, 0xb5, 0xbb, 0xf6, 0xa9, 0xed, 0xbe, 0x28, 0x4f, 0xb3, 0x7e, 0x05, 0x6a, 0xdb, 0x95, 0x0d, 0x1b, 0x1c}} , - {{0xd5, 0xc5, 0xc3, 0x9a, 0x0a, 0xd0, 0x31, 0x3e, 0x07, 0x36, 0x8e, 0xc0, 0x8a, 0x62, 0xb1, 0xca, 0xd6, 0x0e, 0x1e, 0x9d, 0xef, 0xab, 0x98, 0x4d, 0xbb, 0x6c, 0x05, 0xe0, 0xe4, 0x5d, 0xbd, 0x57}}}, -{{{0xcc, 0x21, 0x27, 0xce, 0xfd, 0xa9, 0x94, 0x8e, 0xe1, 0xab, 0x49, 0xe0, 0x46, 0x26, 0xa1, 0xa8, 0x8c, 0xa1, 0x99, 0x1d, 0xb4, 0x27, 0x6d, 0x2d, 0xc8, 0x39, 0x30, 0x5e, 0x37, 0x52, 0xc4, 0x6e}} , - {{0xa9, 0x85, 0xf4, 0xe7, 0xb0, 0x15, 0x33, 0x84, 0x1b, 0x14, 0x1a, 0x02, 0xd9, 0x3b, 0xad, 0x0f, 0x43, 0x6c, 0xea, 0x3e, 0x0f, 0x7e, 0xda, 0xdd, 0x6b, 0x4c, 0x7f, 0x6e, 0xd4, 0x6b, 0xbf, 0x0f}}}, -{{{0x47, 0x9f, 0x7c, 0x56, 0x7c, 0x43, 0x91, 0x1c, 0xbb, 0x4e, 0x72, 0x3e, 0x64, 0xab, 0xa0, 0xa0, 0xdf, 0xb4, 0xd8, 0x87, 0x3a, 0xbd, 0xa8, 0x48, 0xc9, 0xb8, 0xef, 0x2e, 0xad, 0x6f, 0x84, 0x4f}} , - {{0x2d, 0x2d, 0xf0, 0x1b, 0x7e, 0x2a, 0x6c, 0xf8, 0xa9, 0x6a, 0xe1, 0xf0, 0x99, 0xa1, 0x67, 0x9a, 0xd4, 0x13, 0xca, 0xca, 0xba, 0x27, 0x92, 0xaa, 0xa1, 0x5d, 0x50, 0xde, 0xcc, 0x40, 0x26, 0x0a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x9f, 0x3e, 0xf2, 0xb2, 0x90, 0xce, 0xdb, 0x64, 0x3e, 0x03, 0xdd, 0x37, 0x36, 0x54, 0x70, 0x76, 0x24, 0xb5, 0x69, 0x03, 0xfc, 0xa0, 0x2b, 0x74, 0xb2, 0x05, 0x0e, 0xcc, 0xd8, 0x1f, 0x6a, 0x1f}} , - {{0x19, 0x5e, 0x60, 0x69, 0x58, 0x86, 0xa0, 0x31, 0xbd, 0x32, 0xe9, 0x2c, 0x5c, 0xd2, 0x85, 0xba, 0x40, 0x64, 0xa8, 0x74, 0xf8, 0x0e, 0x1c, 0xb3, 0xa9, 0x69, 0xe8, 0x1e, 0x40, 0x64, 0x99, 0x77}}}, -{{{0x6c, 0x32, 0x4f, 0xfd, 0xbb, 0x5c, 0xbb, 0x8d, 0x64, 0x66, 0x4a, 0x71, 0x1f, 0x79, 0xa3, 0xad, 0x8d, 0xf9, 0xd4, 0xec, 0xcf, 0x67, 0x70, 0xfa, 0x05, 0x4a, 0x0f, 0x6e, 0xaf, 0x87, 0x0a, 0x6f}} , - {{0xc6, 0x36, 0x6e, 0x6c, 0x8c, 0x24, 0x09, 0x60, 0xbe, 0x26, 0xd2, 0x4c, 0x5e, 0x17, 0xca, 0x5f, 0x1d, 0xcc, 0x87, 0xe8, 0x42, 0x6a, 0xcb, 0xcb, 0x7d, 0x92, 0x05, 0x35, 0x81, 0x13, 0x60, 0x6b}}}, -{{{0xf4, 0x15, 0xcd, 0x0f, 0x0a, 0xaf, 0x4e, 0x6b, 0x51, 0xfd, 0x14, 0xc4, 0x2e, 0x13, 0x86, 0x74, 0x44, 0xcb, 0x66, 0x6b, 0xb6, 0x9d, 0x74, 0x56, 0x32, 0xac, 0x8d, 0x8e, 0x8c, 0x8c, 0x8c, 0x39}} , - {{0xca, 0x59, 0x74, 0x1a, 0x11, 0xef, 0x6d, 0xf7, 0x39, 0x5c, 0x3b, 0x1f, 0xfa, 0xe3, 0x40, 0x41, 0x23, 0x9e, 0xf6, 0xd1, 0x21, 0xa2, 0xbf, 0xad, 0x65, 0x42, 0x6b, 0x59, 0x8a, 0xe8, 0xc5, 0x7f}}}, -{{{0x64, 0x05, 0x7a, 0x84, 0x4a, 0x13, 0xc3, 0xf6, 0xb0, 0x6e, 0x9a, 0x6b, 0x53, 0x6b, 0x32, 0xda, 0xd9, 0x74, 0x75, 0xc4, 0xba, 0x64, 0x3d, 0x3b, 0x08, 0xdd, 0x10, 0x46, 0xef, 0xc7, 0x90, 0x1f}} , - {{0x7b, 0x2f, 0x3a, 0xce, 0xc8, 0xa1, 0x79, 0x3c, 0x30, 0x12, 0x44, 0x28, 0xf6, 0xbc, 0xff, 0xfd, 0xf4, 0xc0, 0x97, 0xb0, 0xcc, 0xc3, 0x13, 0x7a, 0xb9, 0x9a, 0x16, 0xe4, 0xcb, 0x4c, 0x34, 0x63}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x07, 0x4e, 0xd3, 0x2d, 0x09, 0x33, 0x0e, 0xd2, 0x0d, 0xbe, 0x3e, 0xe7, 0xe4, 0xaa, 0xb7, 0x00, 0x8b, 0xe8, 0xad, 0xaa, 0x7a, 0x8d, 0x34, 0x28, 0xa9, 0x81, 0x94, 0xc5, 0xe7, 0x42, 0xac, 0x47}} , - {{0x24, 0x89, 0x7a, 0x8f, 0xb5, 0x9b, 0xf0, 0xc2, 0x03, 0x64, 0xd0, 0x1e, 0xf5, 0xa4, 0xb2, 0xf3, 0x74, 0xe9, 0x1a, 0x16, 0xfd, 0xcb, 0x15, 0xea, 0xeb, 0x10, 0x6c, 0x35, 0xd1, 0xc1, 0xa6, 0x28}}}, -{{{0xcc, 0xd5, 0x39, 0xfc, 0xa5, 0xa4, 0xad, 0x32, 0x15, 0xce, 0x19, 0xe8, 0x34, 0x2b, 0x1c, 0x60, 0x91, 0xfc, 0x05, 0xa9, 0xb3, 0xdc, 0x80, 0x29, 0xc4, 0x20, 0x79, 0x06, 0x39, 0xc0, 0xe2, 0x22}} , - {{0xbb, 0xa8, 0xe1, 0x89, 0x70, 0x57, 0x18, 0x54, 0x3c, 0xf6, 0x0d, 0x82, 0x12, 0x05, 0x87, 0x96, 0x06, 0x39, 0xe3, 0xf8, 0xb3, 0x95, 0xe5, 0xd7, 0x26, 0xbf, 0x09, 0x5a, 0x94, 0xf9, 0x1c, 0x63}}}, -{{{0x2b, 0x8c, 0x2d, 0x9a, 0x8b, 0x84, 0xf2, 0x56, 0xfb, 0xad, 0x2e, 0x7f, 0xb7, 0xfc, 0x30, 0xe1, 0x35, 0x89, 0xba, 0x4d, 0xa8, 0x6d, 0xce, 0x8c, 0x8b, 0x30, 0xe0, 0xda, 0x29, 0x18, 0x11, 0x17}} , - {{0x19, 0xa6, 0x5a, 0x65, 0x93, 0xc3, 0xb5, 0x31, 0x22, 0x4f, 0xf3, 0xf6, 0x0f, 0xeb, 0x28, 0xc3, 0x7c, 0xeb, 0xce, 0x86, 0xec, 0x67, 0x76, 0x6e, 0x35, 0x45, 0x7b, 0xd8, 0x6b, 0x92, 0x01, 0x65}}}, -{{{0x3d, 0xd5, 0x9a, 0x64, 0x73, 0x36, 0xb1, 0xd6, 0x86, 0x98, 0x42, 0x3f, 0x8a, 0xf1, 0xc7, 0xf5, 0x42, 0xa8, 0x9c, 0x52, 0xa8, 0xdc, 0xf9, 0x24, 0x3f, 0x4a, 0xa1, 0xa4, 0x5b, 0xe8, 0x62, 0x1a}} , - {{0xc5, 0xbd, 0xc8, 0x14, 0xd5, 0x0d, 0xeb, 0xe1, 0xa5, 0xe6, 0x83, 0x11, 0x09, 0x00, 0x1d, 0x55, 0x83, 0x51, 0x7e, 0x75, 0x00, 0x81, 0xb9, 0xcb, 0xd8, 0xc5, 0xe5, 0xa1, 0xd9, 0x17, 0x6d, 0x1f}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xea, 0xf9, 0xe4, 0xe9, 0xe1, 0x52, 0x3f, 0x51, 0x19, 0x0d, 0xdd, 0xd9, 0x9d, 0x93, 0x31, 0x87, 0x23, 0x09, 0xd5, 0x83, 0xeb, 0x92, 0x09, 0x76, 0x6e, 0xe3, 0xf8, 0xc0, 0xa2, 0x66, 0xb5, 0x36}} , - {{0x3a, 0xbb, 0x39, 0xed, 0x32, 0x02, 0xe7, 0x43, 0x7a, 0x38, 0x14, 0x84, 0xe3, 0x44, 0xd2, 0x5e, 0x94, 0xdd, 0x78, 0x89, 0x55, 0x4c, 0x73, 0x9e, 0xe1, 0xe4, 0x3e, 0x43, 0xd0, 0x4a, 0xde, 0x1b}}}, -{{{0xb2, 0xe7, 0x8f, 0xe3, 0xa3, 0xc5, 0xcb, 0x72, 0xee, 0x79, 0x41, 0xf8, 0xdf, 0xee, 0x65, 0xc5, 0x45, 0x77, 0x27, 0x3c, 0xbd, 0x58, 0xd3, 0x75, 0xe2, 0x04, 0x4b, 0xbb, 0x65, 0xf3, 0xc8, 0x0f}} , - {{0x24, 0x7b, 0x93, 0x34, 0xb5, 0xe2, 0x74, 0x48, 0xcd, 0xa0, 0x0b, 0x92, 0x97, 0x66, 0x39, 0xf4, 0xb0, 0xe2, 0x5d, 0x39, 0x6a, 0x5b, 0x45, 0x17, 0x78, 0x1e, 0xdb, 0x91, 0x81, 0x1c, 0xf9, 0x16}}}, -{{{0x16, 0xdf, 0xd1, 0x5a, 0xd5, 0xe9, 0x4e, 0x58, 0x95, 0x93, 0x5f, 0x51, 0x09, 0xc3, 0x2a, 0xc9, 0xd4, 0x55, 0x48, 0x79, 0xa4, 0xa3, 0xb2, 0xc3, 0x62, 0xaa, 0x8c, 0xe8, 0xad, 0x47, 0x39, 0x1b}} , - {{0x46, 0xda, 0x9e, 0x51, 0x3a, 0xe6, 0xd1, 0xa6, 0xbb, 0x4d, 0x7b, 0x08, 0xbe, 0x8c, 0xd5, 0xf3, 0x3f, 0xfd, 0xf7, 0x44, 0x80, 0x2d, 0x53, 0x4b, 0xd0, 0x87, 0x68, 0xc1, 0xb5, 0xd8, 0xf7, 0x07}}}, -{{{0xf4, 0x10, 0x46, 0xbe, 0xb7, 0xd2, 0xd1, 0xce, 0x5e, 0x76, 0xa2, 0xd7, 0x03, 0xdc, 0xe4, 0x81, 0x5a, 0xf6, 0x3c, 0xde, 0xae, 0x7a, 0x9d, 0x21, 0x34, 0xa5, 0xf6, 0xa9, 0x73, 0xe2, 0x8d, 0x60}} , - {{0xfa, 0x44, 0x71, 0xf6, 0x41, 0xd8, 0xc6, 0x58, 0x13, 0x37, 0xeb, 0x84, 0x0f, 0x96, 0xc7, 0xdc, 0xc8, 0xa9, 0x7a, 0x83, 0xb2, 0x2f, 0x31, 0xb1, 0x1a, 0xd8, 0x98, 0x3f, 0x11, 0xd0, 0x31, 0x3b}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x81, 0xd5, 0x34, 0x16, 0x01, 0xa3, 0x93, 0xea, 0x52, 0x94, 0xec, 0x93, 0xb7, 0x81, 0x11, 0x2d, 0x58, 0xf9, 0xb5, 0x0a, 0xaa, 0x4f, 0xf6, 0x2e, 0x3f, 0x36, 0xbf, 0x33, 0x5a, 0xe7, 0xd1, 0x08}} , - {{0x1a, 0xcf, 0x42, 0xae, 0xcc, 0xb5, 0x77, 0x39, 0xc4, 0x5b, 0x5b, 0xd0, 0x26, 0x59, 0x27, 0xd0, 0x55, 0x71, 0x12, 0x9d, 0x88, 0x3d, 0x9c, 0xea, 0x41, 0x6a, 0xf0, 0x50, 0x93, 0x93, 0xdd, 0x47}}}, -{{{0x6f, 0xc9, 0x51, 0x6d, 0x1c, 0xaa, 0xf5, 0xa5, 0x90, 0x3f, 0x14, 0xe2, 0x6e, 0x8e, 0x64, 0xfd, 0xac, 0xe0, 0x4e, 0x22, 0xe5, 0xc1, 0xbc, 0x29, 0x0a, 0x6a, 0x9e, 0xa1, 0x60, 0xcb, 0x2f, 0x0b}} , - {{0xdc, 0x39, 0x32, 0xf3, 0xa1, 0x44, 0xe9, 0xc5, 0xc3, 0x78, 0xfb, 0x95, 0x47, 0x34, 0x35, 0x34, 0xe8, 0x25, 0xde, 0x93, 0xc6, 0xb4, 0x76, 0x6d, 0x86, 0x13, 0xc6, 0xe9, 0x68, 0xb5, 0x01, 0x63}}}, -{{{0x1f, 0x9a, 0x52, 0x64, 0x97, 0xd9, 0x1c, 0x08, 0x51, 0x6f, 0x26, 0x9d, 0xaa, 0x93, 0x33, 0x43, 0xfa, 0x77, 0xe9, 0x62, 0x9b, 0x5d, 0x18, 0x75, 0xeb, 0x78, 0xf7, 0x87, 0x8f, 0x41, 0xb4, 0x4d}} , - {{0x13, 0xa8, 0x82, 0x3e, 0xe9, 0x13, 0xad, 0xeb, 0x01, 0xca, 0xcf, 0xda, 0xcd, 0xf7, 0x6c, 0xc7, 0x7a, 0xdc, 0x1e, 0x6e, 0xc8, 0x4e, 0x55, 0x62, 0x80, 0xea, 0x78, 0x0c, 0x86, 0xb9, 0x40, 0x51}}}, -{{{0x27, 0xae, 0xd3, 0x0d, 0x4c, 0x8f, 0x34, 0xea, 0x7d, 0x3c, 0xe5, 0x8a, 0xcf, 0x5b, 0x92, 0xd8, 0x30, 0x16, 0xb4, 0xa3, 0x75, 0xff, 0xeb, 0x27, 0xc8, 0x5c, 0x6c, 0xc2, 0xee, 0x6c, 0x21, 0x0b}} , - {{0xc3, 0xba, 0x12, 0x53, 0x2a, 0xaa, 0x77, 0xad, 0x19, 0x78, 0x55, 0x8a, 0x2e, 0x60, 0x87, 0xc2, 0x6e, 0x91, 0x38, 0x91, 0x3f, 0x7a, 0xc5, 0x24, 0x8f, 0x51, 0xc5, 0xde, 0xb0, 0x53, 0x30, 0x56}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x02, 0xfe, 0x54, 0x12, 0x18, 0xca, 0x7d, 0xa5, 0x68, 0x43, 0xa3, 0x6d, 0x14, 0x2a, 0x6a, 0xa5, 0x8e, 0x32, 0xe7, 0x63, 0x4f, 0xe3, 0xc6, 0x44, 0x3e, 0xab, 0x63, 0xca, 0x17, 0x86, 0x74, 0x3f}} , - {{0x1e, 0x64, 0xc1, 0x7d, 0x52, 0xdc, 0x13, 0x5a, 0xa1, 0x9c, 0x4e, 0xee, 0x99, 0x28, 0xbb, 0x4c, 0xee, 0xac, 0xa9, 0x1b, 0x89, 0xa2, 0x38, 0x39, 0x7b, 0xc4, 0x0f, 0x42, 0xe6, 0x89, 0xed, 0x0f}}}, -{{{0xf3, 0x3c, 0x8c, 0x80, 0x83, 0x10, 0x8a, 0x37, 0x50, 0x9c, 0xb4, 0xdf, 0x3f, 0x8c, 0xf7, 0x23, 0x07, 0xd6, 0xff, 0xa0, 0x82, 0x6c, 0x75, 0x3b, 0xe4, 0xb5, 0xbb, 0xe4, 0xe6, 0x50, 0xf0, 0x08}} , - {{0x62, 0xee, 0x75, 0x48, 0x92, 0x33, 0xf2, 0xf4, 0xad, 0x15, 0x7a, 0xa1, 0x01, 0x46, 0xa9, 0x32, 0x06, 0x88, 0xb6, 0x36, 0x47, 0x35, 0xb9, 0xb4, 0x42, 0x85, 0x76, 0xf0, 0x48, 0x00, 0x90, 0x38}}}, -{{{0x51, 0x15, 0x9d, 0xc3, 0x95, 0xd1, 0x39, 0xbb, 0x64, 0x9d, 0x15, 0x81, 0xc1, 0x68, 0xd0, 0xb6, 0xa4, 0x2c, 0x7d, 0x5e, 0x02, 0x39, 0x00, 0xe0, 0x3b, 0xa4, 0xcc, 0xca, 0x1d, 0x81, 0x24, 0x10}} , - {{0xe7, 0x29, 0xf9, 0x37, 0xd9, 0x46, 0x5a, 0xcd, 0x70, 0xfe, 0x4d, 0x5b, 0xbf, 0xa5, 0xcf, 0x91, 0xf4, 0xef, 0xee, 0x8a, 0x29, 0xd0, 0xe7, 0xc4, 0x25, 0x92, 0x8a, 0xff, 0x36, 0xfc, 0xe4, 0x49}}}, -{{{0xbd, 0x00, 0xb9, 0x04, 0x7d, 0x35, 0xfc, 0xeb, 0xd0, 0x0b, 0x05, 0x32, 0x52, 0x7a, 0x89, 0x24, 0x75, 0x50, 0xe1, 0x63, 0x02, 0x82, 0x8e, 0xe7, 0x85, 0x0c, 0xf2, 0x56, 0x44, 0x37, 0x83, 0x25}} , - {{0x8f, 0xa1, 0xce, 0xcb, 0x60, 0xda, 0x12, 0x02, 0x1e, 0x29, 0x39, 0x2a, 0x03, 0xb7, 0xeb, 0x77, 0x40, 0xea, 0xc9, 0x2b, 0x2c, 0xd5, 0x7d, 0x7e, 0x2c, 0xc7, 0x5a, 0xfd, 0xff, 0xc4, 0xd1, 0x62}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x1d, 0x88, 0x98, 0x5b, 0x4e, 0xfc, 0x41, 0x24, 0x05, 0xe6, 0x50, 0x2b, 0xae, 0x96, 0x51, 0xd9, 0x6b, 0x72, 0xb2, 0x33, 0x42, 0x98, 0x68, 0xbb, 0x10, 0x5a, 0x7a, 0x8c, 0x9d, 0x07, 0xb4, 0x05}} , - {{0x2f, 0x61, 0x9f, 0xd7, 0xa8, 0x3f, 0x83, 0x8c, 0x10, 0x69, 0x90, 0xe6, 0xcf, 0xd2, 0x63, 0xa3, 0xe4, 0x54, 0x7e, 0xe5, 0x69, 0x13, 0x1c, 0x90, 0x57, 0xaa, 0xe9, 0x53, 0x22, 0x43, 0x29, 0x23}}}, -{{{0xe5, 0x1c, 0xf8, 0x0a, 0xfd, 0x2d, 0x7e, 0xf5, 0xf5, 0x70, 0x7d, 0x41, 0x6b, 0x11, 0xfe, 0xbe, 0x99, 0xd1, 0x55, 0x29, 0x31, 0xbf, 0xc0, 0x97, 0x6c, 0xd5, 0x35, 0xcc, 0x5e, 0x8b, 0xd9, 0x69}} , - {{0x8e, 0x4e, 0x9f, 0x25, 0xf8, 0x81, 0x54, 0x2d, 0x0e, 0xd5, 0x54, 0x81, 0x9b, 0xa6, 0x92, 0xce, 0x4b, 0xe9, 0x8f, 0x24, 0x3b, 0xca, 0xe0, 0x44, 0xab, 0x36, 0xfe, 0xfb, 0x87, 0xd4, 0x26, 0x3e}}}, -{{{0x0f, 0x93, 0x9c, 0x11, 0xe7, 0xdb, 0xf1, 0xf0, 0x85, 0x43, 0x28, 0x15, 0x37, 0xdd, 0xde, 0x27, 0xdf, 0xad, 0x3e, 0x49, 0x4f, 0xe0, 0x5b, 0xf6, 0x80, 0x59, 0x15, 0x3c, 0x85, 0xb7, 0x3e, 0x12}} , - {{0xf5, 0xff, 0xcc, 0xf0, 0xb4, 0x12, 0x03, 0x5f, 0xc9, 0x84, 0xcb, 0x1d, 0x17, 0xe0, 0xbc, 0xcc, 0x03, 0x62, 0xa9, 0x8b, 0x94, 0xa6, 0xaa, 0x18, 0xcb, 0x27, 0x8d, 0x49, 0xa6, 0x17, 0x15, 0x07}}}, -{{{0xd9, 0xb6, 0xd4, 0x9d, 0xd4, 0x6a, 0xaf, 0x70, 0x07, 0x2c, 0x10, 0x9e, 0xbd, 0x11, 0xad, 0xe4, 0x26, 0x33, 0x70, 0x92, 0x78, 0x1c, 0x74, 0x9f, 0x75, 0x60, 0x56, 0xf4, 0x39, 0xa8, 0xa8, 0x62}} , - {{0x3b, 0xbf, 0x55, 0x35, 0x61, 0x8b, 0x44, 0x97, 0xe8, 0x3a, 0x55, 0xc1, 0xc8, 0x3b, 0xfd, 0x95, 0x29, 0x11, 0x60, 0x96, 0x1e, 0xcb, 0x11, 0x9d, 0xc2, 0x03, 0x8a, 0x1b, 0xc6, 0xd6, 0x45, 0x3d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x7e, 0x0e, 0x50, 0xb2, 0xcc, 0x0d, 0x6b, 0xa6, 0x71, 0x5b, 0x42, 0xed, 0xbd, 0xaf, 0xac, 0xf0, 0xfc, 0x12, 0xa2, 0x3f, 0x4e, 0xda, 0xe8, 0x11, 0xf3, 0x23, 0xe1, 0x04, 0x62, 0x03, 0x1c, 0x4e}} , - {{0xc8, 0xb1, 0x1b, 0x6f, 0x73, 0x61, 0x3d, 0x27, 0x0d, 0x7d, 0x7a, 0x25, 0x5f, 0x73, 0x0e, 0x2f, 0x93, 0xf6, 0x24, 0xd8, 0x4f, 0x90, 0xac, 0xa2, 0x62, 0x0a, 0xf0, 0x61, 0xd9, 0x08, 0x59, 0x6a}}}, -{{{0x6f, 0x2d, 0x55, 0xf8, 0x2f, 0x8e, 0xf0, 0x18, 0x3b, 0xea, 0xdd, 0x26, 0x72, 0xd1, 0xf5, 0xfe, 0xe5, 0xb8, 0xe6, 0xd3, 0x10, 0x48, 0x46, 0x49, 0x3a, 0x9f, 0x5e, 0x45, 0x6b, 0x90, 0xe8, 0x7f}} , - {{0xd3, 0x76, 0x69, 0x33, 0x7b, 0xb9, 0x40, 0x70, 0xee, 0xa6, 0x29, 0x6b, 0xdd, 0xd0, 0x5d, 0x8d, 0xc1, 0x3e, 0x4a, 0xea, 0x37, 0xb1, 0x03, 0x02, 0x03, 0x35, 0xf1, 0x28, 0x9d, 0xff, 0x00, 0x13}}}, -{{{0x7a, 0xdb, 0x12, 0xd2, 0x8a, 0x82, 0x03, 0x1b, 0x1e, 0xaf, 0xf9, 0x4b, 0x9c, 0xbe, 0xae, 0x7c, 0xe4, 0x94, 0x2a, 0x23, 0xb3, 0x62, 0x86, 0xe7, 0xfd, 0x23, 0xaa, 0x99, 0xbd, 0x2b, 0x11, 0x6c}} , - {{0x8d, 0xa6, 0xd5, 0xac, 0x9d, 0xcc, 0x68, 0x75, 0x7f, 0xc3, 0x4d, 0x4b, 0xdd, 0x6c, 0xbb, 0x11, 0x5a, 0x60, 0xe5, 0xbd, 0x7d, 0x27, 0x8b, 0xda, 0xb4, 0x95, 0xf6, 0x03, 0x27, 0xa4, 0x92, 0x3f}}}, -{{{0x22, 0xd6, 0xb5, 0x17, 0x84, 0xbf, 0x12, 0xcc, 0x23, 0x14, 0x4a, 0xdf, 0x14, 0x31, 0xbc, 0xa1, 0xac, 0x6e, 0xab, 0xfa, 0x57, 0x11, 0x53, 0xb3, 0x27, 0xe6, 0xf9, 0x47, 0x33, 0x44, 0x34, 0x1e}} , - {{0x79, 0xfc, 0xa6, 0xb4, 0x0b, 0x35, 0x20, 0xc9, 0x4d, 0x22, 0x84, 0xc4, 0xa9, 0x20, 0xec, 0x89, 0x94, 0xba, 0x66, 0x56, 0x48, 0xb9, 0x87, 0x7f, 0xca, 0x1e, 0x06, 0xed, 0xa5, 0x55, 0x59, 0x29}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x56, 0xe1, 0xf5, 0xf1, 0xd5, 0xab, 0xa8, 0x2b, 0xae, 0x89, 0xf3, 0xcf, 0x56, 0x9f, 0xf2, 0x4b, 0x31, 0xbc, 0x18, 0xa9, 0x06, 0x5b, 0xbe, 0xb4, 0x61, 0xf8, 0xb2, 0x06, 0x9c, 0x81, 0xab, 0x4c}} , - {{0x1f, 0x68, 0x76, 0x01, 0x16, 0x38, 0x2b, 0x0f, 0x77, 0x97, 0x92, 0x67, 0x4e, 0x86, 0x6a, 0x8b, 0xe5, 0xe8, 0x0c, 0xf7, 0x36, 0x39, 0xb5, 0x33, 0xe6, 0xcf, 0x5e, 0xbd, 0x18, 0xfb, 0x10, 0x1f}}}, -{{{0x83, 0xf0, 0x0d, 0x63, 0xef, 0x53, 0x6b, 0xb5, 0x6b, 0xf9, 0x83, 0xcf, 0xde, 0x04, 0x22, 0x9b, 0x2c, 0x0a, 0xe0, 0xa5, 0xd8, 0xc7, 0x9c, 0xa5, 0xa3, 0xf6, 0x6f, 0xcf, 0x90, 0x6b, 0x68, 0x7c}} , - {{0x33, 0x15, 0xd7, 0x7f, 0x1a, 0xd5, 0x21, 0x58, 0xc4, 0x18, 0xa5, 0xf0, 0xcc, 0x73, 0xa8, 0xfd, 0xfa, 0x18, 0xd1, 0x03, 0x91, 0x8d, 0x52, 0xd2, 0xa3, 0xa4, 0xd3, 0xb1, 0xea, 0x1d, 0x0f, 0x00}}}, -{{{0xcc, 0x48, 0x83, 0x90, 0xe5, 0xfd, 0x3f, 0x84, 0xaa, 0xf9, 0x8b, 0x82, 0x59, 0x24, 0x34, 0x68, 0x4f, 0x1c, 0x23, 0xd9, 0xcc, 0x71, 0xe1, 0x7f, 0x8c, 0xaf, 0xf1, 0xee, 0x00, 0xb6, 0xa0, 0x77}} , - {{0xf5, 0x1a, 0x61, 0xf7, 0x37, 0x9d, 0x00, 0xf4, 0xf2, 0x69, 0x6f, 0x4b, 0x01, 0x85, 0x19, 0x45, 0x4d, 0x7f, 0x02, 0x7c, 0x6a, 0x05, 0x47, 0x6c, 0x1f, 0x81, 0x20, 0xd4, 0xe8, 0x50, 0x27, 0x72}}}, -{{{0x2c, 0x3a, 0xe5, 0xad, 0xf4, 0xdd, 0x2d, 0xf7, 0x5c, 0x44, 0xb5, 0x5b, 0x21, 0xa3, 0x89, 0x5f, 0x96, 0x45, 0xca, 0x4d, 0xa4, 0x21, 0x99, 0x70, 0xda, 0xc4, 0xc4, 0xa0, 0xe5, 0xf4, 0xec, 0x0a}} , - {{0x07, 0x68, 0x21, 0x65, 0xe9, 0x08, 0xa0, 0x0b, 0x6a, 0x4a, 0xba, 0xb5, 0x80, 0xaf, 0xd0, 0x1b, 0xc5, 0xf5, 0x4b, 0x73, 0x50, 0x60, 0x2d, 0x71, 0x69, 0x61, 0x0e, 0xc0, 0x20, 0x40, 0x30, 0x19}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xd0, 0x75, 0x57, 0x3b, 0xeb, 0x5c, 0x14, 0x56, 0x50, 0xc9, 0x4f, 0xb8, 0xb8, 0x1e, 0xa3, 0xf4, 0xab, 0xf5, 0xa9, 0x20, 0x15, 0x94, 0x82, 0xda, 0x96, 0x1c, 0x9b, 0x59, 0x8c, 0xff, 0xf4, 0x51}} , - {{0xc1, 0x3a, 0x86, 0xd7, 0xb0, 0x06, 0x84, 0x7f, 0x1b, 0xbd, 0xd4, 0x07, 0x78, 0x80, 0x2e, 0xb1, 0xb4, 0xee, 0x52, 0x38, 0xee, 0x9a, 0xf9, 0xf6, 0xf3, 0x41, 0x6e, 0xd4, 0x88, 0x95, 0xac, 0x35}}}, -{{{0x41, 0x97, 0xbf, 0x71, 0x6a, 0x9b, 0x72, 0xec, 0xf3, 0xf8, 0x6b, 0xe6, 0x0e, 0x6c, 0x69, 0xa5, 0x2f, 0x68, 0x52, 0xd8, 0x61, 0x81, 0xc0, 0x63, 0x3f, 0xa6, 0x3c, 0x13, 0x90, 0xe6, 0x8d, 0x56}} , - {{0xe8, 0x39, 0x30, 0x77, 0x23, 0xb1, 0xfd, 0x1b, 0x3d, 0x3e, 0x74, 0x4d, 0x7f, 0xae, 0x5b, 0x3a, 0xb4, 0x65, 0x0e, 0x3a, 0x43, 0xdc, 0xdc, 0x41, 0x47, 0xe6, 0xe8, 0x92, 0x09, 0x22, 0x48, 0x4c}}}, -{{{0x85, 0x57, 0x9f, 0xb5, 0xc8, 0x06, 0xb2, 0x9f, 0x47, 0x3f, 0xf0, 0xfa, 0xe6, 0xa9, 0xb1, 0x9b, 0x6f, 0x96, 0x7d, 0xf9, 0xa4, 0x65, 0x09, 0x75, 0x32, 0xa6, 0x6c, 0x7f, 0x47, 0x4b, 0x2f, 0x4f}} , - {{0x34, 0xe9, 0x59, 0x93, 0x9d, 0x26, 0x80, 0x54, 0xf2, 0xcc, 0x3c, 0xc2, 0x25, 0x85, 0xe3, 0x6a, 0xc1, 0x62, 0x04, 0xa7, 0x08, 0x32, 0x6d, 0xa1, 0x39, 0x84, 0x8a, 0x3b, 0x87, 0x5f, 0x11, 0x13}}}, -{{{0xda, 0x03, 0x34, 0x66, 0xc4, 0x0c, 0x73, 0x6e, 0xbc, 0x24, 0xb5, 0xf9, 0x70, 0x81, 0x52, 0xe9, 0xf4, 0x7c, 0x23, 0xdd, 0x9f, 0xb8, 0x46, 0xef, 0x1d, 0x22, 0x55, 0x7d, 0x71, 0xc4, 0x42, 0x33}} , - {{0xc5, 0x37, 0x69, 0x5b, 0xa8, 0xc6, 0x9d, 0xa4, 0xfc, 0x61, 0x6e, 0x68, 0x46, 0xea, 0xd7, 0x1c, 0x67, 0xd2, 0x7d, 0xfa, 0xf1, 0xcc, 0x54, 0x8d, 0x36, 0x35, 0xc9, 0x00, 0xdf, 0x6c, 0x67, 0x50}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x9a, 0x4d, 0x42, 0x29, 0x5d, 0xa4, 0x6b, 0x6f, 0xa8, 0x8a, 0x4d, 0x91, 0x7b, 0xd2, 0xdf, 0x36, 0xef, 0x01, 0x22, 0xc5, 0xcc, 0x8d, 0xeb, 0x58, 0x3d, 0xb3, 0x50, 0xfc, 0x8b, 0x97, 0x96, 0x33}} , - {{0x93, 0x33, 0x07, 0xc8, 0x4a, 0xca, 0xd0, 0xb1, 0xab, 0xbd, 0xdd, 0xa7, 0x7c, 0xac, 0x3e, 0x45, 0xcb, 0xcc, 0x07, 0x91, 0xbf, 0x35, 0x9d, 0xcb, 0x7d, 0x12, 0x3c, 0x11, 0x59, 0x13, 0xcf, 0x5c}}}, -{{{0x45, 0xb8, 0x41, 0xd7, 0xab, 0x07, 0x15, 0x00, 0x8e, 0xce, 0xdf, 0xb2, 0x43, 0x5c, 0x01, 0xdc, 0xf4, 0x01, 0x51, 0x95, 0x10, 0x5a, 0xf6, 0x24, 0x24, 0xa0, 0x19, 0x3a, 0x09, 0x2a, 0xaa, 0x3f}} , - {{0xdc, 0x8e, 0xeb, 0xc6, 0xbf, 0xdd, 0x11, 0x7b, 0xe7, 0x47, 0xe6, 0xce, 0xe7, 0xb6, 0xc5, 0xe8, 0x8a, 0xdc, 0x4b, 0x57, 0x15, 0x3b, 0x66, 0xca, 0x89, 0xa3, 0xfd, 0xac, 0x0d, 0xe1, 0x1d, 0x7a}}}, -{{{0x89, 0xef, 0xbf, 0x03, 0x75, 0xd0, 0x29, 0x50, 0xcb, 0x7d, 0xd6, 0xbe, 0xad, 0x5f, 0x7b, 0x00, 0x32, 0xaa, 0x98, 0xed, 0x3f, 0x8f, 0x92, 0xcb, 0x81, 0x56, 0x01, 0x63, 0x64, 0xa3, 0x38, 0x39}} , - {{0x8b, 0xa4, 0xd6, 0x50, 0xb4, 0xaa, 0x5d, 0x64, 0x64, 0x76, 0x2e, 0xa1, 0xa6, 0xb3, 0xb8, 0x7c, 0x7a, 0x56, 0xf5, 0x5c, 0x4e, 0x84, 0x5c, 0xfb, 0xdd, 0xca, 0x48, 0x8b, 0x48, 0xb9, 0xba, 0x34}}}, -{{{0xc5, 0xe3, 0xe8, 0xae, 0x17, 0x27, 0xe3, 0x64, 0x60, 0x71, 0x47, 0x29, 0x02, 0x0f, 0x92, 0x5d, 0x10, 0x93, 0xc8, 0x0e, 0xa1, 0xed, 0xba, 0xa9, 0x96, 0x1c, 0xc5, 0x76, 0x30, 0xcd, 0xf9, 0x30}} , - {{0x95, 0xb0, 0xbd, 0x8c, 0xbc, 0xa7, 0x4f, 0x7e, 0xfd, 0x4e, 0x3a, 0xbf, 0x5f, 0x04, 0x79, 0x80, 0x2b, 0x5a, 0x9f, 0x4f, 0x68, 0x21, 0x19, 0x71, 0xc6, 0x20, 0x01, 0x42, 0xaa, 0xdf, 0xae, 0x2c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x90, 0x6e, 0x7e, 0x4b, 0x71, 0x93, 0xc0, 0x72, 0xed, 0xeb, 0x71, 0x24, 0x97, 0x26, 0x9c, 0xfe, 0xcb, 0x3e, 0x59, 0x19, 0xa8, 0x0f, 0x75, 0x7d, 0xbe, 0x18, 0xe6, 0x96, 0x1e, 0x95, 0x70, 0x60}} , - {{0x89, 0x66, 0x3e, 0x1d, 0x4c, 0x5f, 0xfe, 0xc0, 0x04, 0x43, 0xd6, 0x44, 0x19, 0xb5, 0xad, 0xc7, 0x22, 0xdc, 0x71, 0x28, 0x64, 0xde, 0x41, 0x38, 0x27, 0x8f, 0x2c, 0x6b, 0x08, 0xb8, 0xb8, 0x7b}}}, -{{{0x3d, 0x70, 0x27, 0x9d, 0xd9, 0xaf, 0xb1, 0x27, 0xaf, 0xe3, 0x5d, 0x1e, 0x3a, 0x30, 0x54, 0x61, 0x60, 0xe8, 0xc3, 0x26, 0x3a, 0xbc, 0x7e, 0xf5, 0x81, 0xdd, 0x64, 0x01, 0x04, 0xeb, 0xc0, 0x1e}} , - {{0xda, 0x2c, 0xa4, 0xd1, 0xa1, 0xc3, 0x5c, 0x6e, 0x32, 0x07, 0x1f, 0xb8, 0x0e, 0x19, 0x9e, 0x99, 0x29, 0x33, 0x9a, 0xae, 0x7a, 0xed, 0x68, 0x42, 0x69, 0x7c, 0x07, 0xb3, 0x38, 0x2c, 0xf6, 0x3d}}}, -{{{0x64, 0xaa, 0xb5, 0x88, 0x79, 0x65, 0x38, 0x8c, 0x94, 0xd6, 0x62, 0x37, 0x7d, 0x64, 0xcd, 0x3a, 0xeb, 0xff, 0xe8, 0x81, 0x09, 0xc7, 0x6a, 0x50, 0x09, 0x0d, 0x28, 0x03, 0x0d, 0x9a, 0x93, 0x0a}} , - {{0x42, 0xa3, 0xf1, 0xc5, 0xb4, 0x0f, 0xd8, 0xc8, 0x8d, 0x15, 0x31, 0xbd, 0xf8, 0x07, 0x8b, 0xcd, 0x08, 0x8a, 0xfb, 0x18, 0x07, 0xfe, 0x8e, 0x52, 0x86, 0xef, 0xbe, 0xec, 0x49, 0x52, 0x99, 0x08}}}, -{{{0x0f, 0xa9, 0xd5, 0x01, 0xaa, 0x48, 0x4f, 0x28, 0x66, 0x32, 0x1a, 0xba, 0x7c, 0xea, 0x11, 0x80, 0x17, 0x18, 0x9b, 0x56, 0x88, 0x25, 0x06, 0x69, 0x12, 0x2c, 0xea, 0x56, 0x69, 0x41, 0x24, 0x19}} , - {{0xde, 0x21, 0xf0, 0xda, 0x8a, 0xfb, 0xb1, 0xb8, 0xcd, 0xc8, 0x6a, 0x82, 0x19, 0x73, 0xdb, 0xc7, 0xcf, 0x88, 0xeb, 0x96, 0xee, 0x6f, 0xfb, 0x06, 0xd2, 0xcd, 0x7d, 0x7b, 0x12, 0x28, 0x8e, 0x0c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x93, 0x44, 0x97, 0xce, 0x28, 0xff, 0x3a, 0x40, 0xc4, 0xf5, 0xf6, 0x9b, 0xf4, 0x6b, 0x07, 0x84, 0xfb, 0x98, 0xd8, 0xec, 0x8c, 0x03, 0x57, 0xec, 0x49, 0xed, 0x63, 0xb6, 0xaa, 0xff, 0x98, 0x28}} , - {{0x3d, 0x16, 0x35, 0xf3, 0x46, 0xbc, 0xb3, 0xf4, 0xc6, 0xb6, 0x4f, 0xfa, 0xf4, 0xa0, 0x13, 0xe6, 0x57, 0x45, 0x93, 0xb9, 0xbc, 0xd6, 0x59, 0xe7, 0x77, 0x94, 0x6c, 0xab, 0x96, 0x3b, 0x4f, 0x09}}}, -{{{0x5a, 0xf7, 0x6b, 0x01, 0x12, 0x4f, 0x51, 0xc1, 0x70, 0x84, 0x94, 0x47, 0xb2, 0x01, 0x6c, 0x71, 0xd7, 0xcc, 0x17, 0x66, 0x0f, 0x59, 0x5d, 0x5d, 0x10, 0x01, 0x57, 0x11, 0xf5, 0xdd, 0xe2, 0x34}} , - {{0x26, 0xd9, 0x1f, 0x5c, 0x58, 0xac, 0x8b, 0x03, 0xd2, 0xc3, 0x85, 0x0f, 0x3a, 0xc3, 0x7f, 0x6d, 0x8e, 0x86, 0xcd, 0x52, 0x74, 0x8f, 0x55, 0x77, 0x17, 0xb7, 0x8e, 0xb7, 0x88, 0xea, 0xda, 0x1b}}}, -{{{0xb6, 0xea, 0x0e, 0x40, 0x93, 0x20, 0x79, 0x35, 0x6a, 0x61, 0x84, 0x5a, 0x07, 0x6d, 0xf9, 0x77, 0x6f, 0xed, 0x69, 0x1c, 0x0d, 0x25, 0x76, 0xcc, 0xf0, 0xdb, 0xbb, 0xc5, 0xad, 0xe2, 0x26, 0x57}} , - {{0xcf, 0xe8, 0x0e, 0x6b, 0x96, 0x7d, 0xed, 0x27, 0xd1, 0x3c, 0xa9, 0xd9, 0x50, 0xa9, 0x98, 0x84, 0x5e, 0x86, 0xef, 0xd6, 0xf0, 0xf8, 0x0e, 0x89, 0x05, 0x2f, 0xd9, 0x5f, 0x15, 0x5f, 0x73, 0x79}}}, -{{{0xc8, 0x5c, 0x16, 0xfe, 0xed, 0x9f, 0x26, 0x56, 0xf6, 0x4b, 0x9f, 0xa7, 0x0a, 0x85, 0xfe, 0xa5, 0x8c, 0x87, 0xdd, 0x98, 0xce, 0x4e, 0xc3, 0x58, 0x55, 0xb2, 0x7b, 0x3d, 0xd8, 0x6b, 0xb5, 0x4c}} , - {{0x65, 0x38, 0xa0, 0x15, 0xfa, 0xa7, 0xb4, 0x8f, 0xeb, 0xc4, 0x86, 0x9b, 0x30, 0xa5, 0x5e, 0x4d, 0xea, 0x8a, 0x9a, 0x9f, 0x1a, 0xd8, 0x5b, 0x53, 0x14, 0x19, 0x25, 0x63, 0xb4, 0x6f, 0x1f, 0x5d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xac, 0x8f, 0xbc, 0x1e, 0x7d, 0x8b, 0x5a, 0x0b, 0x8d, 0xaf, 0x76, 0x2e, 0x71, 0xe3, 0x3b, 0x6f, 0x53, 0x2f, 0x3e, 0x90, 0x95, 0xd4, 0x35, 0x14, 0x4f, 0x8c, 0x3c, 0xce, 0x57, 0x1c, 0x76, 0x49}} , - {{0xa8, 0x50, 0xe1, 0x61, 0x6b, 0x57, 0x35, 0xeb, 0x44, 0x0b, 0x0c, 0x6e, 0xf9, 0x25, 0x80, 0x74, 0xf2, 0x8f, 0x6f, 0x7a, 0x3e, 0x7f, 0x2d, 0xf3, 0x4e, 0x09, 0x65, 0x10, 0x5e, 0x03, 0x25, 0x32}}}, -{{{0xa9, 0x60, 0xdc, 0x0f, 0x64, 0xe5, 0x1d, 0xe2, 0x8d, 0x4f, 0x79, 0x2f, 0x0e, 0x24, 0x02, 0x00, 0x05, 0x77, 0x43, 0x25, 0x3d, 0x6a, 0xc7, 0xb7, 0xbf, 0x04, 0x08, 0x65, 0xf4, 0x39, 0x4b, 0x65}} , - {{0x96, 0x19, 0x12, 0x6b, 0x6a, 0xb7, 0xe3, 0xdc, 0x45, 0x9b, 0xdb, 0xb4, 0xa8, 0xae, 0xdc, 0xa8, 0x14, 0x44, 0x65, 0x62, 0xce, 0x34, 0x9a, 0x84, 0x18, 0x12, 0x01, 0xf1, 0xe2, 0x7b, 0xce, 0x50}}}, -{{{0x41, 0x21, 0x30, 0x53, 0x1b, 0x47, 0x01, 0xb7, 0x18, 0xd8, 0x82, 0x57, 0xbd, 0xa3, 0x60, 0xf0, 0x32, 0xf6, 0x5b, 0xf0, 0x30, 0x88, 0x91, 0x59, 0xfd, 0x90, 0xa2, 0xb9, 0x55, 0x93, 0x21, 0x34}} , - {{0x97, 0x67, 0x9e, 0xeb, 0x6a, 0xf9, 0x6e, 0xd6, 0x73, 0xe8, 0x6b, 0x29, 0xec, 0x63, 0x82, 0x00, 0xa8, 0x99, 0x1c, 0x1d, 0x30, 0xc8, 0x90, 0x52, 0x90, 0xb6, 0x6a, 0x80, 0x4e, 0xff, 0x4b, 0x51}}}, -{{{0x0f, 0x7d, 0x63, 0x8c, 0x6e, 0x5c, 0xde, 0x30, 0xdf, 0x65, 0xfa, 0x2e, 0xb0, 0xa3, 0x25, 0x05, 0x54, 0xbd, 0x25, 0xba, 0x06, 0xae, 0xdf, 0x8b, 0xd9, 0x1b, 0xea, 0x38, 0xb3, 0x05, 0x16, 0x09}} , - {{0xc7, 0x8c, 0xbf, 0x64, 0x28, 0xad, 0xf8, 0xa5, 0x5a, 0x6f, 0xc9, 0xba, 0xd5, 0x7f, 0xd5, 0xd6, 0xbd, 0x66, 0x2f, 0x3d, 0xaa, 0x54, 0xf6, 0xba, 0x32, 0x22, 0x9a, 0x1e, 0x52, 0x05, 0xf4, 0x1d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xaa, 0x1f, 0xbb, 0xeb, 0xfe, 0xe4, 0x87, 0xfc, 0xb1, 0x2c, 0xb7, 0x88, 0xf4, 0xc6, 0xb9, 0xf5, 0x24, 0x46, 0xf2, 0xa5, 0x9f, 0x8f, 0x8a, 0x93, 0x70, 0x69, 0xd4, 0x56, 0xec, 0xfd, 0x06, 0x46}} , - {{0x4e, 0x66, 0xcf, 0x4e, 0x34, 0xce, 0x0c, 0xd9, 0xa6, 0x50, 0xd6, 0x5e, 0x95, 0xaf, 0xe9, 0x58, 0xfa, 0xee, 0x9b, 0xb8, 0xa5, 0x0f, 0x35, 0xe0, 0x43, 0x82, 0x6d, 0x65, 0xe6, 0xd9, 0x00, 0x0f}}}, -{{{0x7b, 0x75, 0x3a, 0xfc, 0x64, 0xd3, 0x29, 0x7e, 0xdd, 0x49, 0x9a, 0x59, 0x53, 0xbf, 0xb4, 0xa7, 0x52, 0xb3, 0x05, 0xab, 0xc3, 0xaf, 0x16, 0x1a, 0x85, 0x42, 0x32, 0xa2, 0x86, 0xfa, 0x39, 0x43}} , - {{0x0e, 0x4b, 0xa3, 0x63, 0x8a, 0xfe, 0xa5, 0x58, 0xf1, 0x13, 0xbd, 0x9d, 0xaa, 0x7f, 0x76, 0x40, 0x70, 0x81, 0x10, 0x75, 0x99, 0xbb, 0xbe, 0x0b, 0x16, 0xe9, 0xba, 0x62, 0x34, 0xcc, 0x07, 0x6d}}}, -{{{0xc3, 0xf1, 0xc6, 0x93, 0x65, 0xee, 0x0b, 0xbc, 0xea, 0x14, 0xf0, 0xc1, 0xf8, 0x84, 0x89, 0xc2, 0xc9, 0xd7, 0xea, 0x34, 0xca, 0xa7, 0xc4, 0x99, 0xd5, 0x50, 0x69, 0xcb, 0xd6, 0x21, 0x63, 0x7c}} , - {{0x99, 0xeb, 0x7c, 0x31, 0x73, 0x64, 0x67, 0x7f, 0x0c, 0x66, 0xaa, 0x8c, 0x69, 0x91, 0xe2, 0x26, 0xd3, 0x23, 0xe2, 0x76, 0x5d, 0x32, 0x52, 0xdf, 0x5d, 0xc5, 0x8f, 0xb7, 0x7c, 0x84, 0xb3, 0x70}}}, -{{{0xeb, 0x01, 0xc7, 0x36, 0x97, 0x4e, 0xb6, 0xab, 0x5f, 0x0d, 0x2c, 0xba, 0x67, 0x64, 0x55, 0xde, 0xbc, 0xff, 0xa6, 0xec, 0x04, 0xd3, 0x8d, 0x39, 0x56, 0x5e, 0xee, 0xf8, 0xe4, 0x2e, 0x33, 0x62}} , - {{0x65, 0xef, 0xb8, 0x9f, 0xc8, 0x4b, 0xa7, 0xfd, 0x21, 0x49, 0x9b, 0x92, 0x35, 0x82, 0xd6, 0x0a, 0x9b, 0xf2, 0x79, 0xf1, 0x47, 0x2f, 0x6a, 0x7e, 0x9f, 0xcf, 0x18, 0x02, 0x3c, 0xfb, 0x1b, 0x3e}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x2f, 0x8b, 0xc8, 0x40, 0x51, 0xd1, 0xac, 0x1a, 0x0b, 0xe4, 0xa9, 0xa2, 0x42, 0x21, 0x19, 0x2f, 0x7b, 0x97, 0xbf, 0xf7, 0x57, 0x6d, 0x3f, 0x3d, 0x4f, 0x0f, 0xe2, 0xb2, 0x81, 0x00, 0x9e, 0x7b}} , - {{0x8c, 0x85, 0x2b, 0xc4, 0xfc, 0xf1, 0xab, 0xe8, 0x79, 0x22, 0xc4, 0x84, 0x17, 0x3a, 0xfa, 0x86, 0xa6, 0x7d, 0xf9, 0xf3, 0x6f, 0x03, 0x57, 0x20, 0x4d, 0x79, 0xf9, 0x6e, 0x71, 0x54, 0x38, 0x09}}}, -{{{0x40, 0x29, 0x74, 0xa8, 0x2f, 0x5e, 0xf9, 0x79, 0xa4, 0xf3, 0x3e, 0xb9, 0xfd, 0x33, 0x31, 0xac, 0x9a, 0x69, 0x88, 0x1e, 0x77, 0x21, 0x2d, 0xf3, 0x91, 0x52, 0x26, 0x15, 0xb2, 0xa6, 0xcf, 0x7e}} , - {{0xc6, 0x20, 0x47, 0x6c, 0xa4, 0x7d, 0xcb, 0x63, 0xea, 0x5b, 0x03, 0xdf, 0x3e, 0x88, 0x81, 0x6d, 0xce, 0x07, 0x42, 0x18, 0x60, 0x7e, 0x7b, 0x55, 0xfe, 0x6a, 0xf3, 0xda, 0x5c, 0x8b, 0x95, 0x10}}}, -{{{0x62, 0xe4, 0x0d, 0x03, 0xb4, 0xd7, 0xcd, 0xfa, 0xbd, 0x46, 0xdf, 0x93, 0x71, 0x10, 0x2c, 0xa8, 0x3b, 0xb6, 0x09, 0x05, 0x70, 0x84, 0x43, 0x29, 0xa8, 0x59, 0xf5, 0x8e, 0x10, 0xe4, 0xd7, 0x20}} , - {{0x57, 0x82, 0x1c, 0xab, 0xbf, 0x62, 0x70, 0xe8, 0xc4, 0xcf, 0xf0, 0x28, 0x6e, 0x16, 0x3c, 0x08, 0x78, 0x89, 0x85, 0x46, 0x0f, 0xf6, 0x7f, 0xcf, 0xcb, 0x7e, 0xb8, 0x25, 0xe9, 0x5a, 0xfa, 0x03}}}, -{{{0xfb, 0x95, 0x92, 0x63, 0x50, 0xfc, 0x62, 0xf0, 0xa4, 0x5e, 0x8c, 0x18, 0xc2, 0x17, 0x24, 0xb7, 0x78, 0xc2, 0xa9, 0xe7, 0x6a, 0x32, 0xd6, 0x29, 0x85, 0xaf, 0xcb, 0x8d, 0x91, 0x13, 0xda, 0x6b}} , - {{0x36, 0x0a, 0xc2, 0xb6, 0x4b, 0xa5, 0x5d, 0x07, 0x17, 0x41, 0x31, 0x5f, 0x62, 0x46, 0xf8, 0x92, 0xf9, 0x66, 0x48, 0x73, 0xa6, 0x97, 0x0d, 0x7d, 0x88, 0xee, 0x62, 0xb1, 0x03, 0xa8, 0x3f, 0x2c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x4a, 0xb1, 0x70, 0x8a, 0xa9, 0xe8, 0x63, 0x79, 0x00, 0xe2, 0x25, 0x16, 0xca, 0x4b, 0x0f, 0xa4, 0x66, 0xad, 0x19, 0x9f, 0x88, 0x67, 0x0c, 0x8b, 0xc2, 0x4a, 0x5b, 0x2b, 0x6d, 0x95, 0xaf, 0x19}} , - {{0x8b, 0x9d, 0xb6, 0xcc, 0x60, 0xb4, 0x72, 0x4f, 0x17, 0x69, 0x5a, 0x4a, 0x68, 0x34, 0xab, 0xa1, 0x45, 0x32, 0x3c, 0x83, 0x87, 0x72, 0x30, 0x54, 0x77, 0x68, 0xae, 0xfb, 0xb5, 0x8b, 0x22, 0x5e}}}, -{{{0xf1, 0xb9, 0x87, 0x35, 0xc5, 0xbb, 0xb9, 0xcf, 0xf5, 0xd6, 0xcd, 0xd5, 0x0c, 0x7c, 0x0e, 0xe6, 0x90, 0x34, 0xfb, 0x51, 0x42, 0x1e, 0x6d, 0xac, 0x9a, 0x46, 0xc4, 0x97, 0x29, 0x32, 0xbf, 0x45}} , - {{0x66, 0x9e, 0xc6, 0x24, 0xc0, 0xed, 0xa5, 0x5d, 0x88, 0xd4, 0xf0, 0x73, 0x97, 0x7b, 0xea, 0x7f, 0x42, 0xff, 0x21, 0xa0, 0x9b, 0x2f, 0x9a, 0xfd, 0x53, 0x57, 0x07, 0x84, 0x48, 0x88, 0x9d, 0x52}}}, -{{{0xc6, 0x96, 0x48, 0x34, 0x2a, 0x06, 0xaf, 0x94, 0x3d, 0xf4, 0x1a, 0xcf, 0xf2, 0xc0, 0x21, 0xc2, 0x42, 0x5e, 0xc8, 0x2f, 0x35, 0xa2, 0x3e, 0x29, 0xfa, 0x0c, 0x84, 0xe5, 0x89, 0x72, 0x7c, 0x06}} , - {{0x32, 0x65, 0x03, 0xe5, 0x89, 0xa6, 0x6e, 0xb3, 0x5b, 0x8e, 0xca, 0xeb, 0xfe, 0x22, 0x56, 0x8b, 0x5d, 0x14, 0x4b, 0x4d, 0xf9, 0xbe, 0xb5, 0xf5, 0xe6, 0x5c, 0x7b, 0x8b, 0xf4, 0x13, 0x11, 0x34}}}, -{{{0x07, 0xc6, 0x22, 0x15, 0xe2, 0x9c, 0x60, 0xa2, 0x19, 0xd9, 0x27, 0xae, 0x37, 0x4e, 0xa6, 0xc9, 0x80, 0xa6, 0x91, 0x8f, 0x12, 0x49, 0xe5, 0x00, 0x18, 0x47, 0xd1, 0xd7, 0x28, 0x22, 0x63, 0x39}} , - {{0xe8, 0xe2, 0x00, 0x7e, 0xf2, 0x9e, 0x1e, 0x99, 0x39, 0x95, 0x04, 0xbd, 0x1e, 0x67, 0x7b, 0xb2, 0x26, 0xac, 0xe6, 0xaa, 0xe2, 0x46, 0xd5, 0xe4, 0xe8, 0x86, 0xbd, 0xab, 0x7c, 0x55, 0x59, 0x6f}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x24, 0x64, 0x6e, 0x9b, 0x35, 0x71, 0x78, 0xce, 0x33, 0x03, 0x21, 0x33, 0x36, 0xf1, 0x73, 0x9b, 0xb9, 0x15, 0x8b, 0x2c, 0x69, 0xcf, 0x4d, 0xed, 0x4f, 0x4d, 0x57, 0x14, 0x13, 0x82, 0xa4, 0x4d}} , - {{0x65, 0x6e, 0x0a, 0xa4, 0x59, 0x07, 0x17, 0xf2, 0x6b, 0x4a, 0x1f, 0x6e, 0xf6, 0xb5, 0xbc, 0x62, 0xe4, 0xb6, 0xda, 0xa2, 0x93, 0xbc, 0x29, 0x05, 0xd2, 0xd2, 0x73, 0x46, 0x03, 0x16, 0x40, 0x31}}}, -{{{0x4c, 0x73, 0x6d, 0x15, 0xbd, 0xa1, 0x4d, 0x5c, 0x13, 0x0b, 0x24, 0x06, 0x98, 0x78, 0x1c, 0x5b, 0xeb, 0x1f, 0x18, 0x54, 0x43, 0xd9, 0x55, 0x66, 0xda, 0x29, 0x21, 0xe8, 0xb8, 0x3c, 0x42, 0x22}} , - {{0xb4, 0xcd, 0x08, 0x6f, 0x15, 0x23, 0x1a, 0x0b, 0x22, 0xed, 0xd1, 0xf1, 0xa7, 0xc7, 0x73, 0x45, 0xf3, 0x9e, 0xce, 0x76, 0xb7, 0xf6, 0x39, 0xb6, 0x8e, 0x79, 0xbe, 0xe9, 0x9b, 0xcf, 0x7d, 0x62}}}, -{{{0x92, 0x5b, 0xfc, 0x72, 0xfd, 0xba, 0xf1, 0xfd, 0xa6, 0x7c, 0x95, 0xe3, 0x61, 0x3f, 0xe9, 0x03, 0xd4, 0x2b, 0xd4, 0x20, 0xd9, 0xdb, 0x4d, 0x32, 0x3e, 0xf5, 0x11, 0x64, 0xe3, 0xb4, 0xbe, 0x32}} , - {{0x86, 0x17, 0x90, 0xe7, 0xc9, 0x1f, 0x10, 0xa5, 0x6a, 0x2d, 0x39, 0xd0, 0x3b, 0xc4, 0xa6, 0xe9, 0x59, 0x13, 0xda, 0x1a, 0xe6, 0xa0, 0xb9, 0x3c, 0x50, 0xb8, 0x40, 0x7c, 0x15, 0x36, 0x5a, 0x42}}}, -{{{0xb4, 0x0b, 0x32, 0xab, 0xdc, 0x04, 0x51, 0x55, 0x21, 0x1e, 0x0b, 0x75, 0x99, 0x89, 0x73, 0x35, 0x3a, 0x91, 0x2b, 0xfe, 0xe7, 0x49, 0xea, 0x76, 0xc1, 0xf9, 0x46, 0xb9, 0x53, 0x02, 0x23, 0x04}} , - {{0xfc, 0x5a, 0x1e, 0x1d, 0x74, 0x58, 0x95, 0xa6, 0x8f, 0x7b, 0x97, 0x3e, 0x17, 0x3b, 0x79, 0x2d, 0xa6, 0x57, 0xef, 0x45, 0x02, 0x0b, 0x4d, 0x6e, 0x9e, 0x93, 0x8d, 0x2f, 0xd9, 0x9d, 0xdb, 0x04}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xc0, 0xd7, 0x56, 0x97, 0x58, 0x91, 0xde, 0x09, 0x4f, 0x9f, 0xbe, 0x63, 0xb0, 0x83, 0x86, 0x43, 0x5d, 0xbc, 0xe0, 0xf3, 0xc0, 0x75, 0xbf, 0x8b, 0x8e, 0xaa, 0xf7, 0x8b, 0x64, 0x6e, 0xb0, 0x63}} , - {{0x16, 0xae, 0x8b, 0xe0, 0x9b, 0x24, 0x68, 0x5c, 0x44, 0xc2, 0xd0, 0x08, 0xb7, 0x7b, 0x62, 0xfd, 0x7f, 0xd8, 0xd4, 0xb7, 0x50, 0xfd, 0x2c, 0x1b, 0xbf, 0x41, 0x95, 0xd9, 0x8e, 0xd8, 0x17, 0x1b}}}, -{{{0x86, 0x55, 0x37, 0x8e, 0xc3, 0x38, 0x48, 0x14, 0xb5, 0x97, 0xd2, 0xa7, 0x54, 0x45, 0xf1, 0x35, 0x44, 0x38, 0x9e, 0xf1, 0x1b, 0xb6, 0x34, 0x00, 0x3c, 0x96, 0xee, 0x29, 0x00, 0xea, 0x2c, 0x0b}} , - {{0xea, 0xda, 0x99, 0x9e, 0x19, 0x83, 0x66, 0x6d, 0xe9, 0x76, 0x87, 0x50, 0xd1, 0xfd, 0x3c, 0x60, 0x87, 0xc6, 0x41, 0xd9, 0x8e, 0xdb, 0x5e, 0xde, 0xaa, 0x9a, 0xd3, 0x28, 0xda, 0x95, 0xea, 0x47}}}, -{{{0xd0, 0x80, 0xba, 0x19, 0xae, 0x1d, 0xa9, 0x79, 0xf6, 0x3f, 0xac, 0x5d, 0x6f, 0x96, 0x1f, 0x2a, 0xce, 0x29, 0xb2, 0xff, 0x37, 0xf1, 0x94, 0x8f, 0x0c, 0xb5, 0x28, 0xba, 0x9a, 0x21, 0xf6, 0x66}} , - {{0x02, 0xfb, 0x54, 0xb8, 0x05, 0xf3, 0x81, 0x52, 0x69, 0x34, 0x46, 0x9d, 0x86, 0x76, 0x8f, 0xd7, 0xf8, 0x6a, 0x66, 0xff, 0xe6, 0xa7, 0x90, 0xf7, 0x5e, 0xcd, 0x6a, 0x9b, 0x55, 0xfc, 0x9d, 0x48}}}, -{{{0xbd, 0xaa, 0x13, 0xe6, 0xcd, 0x45, 0x4a, 0xa4, 0x59, 0x0a, 0x64, 0xb1, 0x98, 0xd6, 0x34, 0x13, 0x04, 0xe6, 0x97, 0x94, 0x06, 0xcb, 0xd4, 0x4e, 0xbb, 0x96, 0xcd, 0xd1, 0x57, 0xd1, 0xe3, 0x06}} , - {{0x7a, 0x6c, 0x45, 0x27, 0xc4, 0x93, 0x7f, 0x7d, 0x7c, 0x62, 0x50, 0x38, 0x3a, 0x6b, 0xb5, 0x88, 0xc6, 0xd9, 0xf1, 0x78, 0x19, 0xb9, 0x39, 0x93, 0x3d, 0xc9, 0xe0, 0x9c, 0x3c, 0xce, 0xf5, 0x72}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x24, 0xea, 0x23, 0x7d, 0x56, 0x2c, 0xe2, 0x59, 0x0e, 0x85, 0x60, 0x04, 0x88, 0x5a, 0x74, 0x1e, 0x4b, 0xef, 0x13, 0xda, 0x4c, 0xff, 0x83, 0x45, 0x85, 0x3f, 0x08, 0x95, 0x2c, 0x20, 0x13, 0x1f}} , - {{0x48, 0x5f, 0x27, 0x90, 0x5c, 0x02, 0x42, 0xad, 0x78, 0x47, 0x5c, 0xb5, 0x7e, 0x08, 0x85, 0x00, 0xfa, 0x7f, 0xfd, 0xfd, 0xe7, 0x09, 0x11, 0xf2, 0x7e, 0x1b, 0x38, 0x6c, 0x35, 0x6d, 0x33, 0x66}}}, -{{{0x93, 0x03, 0x36, 0x81, 0xac, 0xe4, 0x20, 0x09, 0x35, 0x4c, 0x45, 0xb2, 0x1e, 0x4c, 0x14, 0x21, 0xe6, 0xe9, 0x8a, 0x7b, 0x8d, 0xfe, 0x1e, 0xc6, 0x3e, 0xc1, 0x35, 0xfa, 0xe7, 0x70, 0x4e, 0x1d}} , - {{0x61, 0x2e, 0xc2, 0xdd, 0x95, 0x57, 0xd1, 0xab, 0x80, 0xe8, 0x63, 0x17, 0xb5, 0x48, 0xe4, 0x8a, 0x11, 0x9e, 0x72, 0xbe, 0x85, 0x8d, 0x51, 0x0a, 0xf2, 0x9f, 0xe0, 0x1c, 0xa9, 0x07, 0x28, 0x7b}}}, -{{{0xbb, 0x71, 0x14, 0x5e, 0x26, 0x8c, 0x3d, 0xc8, 0xe9, 0x7c, 0xd3, 0xd6, 0xd1, 0x2f, 0x07, 0x6d, 0xe6, 0xdf, 0xfb, 0x79, 0xd6, 0x99, 0x59, 0x96, 0x48, 0x40, 0x0f, 0x3a, 0x7b, 0xb2, 0xa0, 0x72}} , - {{0x4e, 0x3b, 0x69, 0xc8, 0x43, 0x75, 0x51, 0x6c, 0x79, 0x56, 0xe4, 0xcb, 0xf7, 0xa6, 0x51, 0xc2, 0x2c, 0x42, 0x0b, 0xd4, 0x82, 0x20, 0x1c, 0x01, 0x08, 0x66, 0xd7, 0xbf, 0x04, 0x56, 0xfc, 0x02}}}, -{{{0x24, 0xe8, 0xb7, 0x60, 0xae, 0x47, 0x80, 0xfc, 0xe5, 0x23, 0xe7, 0xc2, 0xc9, 0x85, 0xe6, 0x98, 0xa0, 0x29, 0x4e, 0xe1, 0x84, 0x39, 0x2d, 0x95, 0x2c, 0xf3, 0x45, 0x3c, 0xff, 0xaf, 0x27, 0x4c}} , - {{0x6b, 0xa6, 0xf5, 0x4b, 0x11, 0xbd, 0xba, 0x5b, 0x9e, 0xc4, 0xa4, 0x51, 0x1e, 0xbe, 0xd0, 0x90, 0x3a, 0x9c, 0xc2, 0x26, 0xb6, 0x1e, 0xf1, 0x95, 0x7d, 0xc8, 0x6d, 0x52, 0xe6, 0x99, 0x2c, 0x5f}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x85, 0xe0, 0x24, 0x32, 0xb4, 0xd1, 0xef, 0xfc, 0x69, 0xa2, 0xbf, 0x8f, 0x72, 0x2c, 0x95, 0xf6, 0xe4, 0x6e, 0x7d, 0x90, 0xf7, 0x57, 0x81, 0xa0, 0xf7, 0xda, 0xef, 0x33, 0x07, 0xe3, 0x6b, 0x78}} , - {{0x36, 0x27, 0x3e, 0xc6, 0x12, 0x07, 0xab, 0x4e, 0xbe, 0x69, 0x9d, 0xb3, 0xbe, 0x08, 0x7c, 0x2a, 0x47, 0x08, 0xfd, 0xd4, 0xcd, 0x0e, 0x27, 0x34, 0x5b, 0x98, 0x34, 0x2f, 0x77, 0x5f, 0x3a, 0x65}}}, -{{{0x13, 0xaa, 0x2e, 0x4c, 0xf0, 0x22, 0xb8, 0x6c, 0xb3, 0x19, 0x4d, 0xeb, 0x6b, 0xd0, 0xa4, 0xc6, 0x9c, 0xdd, 0xc8, 0x5b, 0x81, 0x57, 0x89, 0xdf, 0x33, 0xa9, 0x68, 0x49, 0x80, 0xe4, 0xfe, 0x21}} , - {{0x00, 0x17, 0x90, 0x30, 0xe9, 0xd3, 0x60, 0x30, 0x31, 0xc2, 0x72, 0x89, 0x7a, 0x36, 0xa5, 0xbd, 0x39, 0x83, 0x85, 0x50, 0xa1, 0x5d, 0x6c, 0x41, 0x1d, 0xb5, 0x2c, 0x07, 0x40, 0x77, 0x0b, 0x50}}}, -{{{0x64, 0x34, 0xec, 0xc0, 0x9e, 0x44, 0x41, 0xaf, 0xa0, 0x36, 0x05, 0x6d, 0xea, 0x30, 0x25, 0x46, 0x35, 0x24, 0x9d, 0x86, 0xbd, 0x95, 0xf1, 0x6a, 0x46, 0xd7, 0x94, 0x54, 0xf9, 0x3b, 0xbd, 0x5d}} , - {{0x77, 0x5b, 0xe2, 0x37, 0xc7, 0xe1, 0x7c, 0x13, 0x8c, 0x9f, 0x7b, 0x7b, 0x2a, 0xce, 0x42, 0xa3, 0xb9, 0x2a, 0x99, 0xa8, 0xc0, 0xd8, 0x3c, 0x86, 0xb0, 0xfb, 0xe9, 0x76, 0x77, 0xf7, 0xf5, 0x56}}}, -{{{0xdf, 0xb3, 0x46, 0x11, 0x6e, 0x13, 0xb7, 0x28, 0x4e, 0x56, 0xdd, 0xf1, 0xac, 0xad, 0x58, 0xc3, 0xf8, 0x88, 0x94, 0x5e, 0x06, 0x98, 0xa1, 0xe4, 0x6a, 0xfb, 0x0a, 0x49, 0x5d, 0x8a, 0xfe, 0x77}} , - {{0x46, 0x02, 0xf5, 0xa5, 0xaf, 0xc5, 0x75, 0x6d, 0xba, 0x45, 0x35, 0x0a, 0xfe, 0xc9, 0xac, 0x22, 0x91, 0x8d, 0x21, 0x95, 0x33, 0x03, 0xc0, 0x8a, 0x16, 0xf3, 0x39, 0xe0, 0x01, 0x0f, 0x53, 0x3c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x34, 0x75, 0x37, 0x1f, 0x34, 0x4e, 0xa9, 0x1d, 0x68, 0x67, 0xf8, 0x49, 0x98, 0x96, 0xfc, 0x4c, 0x65, 0x97, 0xf7, 0x02, 0x4a, 0x52, 0x6c, 0x01, 0xbd, 0x48, 0xbb, 0x1b, 0xed, 0xa4, 0xe2, 0x53}} , - {{0x59, 0xd5, 0x9b, 0x5a, 0xa2, 0x90, 0xd3, 0xb8, 0x37, 0x4c, 0x55, 0x82, 0x28, 0x08, 0x0f, 0x7f, 0xaa, 0x81, 0x65, 0xe0, 0x0c, 0x52, 0xc9, 0xa3, 0x32, 0x27, 0x64, 0xda, 0xfd, 0x34, 0x23, 0x5a}}}, -{{{0xb5, 0xb0, 0x0c, 0x4d, 0xb3, 0x7b, 0x23, 0xc8, 0x1f, 0x8a, 0x39, 0x66, 0xe6, 0xba, 0x4c, 0x10, 0x37, 0xca, 0x9c, 0x7c, 0x05, 0x9e, 0xff, 0xc0, 0xf8, 0x8e, 0xb1, 0x8f, 0x6f, 0x67, 0x18, 0x26}} , - {{0x4b, 0x41, 0x13, 0x54, 0x23, 0x1a, 0xa4, 0x4e, 0xa9, 0x8b, 0x1e, 0x4b, 0xfc, 0x15, 0x24, 0xbb, 0x7e, 0xcb, 0xb6, 0x1e, 0x1b, 0xf5, 0xf2, 0xc8, 0x56, 0xec, 0x32, 0xa2, 0x60, 0x5b, 0xa0, 0x2a}}}, -{{{0xa4, 0x29, 0x47, 0x86, 0x2e, 0x92, 0x4f, 0x11, 0x4f, 0xf3, 0xb2, 0x5c, 0xd5, 0x3e, 0xa6, 0xb9, 0xc8, 0xe2, 0x33, 0x11, 0x1f, 0x01, 0x8f, 0xb0, 0x9b, 0xc7, 0xa5, 0xff, 0x83, 0x0f, 0x1e, 0x28}} , - {{0x1d, 0x29, 0x7a, 0xa1, 0xec, 0x8e, 0xb5, 0xad, 0xea, 0x02, 0x68, 0x60, 0x74, 0x29, 0x1c, 0xa5, 0xcf, 0xc8, 0x3b, 0x7d, 0x8b, 0x2b, 0x7c, 0xad, 0xa4, 0x40, 0x17, 0x51, 0x59, 0x7c, 0x2e, 0x5d}}}, -{{{0x0a, 0x6c, 0x4f, 0xbc, 0x3e, 0x32, 0xe7, 0x4a, 0x1a, 0x13, 0xc1, 0x49, 0x38, 0xbf, 0xf7, 0xc2, 0xd3, 0x8f, 0x6b, 0xad, 0x52, 0xf7, 0xcf, 0xbc, 0x27, 0xcb, 0x40, 0x67, 0x76, 0xcd, 0x6d, 0x56}} , - {{0xe5, 0xb0, 0x27, 0xad, 0xbe, 0x9b, 0xf2, 0xb5, 0x63, 0xde, 0x3a, 0x23, 0x95, 0xb7, 0x0a, 0x7e, 0xf3, 0x9e, 0x45, 0x6f, 0x19, 0x39, 0x75, 0x8f, 0x39, 0x3d, 0x0f, 0xc0, 0x9f, 0xf1, 0xe9, 0x51}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x88, 0xaa, 0x14, 0x24, 0x86, 0x94, 0x11, 0x12, 0x3e, 0x1a, 0xb5, 0xcc, 0xbb, 0xe0, 0x9c, 0xd5, 0x9c, 0x6d, 0xba, 0x58, 0x72, 0x8d, 0xfb, 0x22, 0x7b, 0x9f, 0x7c, 0x94, 0x30, 0xb3, 0x51, 0x21}} , - {{0xf6, 0x74, 0x3d, 0xf2, 0xaf, 0xd0, 0x1e, 0x03, 0x7c, 0x23, 0x6b, 0xc9, 0xfc, 0x25, 0x70, 0x90, 0xdc, 0x9a, 0xa4, 0xfb, 0x49, 0xfc, 0x3d, 0x0a, 0x35, 0x38, 0x6f, 0xe4, 0x7e, 0x50, 0x01, 0x2a}}}, -{{{0xd6, 0xe3, 0x96, 0x61, 0x3a, 0xfd, 0xef, 0x9b, 0x1f, 0x90, 0xa4, 0x24, 0x14, 0x5b, 0xc8, 0xde, 0x50, 0xb1, 0x1d, 0xaf, 0xe8, 0x55, 0x8a, 0x87, 0x0d, 0xfe, 0xaa, 0x3b, 0x82, 0x2c, 0x8d, 0x7b}} , - {{0x85, 0x0c, 0xaf, 0xf8, 0x83, 0x44, 0x49, 0xd9, 0x45, 0xcf, 0xf7, 0x48, 0xd9, 0x53, 0xb4, 0xf1, 0x65, 0xa0, 0xe1, 0xc3, 0xb3, 0x15, 0xed, 0x89, 0x9b, 0x4f, 0x62, 0xb3, 0x57, 0xa5, 0x45, 0x1c}}}, -{{{0x8f, 0x12, 0xea, 0xaf, 0xd1, 0x1f, 0x79, 0x10, 0x0b, 0xf6, 0xa3, 0x7b, 0xea, 0xac, 0x8b, 0x57, 0x32, 0x62, 0xe7, 0x06, 0x12, 0x51, 0xa0, 0x3b, 0x43, 0x5e, 0xa4, 0x20, 0x78, 0x31, 0xce, 0x0d}} , - {{0x84, 0x7c, 0xc2, 0xa6, 0x91, 0x23, 0xce, 0xbd, 0xdc, 0xf9, 0xce, 0xd5, 0x75, 0x30, 0x22, 0xe6, 0xf9, 0x43, 0x62, 0x0d, 0xf7, 0x75, 0x9d, 0x7f, 0x8c, 0xff, 0x7d, 0xe4, 0x72, 0xac, 0x9f, 0x1c}}}, -{{{0x88, 0xc1, 0x99, 0xd0, 0x3c, 0x1c, 0x5d, 0xb4, 0xef, 0x13, 0x0f, 0x90, 0xb9, 0x36, 0x2f, 0x95, 0x95, 0xc6, 0xdc, 0xde, 0x0a, 0x51, 0xe2, 0x8d, 0xf3, 0xbc, 0x51, 0xec, 0xdf, 0xb1, 0xa2, 0x5f}} , - {{0x2e, 0x68, 0xa1, 0x23, 0x7d, 0x9b, 0x40, 0x69, 0x85, 0x7b, 0x42, 0xbf, 0x90, 0x4b, 0xd6, 0x40, 0x2f, 0xd7, 0x52, 0x52, 0xb2, 0x21, 0xde, 0x64, 0xbd, 0x88, 0xc3, 0x6d, 0xa5, 0xfa, 0x81, 0x3f}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xfb, 0xfd, 0x47, 0x7b, 0x8a, 0x66, 0x9e, 0x79, 0x2e, 0x64, 0x82, 0xef, 0xf7, 0x21, 0xec, 0xf6, 0xd8, 0x86, 0x09, 0x31, 0x7c, 0xdd, 0x03, 0x6a, 0x58, 0xa0, 0x77, 0xb7, 0x9b, 0x8c, 0x87, 0x1f}} , - {{0x55, 0x47, 0xe4, 0xa8, 0x3d, 0x55, 0x21, 0x34, 0xab, 0x1d, 0xae, 0xe0, 0xf4, 0xea, 0xdb, 0xc5, 0xb9, 0x58, 0xbf, 0xc4, 0x2a, 0x89, 0x31, 0x1a, 0xf4, 0x2d, 0xe1, 0xca, 0x37, 0x99, 0x47, 0x59}}}, -{{{0xc7, 0xca, 0x63, 0xc1, 0x49, 0xa9, 0x35, 0x45, 0x55, 0x7e, 0xda, 0x64, 0x32, 0x07, 0x50, 0xf7, 0x32, 0xac, 0xde, 0x75, 0x58, 0x9b, 0x11, 0xb2, 0x3a, 0x1f, 0xf5, 0xf7, 0x79, 0x04, 0xe6, 0x08}} , - {{0x46, 0xfa, 0x22, 0x4b, 0xfa, 0xe1, 0xfe, 0x96, 0xfc, 0x67, 0xba, 0x67, 0x97, 0xc4, 0xe7, 0x1b, 0x86, 0x90, 0x5f, 0xee, 0xf4, 0x5b, 0x11, 0xb2, 0xcd, 0xad, 0xee, 0xc2, 0x48, 0x6c, 0x2b, 0x1b}}}, -{{{0xe3, 0x39, 0x62, 0xb4, 0x4f, 0x31, 0x04, 0xc9, 0xda, 0xd5, 0x73, 0x51, 0x57, 0xc5, 0xb8, 0xf3, 0xa3, 0x43, 0x70, 0xe4, 0x61, 0x81, 0x84, 0xe2, 0xbb, 0xbf, 0x4f, 0x9e, 0xa4, 0x5e, 0x74, 0x06}} , - {{0x29, 0xac, 0xff, 0x27, 0xe0, 0x59, 0xbe, 0x39, 0x9c, 0x0d, 0x83, 0xd7, 0x10, 0x0b, 0x15, 0xb7, 0xe1, 0xc2, 0x2c, 0x30, 0x73, 0x80, 0x3a, 0x7d, 0x5d, 0xab, 0x58, 0x6b, 0xc1, 0xf0, 0xf4, 0x22}}}, -{{{0xfe, 0x7f, 0xfb, 0x35, 0x7d, 0xc6, 0x01, 0x23, 0x28, 0xc4, 0x02, 0xac, 0x1f, 0x42, 0xb4, 0x9d, 0xfc, 0x00, 0x94, 0xa5, 0xee, 0xca, 0xda, 0x97, 0x09, 0x41, 0x77, 0x87, 0x5d, 0x7b, 0x87, 0x78}} , - {{0xf5, 0xfb, 0x90, 0x2d, 0x81, 0x19, 0x9e, 0x2f, 0x6d, 0x85, 0x88, 0x8c, 0x40, 0x5c, 0x77, 0x41, 0x4d, 0x01, 0x19, 0x76, 0x60, 0xe8, 0x4c, 0x48, 0xe4, 0x33, 0x83, 0x32, 0x6c, 0xb4, 0x41, 0x03}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xff, 0x10, 0xc2, 0x09, 0x4f, 0x6e, 0xf4, 0xd2, 0xdf, 0x7e, 0xca, 0x7b, 0x1c, 0x1d, 0xba, 0xa3, 0xb6, 0xda, 0x67, 0x33, 0xd4, 0x87, 0x36, 0x4b, 0x11, 0x20, 0x05, 0xa6, 0x29, 0xc1, 0x87, 0x17}} , - {{0xf6, 0x96, 0xca, 0x2f, 0xda, 0x38, 0xa7, 0x1b, 0xfc, 0xca, 0x7d, 0xfe, 0x08, 0x89, 0xe2, 0x47, 0x2b, 0x6a, 0x5d, 0x4b, 0xfa, 0xa1, 0xb4, 0xde, 0xb6, 0xc2, 0x31, 0x51, 0xf5, 0xe0, 0xa4, 0x0b}}}, -{{{0x5c, 0xe5, 0xc6, 0x04, 0x8e, 0x2b, 0x57, 0xbe, 0x38, 0x85, 0x23, 0xcb, 0xb7, 0xbe, 0x4f, 0xa9, 0xd3, 0x6e, 0x12, 0xaa, 0xd5, 0xb2, 0x2e, 0x93, 0x29, 0x9a, 0x4a, 0x88, 0x18, 0x43, 0xf5, 0x01}} , - {{0x50, 0xfc, 0xdb, 0xa2, 0x59, 0x21, 0x8d, 0xbd, 0x7e, 0x33, 0xae, 0x2f, 0x87, 0x1a, 0xd0, 0x97, 0xc7, 0x0d, 0x4d, 0x63, 0x01, 0xef, 0x05, 0x84, 0xec, 0x40, 0xdd, 0xa8, 0x0a, 0x4f, 0x70, 0x0b}}}, -{{{0x41, 0x69, 0x01, 0x67, 0x5c, 0xd3, 0x8a, 0xc5, 0xcf, 0x3f, 0xd1, 0x57, 0xd1, 0x67, 0x3e, 0x01, 0x39, 0xb5, 0xcb, 0x81, 0x56, 0x96, 0x26, 0xb6, 0xc2, 0xe7, 0x5c, 0xfb, 0x63, 0x97, 0x58, 0x06}} , - {{0x0c, 0x0e, 0xf3, 0xba, 0xf0, 0xe5, 0xba, 0xb2, 0x57, 0x77, 0xc6, 0x20, 0x9b, 0x89, 0x24, 0xbe, 0xf2, 0x9c, 0x8a, 0xba, 0x69, 0xc1, 0xf1, 0xb0, 0x4f, 0x2a, 0x05, 0x9a, 0xee, 0x10, 0x7e, 0x36}}}, -{{{0x3f, 0x26, 0xe9, 0x40, 0xe9, 0x03, 0xad, 0x06, 0x69, 0x91, 0xe0, 0xd1, 0x89, 0x60, 0x84, 0x79, 0xde, 0x27, 0x6d, 0xe6, 0x76, 0xbd, 0xea, 0xe6, 0xae, 0x48, 0xc3, 0x67, 0xc0, 0x57, 0xcd, 0x2f}} , - {{0x7f, 0xc1, 0xdc, 0xb9, 0xc7, 0xbc, 0x86, 0x3d, 0x55, 0x4b, 0x28, 0x7a, 0xfb, 0x4d, 0xc7, 0xf8, 0xbc, 0x67, 0x2a, 0x60, 0x4d, 0x8f, 0x07, 0x0b, 0x1a, 0x17, 0xbf, 0xfa, 0xac, 0xa7, 0x3d, 0x1a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x91, 0x3f, 0xed, 0x5e, 0x18, 0x78, 0x3f, 0x23, 0x2c, 0x0d, 0x8c, 0x44, 0x00, 0xe8, 0xfb, 0xe9, 0x8e, 0xd6, 0xd1, 0x36, 0x58, 0x57, 0x9e, 0xae, 0x4b, 0x5c, 0x0b, 0x07, 0xbc, 0x6b, 0x55, 0x2b}} , - {{0x6f, 0x4d, 0x17, 0xd7, 0xe1, 0x84, 0xd9, 0x78, 0xb1, 0x90, 0xfd, 0x2e, 0xb3, 0xb5, 0x19, 0x3f, 0x1b, 0xfa, 0xc0, 0x68, 0xb3, 0xdd, 0x00, 0x2e, 0x89, 0xbd, 0x7e, 0x80, 0x32, 0x13, 0xa0, 0x7b}}}, -{{{0x1a, 0x6f, 0x40, 0xaf, 0x44, 0x44, 0xb0, 0x43, 0x8f, 0x0d, 0xd0, 0x1e, 0xc4, 0x0b, 0x19, 0x5d, 0x8e, 0xfe, 0xc1, 0xf3, 0xc5, 0x5c, 0x91, 0xf8, 0x04, 0x4e, 0xbe, 0x90, 0xb4, 0x47, 0x5c, 0x3f}} , - {{0xb0, 0x3b, 0x2c, 0xf3, 0xfe, 0x32, 0x71, 0x07, 0x3f, 0xaa, 0xba, 0x45, 0x60, 0xa8, 0x8d, 0xea, 0x54, 0xcb, 0x39, 0x10, 0xb4, 0xf2, 0x8b, 0xd2, 0x14, 0x82, 0x42, 0x07, 0x8e, 0xe9, 0x7c, 0x53}}}, -{{{0xb0, 0xae, 0xc1, 0x8d, 0xc9, 0x8f, 0xb9, 0x7a, 0x77, 0xef, 0xba, 0x79, 0xa0, 0x3c, 0xa8, 0xf5, 0x6a, 0xe2, 0x3f, 0x5d, 0x00, 0xe3, 0x4b, 0x45, 0x24, 0x7b, 0x43, 0x78, 0x55, 0x1d, 0x2b, 0x1e}} , - {{0x01, 0xb8, 0xd6, 0x16, 0x67, 0xa0, 0x15, 0xb9, 0xe1, 0x58, 0xa4, 0xa7, 0x31, 0x37, 0x77, 0x2f, 0x8b, 0x12, 0x9f, 0xf4, 0x3f, 0xc7, 0x36, 0x66, 0xd2, 0xa8, 0x56, 0xf7, 0x7f, 0x74, 0xc6, 0x41}}}, -{{{0x5d, 0xf8, 0xb4, 0xa8, 0x30, 0xdd, 0xcc, 0x38, 0xa5, 0xd3, 0xca, 0xd8, 0xd1, 0xf8, 0xb2, 0x31, 0x91, 0xd4, 0x72, 0x05, 0x57, 0x4a, 0x3b, 0x82, 0x4a, 0xc6, 0x68, 0x20, 0xe2, 0x18, 0x41, 0x61}} , - {{0x19, 0xd4, 0x8d, 0x47, 0x29, 0x12, 0x65, 0xb0, 0x11, 0x78, 0x47, 0xb5, 0xcb, 0xa3, 0xa5, 0xfa, 0x05, 0x85, 0x54, 0xa9, 0x33, 0x97, 0x8d, 0x2b, 0xc2, 0xfe, 0x99, 0x35, 0x28, 0xe5, 0xeb, 0x63}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xb1, 0x3f, 0x3f, 0xef, 0xd8, 0xf4, 0xfc, 0xb3, 0xa0, 0x60, 0x50, 0x06, 0x2b, 0x29, 0x52, 0x70, 0x15, 0x0b, 0x24, 0x24, 0xf8, 0x5f, 0x79, 0x18, 0xcc, 0xff, 0x89, 0x99, 0x84, 0xa1, 0xae, 0x13}} , - {{0x44, 0x1f, 0xb8, 0xc2, 0x01, 0xc1, 0x30, 0x19, 0x55, 0x05, 0x60, 0x10, 0xa4, 0x6c, 0x2d, 0x67, 0x70, 0xe5, 0x25, 0x1b, 0xf2, 0xbf, 0xdd, 0xfb, 0x70, 0x2b, 0xa1, 0x8c, 0x9c, 0x94, 0x84, 0x08}}}, -{{{0xe7, 0xc4, 0x43, 0x4d, 0xc9, 0x2b, 0x69, 0x5d, 0x1d, 0x3c, 0xaf, 0xbb, 0x43, 0x38, 0x4e, 0x98, 0x3d, 0xed, 0x0d, 0x21, 0x03, 0xfd, 0xf0, 0x99, 0x47, 0x04, 0xb0, 0x98, 0x69, 0x55, 0x72, 0x0f}} , - {{0x5e, 0xdf, 0x15, 0x53, 0x3b, 0x86, 0x80, 0xb0, 0xf1, 0x70, 0x68, 0x8f, 0x66, 0x7c, 0x0e, 0x49, 0x1a, 0xd8, 0x6b, 0xfe, 0x4e, 0xef, 0xca, 0x47, 0xd4, 0x03, 0xc1, 0x37, 0x50, 0x9c, 0xc1, 0x16}}}, -{{{0xcd, 0x24, 0xc6, 0x3e, 0x0c, 0x82, 0x9b, 0x91, 0x2b, 0x61, 0x4a, 0xb2, 0x0f, 0x88, 0x55, 0x5f, 0x5a, 0x57, 0xff, 0xe5, 0x74, 0x0b, 0x13, 0x43, 0x00, 0xd8, 0x6b, 0xcf, 0xd2, 0x15, 0x03, 0x2c}} , - {{0xdc, 0xff, 0x15, 0x61, 0x2f, 0x4a, 0x2f, 0x62, 0xf2, 0x04, 0x2f, 0xb5, 0x0c, 0xb7, 0x1e, 0x3f, 0x74, 0x1a, 0x0f, 0xd7, 0xea, 0xcd, 0xd9, 0x7d, 0xf6, 0x12, 0x0e, 0x2f, 0xdb, 0x5a, 0x3b, 0x16}}}, -{{{0x1b, 0x37, 0x47, 0xe3, 0xf5, 0x9e, 0xea, 0x2c, 0x2a, 0xe7, 0x82, 0x36, 0xf4, 0x1f, 0x81, 0x47, 0x92, 0x4b, 0x69, 0x0e, 0x11, 0x8c, 0x5d, 0x53, 0x5b, 0x81, 0x27, 0x08, 0xbc, 0xa0, 0xae, 0x25}} , - {{0x69, 0x32, 0xa1, 0x05, 0x11, 0x42, 0x00, 0xd2, 0x59, 0xac, 0x4d, 0x62, 0x8b, 0x13, 0xe2, 0x50, 0x5d, 0xa0, 0x9d, 0x9b, 0xfd, 0xbb, 0x12, 0x41, 0x75, 0x41, 0x9e, 0xcc, 0xdc, 0xc7, 0xdc, 0x5d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xd9, 0xe3, 0x38, 0x06, 0x46, 0x70, 0x82, 0x5e, 0x28, 0x49, 0x79, 0xff, 0x25, 0xd2, 0x4e, 0x29, 0x8d, 0x06, 0xb0, 0x23, 0xae, 0x9b, 0x66, 0xe4, 0x7d, 0xc0, 0x70, 0x91, 0xa3, 0xfc, 0xec, 0x4e}} , - {{0x62, 0x12, 0x37, 0x6a, 0x30, 0xf6, 0x1e, 0xfb, 0x14, 0x5c, 0x0d, 0x0e, 0xb7, 0x81, 0x6a, 0xe7, 0x08, 0x05, 0xac, 0xaa, 0x38, 0x46, 0xe2, 0x73, 0xea, 0x4b, 0x07, 0x81, 0x43, 0x7c, 0x9e, 0x5e}}}, -{{{0xfc, 0xf9, 0x21, 0x4f, 0x2e, 0x76, 0x9b, 0x1f, 0x28, 0x60, 0x77, 0x43, 0x32, 0x9d, 0xbe, 0x17, 0x30, 0x2a, 0xc6, 0x18, 0x92, 0x66, 0x62, 0x30, 0x98, 0x40, 0x11, 0xa6, 0x7f, 0x18, 0x84, 0x28}} , - {{0x3f, 0xab, 0xd3, 0xf4, 0x8a, 0x76, 0xa1, 0x3c, 0xca, 0x2d, 0x49, 0xc3, 0xea, 0x08, 0x0b, 0x85, 0x17, 0x2a, 0xc3, 0x6c, 0x08, 0xfd, 0x57, 0x9f, 0x3d, 0x5f, 0xdf, 0x67, 0x68, 0x42, 0x00, 0x32}}}, -{{{0x51, 0x60, 0x1b, 0x06, 0x4f, 0x8a, 0x21, 0xba, 0x38, 0xa8, 0xba, 0xd6, 0x40, 0xf6, 0xe9, 0x9b, 0x76, 0x4d, 0x56, 0x21, 0x5b, 0x0a, 0x9b, 0x2e, 0x4f, 0x3d, 0x81, 0x32, 0x08, 0x9f, 0x97, 0x5b}} , - {{0xe5, 0x44, 0xec, 0x06, 0x9d, 0x90, 0x79, 0x9f, 0xd3, 0xe0, 0x79, 0xaf, 0x8f, 0x10, 0xfd, 0xdd, 0x04, 0xae, 0x27, 0x97, 0x46, 0x33, 0x79, 0xea, 0xb8, 0x4e, 0xca, 0x5a, 0x59, 0x57, 0xe1, 0x0e}}}, -{{{0x1a, 0xda, 0xf3, 0xa5, 0x41, 0x43, 0x28, 0xfc, 0x7e, 0xe7, 0x71, 0xea, 0xc6, 0x3b, 0x59, 0xcc, 0x2e, 0xd3, 0x40, 0xec, 0xb3, 0x13, 0x6f, 0x44, 0xcd, 0x13, 0xb2, 0x37, 0xf2, 0x6e, 0xd9, 0x1c}} , - {{0xe3, 0xdb, 0x60, 0xcd, 0x5c, 0x4a, 0x18, 0x0f, 0xef, 0x73, 0x36, 0x71, 0x8c, 0xf6, 0x11, 0xb4, 0xd8, 0xce, 0x17, 0x5e, 0x4f, 0x26, 0x77, 0x97, 0x5f, 0xcb, 0xef, 0x91, 0xeb, 0x6a, 0x62, 0x7a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x18, 0x4a, 0xa2, 0x97, 0x08, 0x81, 0x2d, 0x83, 0xc4, 0xcc, 0xf0, 0x83, 0x7e, 0xec, 0x0d, 0x95, 0x4c, 0x5b, 0xfb, 0xfa, 0x98, 0x80, 0x4a, 0x66, 0x56, 0x0c, 0x51, 0xb3, 0xf2, 0x04, 0x5d, 0x27}} , - {{0x3b, 0xb9, 0xb8, 0x06, 0x5a, 0x2e, 0xfe, 0xc3, 0x82, 0x37, 0x9c, 0xa3, 0x11, 0x1f, 0x9c, 0xa6, 0xda, 0x63, 0x48, 0x9b, 0xad, 0xde, 0x2d, 0xa6, 0xbc, 0x6e, 0x32, 0xda, 0x27, 0x65, 0xdd, 0x57}}}, -{{{0x84, 0x4f, 0x37, 0x31, 0x7d, 0x2e, 0xbc, 0xad, 0x87, 0x07, 0x2a, 0x6b, 0x37, 0xfc, 0x5f, 0xeb, 0x4e, 0x75, 0x35, 0xa6, 0xde, 0xab, 0x0a, 0x19, 0x3a, 0xb7, 0xb1, 0xef, 0x92, 0x6a, 0x3b, 0x3c}} , - {{0x3b, 0xb2, 0x94, 0x6d, 0x39, 0x60, 0xac, 0xee, 0xe7, 0x81, 0x1a, 0x3b, 0x76, 0x87, 0x5c, 0x05, 0x94, 0x2a, 0x45, 0xb9, 0x80, 0xe9, 0x22, 0xb1, 0x07, 0xcb, 0x40, 0x9e, 0x70, 0x49, 0x6d, 0x12}}}, -{{{0xfd, 0x18, 0x78, 0x84, 0xa8, 0x4c, 0x7d, 0x6e, 0x59, 0xa6, 0xe5, 0x74, 0xf1, 0x19, 0xa6, 0x84, 0x2e, 0x51, 0xc1, 0x29, 0x13, 0xf2, 0x14, 0x6b, 0x5d, 0x53, 0x51, 0xf7, 0xef, 0xbf, 0x01, 0x22}} , - {{0xa4, 0x4b, 0x62, 0x4c, 0xe6, 0xfd, 0x72, 0x07, 0xf2, 0x81, 0xfc, 0xf2, 0xbd, 0x12, 0x7c, 0x68, 0x76, 0x2a, 0xba, 0xf5, 0x65, 0xb1, 0x1f, 0x17, 0x0a, 0x38, 0xb0, 0xbf, 0xc0, 0xf8, 0xf4, 0x2a}}}, -{{{0x55, 0x60, 0x55, 0x5b, 0xe4, 0x1d, 0x71, 0x4c, 0x9d, 0x5b, 0x9f, 0x70, 0xa6, 0x85, 0x9a, 0x2c, 0xa0, 0xe2, 0x32, 0x48, 0xce, 0x9e, 0x2a, 0xa5, 0x07, 0x3b, 0xc7, 0x6c, 0x86, 0x77, 0xde, 0x3c}} , - {{0xf7, 0x18, 0x7a, 0x96, 0x7e, 0x43, 0x57, 0xa9, 0x55, 0xfc, 0x4e, 0xb6, 0x72, 0x00, 0xf2, 0xe4, 0xd7, 0x52, 0xd3, 0xd3, 0xb6, 0x85, 0xf6, 0x71, 0xc7, 0x44, 0x3f, 0x7f, 0xd7, 0xb3, 0xf2, 0x79}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x46, 0xca, 0xa7, 0x55, 0x7b, 0x79, 0xf3, 0xca, 0x5a, 0x65, 0xf6, 0xed, 0x50, 0x14, 0x7b, 0xe4, 0xc4, 0x2a, 0x65, 0x9e, 0xe2, 0xf9, 0xca, 0xa7, 0x22, 0x26, 0x53, 0xcb, 0x21, 0x5b, 0xa7, 0x31}} , - {{0x90, 0xd7, 0xc5, 0x26, 0x08, 0xbd, 0xb0, 0x53, 0x63, 0x58, 0xc3, 0x31, 0x5e, 0x75, 0x46, 0x15, 0x91, 0xa6, 0xf8, 0x2f, 0x1a, 0x08, 0x65, 0x88, 0x2f, 0x98, 0x04, 0xf1, 0x7c, 0x6e, 0x00, 0x77}}}, -{{{0x81, 0x21, 0x61, 0x09, 0xf6, 0x4e, 0xf1, 0x92, 0xee, 0x63, 0x61, 0x73, 0x87, 0xc7, 0x54, 0x0e, 0x42, 0x4b, 0xc9, 0x47, 0xd1, 0xb8, 0x7e, 0x91, 0x75, 0x37, 0x99, 0x28, 0xb8, 0xdd, 0x7f, 0x50}} , - {{0x89, 0x8f, 0xc0, 0xbe, 0x5d, 0xd6, 0x9f, 0xa0, 0xf0, 0x9d, 0x81, 0xce, 0x3a, 0x7b, 0x98, 0x58, 0xbb, 0xd7, 0x78, 0xc8, 0x3f, 0x13, 0xf1, 0x74, 0x19, 0xdf, 0xf8, 0x98, 0x89, 0x5d, 0xfa, 0x5f}}}, -{{{0x9e, 0x35, 0x85, 0x94, 0x47, 0x1f, 0x90, 0x15, 0x26, 0xd0, 0x84, 0xed, 0x8a, 0x80, 0xf7, 0x63, 0x42, 0x86, 0x27, 0xd7, 0xf4, 0x75, 0x58, 0xdc, 0x9c, 0xc0, 0x22, 0x7e, 0x20, 0x35, 0xfd, 0x1f}} , - {{0x68, 0x0e, 0x6f, 0x97, 0xba, 0x70, 0xbb, 0xa3, 0x0e, 0xe5, 0x0b, 0x12, 0xf4, 0xa2, 0xdc, 0x47, 0xf8, 0xe6, 0xd0, 0x23, 0x6c, 0x33, 0xa8, 0x99, 0x46, 0x6e, 0x0f, 0x44, 0xba, 0x76, 0x48, 0x0f}}}, -{{{0xa3, 0x2a, 0x61, 0x37, 0xe2, 0x59, 0x12, 0x0e, 0x27, 0xba, 0x64, 0x43, 0xae, 0xc0, 0x42, 0x69, 0x79, 0xa4, 0x1e, 0x29, 0x8b, 0x15, 0xeb, 0xf8, 0xaf, 0xd4, 0xa2, 0x68, 0x33, 0xb5, 0x7a, 0x24}} , - {{0x2c, 0x19, 0x33, 0xdd, 0x1b, 0xab, 0xec, 0x01, 0xb0, 0x23, 0xf8, 0x42, 0x2b, 0x06, 0x88, 0xea, 0x3d, 0x2d, 0x00, 0x2a, 0x78, 0x45, 0x4d, 0x38, 0xed, 0x2e, 0x2e, 0x44, 0x49, 0xed, 0xcb, 0x33}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xa0, 0x68, 0xe8, 0x41, 0x8f, 0x91, 0xf8, 0x11, 0x13, 0x90, 0x2e, 0xa7, 0xab, 0x30, 0xef, 0xad, 0xa0, 0x61, 0x00, 0x88, 0xef, 0xdb, 0xce, 0x5b, 0x5c, 0xbb, 0x62, 0xc8, 0x56, 0xf9, 0x00, 0x73}} , - {{0x3f, 0x60, 0xc1, 0x82, 0x2d, 0xa3, 0x28, 0x58, 0x24, 0x9e, 0x9f, 0xe3, 0x70, 0xcc, 0x09, 0x4e, 0x1a, 0x3f, 0x11, 0x11, 0x15, 0x07, 0x3c, 0xa4, 0x41, 0xe0, 0x65, 0xa3, 0x0a, 0x41, 0x6d, 0x11}}}, -{{{0x31, 0x40, 0x01, 0x52, 0x56, 0x94, 0x5b, 0x28, 0x8a, 0xaa, 0x52, 0xee, 0xd8, 0x0a, 0x05, 0x8d, 0xcd, 0xb5, 0xaa, 0x2e, 0x38, 0xaa, 0xb7, 0x87, 0xf7, 0x2b, 0xfb, 0x04, 0xcb, 0x84, 0x3d, 0x54}} , - {{0x20, 0xef, 0x59, 0xde, 0xa4, 0x2b, 0x93, 0x6e, 0x2e, 0xec, 0x42, 0x9a, 0xd4, 0x2d, 0xf4, 0x46, 0x58, 0x27, 0x2b, 0x18, 0x8f, 0x83, 0x3d, 0x69, 0x9e, 0xd4, 0x3e, 0xb6, 0xc5, 0xfd, 0x58, 0x03}}}, -{{{0x33, 0x89, 0xc9, 0x63, 0x62, 0x1c, 0x17, 0xb4, 0x60, 0xc4, 0x26, 0x68, 0x09, 0xc3, 0x2e, 0x37, 0x0f, 0x7b, 0xb4, 0x9c, 0xb6, 0xf9, 0xfb, 0xd4, 0x51, 0x78, 0xc8, 0x63, 0xea, 0x77, 0x47, 0x07}} , - {{0x32, 0xb4, 0x18, 0x47, 0x79, 0xcb, 0xd4, 0x5a, 0x07, 0x14, 0x0f, 0xa0, 0xd5, 0xac, 0xd0, 0x41, 0x40, 0xab, 0x61, 0x23, 0xe5, 0x2a, 0x2a, 0x6f, 0xf7, 0xa8, 0xd4, 0x76, 0xef, 0xe7, 0x45, 0x6c}}}, -{{{0xa1, 0x5e, 0x60, 0x4f, 0xfb, 0xe1, 0x70, 0x6a, 0x1f, 0x55, 0x4f, 0x09, 0xb4, 0x95, 0x33, 0x36, 0xc6, 0x81, 0x01, 0x18, 0x06, 0x25, 0x27, 0xa4, 0xb4, 0x24, 0xa4, 0x86, 0x03, 0x4c, 0xac, 0x02}} , - {{0x77, 0x38, 0xde, 0xd7, 0x60, 0x48, 0x07, 0xf0, 0x74, 0xa8, 0xff, 0x54, 0xe5, 0x30, 0x43, 0xff, 0x77, 0xfb, 0x21, 0x07, 0xff, 0xb2, 0x07, 0x6b, 0xe4, 0xe5, 0x30, 0xfc, 0x19, 0x6c, 0xa3, 0x01}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x13, 0xc5, 0x2c, 0xac, 0xd3, 0x83, 0x82, 0x7c, 0x29, 0xf7, 0x05, 0xa5, 0x00, 0xb6, 0x1f, 0x86, 0x55, 0xf4, 0xd6, 0x2f, 0x0c, 0x99, 0xd0, 0x65, 0x9b, 0x6b, 0x46, 0x0d, 0x43, 0xf8, 0x16, 0x28}} , - {{0x1e, 0x7f, 0xb4, 0x74, 0x7e, 0xb1, 0x89, 0x4f, 0x18, 0x5a, 0xab, 0x64, 0x06, 0xdf, 0x45, 0x87, 0xe0, 0x6a, 0xc6, 0xf0, 0x0e, 0xc9, 0x24, 0x35, 0x38, 0xea, 0x30, 0x54, 0xb4, 0xc4, 0x52, 0x54}}}, -{{{0xe9, 0x9f, 0xdc, 0x3f, 0xc1, 0x89, 0x44, 0x74, 0x27, 0xe4, 0xc1, 0x90, 0xff, 0x4a, 0xa7, 0x3c, 0xee, 0xcd, 0xf4, 0x1d, 0x25, 0x94, 0x7f, 0x63, 0x16, 0x48, 0xbc, 0x64, 0xfe, 0x95, 0xc4, 0x0c}} , - {{0x8b, 0x19, 0x75, 0x6e, 0x03, 0x06, 0x5e, 0x6a, 0x6f, 0x1a, 0x8c, 0xe3, 0xd3, 0x28, 0xf2, 0xe0, 0xb9, 0x7a, 0x43, 0x69, 0xe6, 0xd3, 0xc0, 0xfe, 0x7e, 0x97, 0xab, 0x6c, 0x7b, 0x8e, 0x13, 0x42}}}, -{{{0xd4, 0xca, 0x70, 0x3d, 0xab, 0xfb, 0x5f, 0x5e, 0x00, 0x0c, 0xcc, 0x77, 0x22, 0xf8, 0x78, 0x55, 0xae, 0x62, 0x35, 0xfb, 0x9a, 0xc6, 0x03, 0xe4, 0x0c, 0xee, 0xab, 0xc7, 0xc0, 0x89, 0x87, 0x54}} , - {{0x32, 0xad, 0xae, 0x85, 0x58, 0x43, 0xb8, 0xb1, 0xe6, 0x3e, 0x00, 0x9c, 0x78, 0x88, 0x56, 0xdb, 0x9c, 0xfc, 0x79, 0xf6, 0xf9, 0x41, 0x5f, 0xb7, 0xbc, 0x11, 0xf9, 0x20, 0x36, 0x1c, 0x53, 0x2b}}}, -{{{0x5a, 0x20, 0x5b, 0xa1, 0xa5, 0x44, 0x91, 0x24, 0x02, 0x63, 0x12, 0x64, 0xb8, 0x55, 0xf6, 0xde, 0x2c, 0xdb, 0x47, 0xb8, 0xc6, 0x0a, 0xc3, 0x00, 0x78, 0x93, 0xd8, 0xf5, 0xf5, 0x18, 0x28, 0x0a}} , - {{0xd6, 0x1b, 0x9a, 0x6c, 0xe5, 0x46, 0xea, 0x70, 0x96, 0x8d, 0x4e, 0x2a, 0x52, 0x21, 0x26, 0x4b, 0xb1, 0xbb, 0x0f, 0x7c, 0xa9, 0x9b, 0x04, 0xbb, 0x51, 0x08, 0xf1, 0x9a, 0xa4, 0x76, 0x7c, 0x18}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xfa, 0x94, 0xf7, 0x40, 0xd0, 0xd7, 0xeb, 0xa9, 0x82, 0x36, 0xd5, 0x15, 0xb9, 0x33, 0x7a, 0xbf, 0x8a, 0xf2, 0x63, 0xaa, 0x37, 0xf5, 0x59, 0xac, 0xbd, 0xbb, 0x32, 0x36, 0xbe, 0x73, 0x99, 0x38}} , - {{0x2c, 0xb3, 0xda, 0x7a, 0xd8, 0x3d, 0x99, 0xca, 0xd2, 0xf4, 0xda, 0x99, 0x8e, 0x4f, 0x98, 0xb7, 0xf4, 0xae, 0x3e, 0x9f, 0x8e, 0x35, 0x60, 0xa4, 0x33, 0x75, 0xa4, 0x04, 0x93, 0xb1, 0x6b, 0x4d}}}, -{{{0x97, 0x9d, 0xa8, 0xcd, 0x97, 0x7b, 0x9d, 0xb9, 0xe7, 0xa5, 0xef, 0xfd, 0xa8, 0x42, 0x6b, 0xc3, 0x62, 0x64, 0x7d, 0xa5, 0x1b, 0xc9, 0x9e, 0xd2, 0x45, 0xb9, 0xee, 0x03, 0xb0, 0xbf, 0xc0, 0x68}} , - {{0xed, 0xb7, 0x84, 0x2c, 0xf6, 0xd3, 0xa1, 0x6b, 0x24, 0x6d, 0x87, 0x56, 0x97, 0x59, 0x79, 0x62, 0x9f, 0xac, 0xed, 0xf3, 0xc9, 0x89, 0x21, 0x2e, 0x04, 0xb3, 0xcc, 0x2f, 0xbe, 0xd6, 0x0a, 0x4b}}}, -{{{0x39, 0x61, 0x05, 0xed, 0x25, 0x89, 0x8b, 0x5d, 0x1b, 0xcb, 0x0c, 0x55, 0xf4, 0x6a, 0x00, 0x8a, 0x46, 0xe8, 0x1e, 0xc6, 0x83, 0xc8, 0x5a, 0x76, 0xdb, 0xcc, 0x19, 0x7a, 0xcc, 0x67, 0x46, 0x0b}} , - {{0x53, 0xcf, 0xc2, 0xa1, 0xad, 0x6a, 0xf3, 0xcd, 0x8f, 0xc9, 0xde, 0x1c, 0xf8, 0x6c, 0x8f, 0xf8, 0x76, 0x42, 0xe7, 0xfe, 0xb2, 0x72, 0x21, 0x0a, 0x66, 0x74, 0x8f, 0xb7, 0xeb, 0xe4, 0x6f, 0x01}}}, -{{{0x22, 0x8c, 0x6b, 0xbe, 0xfc, 0x4d, 0x70, 0x62, 0x6e, 0x52, 0x77, 0x99, 0x88, 0x7e, 0x7b, 0x57, 0x7a, 0x0d, 0xfe, 0xdc, 0x72, 0x92, 0xf1, 0x68, 0x1d, 0x97, 0xd7, 0x7c, 0x8d, 0x53, 0x10, 0x37}} , - {{0x53, 0x88, 0x77, 0x02, 0xca, 0x27, 0xa8, 0xe5, 0x45, 0xe2, 0xa8, 0x48, 0x2a, 0xab, 0x18, 0xca, 0xea, 0x2d, 0x2a, 0x54, 0x17, 0x37, 0x32, 0x09, 0xdc, 0xe0, 0x4a, 0xb7, 0x7d, 0x82, 0x10, 0x7d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x8a, 0x64, 0x1e, 0x14, 0x0a, 0x57, 0xd4, 0xda, 0x5c, 0x96, 0x9b, 0x01, 0x4c, 0x67, 0xbf, 0x8b, 0x30, 0xfe, 0x08, 0xdb, 0x0d, 0xd5, 0xa8, 0xd7, 0x09, 0x11, 0x85, 0xa2, 0xd3, 0x45, 0xfb, 0x7e}} , - {{0xda, 0x8c, 0xc2, 0xd0, 0xac, 0x18, 0xe8, 0x52, 0x36, 0xd4, 0x21, 0xa3, 0xdd, 0x57, 0x22, 0x79, 0xb7, 0xf8, 0x71, 0x9d, 0xc6, 0x91, 0x70, 0x86, 0x56, 0xbf, 0xa1, 0x11, 0x8b, 0x19, 0xe1, 0x0f}}}, -{{{0x18, 0x32, 0x98, 0x2c, 0x8f, 0x91, 0xae, 0x12, 0xf0, 0x8c, 0xea, 0xf3, 0x3c, 0xb9, 0x5d, 0xe4, 0x69, 0xed, 0xb2, 0x47, 0x18, 0xbd, 0xce, 0x16, 0x52, 0x5c, 0x23, 0xe2, 0xa5, 0x25, 0x52, 0x5d}} , - {{0xb9, 0xb1, 0xe7, 0x5d, 0x4e, 0xbc, 0xee, 0xbb, 0x40, 0x81, 0x77, 0x82, 0x19, 0xab, 0xb5, 0xc6, 0xee, 0xab, 0x5b, 0x6b, 0x63, 0x92, 0x8a, 0x34, 0x8d, 0xcd, 0xee, 0x4f, 0x49, 0xe5, 0xc9, 0x7e}}}, -{{{0x21, 0xac, 0x8b, 0x22, 0xcd, 0xc3, 0x9a, 0xe9, 0x5e, 0x78, 0xbd, 0xde, 0xba, 0xad, 0xab, 0xbf, 0x75, 0x41, 0x09, 0xc5, 0x58, 0xa4, 0x7d, 0x92, 0xb0, 0x7f, 0xf2, 0xa1, 0xd1, 0xc0, 0xb3, 0x6d}} , - {{0x62, 0x4f, 0xd0, 0x75, 0x77, 0xba, 0x76, 0x77, 0xd7, 0xb8, 0xd8, 0x92, 0x6f, 0x98, 0x34, 0x3d, 0xd6, 0x4e, 0x1c, 0x0f, 0xf0, 0x8f, 0x2e, 0xf1, 0xb3, 0xbd, 0xb1, 0xb9, 0xec, 0x99, 0xb4, 0x07}}}, -{{{0x60, 0x57, 0x2e, 0x9a, 0x72, 0x1d, 0x6b, 0x6e, 0x58, 0x33, 0x24, 0x8c, 0x48, 0x39, 0x46, 0x8e, 0x89, 0x6a, 0x88, 0x51, 0x23, 0x62, 0xb5, 0x32, 0x09, 0x36, 0xe3, 0x57, 0xf5, 0x98, 0xde, 0x6f}} , - {{0x8b, 0x2c, 0x00, 0x48, 0x4a, 0xf9, 0x5b, 0x87, 0x69, 0x52, 0xe5, 0x5b, 0xd1, 0xb1, 0xe5, 0x25, 0x25, 0xe0, 0x9c, 0xc2, 0x13, 0x44, 0xe8, 0xb9, 0x0a, 0x70, 0xad, 0xbd, 0x0f, 0x51, 0x94, 0x69}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xa2, 0xdc, 0xab, 0xa9, 0x25, 0x2d, 0xac, 0x5f, 0x03, 0x33, 0x08, 0xe7, 0x7e, 0xfe, 0x95, 0x36, 0x3c, 0x5b, 0x3a, 0xd3, 0x05, 0x82, 0x1c, 0x95, 0x2d, 0xd8, 0x77, 0x7e, 0x02, 0xd9, 0x5b, 0x70}} , - {{0xc2, 0xfe, 0x1b, 0x0c, 0x67, 0xcd, 0xd6, 0xe0, 0x51, 0x8e, 0x2c, 0xe0, 0x79, 0x88, 0xf0, 0xcf, 0x41, 0x4a, 0xad, 0x23, 0xd4, 0x46, 0xca, 0x94, 0xa1, 0xc3, 0xeb, 0x28, 0x06, 0xfa, 0x17, 0x14}}}, -{{{0x7b, 0xaa, 0x70, 0x0a, 0x4b, 0xfb, 0xf5, 0xbf, 0x80, 0xc5, 0xcf, 0x08, 0x7a, 0xdd, 0xa1, 0xf4, 0x9d, 0x54, 0x50, 0x53, 0x23, 0x77, 0x23, 0xf5, 0x34, 0xa5, 0x22, 0xd1, 0x0d, 0x96, 0x2e, 0x47}} , - {{0xcc, 0xb7, 0x32, 0x89, 0x57, 0xd0, 0x98, 0x75, 0xe4, 0x37, 0x99, 0xa9, 0xe8, 0xba, 0xed, 0xba, 0xeb, 0xc7, 0x4f, 0x15, 0x76, 0x07, 0x0c, 0x4c, 0xef, 0x9f, 0x52, 0xfc, 0x04, 0x5d, 0x58, 0x10}}}, -{{{0xce, 0x82, 0xf0, 0x8f, 0x79, 0x02, 0xa8, 0xd1, 0xda, 0x14, 0x09, 0x48, 0xee, 0x8a, 0x40, 0x98, 0x76, 0x60, 0x54, 0x5a, 0xde, 0x03, 0x24, 0xf5, 0xe6, 0x2f, 0xe1, 0x03, 0xbf, 0x68, 0x82, 0x7f}} , - {{0x64, 0xe9, 0x28, 0xc7, 0xa4, 0xcf, 0x2a, 0xf9, 0x90, 0x64, 0x72, 0x2c, 0x8b, 0xeb, 0xec, 0xa0, 0xf2, 0x7d, 0x35, 0xb5, 0x90, 0x4d, 0x7f, 0x5b, 0x4a, 0x49, 0xe4, 0xb8, 0x3b, 0xc8, 0xa1, 0x2f}}}, -{{{0x8b, 0xc5, 0xcc, 0x3d, 0x69, 0xa6, 0xa1, 0x18, 0x44, 0xbc, 0x4d, 0x77, 0x37, 0xc7, 0x86, 0xec, 0x0c, 0xc9, 0xd6, 0x44, 0xa9, 0x23, 0x27, 0xb9, 0x03, 0x34, 0xa7, 0x0a, 0xd5, 0xc7, 0x34, 0x37}} , - {{0xf9, 0x7e, 0x3e, 0x66, 0xee, 0xf9, 0x99, 0x28, 0xff, 0xad, 0x11, 0xd8, 0xe2, 0x66, 0xc5, 0xcd, 0x0f, 0x0d, 0x0b, 0x6a, 0xfc, 0x7c, 0x24, 0xa8, 0x4f, 0xa8, 0x5e, 0x80, 0x45, 0x8b, 0x6c, 0x41}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xef, 0x1e, 0xec, 0xf7, 0x8d, 0x77, 0xf2, 0xea, 0xdb, 0x60, 0x03, 0x21, 0xc0, 0xff, 0x5e, 0x67, 0xc3, 0x71, 0x0b, 0x21, 0xb4, 0x41, 0xa0, 0x68, 0x38, 0xc6, 0x01, 0xa3, 0xd3, 0x51, 0x3c, 0x3c}} , - {{0x92, 0xf8, 0xd6, 0x4b, 0xef, 0x42, 0x13, 0xb2, 0x4a, 0xc4, 0x2e, 0x72, 0x3f, 0xc9, 0x11, 0xbd, 0x74, 0x02, 0x0e, 0xf5, 0x13, 0x9d, 0x83, 0x1a, 0x1b, 0xd5, 0x54, 0xde, 0xc4, 0x1e, 0x16, 0x6c}}}, -{{{0x27, 0x52, 0xe4, 0x63, 0xaa, 0x94, 0xe6, 0xc3, 0x28, 0x9c, 0xc6, 0x56, 0xac, 0xfa, 0xb6, 0xbd, 0xe2, 0xcc, 0x76, 0xc6, 0x27, 0x27, 0xa2, 0x8e, 0x78, 0x2b, 0x84, 0x72, 0x10, 0xbd, 0x4e, 0x2a}} , - {{0xea, 0xa7, 0x23, 0xef, 0x04, 0x61, 0x80, 0x50, 0xc9, 0x6e, 0xa5, 0x96, 0xd1, 0xd1, 0xc8, 0xc3, 0x18, 0xd7, 0x2d, 0xfd, 0x26, 0xbd, 0xcb, 0x7b, 0x92, 0x51, 0x0e, 0x4a, 0x65, 0x57, 0xb8, 0x49}}}, -{{{0xab, 0x55, 0x36, 0xc3, 0xec, 0x63, 0x55, 0x11, 0x55, 0xf6, 0xa5, 0xc7, 0x01, 0x5f, 0xfe, 0x79, 0xd8, 0x0a, 0xf7, 0x03, 0xd8, 0x98, 0x99, 0xf5, 0xd0, 0x00, 0x54, 0x6b, 0x66, 0x28, 0xf5, 0x25}} , - {{0x7a, 0x8d, 0xa1, 0x5d, 0x70, 0x5d, 0x51, 0x27, 0xee, 0x30, 0x65, 0x56, 0x95, 0x46, 0xde, 0xbd, 0x03, 0x75, 0xb4, 0x57, 0x59, 0x89, 0xeb, 0x02, 0x9e, 0xcc, 0x89, 0x19, 0xa7, 0xcb, 0x17, 0x67}}}, -{{{0x6a, 0xeb, 0xfc, 0x9a, 0x9a, 0x10, 0xce, 0xdb, 0x3a, 0x1c, 0x3c, 0x6a, 0x9d, 0xea, 0x46, 0xbc, 0x45, 0x49, 0xac, 0xe3, 0x41, 0x12, 0x7c, 0xf0, 0xf7, 0x4f, 0xf9, 0xf7, 0xff, 0x2c, 0x89, 0x04}} , - {{0x30, 0x31, 0x54, 0x1a, 0x46, 0xca, 0xe6, 0xc6, 0xcb, 0xe2, 0xc3, 0xc1, 0x8b, 0x75, 0x81, 0xbe, 0xee, 0xf8, 0xa3, 0x11, 0x1c, 0x25, 0xa3, 0xa7, 0x35, 0x51, 0x55, 0xe2, 0x25, 0xaa, 0xe2, 0x3a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xb4, 0x48, 0x10, 0x9f, 0x8a, 0x09, 0x76, 0xfa, 0xf0, 0x7a, 0xb0, 0x70, 0xf7, 0x83, 0x80, 0x52, 0x84, 0x2b, 0x26, 0xa2, 0xc4, 0x5d, 0x4f, 0xba, 0xb1, 0xc8, 0x40, 0x0d, 0x78, 0x97, 0xc4, 0x60}} , - {{0xd4, 0xb1, 0x6c, 0x08, 0xc7, 0x40, 0x38, 0x73, 0x5f, 0x0b, 0xf3, 0x76, 0x5d, 0xb2, 0xa5, 0x2f, 0x57, 0x57, 0x07, 0xed, 0x08, 0xa2, 0x6c, 0x4f, 0x08, 0x02, 0xb5, 0x0e, 0xee, 0x44, 0xfa, 0x22}}}, -{{{0x0f, 0x00, 0x3f, 0xa6, 0x04, 0x19, 0x56, 0x65, 0x31, 0x7f, 0x8b, 0xeb, 0x0d, 0xe1, 0x47, 0x89, 0x97, 0x16, 0x53, 0xfa, 0x81, 0xa7, 0xaa, 0xb2, 0xbf, 0x67, 0xeb, 0x72, 0x60, 0x81, 0x0d, 0x48}} , - {{0x7e, 0x13, 0x33, 0xcd, 0xa8, 0x84, 0x56, 0x1e, 0x67, 0xaf, 0x6b, 0x43, 0xac, 0x17, 0xaf, 0x16, 0xc0, 0x52, 0x99, 0x49, 0x5b, 0x87, 0x73, 0x7e, 0xb5, 0x43, 0xda, 0x6b, 0x1d, 0x0f, 0x2d, 0x55}}}, -{{{0xe9, 0x58, 0x1f, 0xff, 0x84, 0x3f, 0x93, 0x1c, 0xcb, 0xe1, 0x30, 0x69, 0xa5, 0x75, 0x19, 0x7e, 0x14, 0x5f, 0xf8, 0xfc, 0x09, 0xdd, 0xa8, 0x78, 0x9d, 0xca, 0x59, 0x8b, 0xd1, 0x30, 0x01, 0x13}} , - {{0xff, 0x76, 0x03, 0xc5, 0x4b, 0x89, 0x99, 0x70, 0x00, 0x59, 0x70, 0x9c, 0xd5, 0xd9, 0x11, 0x89, 0x5a, 0x46, 0xfe, 0xef, 0xdc, 0xd9, 0x55, 0x2b, 0x45, 0xa7, 0xb0, 0x2d, 0xfb, 0x24, 0xc2, 0x29}}}, -{{{0x38, 0x06, 0xf8, 0x0b, 0xac, 0x82, 0xc4, 0x97, 0x2b, 0x90, 0xe0, 0xf7, 0xa8, 0xab, 0x6c, 0x08, 0x80, 0x66, 0x90, 0x46, 0xf7, 0x26, 0x2d, 0xf8, 0xf1, 0xc4, 0x6b, 0x4a, 0x82, 0x98, 0x8e, 0x37}} , - {{0x8e, 0xb4, 0xee, 0xb8, 0xd4, 0x3f, 0xb2, 0x1b, 0xe0, 0x0a, 0x3d, 0x75, 0x34, 0x28, 0xa2, 0x8e, 0xc4, 0x92, 0x7b, 0xfe, 0x60, 0x6e, 0x6d, 0xb8, 0x31, 0x1d, 0x62, 0x0d, 0x78, 0x14, 0x42, 0x11}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x5e, 0xa8, 0xd8, 0x04, 0x9b, 0x73, 0xc9, 0xc9, 0xdc, 0x0d, 0x73, 0xbf, 0x0a, 0x0a, 0x73, 0xff, 0x18, 0x1f, 0x9c, 0x51, 0xaa, 0xc6, 0xf1, 0x83, 0x25, 0xfd, 0xab, 0xa3, 0x11, 0xd3, 0x01, 0x24}} , - {{0x4d, 0xe3, 0x7e, 0x38, 0x62, 0x5e, 0x64, 0xbb, 0x2b, 0x53, 0xb5, 0x03, 0x68, 0xc4, 0xf2, 0x2b, 0x5a, 0x03, 0x32, 0x99, 0x4a, 0x41, 0x9a, 0xe1, 0x1a, 0xae, 0x8c, 0x48, 0xf3, 0x24, 0x32, 0x65}}}, -{{{0xe8, 0xdd, 0xad, 0x3a, 0x8c, 0xea, 0xf4, 0xb3, 0xb2, 0xe5, 0x73, 0xf2, 0xed, 0x8b, 0xbf, 0xed, 0xb1, 0x0c, 0x0c, 0xfb, 0x2b, 0xf1, 0x01, 0x48, 0xe8, 0x26, 0x03, 0x8e, 0x27, 0x4d, 0x96, 0x72}} , - {{0xc8, 0x09, 0x3b, 0x60, 0xc9, 0x26, 0x4d, 0x7c, 0xf2, 0x9c, 0xd4, 0xa1, 0x3b, 0x26, 0xc2, 0x04, 0x33, 0x44, 0x76, 0x3c, 0x02, 0xbb, 0x11, 0x42, 0x0c, 0x22, 0xb7, 0xc6, 0xe1, 0xac, 0xb4, 0x0e}}}, -{{{0x6f, 0x85, 0xe7, 0xef, 0xde, 0x67, 0x30, 0xfc, 0xbf, 0x5a, 0xe0, 0x7b, 0x7a, 0x2a, 0x54, 0x6b, 0x5d, 0x62, 0x85, 0xa1, 0xf8, 0x16, 0x88, 0xec, 0x61, 0xb9, 0x96, 0xb5, 0xef, 0x2d, 0x43, 0x4d}} , - {{0x7c, 0x31, 0x33, 0xcc, 0xe4, 0xcf, 0x6c, 0xff, 0x80, 0x47, 0x77, 0xd1, 0xd8, 0xe9, 0x69, 0x97, 0x98, 0x7f, 0x20, 0x57, 0x1d, 0x1d, 0x4f, 0x08, 0x27, 0xc8, 0x35, 0x57, 0x40, 0xc6, 0x21, 0x0c}}}, -{{{0xd2, 0x8e, 0x9b, 0xfa, 0x42, 0x8e, 0xdf, 0x8f, 0xc7, 0x86, 0xf9, 0xa4, 0xca, 0x70, 0x00, 0x9d, 0x21, 0xbf, 0xec, 0x57, 0x62, 0x30, 0x58, 0x8c, 0x0d, 0x35, 0xdb, 0x5d, 0x8b, 0x6a, 0xa0, 0x5a}} , - {{0xc1, 0x58, 0x7c, 0x0d, 0x20, 0xdd, 0x11, 0x26, 0x5f, 0x89, 0x3b, 0x97, 0x58, 0xf8, 0x8b, 0xe3, 0xdf, 0x32, 0xe2, 0xfc, 0xd8, 0x67, 0xf2, 0xa5, 0x37, 0x1e, 0x6d, 0xec, 0x7c, 0x27, 0x20, 0x79}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xd0, 0xe9, 0xc0, 0xfa, 0x95, 0x45, 0x23, 0x96, 0xf1, 0x2c, 0x79, 0x25, 0x14, 0xce, 0x40, 0x14, 0x44, 0x2c, 0x36, 0x50, 0xd9, 0x63, 0x56, 0xb7, 0x56, 0x3b, 0x9e, 0xa7, 0xef, 0x89, 0xbb, 0x0e}} , - {{0xce, 0x7f, 0xdc, 0x0a, 0xcc, 0x82, 0x1c, 0x0a, 0x78, 0x71, 0xe8, 0x74, 0x8d, 0x01, 0x30, 0x0f, 0xa7, 0x11, 0x4c, 0xdf, 0x38, 0xd7, 0xa7, 0x0d, 0xf8, 0x48, 0x52, 0x00, 0x80, 0x7b, 0x5f, 0x0e}}}, -{{{0x25, 0x83, 0xe6, 0x94, 0x7b, 0x81, 0xb2, 0x91, 0xae, 0x0e, 0x05, 0xc9, 0xa3, 0x68, 0x2d, 0xd9, 0x88, 0x25, 0x19, 0x2a, 0x61, 0x61, 0x21, 0x97, 0x15, 0xa1, 0x35, 0xa5, 0x46, 0xc8, 0xa2, 0x0e}} , - {{0x1b, 0x03, 0x0d, 0x8b, 0x5a, 0x1b, 0x97, 0x4b, 0xf2, 0x16, 0x31, 0x3d, 0x1f, 0x33, 0xa0, 0x50, 0x3a, 0x18, 0xbe, 0x13, 0xa1, 0x76, 0xc1, 0xba, 0x1b, 0xf1, 0x05, 0x7b, 0x33, 0xa8, 0x82, 0x3b}}}, -{{{0xba, 0x36, 0x7b, 0x6d, 0xa9, 0xea, 0x14, 0x12, 0xc5, 0xfa, 0x91, 0x00, 0xba, 0x9b, 0x99, 0xcc, 0x56, 0x02, 0xe9, 0xa0, 0x26, 0x40, 0x66, 0x8c, 0xc4, 0xf8, 0x85, 0x33, 0x68, 0xe7, 0x03, 0x20}} , - {{0x50, 0x5b, 0xff, 0xa9, 0xb2, 0xf1, 0xf1, 0x78, 0xcf, 0x14, 0xa4, 0xa9, 0xfc, 0x09, 0x46, 0x94, 0x54, 0x65, 0x0d, 0x9c, 0x5f, 0x72, 0x21, 0xe2, 0x97, 0xa5, 0x2d, 0x81, 0xce, 0x4a, 0x5f, 0x79}}}, -{{{0x3d, 0x5f, 0x5c, 0xd2, 0xbc, 0x7d, 0x77, 0x0e, 0x2a, 0x6d, 0x22, 0x45, 0x84, 0x06, 0xc4, 0xdd, 0xc6, 0xa6, 0xc6, 0xd7, 0x49, 0xad, 0x6d, 0x87, 0x91, 0x0e, 0x3a, 0x67, 0x1d, 0x2c, 0x1d, 0x56}} , - {{0xfe, 0x7a, 0x74, 0xcf, 0xd4, 0xd2, 0xe5, 0x19, 0xde, 0xd0, 0xdb, 0x70, 0x23, 0x69, 0xe6, 0x6d, 0xec, 0xec, 0xcc, 0x09, 0x33, 0x6a, 0x77, 0xdc, 0x6b, 0x22, 0x76, 0x5d, 0x92, 0x09, 0xac, 0x2d}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x23, 0x15, 0x17, 0xeb, 0xd3, 0xdb, 0x12, 0x5e, 0x01, 0xf0, 0x91, 0xab, 0x2c, 0x41, 0xce, 0xac, 0xed, 0x1b, 0x4b, 0x2d, 0xbc, 0xdb, 0x17, 0x66, 0x89, 0x46, 0xad, 0x4b, 0x1e, 0x6f, 0x0b, 0x14}} , - {{0x11, 0xce, 0xbf, 0xb6, 0x77, 0x2d, 0x48, 0x22, 0x18, 0x4f, 0xa3, 0x5d, 0x4a, 0xb0, 0x70, 0x12, 0x3e, 0x54, 0xd7, 0xd8, 0x0e, 0x2b, 0x27, 0xdc, 0x53, 0xff, 0xca, 0x8c, 0x59, 0xb3, 0x4e, 0x44}}}, -{{{0x07, 0x76, 0x61, 0x0f, 0x66, 0xb2, 0x21, 0x39, 0x7e, 0xc0, 0xec, 0x45, 0x28, 0x82, 0xa1, 0x29, 0x32, 0x44, 0x35, 0x13, 0x5e, 0x61, 0x5e, 0x54, 0xcb, 0x7c, 0xef, 0xf6, 0x41, 0xcf, 0x9f, 0x0a}} , - {{0xdd, 0xf9, 0xda, 0x84, 0xc3, 0xe6, 0x8a, 0x9f, 0x24, 0xd2, 0x96, 0x5d, 0x39, 0x6f, 0x58, 0x8c, 0xc1, 0x56, 0x93, 0xab, 0xb5, 0x79, 0x3b, 0xd2, 0xa8, 0x73, 0x16, 0xed, 0xfa, 0xb4, 0x2f, 0x73}}}, -{{{0x8b, 0xb1, 0x95, 0xe5, 0x92, 0x50, 0x35, 0x11, 0x76, 0xac, 0xf4, 0x4d, 0x24, 0xc3, 0x32, 0xe6, 0xeb, 0xfe, 0x2c, 0x87, 0xc4, 0xf1, 0x56, 0xc4, 0x75, 0x24, 0x7a, 0x56, 0x85, 0x5a, 0x3a, 0x13}} , - {{0x0d, 0x16, 0xac, 0x3c, 0x4a, 0x58, 0x86, 0x3a, 0x46, 0x7f, 0x6c, 0xa3, 0x52, 0x6e, 0x37, 0xe4, 0x96, 0x9c, 0xe9, 0x5c, 0x66, 0x41, 0x67, 0xe4, 0xfb, 0x79, 0x0c, 0x05, 0xf6, 0x64, 0xd5, 0x7c}}}, -{{{0x28, 0xc1, 0xe1, 0x54, 0x73, 0xf2, 0xbf, 0x76, 0x74, 0x19, 0x19, 0x1b, 0xe4, 0xb9, 0xa8, 0x46, 0x65, 0x73, 0xf3, 0x77, 0x9b, 0x29, 0x74, 0x5b, 0xc6, 0x89, 0x6c, 0x2c, 0x7c, 0xf8, 0xb3, 0x0f}} , - {{0xf7, 0xd5, 0xe9, 0x74, 0x5d, 0xb8, 0x25, 0x16, 0xb5, 0x30, 0xbc, 0x84, 0xc5, 0xf0, 0xad, 0xca, 0x12, 0x28, 0xbc, 0x9d, 0xd4, 0xfa, 0x82, 0xe6, 0xe3, 0xbf, 0xa2, 0x15, 0x2c, 0xd4, 0x34, 0x10}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x61, 0xb1, 0x46, 0xba, 0x0e, 0x31, 0xa5, 0x67, 0x6c, 0x7f, 0xd6, 0xd9, 0x27, 0x85, 0x0f, 0x79, 0x14, 0xc8, 0x6c, 0x2f, 0x5f, 0x5b, 0x9c, 0x35, 0x3d, 0x38, 0x86, 0x77, 0x65, 0x55, 0x6a, 0x7b}} , - {{0xd3, 0xb0, 0x3a, 0x66, 0x60, 0x1b, 0x43, 0xf1, 0x26, 0x58, 0x99, 0x09, 0x8f, 0x2d, 0xa3, 0x14, 0x71, 0x85, 0xdb, 0xed, 0xf6, 0x26, 0xd5, 0x61, 0x9a, 0x73, 0xac, 0x0e, 0xea, 0xac, 0xb7, 0x0c}}}, -{{{0x5e, 0xf4, 0xe5, 0x17, 0x0e, 0x10, 0x9f, 0xe7, 0x43, 0x5f, 0x67, 0x5c, 0xac, 0x4b, 0xe5, 0x14, 0x41, 0xd2, 0xbf, 0x48, 0xf5, 0x14, 0xb0, 0x71, 0xc6, 0x61, 0xc1, 0xb2, 0x70, 0x58, 0xd2, 0x5a}} , - {{0x2d, 0xba, 0x16, 0x07, 0x92, 0x94, 0xdc, 0xbd, 0x50, 0x2b, 0xc9, 0x7f, 0x42, 0x00, 0xba, 0x61, 0xed, 0xf8, 0x43, 0xed, 0xf5, 0xf9, 0x40, 0x60, 0xb2, 0xb0, 0x82, 0xcb, 0xed, 0x75, 0xc7, 0x65}}}, -{{{0x80, 0xba, 0x0d, 0x09, 0x40, 0xa7, 0x39, 0xa6, 0x67, 0x34, 0x7e, 0x66, 0xbe, 0x56, 0xfb, 0x53, 0x78, 0xc4, 0x46, 0xe8, 0xed, 0x68, 0x6c, 0x7f, 0xce, 0xe8, 0x9f, 0xce, 0xa2, 0x64, 0x58, 0x53}} , - {{0xe8, 0xc1, 0xa9, 0xc2, 0x7b, 0x59, 0x21, 0x33, 0xe2, 0x43, 0x73, 0x2b, 0xac, 0x2d, 0xc1, 0x89, 0x3b, 0x15, 0xe2, 0xd5, 0xc0, 0x97, 0x8a, 0xfd, 0x6f, 0x36, 0x33, 0xb7, 0xb9, 0xc3, 0x88, 0x09}}}, -{{{0xd0, 0xb6, 0x56, 0x30, 0x5c, 0xae, 0xb3, 0x75, 0x44, 0xa4, 0x83, 0x51, 0x6e, 0x01, 0x65, 0xef, 0x45, 0x76, 0xe6, 0xf5, 0xa2, 0x0d, 0xd4, 0x16, 0x3b, 0x58, 0x2f, 0xf2, 0x2f, 0x36, 0x18, 0x3f}} , - {{0xfd, 0x2f, 0xe0, 0x9b, 0x1e, 0x8c, 0xc5, 0x18, 0xa9, 0xca, 0xd4, 0x2b, 0x35, 0xb6, 0x95, 0x0a, 0x9f, 0x7e, 0xfb, 0xc4, 0xef, 0x88, 0x7b, 0x23, 0x43, 0xec, 0x2f, 0x0d, 0x0f, 0x7a, 0xfc, 0x5c}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x8d, 0xd2, 0xda, 0xc7, 0x44, 0xd6, 0x7a, 0xdb, 0x26, 0x7d, 0x1d, 0xb8, 0xe1, 0xde, 0x9d, 0x7a, 0x7d, 0x17, 0x7e, 0x1c, 0x37, 0x04, 0x8d, 0x2d, 0x7c, 0x5e, 0x18, 0x38, 0x1e, 0xaf, 0xc7, 0x1b}} , - {{0x33, 0x48, 0x31, 0x00, 0x59, 0xf6, 0xf2, 0xca, 0x0f, 0x27, 0x1b, 0x63, 0x12, 0x7e, 0x02, 0x1d, 0x49, 0xc0, 0x5d, 0x79, 0x87, 0xef, 0x5e, 0x7a, 0x2f, 0x1f, 0x66, 0x55, 0xd8, 0x09, 0xd9, 0x61}}}, -{{{0x54, 0x83, 0x02, 0x18, 0x82, 0x93, 0x99, 0x07, 0xd0, 0xa7, 0xda, 0xd8, 0x75, 0x89, 0xfa, 0xf2, 0xd9, 0xa3, 0xb8, 0x6b, 0x5a, 0x35, 0x28, 0xd2, 0x6b, 0x59, 0xc2, 0xf8, 0x45, 0xe2, 0xbc, 0x06}} , - {{0x65, 0xc0, 0xa3, 0x88, 0x51, 0x95, 0xfc, 0x96, 0x94, 0x78, 0xe8, 0x0d, 0x8b, 0x41, 0xc9, 0xc2, 0x58, 0x48, 0x75, 0x10, 0x2f, 0xcd, 0x2a, 0xc9, 0xa0, 0x6d, 0x0f, 0xdd, 0x9c, 0x98, 0x26, 0x3d}}}, -{{{0x2f, 0x66, 0x29, 0x1b, 0x04, 0x89, 0xbd, 0x7e, 0xee, 0x6e, 0xdd, 0xb7, 0x0e, 0xef, 0xb0, 0x0c, 0xb4, 0xfc, 0x7f, 0xc2, 0xc9, 0x3a, 0x3c, 0x64, 0xef, 0x45, 0x44, 0xaf, 0x8a, 0x90, 0x65, 0x76}} , - {{0xa1, 0x4c, 0x70, 0x4b, 0x0e, 0xa0, 0x83, 0x70, 0x13, 0xa4, 0xaf, 0xb8, 0x38, 0x19, 0x22, 0x65, 0x09, 0xb4, 0x02, 0x4f, 0x06, 0xf8, 0x17, 0xce, 0x46, 0x45, 0xda, 0x50, 0x7c, 0x8a, 0xd1, 0x4e}}}, -{{{0xf7, 0xd4, 0x16, 0x6c, 0x4e, 0x95, 0x9d, 0x5d, 0x0f, 0x91, 0x2b, 0x52, 0xfe, 0x5c, 0x34, 0xe5, 0x30, 0xe6, 0xa4, 0x3b, 0xf3, 0xf3, 0x34, 0x08, 0xa9, 0x4a, 0xa0, 0xb5, 0x6e, 0xb3, 0x09, 0x0a}} , - {{0x26, 0xd9, 0x5e, 0xa3, 0x0f, 0xeb, 0xa2, 0xf3, 0x20, 0x3b, 0x37, 0xd4, 0xe4, 0x9e, 0xce, 0x06, 0x3d, 0x53, 0xed, 0xae, 0x2b, 0xeb, 0xb6, 0x24, 0x0a, 0x11, 0xa3, 0x0f, 0xd6, 0x7f, 0xa4, 0x3a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xdb, 0x9f, 0x2c, 0xfc, 0xd6, 0xb2, 0x1e, 0x2e, 0x52, 0x7a, 0x06, 0x87, 0x2d, 0x86, 0x72, 0x2b, 0x6d, 0x90, 0x77, 0x46, 0x43, 0xb5, 0x7a, 0xf8, 0x60, 0x7d, 0x91, 0x60, 0x5b, 0x9d, 0x9e, 0x07}} , - {{0x97, 0x87, 0xc7, 0x04, 0x1c, 0x38, 0x01, 0x39, 0x58, 0xc7, 0x85, 0xa3, 0xfc, 0x64, 0x00, 0x64, 0x25, 0xa2, 0xbf, 0x50, 0x94, 0xca, 0x26, 0x31, 0x45, 0x0a, 0x24, 0xd2, 0x51, 0x29, 0x51, 0x16}}}, -{{{0x4d, 0x4a, 0xd7, 0x98, 0x71, 0x57, 0xac, 0x7d, 0x8b, 0x37, 0xbd, 0x63, 0xff, 0x87, 0xb1, 0x49, 0x95, 0x20, 0x7c, 0xcf, 0x7c, 0x59, 0xc4, 0x91, 0x9c, 0xef, 0xd0, 0xdb, 0x60, 0x09, 0x9d, 0x46}} , - {{0xcb, 0x78, 0x94, 0x90, 0xe4, 0x45, 0xb3, 0xf6, 0xd9, 0xf6, 0x57, 0x74, 0xd5, 0xf8, 0x83, 0x4f, 0x39, 0xc9, 0xbd, 0x88, 0xc2, 0x57, 0x21, 0x1f, 0x24, 0x32, 0x68, 0xf8, 0xc7, 0x21, 0x5f, 0x0b}}}, -{{{0x2a, 0x36, 0x68, 0xfc, 0x5f, 0xb6, 0x4f, 0xa5, 0xe3, 0x9d, 0x24, 0x2f, 0xc0, 0x93, 0x61, 0xcf, 0xf8, 0x0a, 0xed, 0xe1, 0xdb, 0x27, 0xec, 0x0e, 0x14, 0x32, 0x5f, 0x8e, 0xa1, 0x62, 0x41, 0x16}} , - {{0x95, 0x21, 0x01, 0xce, 0x95, 0x5b, 0x0e, 0x57, 0xc7, 0xb9, 0x62, 0xb5, 0x28, 0xca, 0x11, 0xec, 0xb4, 0x46, 0x06, 0x73, 0x26, 0xff, 0xfb, 0x66, 0x7d, 0xee, 0x5f, 0xb2, 0x56, 0xfd, 0x2a, 0x08}}}, -{{{0x92, 0x67, 0x77, 0x56, 0xa1, 0xff, 0xc4, 0xc5, 0x95, 0xf0, 0xe3, 0x3a, 0x0a, 0xca, 0x94, 0x4d, 0x9e, 0x7e, 0x3d, 0xb9, 0x6e, 0xb6, 0xb0, 0xce, 0xa4, 0x30, 0x89, 0x99, 0xe9, 0xad, 0x11, 0x59}} , - {{0xf6, 0x48, 0x95, 0xa1, 0x6f, 0x5f, 0xb7, 0xa5, 0xbb, 0x30, 0x00, 0x1c, 0xd2, 0x8a, 0xd6, 0x25, 0x26, 0x1b, 0xb2, 0x0d, 0x37, 0x6a, 0x05, 0xf4, 0x9d, 0x3e, 0x17, 0x2a, 0x43, 0xd2, 0x3a, 0x06}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x32, 0x99, 0x93, 0xd1, 0x9a, 0x72, 0xf3, 0xa9, 0x16, 0xbd, 0xb4, 0x4c, 0xdd, 0xf9, 0xd4, 0xb2, 0x64, 0x9a, 0xd3, 0x05, 0xe4, 0xa3, 0x73, 0x1c, 0xcb, 0x7e, 0x57, 0x67, 0xff, 0x04, 0xb3, 0x10}} , - {{0xb9, 0x4b, 0xa4, 0xad, 0xd0, 0x6d, 0x61, 0x23, 0xb4, 0xaf, 0x34, 0xa9, 0xaa, 0x65, 0xec, 0xd9, 0x69, 0xe3, 0x85, 0xcd, 0xcc, 0xe7, 0xb0, 0x9b, 0x41, 0xc1, 0x1c, 0xf9, 0xa0, 0xfa, 0xb7, 0x13}}}, -{{{0x04, 0xfd, 0x88, 0x3c, 0x0c, 0xd0, 0x09, 0x52, 0x51, 0x4f, 0x06, 0x19, 0xcc, 0xc3, 0xbb, 0xde, 0x80, 0xc5, 0x33, 0xbc, 0xf9, 0xf3, 0x17, 0x36, 0xdd, 0xc6, 0xde, 0xe8, 0x9b, 0x5d, 0x79, 0x1b}} , - {{0x65, 0x0a, 0xbe, 0x51, 0x57, 0xad, 0x50, 0x79, 0x08, 0x71, 0x9b, 0x07, 0x95, 0x8f, 0xfb, 0xae, 0x4b, 0x38, 0xba, 0xcf, 0x53, 0x2a, 0x86, 0x1e, 0xc0, 0x50, 0x5c, 0x67, 0x1b, 0xf6, 0x87, 0x6c}}}, -{{{0x4f, 0x00, 0xb2, 0x66, 0x55, 0xed, 0x4a, 0xed, 0x8d, 0xe1, 0x66, 0x18, 0xb2, 0x14, 0x74, 0x8d, 0xfd, 0x1a, 0x36, 0x0f, 0x26, 0x5c, 0x8b, 0x89, 0xf3, 0xab, 0xf2, 0xf3, 0x24, 0x67, 0xfd, 0x70}} , - {{0xfd, 0x4e, 0x2a, 0xc1, 0x3a, 0xca, 0x8f, 0x00, 0xd8, 0xec, 0x74, 0x67, 0xef, 0x61, 0xe0, 0x28, 0xd0, 0x96, 0xf4, 0x48, 0xde, 0x81, 0xe3, 0xef, 0xdc, 0xaa, 0x7d, 0xf3, 0xb6, 0x55, 0xa6, 0x65}}}, -{{{0xeb, 0xcb, 0xc5, 0x70, 0x91, 0x31, 0x10, 0x93, 0x0d, 0xc8, 0xd0, 0xef, 0x62, 0xe8, 0x6f, 0x82, 0xe3, 0x69, 0x3d, 0x91, 0x7f, 0x31, 0xe1, 0x26, 0x35, 0x3c, 0x4a, 0x2f, 0xab, 0xc4, 0x9a, 0x5e}} , - {{0xab, 0x1b, 0xb5, 0xe5, 0x2b, 0xc3, 0x0e, 0x29, 0xb0, 0xd0, 0x73, 0xe6, 0x4f, 0x64, 0xf2, 0xbc, 0xe4, 0xe4, 0xe1, 0x9a, 0x52, 0x33, 0x2f, 0xbd, 0xcc, 0x03, 0xee, 0x8a, 0xfa, 0x00, 0x5f, 0x50}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xf6, 0xdb, 0x0d, 0x22, 0x3d, 0xb5, 0x14, 0x75, 0x31, 0xf0, 0x81, 0xe2, 0xb9, 0x37, 0xa2, 0xa9, 0x84, 0x11, 0x9a, 0x07, 0xb5, 0x53, 0x89, 0x78, 0xa9, 0x30, 0x27, 0xa1, 0xf1, 0x4e, 0x5c, 0x2e}} , - {{0x8b, 0x00, 0x54, 0xfb, 0x4d, 0xdc, 0xcb, 0x17, 0x35, 0x40, 0xff, 0xb7, 0x8c, 0xfe, 0x4a, 0xe4, 0x4e, 0x99, 0x4e, 0xa8, 0x74, 0x54, 0x5d, 0x5c, 0x96, 0xa3, 0x12, 0x55, 0x36, 0x31, 0x17, 0x5c}}}, -{{{0xce, 0x24, 0xef, 0x7b, 0x86, 0xf2, 0x0f, 0x77, 0xe8, 0x5c, 0x7d, 0x87, 0x38, 0x2d, 0xef, 0xaf, 0xf2, 0x8c, 0x72, 0x2e, 0xeb, 0xb6, 0x55, 0x4b, 0x6e, 0xf1, 0x4e, 0x8a, 0x0e, 0x9a, 0x6c, 0x4c}} , - {{0x25, 0xea, 0x86, 0xc2, 0xd1, 0x4f, 0xb7, 0x3e, 0xa8, 0x5c, 0x8d, 0x66, 0x81, 0x25, 0xed, 0xc5, 0x4c, 0x05, 0xb9, 0xd8, 0xd6, 0x70, 0xbe, 0x73, 0x82, 0xe8, 0xa1, 0xe5, 0x1e, 0x71, 0xd5, 0x26}}}, -{{{0x4e, 0x6d, 0xc3, 0xa7, 0x4f, 0x22, 0x45, 0x26, 0xa2, 0x7e, 0x16, 0xf7, 0xf7, 0x63, 0xdc, 0x86, 0x01, 0x2a, 0x71, 0x38, 0x5c, 0x33, 0xc3, 0xce, 0x30, 0xff, 0xf9, 0x2c, 0x91, 0x71, 0x8a, 0x72}} , - {{0x8c, 0x44, 0x09, 0x28, 0xd5, 0x23, 0xc9, 0x8f, 0xf3, 0x84, 0x45, 0xc6, 0x9a, 0x5e, 0xff, 0xd2, 0xc7, 0x57, 0x93, 0xa3, 0xc1, 0x69, 0xdd, 0x62, 0x0f, 0xda, 0x5c, 0x30, 0x59, 0x5d, 0xe9, 0x4c}}}, -{{{0x92, 0x7e, 0x50, 0x27, 0x72, 0xd7, 0x0c, 0xd6, 0x69, 0x96, 0x81, 0x35, 0x84, 0x94, 0x35, 0x8b, 0x6c, 0xaa, 0x62, 0x86, 0x6e, 0x1c, 0x15, 0xf3, 0x6c, 0xb3, 0xff, 0x65, 0x1b, 0xa2, 0x9b, 0x59}} , - {{0xe2, 0xa9, 0x65, 0x88, 0xc4, 0x50, 0xfa, 0xbb, 0x3b, 0x6e, 0x5f, 0x44, 0x01, 0xca, 0x97, 0xd4, 0xdd, 0xf6, 0xcd, 0x3f, 0x3f, 0xe5, 0x97, 0x67, 0x2b, 0x8c, 0x66, 0x0f, 0x35, 0x9b, 0xf5, 0x07}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xf1, 0x59, 0x27, 0xd8, 0xdb, 0x5a, 0x11, 0x5e, 0x82, 0xf3, 0x38, 0xff, 0x1c, 0xed, 0xfe, 0x3f, 0x64, 0x54, 0x3f, 0x7f, 0xd1, 0x81, 0xed, 0xef, 0x65, 0xc5, 0xcb, 0xfd, 0xe1, 0x80, 0xcd, 0x11}} , - {{0xe0, 0xdb, 0x22, 0x28, 0xe6, 0xff, 0x61, 0x9d, 0x41, 0x14, 0x2d, 0x3b, 0x26, 0x22, 0xdf, 0xf1, 0x34, 0x81, 0xe9, 0x45, 0xee, 0x0f, 0x98, 0x8b, 0xa6, 0x3f, 0xef, 0xf7, 0x43, 0x19, 0xf1, 0x43}}}, -{{{0xee, 0xf3, 0x00, 0xa1, 0x50, 0xde, 0xc0, 0xb6, 0x01, 0xe3, 0x8c, 0x3c, 0x4d, 0x31, 0xd2, 0xb0, 0x58, 0xcd, 0xed, 0x10, 0x4a, 0x7a, 0xef, 0x80, 0xa9, 0x19, 0x32, 0xf3, 0xd8, 0x33, 0x8c, 0x06}} , - {{0xcb, 0x7d, 0x4f, 0xff, 0x30, 0xd8, 0x12, 0x3b, 0x39, 0x1c, 0x06, 0xf9, 0x4c, 0x34, 0x35, 0x71, 0xb5, 0x16, 0x94, 0x67, 0xdf, 0xee, 0x11, 0xde, 0xa4, 0x1d, 0x88, 0x93, 0x35, 0xa9, 0x32, 0x10}}}, -{{{0xe9, 0xc3, 0xbc, 0x7b, 0x5c, 0xfc, 0xb2, 0xf9, 0xc9, 0x2f, 0xe5, 0xba, 0x3a, 0x0b, 0xab, 0x64, 0x38, 0x6f, 0x5b, 0x4b, 0x93, 0xda, 0x64, 0xec, 0x4d, 0x3d, 0xa0, 0xf5, 0xbb, 0xba, 0x47, 0x48}} , - {{0x60, 0xbc, 0x45, 0x1f, 0x23, 0xa2, 0x3b, 0x70, 0x76, 0xe6, 0x97, 0x99, 0x4f, 0x77, 0x54, 0x67, 0x30, 0x9a, 0xe7, 0x66, 0xd6, 0xcd, 0x2e, 0x51, 0x24, 0x2c, 0x42, 0x4a, 0x11, 0xfe, 0x6f, 0x7e}}}, -{{{0x87, 0xc0, 0xb1, 0xf0, 0xa3, 0x6f, 0x0c, 0x93, 0xa9, 0x0a, 0x72, 0xef, 0x5c, 0xbe, 0x65, 0x35, 0xa7, 0x6a, 0x4e, 0x2c, 0xbf, 0x21, 0x23, 0xe8, 0x2f, 0x97, 0xc7, 0x3e, 0xc8, 0x17, 0xac, 0x1e}} , - {{0x7b, 0xef, 0x21, 0xe5, 0x40, 0xcc, 0x1e, 0xdc, 0xd6, 0xbd, 0x97, 0x7a, 0x7c, 0x75, 0x86, 0x7a, 0x25, 0x5a, 0x6e, 0x7c, 0xe5, 0x51, 0x3c, 0x1b, 0x5b, 0x82, 0x9a, 0x07, 0x60, 0xa1, 0x19, 0x04}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x96, 0x88, 0xa6, 0xab, 0x8f, 0xe3, 0x3a, 0x49, 0xf8, 0xfe, 0x34, 0xe7, 0x6a, 0xb2, 0xfe, 0x40, 0x26, 0x74, 0x57, 0x4c, 0xf6, 0xd4, 0x99, 0xce, 0x5d, 0x7b, 0x2f, 0x67, 0xd6, 0x5a, 0xe4, 0x4e}} , - {{0x5c, 0x82, 0xb3, 0xbd, 0x55, 0x25, 0xf6, 0x6a, 0x93, 0xa4, 0x02, 0xc6, 0x7d, 0x5c, 0xb1, 0x2b, 0x5b, 0xff, 0xfb, 0x56, 0xf8, 0x01, 0x41, 0x90, 0xc6, 0xb6, 0xac, 0x4f, 0xfe, 0xa7, 0x41, 0x70}}}, -{{{0xdb, 0xfa, 0x9b, 0x2c, 0xd4, 0x23, 0x67, 0x2c, 0x8a, 0x63, 0x6c, 0x07, 0x26, 0x48, 0x4f, 0xc2, 0x03, 0xd2, 0x53, 0x20, 0x28, 0xed, 0x65, 0x71, 0x47, 0xa9, 0x16, 0x16, 0x12, 0xbc, 0x28, 0x33}} , - {{0x39, 0xc0, 0xfa, 0xfa, 0xcd, 0x33, 0x43, 0xc7, 0x97, 0x76, 0x9b, 0x93, 0x91, 0x72, 0xeb, 0xc5, 0x18, 0x67, 0x4c, 0x11, 0xf0, 0xf4, 0xe5, 0x73, 0xb2, 0x5c, 0x1b, 0xc2, 0x26, 0x3f, 0xbf, 0x2b}}}, -{{{0x86, 0xe6, 0x8c, 0x1d, 0xdf, 0xca, 0xfc, 0xd5, 0xf8, 0x3a, 0xc3, 0x44, 0x72, 0xe6, 0x78, 0x9d, 0x2b, 0x97, 0xf8, 0x28, 0x45, 0xb4, 0x20, 0xc9, 0x2a, 0x8c, 0x67, 0xaa, 0x11, 0xc5, 0x5b, 0x2f}} , - {{0x17, 0x0f, 0x86, 0x52, 0xd7, 0x9d, 0xc3, 0x44, 0x51, 0x76, 0x32, 0x65, 0xb4, 0x37, 0x81, 0x99, 0x46, 0x37, 0x62, 0xed, 0xcf, 0x64, 0x9d, 0x72, 0x40, 0x7a, 0x4c, 0x0b, 0x76, 0x2a, 0xfb, 0x56}}}, -{{{0x33, 0xa7, 0x90, 0x7c, 0xc3, 0x6f, 0x17, 0xa5, 0xa0, 0x67, 0x72, 0x17, 0xea, 0x7e, 0x63, 0x14, 0x83, 0xde, 0xc1, 0x71, 0x2d, 0x41, 0x32, 0x7a, 0xf3, 0xd1, 0x2b, 0xd8, 0x2a, 0xa6, 0x46, 0x36}} , - {{0xac, 0xcc, 0x6b, 0x7c, 0xf9, 0xb8, 0x8b, 0x08, 0x5c, 0xd0, 0x7d, 0x8f, 0x73, 0xea, 0x20, 0xda, 0x86, 0xca, 0x00, 0xc7, 0xad, 0x73, 0x4d, 0xe9, 0xe8, 0xa9, 0xda, 0x1f, 0x03, 0x06, 0xdd, 0x24}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x9c, 0xb2, 0x61, 0x0a, 0x98, 0x2a, 0xa5, 0xd7, 0xee, 0xa9, 0xac, 0x65, 0xcb, 0x0a, 0x1e, 0xe2, 0xbe, 0xdc, 0x85, 0x59, 0x0f, 0x9c, 0xa6, 0x57, 0x34, 0xa5, 0x87, 0xeb, 0x7b, 0x1e, 0x0c, 0x3c}} , - {{0x2f, 0xbd, 0x84, 0x63, 0x0d, 0xb5, 0xa0, 0xf0, 0x4b, 0x9e, 0x93, 0xc6, 0x34, 0x9a, 0x34, 0xff, 0x73, 0x19, 0x2f, 0x6e, 0x54, 0x45, 0x2c, 0x92, 0x31, 0x76, 0x34, 0xf1, 0xb2, 0x26, 0xe8, 0x74}}}, -{{{0x0a, 0x67, 0x90, 0x6d, 0x0c, 0x4c, 0xcc, 0xc0, 0xe6, 0xbd, 0xa7, 0x5e, 0x55, 0x8c, 0xcd, 0x58, 0x9b, 0x11, 0xa2, 0xbb, 0x4b, 0xb1, 0x43, 0x04, 0x3c, 0x55, 0xed, 0x23, 0xfe, 0xcd, 0xb1, 0x53}} , - {{0x05, 0xfb, 0x75, 0xf5, 0x01, 0xaf, 0x38, 0x72, 0x58, 0xfc, 0x04, 0x29, 0x34, 0x7a, 0x67, 0xa2, 0x08, 0x50, 0x6e, 0xd0, 0x2b, 0x73, 0xd5, 0xb8, 0xe4, 0x30, 0x96, 0xad, 0x45, 0xdf, 0xa6, 0x5c}}}, -{{{0x0d, 0x88, 0x1a, 0x90, 0x7e, 0xdc, 0xd8, 0xfe, 0xc1, 0x2f, 0x5d, 0x67, 0xee, 0x67, 0x2f, 0xed, 0x6f, 0x55, 0x43, 0x5f, 0x87, 0x14, 0x35, 0x42, 0xd3, 0x75, 0xae, 0xd5, 0xd3, 0x85, 0x1a, 0x76}} , - {{0x87, 0xc8, 0xa0, 0x6e, 0xe1, 0xb0, 0xad, 0x6a, 0x4a, 0x34, 0x71, 0xed, 0x7c, 0xd6, 0x44, 0x03, 0x65, 0x4a, 0x5c, 0x5c, 0x04, 0xf5, 0x24, 0x3f, 0xb0, 0x16, 0x5e, 0x8c, 0xb2, 0xd2, 0xc5, 0x20}}}, -{{{0x98, 0x83, 0xc2, 0x37, 0xa0, 0x41, 0xa8, 0x48, 0x5c, 0x5f, 0xbf, 0xc8, 0xfa, 0x24, 0xe0, 0x59, 0x2c, 0xbd, 0xf6, 0x81, 0x7e, 0x88, 0xe6, 0xca, 0x04, 0xd8, 0x5d, 0x60, 0xbb, 0x74, 0xa7, 0x0b}} , - {{0x21, 0x13, 0x91, 0xbf, 0x77, 0x7a, 0x33, 0xbc, 0xe9, 0x07, 0x39, 0x0a, 0xdd, 0x7d, 0x06, 0x10, 0x9a, 0xee, 0x47, 0x73, 0x1b, 0x15, 0x5a, 0xfb, 0xcd, 0x4d, 0xd0, 0xd2, 0x3a, 0x01, 0xba, 0x54}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x48, 0xd5, 0x39, 0x4a, 0x0b, 0x20, 0x6a, 0x43, 0xa0, 0x07, 0x82, 0x5e, 0x49, 0x7c, 0xc9, 0x47, 0xf1, 0x7c, 0x37, 0xb9, 0x23, 0xef, 0x6b, 0x46, 0x45, 0x8c, 0x45, 0x76, 0xdf, 0x14, 0x6b, 0x6e}} , - {{0x42, 0xc9, 0xca, 0x29, 0x4c, 0x76, 0x37, 0xda, 0x8a, 0x2d, 0x7c, 0x3a, 0x58, 0xf2, 0x03, 0xb4, 0xb5, 0xb9, 0x1a, 0x13, 0x2d, 0xde, 0x5f, 0x6b, 0x9d, 0xba, 0x52, 0xc9, 0x5d, 0xb3, 0xf3, 0x30}}}, -{{{0x4c, 0x6f, 0xfe, 0x6b, 0x0c, 0x62, 0xd7, 0x48, 0x71, 0xef, 0xb1, 0x85, 0x79, 0xc0, 0xed, 0x24, 0xb1, 0x08, 0x93, 0x76, 0x8e, 0xf7, 0x38, 0x8e, 0xeb, 0xfe, 0x80, 0x40, 0xaf, 0x90, 0x64, 0x49}} , - {{0x4a, 0x88, 0xda, 0xc1, 0x98, 0x44, 0x3c, 0x53, 0x4e, 0xdb, 0x4b, 0xb9, 0x12, 0x5f, 0xcd, 0x08, 0x04, 0xef, 0x75, 0xe7, 0xb1, 0x3a, 0xe5, 0x07, 0xfa, 0xca, 0x65, 0x7b, 0x72, 0x10, 0x64, 0x7f}}}, -{{{0x3d, 0x81, 0xf0, 0xeb, 0x16, 0xfd, 0x58, 0x33, 0x8d, 0x7c, 0x1a, 0xfb, 0x20, 0x2c, 0x8a, 0xee, 0x90, 0xbb, 0x33, 0x6d, 0x45, 0xe9, 0x8e, 0x99, 0x85, 0xe1, 0x08, 0x1f, 0xc5, 0xf1, 0xb5, 0x46}} , - {{0xe4, 0xe7, 0x43, 0x4b, 0xa0, 0x3f, 0x2b, 0x06, 0xba, 0x17, 0xae, 0x3d, 0xe6, 0xce, 0xbd, 0xb8, 0xed, 0x74, 0x11, 0x35, 0xec, 0x96, 0xfe, 0x31, 0xe3, 0x0e, 0x7a, 0x4e, 0xc9, 0x1d, 0xcb, 0x20}}}, -{{{0xe0, 0x67, 0xe9, 0x7b, 0xdb, 0x96, 0x5c, 0xb0, 0x32, 0xd0, 0x59, 0x31, 0x90, 0xdc, 0x92, 0x97, 0xac, 0x09, 0x38, 0x31, 0x0f, 0x7e, 0xd6, 0x5d, 0xd0, 0x06, 0xb6, 0x1f, 0xea, 0xf0, 0x5b, 0x07}} , - {{0x81, 0x9f, 0xc7, 0xde, 0x6b, 0x41, 0x22, 0x35, 0x14, 0x67, 0x77, 0x3e, 0x90, 0x81, 0xb0, 0xd9, 0x85, 0x4c, 0xca, 0x9b, 0x3f, 0x04, 0x59, 0xd6, 0xaa, 0x17, 0xc3, 0x88, 0x34, 0x37, 0xba, 0x43}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x4c, 0xb6, 0x69, 0xc8, 0x81, 0x95, 0x94, 0x33, 0x92, 0x34, 0xe9, 0x3c, 0x84, 0x0d, 0x3d, 0x5a, 0x37, 0x9c, 0x22, 0xa0, 0xaa, 0x65, 0xce, 0xb4, 0xc2, 0x2d, 0x66, 0x67, 0x02, 0xff, 0x74, 0x10}} , - {{0x22, 0xb0, 0xd5, 0xe6, 0xc7, 0xef, 0xb1, 0xa7, 0x13, 0xda, 0x60, 0xb4, 0x80, 0xc1, 0x42, 0x7d, 0x10, 0x70, 0x97, 0x04, 0x4d, 0xda, 0x23, 0x89, 0xc2, 0x0e, 0x68, 0xcb, 0xde, 0xe0, 0x9b, 0x29}}}, -{{{0x33, 0xfe, 0x42, 0x2a, 0x36, 0x2b, 0x2e, 0x36, 0x64, 0x5c, 0x8b, 0xcc, 0x81, 0x6a, 0x15, 0x08, 0xa1, 0x27, 0xe8, 0x57, 0xe5, 0x78, 0x8e, 0xf2, 0x58, 0x19, 0x12, 0x42, 0xae, 0xc4, 0x63, 0x3e}} , - {{0x78, 0x96, 0x9c, 0xa7, 0xca, 0x80, 0xae, 0x02, 0x85, 0xb1, 0x7c, 0x04, 0x5c, 0xc1, 0x5b, 0x26, 0xc1, 0xba, 0xed, 0xa5, 0x59, 0x70, 0x85, 0x8c, 0x8c, 0xe8, 0x87, 0xac, 0x6a, 0x28, 0x99, 0x35}}}, -{{{0x9f, 0x04, 0x08, 0x28, 0xbe, 0x87, 0xda, 0x80, 0x28, 0x38, 0xde, 0x9f, 0xcd, 0xe4, 0xe3, 0x62, 0xfb, 0x2e, 0x46, 0x8d, 0x01, 0xb3, 0x06, 0x51, 0xd4, 0x19, 0x3b, 0x11, 0xfa, 0xe2, 0xad, 0x1e}} , - {{0xa0, 0x20, 0x99, 0x69, 0x0a, 0xae, 0xa3, 0x70, 0x4e, 0x64, 0x80, 0xb7, 0x85, 0x9c, 0x87, 0x54, 0x43, 0x43, 0x55, 0x80, 0x6d, 0x8d, 0x7c, 0xa9, 0x64, 0xca, 0x6c, 0x2e, 0x21, 0xd8, 0xc8, 0x6c}}}, -{{{0x91, 0x4a, 0x07, 0xad, 0x08, 0x75, 0xc1, 0x4f, 0xa4, 0xb2, 0xc3, 0x6f, 0x46, 0x3e, 0xb1, 0xce, 0x52, 0xab, 0x67, 0x09, 0x54, 0x48, 0x6b, 0x6c, 0xd7, 0x1d, 0x71, 0x76, 0xcb, 0xff, 0xdd, 0x31}} , - {{0x36, 0x88, 0xfa, 0xfd, 0xf0, 0x36, 0x6f, 0x07, 0x74, 0x88, 0x50, 0xd0, 0x95, 0x38, 0x4a, 0x48, 0x2e, 0x07, 0x64, 0x97, 0x11, 0x76, 0x01, 0x1a, 0x27, 0x4d, 0x8e, 0x25, 0x9a, 0x9b, 0x1c, 0x22}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xbe, 0x57, 0xbd, 0x0e, 0x0f, 0xac, 0x5e, 0x76, 0xa3, 0x71, 0xad, 0x2b, 0x10, 0x45, 0x02, 0xec, 0x59, 0xd5, 0x5d, 0xa9, 0x44, 0xcc, 0x25, 0x4c, 0xb3, 0x3c, 0x5b, 0x69, 0x07, 0x55, 0x26, 0x6b}} , - {{0x30, 0x6b, 0xd4, 0xa7, 0x51, 0x29, 0xe3, 0xf9, 0x7a, 0x75, 0x2a, 0x82, 0x2f, 0xd6, 0x1d, 0x99, 0x2b, 0x80, 0xd5, 0x67, 0x1e, 0x15, 0x9d, 0xca, 0xfd, 0xeb, 0xac, 0x97, 0x35, 0x09, 0x7f, 0x3f}}}, -{{{0x35, 0x0d, 0x34, 0x0a, 0xb8, 0x67, 0x56, 0x29, 0x20, 0xf3, 0x19, 0x5f, 0xe2, 0x83, 0x42, 0x73, 0x53, 0xa8, 0xc5, 0x02, 0x19, 0x33, 0xb4, 0x64, 0xbd, 0xc3, 0x87, 0x8c, 0xd7, 0x76, 0xed, 0x25}} , - {{0x47, 0x39, 0x37, 0x76, 0x0d, 0x1d, 0x0c, 0xf5, 0x5a, 0x6d, 0x43, 0x88, 0x99, 0x15, 0xb4, 0x52, 0x0f, 0x2a, 0xb3, 0xb0, 0x3f, 0xa6, 0xb3, 0x26, 0xb3, 0xc7, 0x45, 0xf5, 0x92, 0x5f, 0x9b, 0x17}}}, -{{{0x9d, 0x23, 0xbd, 0x15, 0xfe, 0x52, 0x52, 0x15, 0x26, 0x79, 0x86, 0xba, 0x06, 0x56, 0x66, 0xbb, 0x8c, 0x2e, 0x10, 0x11, 0xd5, 0x4a, 0x18, 0x52, 0xda, 0x84, 0x44, 0xf0, 0x3e, 0xe9, 0x8c, 0x35}} , - {{0xad, 0xa0, 0x41, 0xec, 0xc8, 0x4d, 0xb9, 0xd2, 0x6e, 0x96, 0x4e, 0x5b, 0xc5, 0xc2, 0xa0, 0x1b, 0xcf, 0x0c, 0xbf, 0x17, 0x66, 0x57, 0xc1, 0x17, 0x90, 0x45, 0x71, 0xc2, 0xe1, 0x24, 0xeb, 0x27}}}, -{{{0x2c, 0xb9, 0x42, 0xa4, 0xaf, 0x3b, 0x42, 0x0e, 0xc2, 0x0f, 0xf2, 0xea, 0x83, 0xaf, 0x9a, 0x13, 0x17, 0xb0, 0xbd, 0x89, 0x17, 0xe3, 0x72, 0xcb, 0x0e, 0x76, 0x7e, 0x41, 0x63, 0x04, 0x88, 0x71}} , - {{0x75, 0x78, 0x38, 0x86, 0x57, 0xdd, 0x9f, 0xee, 0x54, 0x70, 0x65, 0xbf, 0xf1, 0x2c, 0xe0, 0x39, 0x0d, 0xe3, 0x89, 0xfd, 0x8e, 0x93, 0x4f, 0x43, 0xdc, 0xd5, 0x5b, 0xde, 0xf9, 0x98, 0xe5, 0x7b}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xe7, 0x3b, 0x65, 0x11, 0xdf, 0xb2, 0xf2, 0x63, 0x94, 0x12, 0x6f, 0x5c, 0x9e, 0x77, 0xc1, 0xb6, 0xd8, 0xab, 0x58, 0x7a, 0x1d, 0x95, 0x73, 0xdd, 0xe7, 0xe3, 0x6f, 0xf2, 0x03, 0x1d, 0xdb, 0x76}} , - {{0xae, 0x06, 0x4e, 0x2c, 0x52, 0x1b, 0xbc, 0x5a, 0x5a, 0xa5, 0xbe, 0x27, 0xbd, 0xeb, 0xe1, 0x14, 0x17, 0x68, 0x26, 0x07, 0x03, 0xd1, 0x18, 0x0b, 0xdf, 0xf1, 0x06, 0x5c, 0xa6, 0x1b, 0xb9, 0x24}}}, -{{{0xc5, 0x66, 0x80, 0x13, 0x0e, 0x48, 0x8c, 0x87, 0x31, 0x84, 0xb4, 0x60, 0xed, 0xc5, 0xec, 0xb6, 0xc5, 0x05, 0x33, 0x5f, 0x2f, 0x7d, 0x40, 0xb6, 0x32, 0x1d, 0x38, 0x74, 0x1b, 0xf1, 0x09, 0x3d}} , - {{0xd4, 0x69, 0x82, 0xbc, 0x8d, 0xf8, 0x34, 0x36, 0x75, 0x55, 0x18, 0x55, 0x58, 0x3c, 0x79, 0xaf, 0x26, 0x80, 0xab, 0x9b, 0x95, 0x00, 0xf1, 0xcb, 0xda, 0xc1, 0x9f, 0xf6, 0x2f, 0xa2, 0xf4, 0x45}}}, -{{{0x17, 0xbe, 0xeb, 0x85, 0xed, 0x9e, 0xcd, 0x56, 0xf5, 0x17, 0x45, 0x42, 0xb4, 0x1f, 0x44, 0x4c, 0x05, 0x74, 0x15, 0x47, 0x00, 0xc6, 0x6a, 0x3d, 0x24, 0x09, 0x0d, 0x58, 0xb1, 0x42, 0xd7, 0x04}} , - {{0x8d, 0xbd, 0xa3, 0xc4, 0x06, 0x9b, 0x1f, 0x90, 0x58, 0x60, 0x74, 0xb2, 0x00, 0x3b, 0x3c, 0xd2, 0xda, 0x82, 0xbb, 0x10, 0x90, 0x69, 0x92, 0xa9, 0xb4, 0x30, 0x81, 0xe3, 0x7c, 0xa8, 0x89, 0x45}}}, -{{{0x3f, 0xdc, 0x05, 0xcb, 0x41, 0x3c, 0xc8, 0x23, 0x04, 0x2c, 0x38, 0x99, 0xe3, 0x68, 0x55, 0xf9, 0xd3, 0x32, 0xc7, 0xbf, 0xfa, 0xd4, 0x1b, 0x5d, 0xde, 0xdc, 0x10, 0x42, 0xc0, 0x42, 0xd9, 0x75}} , - {{0x2d, 0xab, 0x35, 0x4e, 0x87, 0xc4, 0x65, 0x97, 0x67, 0x24, 0xa4, 0x47, 0xad, 0x3f, 0x8e, 0xf3, 0xcb, 0x31, 0x17, 0x77, 0xc5, 0xe2, 0xd7, 0x8f, 0x3c, 0xc1, 0xcd, 0x56, 0x48, 0xc1, 0x6c, 0x69}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x14, 0xae, 0x5f, 0x88, 0x7b, 0xa5, 0x90, 0xdf, 0x10, 0xb2, 0x8b, 0x5e, 0x24, 0x17, 0xc3, 0xa3, 0xd4, 0x0f, 0x92, 0x61, 0x1a, 0x19, 0x5a, 0xad, 0x76, 0xbd, 0xd8, 0x1c, 0xdd, 0xe0, 0x12, 0x6d}} , - {{0x8e, 0xbd, 0x70, 0x8f, 0x02, 0xa3, 0x24, 0x4d, 0x5a, 0x67, 0xc4, 0xda, 0xf7, 0x20, 0x0f, 0x81, 0x5b, 0x7a, 0x05, 0x24, 0x67, 0x83, 0x0b, 0x2a, 0x80, 0xe7, 0xfd, 0x74, 0x4b, 0x9e, 0x5c, 0x0d}}}, -{{{0x94, 0xd5, 0x5f, 0x1f, 0xa2, 0xfb, 0xeb, 0xe1, 0x07, 0x34, 0xf8, 0x20, 0xad, 0x81, 0x30, 0x06, 0x2d, 0xa1, 0x81, 0x95, 0x36, 0xcf, 0x11, 0x0b, 0xaf, 0xc1, 0x2b, 0x9a, 0x6c, 0x55, 0xc1, 0x16}} , - {{0x36, 0x4f, 0xf1, 0x5e, 0x74, 0x35, 0x13, 0x28, 0xd7, 0x11, 0xcf, 0xb8, 0xde, 0x93, 0xb3, 0x05, 0xb8, 0xb5, 0x73, 0xe9, 0xeb, 0xad, 0x19, 0x1e, 0x89, 0x0f, 0x8b, 0x15, 0xd5, 0x8c, 0xe3, 0x23}}}, -{{{0x33, 0x79, 0xe7, 0x18, 0xe6, 0x0f, 0x57, 0x93, 0x15, 0xa0, 0xa7, 0xaa, 0xc4, 0xbf, 0x4f, 0x30, 0x74, 0x95, 0x5e, 0x69, 0x4a, 0x5b, 0x45, 0xe4, 0x00, 0xeb, 0x23, 0x74, 0x4c, 0xdf, 0x6b, 0x45}} , - {{0x97, 0x29, 0x6c, 0xc4, 0x42, 0x0b, 0xdd, 0xc0, 0x29, 0x5c, 0x9b, 0x34, 0x97, 0xd0, 0xc7, 0x79, 0x80, 0x63, 0x74, 0xe4, 0x8e, 0x37, 0xb0, 0x2b, 0x7c, 0xe8, 0x68, 0x6c, 0xc3, 0x82, 0x97, 0x57}}}, -{{{0x22, 0xbe, 0x83, 0xb6, 0x4b, 0x80, 0x6b, 0x43, 0x24, 0x5e, 0xef, 0x99, 0x9b, 0xa8, 0xfc, 0x25, 0x8d, 0x3b, 0x03, 0x94, 0x2b, 0x3e, 0xe7, 0x95, 0x76, 0x9b, 0xcc, 0x15, 0xdb, 0x32, 0xe6, 0x66}} , - {{0x84, 0xf0, 0x4a, 0x13, 0xa6, 0xd6, 0xfa, 0x93, 0x46, 0x07, 0xf6, 0x7e, 0x5c, 0x6d, 0x5e, 0xf6, 0xa6, 0xe7, 0x48, 0xf0, 0x06, 0xea, 0xff, 0x90, 0xc1, 0xcc, 0x4c, 0x19, 0x9c, 0x3c, 0x4e, 0x53}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x2a, 0x50, 0xe3, 0x07, 0x15, 0x59, 0xf2, 0x8b, 0x81, 0xf2, 0xf3, 0xd3, 0x6c, 0x99, 0x8c, 0x70, 0x67, 0xec, 0xcc, 0xee, 0x9e, 0x59, 0x45, 0x59, 0x7d, 0x47, 0x75, 0x69, 0xf5, 0x24, 0x93, 0x5d}} , - {{0x6a, 0x4f, 0x1b, 0xbe, 0x6b, 0x30, 0xcf, 0x75, 0x46, 0xe3, 0x7b, 0x9d, 0xfc, 0xcd, 0xd8, 0x5c, 0x1f, 0xb4, 0xc8, 0xe2, 0x24, 0xec, 0x1a, 0x28, 0x05, 0x32, 0x57, 0xfd, 0x3c, 0x5a, 0x98, 0x10}}}, -{{{0xa3, 0xdb, 0xf7, 0x30, 0xd8, 0xc2, 0x9a, 0xe1, 0xd3, 0xce, 0x22, 0xe5, 0x80, 0x1e, 0xd9, 0xe4, 0x1f, 0xab, 0xc0, 0x71, 0x1a, 0x86, 0x0e, 0x27, 0x99, 0x5b, 0xfa, 0x76, 0x99, 0xb0, 0x08, 0x3c}} , - {{0x2a, 0x93, 0xd2, 0x85, 0x1b, 0x6a, 0x5d, 0xa6, 0xee, 0xd1, 0xd1, 0x33, 0xbd, 0x6a, 0x36, 0x73, 0x37, 0x3a, 0x44, 0xb4, 0xec, 0xa9, 0x7a, 0xde, 0x83, 0x40, 0xd7, 0xdf, 0x28, 0xba, 0xa2, 0x30}}}, -{{{0xd3, 0xb5, 0x6d, 0x05, 0x3f, 0x9f, 0xf3, 0x15, 0x8d, 0x7c, 0xca, 0xc9, 0xfc, 0x8a, 0x7c, 0x94, 0xb0, 0x63, 0x36, 0x9b, 0x78, 0xd1, 0x91, 0x1f, 0x93, 0xd8, 0x57, 0x43, 0xde, 0x76, 0xa3, 0x43}} , - {{0x9b, 0x35, 0xe2, 0xa9, 0x3d, 0x32, 0x1e, 0xbb, 0x16, 0x28, 0x70, 0xe9, 0x45, 0x2f, 0x8f, 0x70, 0x7f, 0x08, 0x7e, 0x53, 0xc4, 0x7a, 0xbf, 0xf7, 0xe1, 0xa4, 0x6a, 0xd8, 0xac, 0x64, 0x1b, 0x11}}}, -{{{0xb2, 0xeb, 0x47, 0x46, 0x18, 0x3e, 0x1f, 0x99, 0x0c, 0xcc, 0xf1, 0x2c, 0xe0, 0xe7, 0x8f, 0xe0, 0x01, 0x7e, 0x65, 0xb8, 0x0c, 0xd0, 0xfb, 0xc8, 0xb9, 0x90, 0x98, 0x33, 0x61, 0x3b, 0xd8, 0x27}} , - {{0xa0, 0xbe, 0x72, 0x3a, 0x50, 0x4b, 0x74, 0xab, 0x01, 0xc8, 0x93, 0xc5, 0xe4, 0xc7, 0x08, 0x6c, 0xb4, 0xca, 0xee, 0xeb, 0x8e, 0xd7, 0x4e, 0x26, 0xc6, 0x1d, 0xe2, 0x71, 0xaf, 0x89, 0xa0, 0x2a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x98, 0x0b, 0xe4, 0xde, 0xdb, 0xa8, 0xfa, 0x82, 0x74, 0x06, 0x52, 0x6d, 0x08, 0x52, 0x8a, 0xff, 0x62, 0xc5, 0x6a, 0x44, 0x0f, 0x51, 0x8c, 0x1f, 0x6e, 0xb6, 0xc6, 0x2c, 0x81, 0xd3, 0x76, 0x46}} , - {{0xf4, 0x29, 0x74, 0x2e, 0x80, 0xa7, 0x1a, 0x8f, 0xf6, 0xbd, 0xd6, 0x8e, 0xbf, 0xc1, 0x95, 0x2a, 0xeb, 0xa0, 0x7f, 0x45, 0xa0, 0x50, 0x14, 0x05, 0xb1, 0x57, 0x4c, 0x74, 0xb7, 0xe2, 0x89, 0x7d}}}, -{{{0x07, 0xee, 0xa7, 0xad, 0xb7, 0x09, 0x0b, 0x49, 0x4e, 0xbf, 0xca, 0xe5, 0x21, 0xe6, 0xe6, 0xaf, 0xd5, 0x67, 0xf3, 0xce, 0x7e, 0x7c, 0x93, 0x7b, 0x5a, 0x10, 0x12, 0x0e, 0x6c, 0x06, 0x11, 0x75}} , - {{0xd5, 0xfc, 0x86, 0xa3, 0x3b, 0xa3, 0x3e, 0x0a, 0xfb, 0x0b, 0xf7, 0x36, 0xb1, 0x5b, 0xda, 0x70, 0xb7, 0x00, 0xa7, 0xda, 0x88, 0x8f, 0x84, 0xa8, 0xbc, 0x1c, 0x39, 0xb8, 0x65, 0xf3, 0x4d, 0x60}}}, -{{{0x96, 0x9d, 0x31, 0xf4, 0xa2, 0xbe, 0x81, 0xb9, 0xa5, 0x59, 0x9e, 0xba, 0x07, 0xbe, 0x74, 0x58, 0xd8, 0xeb, 0xc5, 0x9f, 0x3d, 0xd1, 0xf4, 0xae, 0xce, 0x53, 0xdf, 0x4f, 0xc7, 0x2a, 0x89, 0x4d}} , - {{0x29, 0xd8, 0xf2, 0xaa, 0xe9, 0x0e, 0xf7, 0x2e, 0x5f, 0x9d, 0x8a, 0x5b, 0x09, 0xed, 0xc9, 0x24, 0x22, 0xf4, 0x0f, 0x25, 0x8f, 0x1c, 0x84, 0x6e, 0x34, 0x14, 0x6c, 0xea, 0xb3, 0x86, 0x5d, 0x04}}}, -{{{0x07, 0x98, 0x61, 0xe8, 0x6a, 0xd2, 0x81, 0x49, 0x25, 0xd5, 0x5b, 0x18, 0xc7, 0x35, 0x52, 0x51, 0xa4, 0x46, 0xad, 0x18, 0x0d, 0xc9, 0x5f, 0x18, 0x91, 0x3b, 0xb4, 0xc0, 0x60, 0x59, 0x8d, 0x66}} , - {{0x03, 0x1b, 0x79, 0x53, 0x6e, 0x24, 0xae, 0x57, 0xd9, 0x58, 0x09, 0x85, 0x48, 0xa2, 0xd3, 0xb5, 0xe2, 0x4d, 0x11, 0x82, 0xe6, 0x86, 0x3c, 0xe9, 0xb1, 0x00, 0x19, 0xc2, 0x57, 0xf7, 0x66, 0x7a}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x0f, 0xe3, 0x89, 0x03, 0xd7, 0x22, 0x95, 0x9f, 0xca, 0xb4, 0x8d, 0x9e, 0x6d, 0x97, 0xff, 0x8d, 0x21, 0x59, 0x07, 0xef, 0x03, 0x2d, 0x5e, 0xf8, 0x44, 0x46, 0xe7, 0x85, 0x80, 0xc5, 0x89, 0x50}} , - {{0x8b, 0xd8, 0x53, 0x86, 0x24, 0x86, 0x29, 0x52, 0x01, 0xfa, 0x20, 0xc3, 0x4e, 0x95, 0xcb, 0xad, 0x7b, 0x34, 0x94, 0x30, 0xb7, 0x7a, 0xfa, 0x96, 0x41, 0x60, 0x2b, 0xcb, 0x59, 0xb9, 0xca, 0x50}}}, -{{{0xc2, 0x5b, 0x9b, 0x78, 0x23, 0x1b, 0x3a, 0x88, 0x94, 0x5f, 0x0a, 0x9b, 0x98, 0x2b, 0x6e, 0x53, 0x11, 0xf6, 0xff, 0xc6, 0x7d, 0x42, 0xcc, 0x02, 0x80, 0x40, 0x0d, 0x1e, 0xfb, 0xaf, 0x61, 0x07}} , - {{0xb0, 0xe6, 0x2f, 0x81, 0x70, 0xa1, 0x2e, 0x39, 0x04, 0x7c, 0xc4, 0x2c, 0x87, 0x45, 0x4a, 0x5b, 0x69, 0x97, 0xac, 0x6d, 0x2c, 0x10, 0x42, 0x7c, 0x3b, 0x15, 0x70, 0x60, 0x0e, 0x11, 0x6d, 0x3a}}}, -{{{0x9b, 0x18, 0x80, 0x5e, 0xdb, 0x05, 0xbd, 0xc6, 0xb7, 0x3c, 0xc2, 0x40, 0x4d, 0x5d, 0xce, 0x97, 0x8a, 0x34, 0x15, 0xab, 0x28, 0x5d, 0x10, 0xf0, 0x37, 0x0c, 0xcc, 0x16, 0xfa, 0x1f, 0x33, 0x0d}} , - {{0x19, 0xf9, 0x35, 0xaa, 0x59, 0x1a, 0x0c, 0x5c, 0x06, 0xfc, 0x6a, 0x0b, 0x97, 0x53, 0x36, 0xfc, 0x2a, 0xa5, 0x5a, 0x9b, 0x30, 0xef, 0x23, 0xaf, 0x39, 0x5d, 0x9a, 0x6b, 0x75, 0x57, 0x48, 0x0b}}}, -{{{0x26, 0xdc, 0x76, 0x3b, 0xfc, 0xf9, 0x9c, 0x3f, 0x89, 0x0b, 0x62, 0x53, 0xaf, 0x83, 0x01, 0x2e, 0xbc, 0x6a, 0xc6, 0x03, 0x0d, 0x75, 0x2a, 0x0d, 0xe6, 0x94, 0x54, 0xcf, 0xb3, 0xe5, 0x96, 0x25}} , - {{0xfe, 0x82, 0xb1, 0x74, 0x31, 0x8a, 0xa7, 0x6f, 0x56, 0xbd, 0x8d, 0xf4, 0xe0, 0x94, 0x51, 0x59, 0xde, 0x2c, 0x5a, 0xf4, 0x84, 0x6b, 0x4a, 0x88, 0x93, 0xc0, 0x0c, 0x9a, 0xac, 0xa7, 0xa0, 0x68}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x25, 0x0d, 0xd6, 0xc7, 0x23, 0x47, 0x10, 0xad, 0xc7, 0x08, 0x5c, 0x87, 0x87, 0x93, 0x98, 0x18, 0xb8, 0xd3, 0x9c, 0xac, 0x5a, 0x3d, 0xc5, 0x75, 0xf8, 0x49, 0x32, 0x14, 0xcc, 0x51, 0x96, 0x24}} , - {{0x65, 0x9c, 0x5d, 0xf0, 0x37, 0x04, 0xf0, 0x34, 0x69, 0x2a, 0xf0, 0xa5, 0x64, 0xca, 0xde, 0x2b, 0x5b, 0x15, 0x10, 0xd2, 0xab, 0x06, 0xdd, 0xc4, 0xb0, 0xb6, 0x5b, 0xc1, 0x17, 0xdf, 0x8f, 0x02}}}, -{{{0xbd, 0x59, 0x3d, 0xbf, 0x5c, 0x31, 0x44, 0x2c, 0x32, 0x94, 0x04, 0x60, 0x84, 0x0f, 0xad, 0x00, 0xb6, 0x8f, 0xc9, 0x1d, 0xcc, 0x5c, 0xa2, 0x49, 0x0e, 0x50, 0x91, 0x08, 0x9a, 0x43, 0x55, 0x05}} , - {{0x5d, 0x93, 0x55, 0xdf, 0x9b, 0x12, 0x19, 0xec, 0x93, 0x85, 0x42, 0x9e, 0x66, 0x0f, 0x9d, 0xaf, 0x99, 0xaf, 0x26, 0x89, 0xbc, 0x61, 0xfd, 0xff, 0xce, 0x4b, 0xf4, 0x33, 0x95, 0xc9, 0x35, 0x58}}}, -{{{0x12, 0x55, 0xf9, 0xda, 0xcb, 0x44, 0xa7, 0xdc, 0x57, 0xe2, 0xf9, 0x9a, 0xe6, 0x07, 0x23, 0x60, 0x54, 0xa7, 0x39, 0xa5, 0x9b, 0x84, 0x56, 0x6e, 0xaa, 0x8b, 0x8f, 0xb0, 0x2c, 0x87, 0xaf, 0x67}} , - {{0x00, 0xa9, 0x4c, 0xb2, 0x12, 0xf8, 0x32, 0xa8, 0x7a, 0x00, 0x4b, 0x49, 0x32, 0xba, 0x1f, 0x5d, 0x44, 0x8e, 0x44, 0x7a, 0xdc, 0x11, 0xfb, 0x39, 0x08, 0x57, 0x87, 0xa5, 0x12, 0x42, 0x93, 0x0e}}}, -{{{0x17, 0xb4, 0xae, 0x72, 0x59, 0xd0, 0xaa, 0xa8, 0x16, 0x8b, 0x63, 0x11, 0xb3, 0x43, 0x04, 0xda, 0x0c, 0xa8, 0xb7, 0x68, 0xdd, 0x4e, 0x54, 0xe7, 0xaf, 0x5d, 0x5d, 0x05, 0x76, 0x36, 0xec, 0x0d}} , - {{0x6d, 0x7c, 0x82, 0x32, 0x38, 0x55, 0x57, 0x74, 0x5b, 0x7d, 0xc3, 0xc4, 0xfb, 0x06, 0x29, 0xf0, 0x13, 0x55, 0x54, 0xc6, 0xa7, 0xdc, 0x4c, 0x9f, 0x98, 0x49, 0x20, 0xa8, 0xc3, 0x8d, 0xfa, 0x48}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x87, 0x47, 0x9d, 0xe9, 0x25, 0xd5, 0xe3, 0x47, 0x78, 0xdf, 0x85, 0xa7, 0x85, 0x5e, 0x7a, 0x4c, 0x5f, 0x79, 0x1a, 0xf3, 0xa2, 0xb2, 0x28, 0xa0, 0x9c, 0xdd, 0x30, 0x40, 0xd4, 0x38, 0xbd, 0x28}} , - {{0xfc, 0xbb, 0xd5, 0x78, 0x6d, 0x1d, 0xd4, 0x99, 0xb4, 0xaa, 0x44, 0x44, 0x7a, 0x1b, 0xd8, 0xfe, 0xb4, 0x99, 0xb9, 0xcc, 0xe7, 0xc4, 0xd3, 0x3a, 0x73, 0x83, 0x41, 0x5c, 0x40, 0xd7, 0x2d, 0x55}}}, -{{{0x26, 0xe1, 0x7b, 0x5f, 0xe5, 0xdc, 0x3f, 0x7d, 0xa1, 0xa7, 0x26, 0x44, 0x22, 0x23, 0xc0, 0x8f, 0x7d, 0xf1, 0xb5, 0x11, 0x47, 0x7b, 0x19, 0xd4, 0x75, 0x6f, 0x1e, 0xa5, 0x27, 0xfe, 0xc8, 0x0e}} , - {{0xd3, 0x11, 0x3d, 0xab, 0xef, 0x2c, 0xed, 0xb1, 0x3d, 0x7c, 0x32, 0x81, 0x6b, 0xfe, 0xf8, 0x1c, 0x3c, 0x7b, 0xc0, 0x61, 0xdf, 0xb8, 0x75, 0x76, 0x7f, 0xaa, 0xd8, 0x93, 0xaf, 0x3d, 0xe8, 0x3d}}}, -{{{0xfd, 0x5b, 0x4e, 0x8d, 0xb6, 0x7e, 0x82, 0x9b, 0xef, 0xce, 0x04, 0x69, 0x51, 0x52, 0xff, 0xef, 0xa0, 0x52, 0xb5, 0x79, 0x17, 0x5e, 0x2f, 0xde, 0xd6, 0x3c, 0x2d, 0xa0, 0x43, 0xb4, 0x0b, 0x19}} , - {{0xc0, 0x61, 0x48, 0x48, 0x17, 0xf4, 0x9e, 0x18, 0x51, 0x2d, 0xea, 0x2f, 0xf2, 0xf2, 0xe0, 0xa3, 0x14, 0xb7, 0x8b, 0x3a, 0x30, 0xf5, 0x81, 0xc1, 0x5d, 0x71, 0x39, 0x62, 0x55, 0x1f, 0x60, 0x5a}}}, -{{{0xe5, 0x89, 0x8a, 0x76, 0x6c, 0xdb, 0x4d, 0x0a, 0x5b, 0x72, 0x9d, 0x59, 0x6e, 0x63, 0x63, 0x18, 0x7c, 0xe3, 0xfa, 0xe2, 0xdb, 0xa1, 0x8d, 0xf4, 0xa5, 0xd7, 0x16, 0xb2, 0xd0, 0xb3, 0x3f, 0x39}} , - {{0xce, 0x60, 0x09, 0x6c, 0xf5, 0x76, 0x17, 0x24, 0x80, 0x3a, 0x96, 0xc7, 0x94, 0x2e, 0xf7, 0x6b, 0xef, 0xb5, 0x05, 0x96, 0xef, 0xd3, 0x7b, 0x51, 0xda, 0x05, 0x44, 0x67, 0xbc, 0x07, 0x21, 0x4e}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xe9, 0x73, 0x6f, 0x21, 0xb9, 0xde, 0x22, 0x7d, 0xeb, 0x97, 0x31, 0x10, 0xa3, 0xea, 0xe1, 0xc6, 0x37, 0xeb, 0x8f, 0x43, 0x58, 0xde, 0x41, 0x64, 0x0e, 0x3e, 0x07, 0x99, 0x3d, 0xf1, 0xdf, 0x1e}} , - {{0xf8, 0xad, 0x43, 0xc2, 0x17, 0x06, 0xe2, 0xe4, 0xa9, 0x86, 0xcd, 0x18, 0xd7, 0x78, 0xc8, 0x74, 0x66, 0xd2, 0x09, 0x18, 0xa5, 0xf1, 0xca, 0xa6, 0x62, 0x92, 0xc1, 0xcb, 0x00, 0xeb, 0x42, 0x2e}}}, -{{{0x7b, 0x34, 0x24, 0x4c, 0xcf, 0x38, 0xe5, 0x6c, 0x0a, 0x01, 0x2c, 0x22, 0x0b, 0x24, 0x38, 0xad, 0x24, 0x7e, 0x19, 0xf0, 0x6c, 0xf9, 0x31, 0xf4, 0x35, 0x11, 0xf6, 0x46, 0x33, 0x3a, 0x23, 0x59}} , - {{0x20, 0x0b, 0xa1, 0x08, 0x19, 0xad, 0x39, 0x54, 0xea, 0x3e, 0x23, 0x09, 0xb6, 0xe2, 0xd2, 0xbc, 0x4d, 0xfc, 0x9c, 0xf0, 0x13, 0x16, 0x22, 0x3f, 0xb9, 0xd2, 0x11, 0x86, 0x90, 0x55, 0xce, 0x3c}}}, -{{{0xc4, 0x0b, 0x4b, 0x62, 0x99, 0x37, 0x84, 0x3f, 0x74, 0xa2, 0xf9, 0xce, 0xe2, 0x0b, 0x0f, 0x2a, 0x3d, 0xa3, 0xe3, 0xdb, 0x5a, 0x9d, 0x93, 0xcc, 0xa5, 0xef, 0x82, 0x91, 0x1d, 0xe6, 0x6c, 0x68}} , - {{0xa3, 0x64, 0x17, 0x9b, 0x8b, 0xc8, 0x3a, 0x61, 0xe6, 0x9d, 0xc6, 0xed, 0x7b, 0x03, 0x52, 0x26, 0x9d, 0x3a, 0xb3, 0x13, 0xcc, 0x8a, 0xfd, 0x2c, 0x1a, 0x1d, 0xed, 0x13, 0xd0, 0x55, 0x57, 0x0e}}}, -{{{0x1a, 0xea, 0xbf, 0xfd, 0x4a, 0x3c, 0x8e, 0xec, 0x29, 0x7e, 0x77, 0x77, 0x12, 0x99, 0xd7, 0x84, 0xf9, 0x55, 0x7f, 0xf1, 0x8b, 0xb4, 0xd2, 0x95, 0xa3, 0x8d, 0xf0, 0x8a, 0xa7, 0xeb, 0x82, 0x4b}} , - {{0x2c, 0x28, 0xf4, 0x3a, 0xf6, 0xde, 0x0a, 0xe0, 0x41, 0x44, 0x23, 0xf8, 0x3f, 0x03, 0x64, 0x9f, 0xc3, 0x55, 0x4c, 0xc6, 0xc1, 0x94, 0x1c, 0x24, 0x5d, 0x5f, 0x92, 0x45, 0x96, 0x57, 0x37, 0x14}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xc1, 0xcd, 0x90, 0x66, 0xb9, 0x76, 0xa0, 0x5b, 0xa5, 0x85, 0x75, 0x23, 0xf9, 0x89, 0xa5, 0x82, 0xb2, 0x6f, 0xb1, 0xeb, 0xc4, 0x69, 0x6f, 0x18, 0x5a, 0xed, 0x94, 0x3d, 0x9d, 0xd9, 0x2c, 0x1a}} , - {{0x35, 0xb0, 0xe6, 0x73, 0x06, 0xb7, 0x37, 0xe0, 0xf8, 0xb0, 0x22, 0xe8, 0xd2, 0xed, 0x0b, 0xef, 0xe6, 0xc6, 0x5a, 0x99, 0x9e, 0x1a, 0x9f, 0x04, 0x97, 0xe4, 0x4d, 0x0b, 0xbe, 0xba, 0x44, 0x40}}}, -{{{0xc1, 0x56, 0x96, 0x91, 0x5f, 0x1f, 0xbb, 0x54, 0x6f, 0x88, 0x89, 0x0a, 0xb2, 0xd6, 0x41, 0x42, 0x6a, 0x82, 0xee, 0x14, 0xaa, 0x76, 0x30, 0x65, 0x0f, 0x67, 0x39, 0xa6, 0x51, 0x7c, 0x49, 0x24}} , - {{0x35, 0xa3, 0x78, 0xd1, 0x11, 0x0f, 0x75, 0xd3, 0x70, 0x46, 0xdb, 0x20, 0x51, 0xcb, 0x92, 0x80, 0x54, 0x10, 0x74, 0x36, 0x86, 0xa9, 0xd7, 0xa3, 0x08, 0x78, 0xf1, 0x01, 0x29, 0xf8, 0x80, 0x3b}}}, -{{{0xdb, 0xa7, 0x9d, 0x9d, 0xbf, 0xa0, 0xcc, 0xed, 0x53, 0xa2, 0xa2, 0x19, 0x39, 0x48, 0x83, 0x19, 0x37, 0x58, 0xd1, 0x04, 0x28, 0x40, 0xf7, 0x8a, 0xc2, 0x08, 0xb7, 0xa5, 0x42, 0xcf, 0x53, 0x4c}} , - {{0xa7, 0xbb, 0xf6, 0x8e, 0xad, 0xdd, 0xf7, 0x90, 0xdd, 0x5f, 0x93, 0x89, 0xae, 0x04, 0x37, 0xe6, 0x9a, 0xb7, 0xe8, 0xc0, 0xdf, 0x16, 0x2a, 0xbf, 0xc4, 0x3a, 0x3c, 0x41, 0xd5, 0x89, 0x72, 0x5a}}}, -{{{0x1f, 0x96, 0xff, 0x34, 0x2c, 0x13, 0x21, 0xcb, 0x0a, 0x89, 0x85, 0xbe, 0xb3, 0x70, 0x9e, 0x1e, 0xde, 0x97, 0xaf, 0x96, 0x30, 0xf7, 0x48, 0x89, 0x40, 0x8d, 0x07, 0xf1, 0x25, 0xf0, 0x30, 0x58}} , - {{0x1e, 0xd4, 0x93, 0x57, 0xe2, 0x17, 0xe7, 0x9d, 0xab, 0x3c, 0x55, 0x03, 0x82, 0x2f, 0x2b, 0xdb, 0x56, 0x1e, 0x30, 0x2e, 0x24, 0x47, 0x6e, 0xe6, 0xff, 0x33, 0x24, 0x2c, 0x75, 0x51, 0xd4, 0x67}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0x2b, 0x06, 0xd9, 0xa1, 0x5d, 0xe1, 0xf4, 0xd1, 0x1e, 0x3c, 0x9a, 0xc6, 0x29, 0x2b, 0x13, 0x13, 0x78, 0xc0, 0xd8, 0x16, 0x17, 0x2d, 0x9e, 0xa9, 0xc9, 0x79, 0x57, 0xab, 0x24, 0x91, 0x92, 0x19}} , - {{0x69, 0xfb, 0xa1, 0x9c, 0xa6, 0x75, 0x49, 0x7d, 0x60, 0x73, 0x40, 0x42, 0xc4, 0x13, 0x0a, 0x95, 0x79, 0x1e, 0x04, 0x83, 0x94, 0x99, 0x9b, 0x1e, 0x0c, 0xe8, 0x1f, 0x54, 0xef, 0xcb, 0xc0, 0x52}}}, -{{{0x14, 0x89, 0x73, 0xa1, 0x37, 0x87, 0x6a, 0x7a, 0xcf, 0x1d, 0xd9, 0x2e, 0x1a, 0x67, 0xed, 0x74, 0xc0, 0xf0, 0x9c, 0x33, 0xdd, 0xdf, 0x08, 0xbf, 0x7b, 0xd1, 0x66, 0xda, 0xe6, 0xc9, 0x49, 0x08}} , - {{0xe9, 0xdd, 0x5e, 0x55, 0xb0, 0x0a, 0xde, 0x21, 0x4c, 0x5a, 0x2e, 0xd4, 0x80, 0x3a, 0x57, 0x92, 0x7a, 0xf1, 0xc4, 0x2c, 0x40, 0xaf, 0x2f, 0xc9, 0x92, 0x03, 0xe5, 0x5a, 0xbc, 0xdc, 0xf4, 0x09}}}, -{{{0xf3, 0xe1, 0x2b, 0x7c, 0x05, 0x86, 0x80, 0x93, 0x4a, 0xad, 0xb4, 0x8f, 0x7e, 0x99, 0x0c, 0xfd, 0xcd, 0xef, 0xd1, 0xff, 0x2c, 0x69, 0x34, 0x13, 0x41, 0x64, 0xcf, 0x3b, 0xd0, 0x90, 0x09, 0x1e}} , - {{0x9d, 0x45, 0xd6, 0x80, 0xe6, 0x45, 0xaa, 0xf4, 0x15, 0xaa, 0x5c, 0x34, 0x87, 0x99, 0xa2, 0x8c, 0x26, 0x84, 0x62, 0x7d, 0xb6, 0x29, 0xc0, 0x52, 0xea, 0xf5, 0x81, 0x18, 0x0f, 0x35, 0xa9, 0x0e}}}, -{{{0xe7, 0x20, 0x72, 0x7c, 0x6d, 0x94, 0x5f, 0x52, 0x44, 0x54, 0xe3, 0xf1, 0xb2, 0xb0, 0x36, 0x46, 0x0f, 0xae, 0x92, 0xe8, 0x70, 0x9d, 0x6e, 0x79, 0xb1, 0xad, 0x37, 0xa9, 0x5f, 0xc0, 0xde, 0x03}} , - {{0x15, 0x55, 0x37, 0xc6, 0x1c, 0x27, 0x1c, 0x6d, 0x14, 0x4f, 0xca, 0xa4, 0xc4, 0x88, 0x25, 0x46, 0x39, 0xfc, 0x5a, 0xe5, 0xfe, 0x29, 0x11, 0x69, 0xf5, 0x72, 0x84, 0x4d, 0x78, 0x9f, 0x94, 0x15}}}, -{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, - {{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}, -{{{0xec, 0xd3, 0xff, 0x57, 0x0b, 0xb0, 0xb2, 0xdc, 0xf8, 0x4f, 0xe2, 0x12, 0xd5, 0x36, 0xbe, 0x6b, 0x09, 0x43, 0x6d, 0xa3, 0x4d, 0x90, 0x2d, 0xb8, 0x74, 0xe8, 0x71, 0x45, 0x19, 0x8b, 0x0c, 0x6a}} , - {{0xb8, 0x42, 0x1c, 0x03, 0xad, 0x2c, 0x03, 0x8e, 0xac, 0xd7, 0x98, 0x29, 0x13, 0xc6, 0x02, 0x29, 0xb5, 0xd4, 0xe7, 0xcf, 0xcc, 0x8b, 0x83, 0xec, 0x35, 0xc7, 0x9c, 0x74, 0xb7, 0xad, 0x85, 0x5f}}}, -{{{0x78, 0x84, 0xe1, 0x56, 0x45, 0x69, 0x68, 0x5a, 0x4f, 0xb8, 0xb1, 0x29, 0xff, 0x33, 0x03, 0x31, 0xb7, 0xcb, 0x96, 0x25, 0xe6, 0xe6, 0x41, 0x98, 0x1a, 0xbb, 0x03, 0x56, 0xf2, 0xb2, 0x91, 0x34}} , - {{0x2c, 0x6c, 0xf7, 0x66, 0xa4, 0x62, 0x6b, 0x39, 0xb3, 0xba, 0x65, 0xd3, 0x1c, 0xf8, 0x11, 0xaa, 0xbe, 0xdc, 0x80, 0x59, 0x87, 0xf5, 0x7b, 0xe5, 0xe3, 0xb3, 0x3e, 0x39, 0xda, 0xbe, 0x88, 0x09}}}, -{{{0x8b, 0xf1, 0xa0, 0xf5, 0xdc, 0x29, 0xb4, 0xe2, 0x07, 0xc6, 0x7a, 0x00, 0xd0, 0x89, 0x17, 0x51, 0xd4, 0xbb, 0xd4, 0x22, 0xea, 0x7e, 0x7d, 0x7c, 0x24, 0xea, 0xf2, 0xe8, 0x22, 0x12, 0x95, 0x06}} , - {{0xda, 0x7c, 0xa4, 0x0c, 0xf4, 0xba, 0x6e, 0xe1, 0x89, 0xb5, 0x59, 0xca, 0xf1, 0xc0, 0x29, 0x36, 0x09, 0x44, 0xe2, 0x7f, 0xd1, 0x63, 0x15, 0x99, 0xea, 0x25, 0xcf, 0x0c, 0x9d, 0xc0, 0x44, 0x6f}}}, -{{{0x1d, 0x86, 0x4e, 0xcf, 0xf7, 0x37, 0x10, 0x25, 0x8f, 0x12, 0xfb, 0x19, 0xfb, 0xe0, 0xed, 0x10, 0xc8, 0xe2, 0xf5, 0x75, 0xb1, 0x33, 0xc0, 0x96, 0x0d, 0xfb, 0x15, 0x6c, 0x0d, 0x07, 0x5f, 0x05}} , - {{0x69, 0x3e, 0x47, 0x97, 0x2c, 0xaf, 0x52, 0x7c, 0x78, 0x83, 0xad, 0x1b, 0x39, 0x82, 0x2f, 0x02, 0x6f, 0x47, 0xdb, 0x2a, 0xb0, 0xe1, 0x91, 0x99, 0x55, 0xb8, 0x99, 0x3a, 0xa0, 0x44, 0x11, 0x51}}} diff --git a/Blink/Commands/openssh/ed25519/hash.c b/Blink/Commands/openssh/ed25519/hash.c deleted file mode 100644 index 682e9ae0d..000000000 --- a/Blink/Commands/openssh/ed25519/hash.c +++ /dev/null @@ -1,75 +0,0 @@ -/* $OpenBSD: hash.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* Copied from nacl-20110221/crypto_hash/sha512/ref/hash.c */ - -/* -20080913 -D. J. Bernstein -Public domain. -*/ - - -#include "crypto_api.h" - -#define blocks crypto_hashblocks_sha512 - -static const unsigned char iv[64] = { - 0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08, - 0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b, - 0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b, - 0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1, - 0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1, - 0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f, - 0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b, - 0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79 -} ; - -typedef unsigned long long uint64; - -int crypto_hash_sha512(unsigned char *out,const unsigned char *in,unsigned long long inlen) -{ - unsigned char h[64]; - unsigned char padded[256]; - unsigned int i; - unsigned long long bytes = inlen; - - for (i = 0;i < 64;++i) h[i] = iv[i]; - - blocks(h,in,inlen); - in += inlen; - inlen &= 127; - in -= inlen; - - for (i = 0;i < inlen;++i) padded[i] = in[i]; - padded[inlen] = 0x80; - - if (inlen < 112) { - for (i = inlen + 1;i < 119;++i) padded[i] = 0; - padded[119] = bytes >> 61; - padded[120] = bytes >> 53; - padded[121] = bytes >> 45; - padded[122] = bytes >> 37; - padded[123] = bytes >> 29; - padded[124] = bytes >> 21; - padded[125] = bytes >> 13; - padded[126] = bytes >> 5; - padded[127] = bytes << 3; - blocks(h,padded,128); - } else { - for (i = inlen + 1;i < 247;++i) padded[i] = 0; - padded[247] = bytes >> 61; - padded[248] = bytes >> 53; - padded[249] = bytes >> 45; - padded[250] = bytes >> 37; - padded[251] = bytes >> 29; - padded[252] = bytes >> 21; - padded[253] = bytes >> 13; - padded[254] = bytes >> 5; - padded[255] = bytes << 3; - blocks(h,padded,256); - } - - for (i = 0;i < 64;++i) out[i] = h[i]; - - return 0; -} diff --git a/Blink/Commands/openssh/ed25519/sc25519.c b/Blink/Commands/openssh/ed25519/sc25519.c deleted file mode 100644 index b5774bcba..000000000 --- a/Blink/Commands/openssh/ed25519/sc25519.c +++ /dev/null @@ -1,307 +0,0 @@ -/* $OpenBSD: sc25519.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c - */ - - -#include "sc25519.h" - -/*Arithmetic modulo the group order m = 2^252 + 27742317777372353535851937790883648493 = 7237005577332262213973186563042994240857116359379907606001950938285454250989 */ - -static const crypto_uint32 m[32] = {0xED, 0xD3, 0xF5, 0x5C, 0x1A, 0x63, 0x12, 0x58, 0xD6, 0x9C, 0xF7, 0xA2, 0xDE, 0xF9, 0xDE, 0x14, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10}; - -static const crypto_uint32 mu[33] = {0x1B, 0x13, 0x2C, 0x0A, 0xA3, 0xE5, 0x9C, 0xED, 0xA7, 0x29, 0x63, 0x08, 0x5D, 0x21, 0x06, 0x21, - 0xEB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0F}; - -static crypto_uint32 lt(crypto_uint32 a,crypto_uint32 b) /* 16-bit inputs */ -{ - unsigned int x = a; - x -= (unsigned int) b; /* 0..65535: no; 4294901761..4294967295: yes */ - x >>= 31; /* 0: no; 1: yes */ - return x; -} - -/* Reduce coefficients of r before calling reduce_add_sub */ -static void reduce_add_sub(sc25519 *r) -{ - crypto_uint32 pb = 0; - crypto_uint32 b; - crypto_uint32 mask; - int i; - unsigned char t[32]; - - for(i=0;i<32;i++) - { - pb += m[i]; - b = lt(r->v[i],pb); - t[i] = r->v[i]-pb+(b<<8); - pb = b; - } - mask = b - 1; - for(i=0;i<32;i++) - r->v[i] ^= mask & (r->v[i] ^ t[i]); -} - -/* Reduce coefficients of x before calling barrett_reduce */ -static void barrett_reduce(sc25519 *r, const crypto_uint32 x[64]) -{ - /* See HAC, Alg. 14.42 */ - int i,j; - crypto_uint32 q2[66]; - crypto_uint32 *q3 = q2 + 33; - crypto_uint32 r1[33]; - crypto_uint32 r2[33]; - crypto_uint32 carry; - crypto_uint32 pb = 0; - crypto_uint32 b; - - for (i = 0;i < 66;++i) q2[i] = 0; - for (i = 0;i < 33;++i) r2[i] = 0; - - for(i=0;i<33;i++) - for(j=0;j<33;j++) - if(i+j >= 31) q2[i+j] += mu[i]*x[j+31]; - carry = q2[31] >> 8; - q2[32] += carry; - carry = q2[32] >> 8; - q2[33] += carry; - - for(i=0;i<33;i++)r1[i] = x[i]; - for(i=0;i<32;i++) - for(j=0;j<33;j++) - if(i+j < 33) r2[i+j] += m[i]*q3[j]; - - for(i=0;i<32;i++) - { - carry = r2[i] >> 8; - r2[i+1] += carry; - r2[i] &= 0xff; - } - - for(i=0;i<32;i++) - { - pb += r2[i]; - b = lt(r1[i],pb); - r->v[i] = r1[i]-pb+(b<<8); - pb = b; - } - - /* XXX: Can it really happen that r<0?, See HAC, Alg 14.42, Step 3 - * If so: Handle it here! - */ - - reduce_add_sub(r); - reduce_add_sub(r); -} - -void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]) -{ - int i; - crypto_uint32 t[64]; - for(i=0;i<32;i++) t[i] = x[i]; - for(i=32;i<64;++i) t[i] = 0; - barrett_reduce(r, t); -} - -void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16]) -{ - int i; - for(i=0;i<16;i++) r->v[i] = x[i]; -} - -void sc25519_from64bytes(sc25519 *r, const unsigned char x[64]) -{ - int i; - crypto_uint32 t[64]; - for(i=0;i<64;i++) t[i] = x[i]; - barrett_reduce(r, t); -} - -void sc25519_from_shortsc(sc25519 *r, const shortsc25519 *x) -{ - int i; - for(i=0;i<16;i++) - r->v[i] = x->v[i]; - for(i=0;i<16;i++) - r->v[16+i] = 0; -} - -void sc25519_to32bytes(unsigned char r[32], const sc25519 *x) -{ - int i; - for(i=0;i<32;i++) r[i] = x->v[i]; -} - -int sc25519_iszero_vartime(const sc25519 *x) -{ - int i; - for(i=0;i<32;i++) - if(x->v[i] != 0) return 0; - return 1; -} - -int sc25519_isshort_vartime(const sc25519 *x) -{ - int i; - for(i=31;i>15;i--) - if(x->v[i] != 0) return 0; - return 1; -} - -int sc25519_lt_vartime(const sc25519 *x, const sc25519 *y) -{ - int i; - for(i=31;i>=0;i--) - { - if(x->v[i] < y->v[i]) return 1; - if(x->v[i] > y->v[i]) return 0; - } - return 0; -} - -void sc25519_add(sc25519 *r, const sc25519 *x, const sc25519 *y) -{ - int i, carry; - for(i=0;i<32;i++) r->v[i] = x->v[i] + y->v[i]; - for(i=0;i<31;i++) - { - carry = r->v[i] >> 8; - r->v[i+1] += carry; - r->v[i] &= 0xff; - } - reduce_add_sub(r); -} - -void sc25519_sub_nored(sc25519 *r, const sc25519 *x, const sc25519 *y) -{ - crypto_uint32 b = 0; - crypto_uint32 t; - int i; - for(i=0;i<32;i++) - { - t = x->v[i] - y->v[i] - b; - r->v[i] = t & 255; - b = (t >> 8) & 1; - } -} - -void sc25519_mul(sc25519 *r, const sc25519 *x, const sc25519 *y) -{ - int i,j,carry; - crypto_uint32 t[64]; - for(i=0;i<64;i++)t[i] = 0; - - for(i=0;i<32;i++) - for(j=0;j<32;j++) - t[i+j] += x->v[i] * y->v[j]; - - /* Reduce coefficients */ - for(i=0;i<63;i++) - { - carry = t[i] >> 8; - t[i+1] += carry; - t[i] &= 0xff; - } - - barrett_reduce(r, t); -} - -void sc25519_mul_shortsc(sc25519 *r, const sc25519 *x, const shortsc25519 *y) -{ - sc25519 t; - sc25519_from_shortsc(&t, y); - sc25519_mul(r, x, &t); -} - -void sc25519_window3(signed char r[85], const sc25519 *s) -{ - char carry; - int i; - for(i=0;i<10;i++) - { - r[8*i+0] = s->v[3*i+0] & 7; - r[8*i+1] = (s->v[3*i+0] >> 3) & 7; - r[8*i+2] = (s->v[3*i+0] >> 6) & 7; - r[8*i+2] ^= (s->v[3*i+1] << 2) & 7; - r[8*i+3] = (s->v[3*i+1] >> 1) & 7; - r[8*i+4] = (s->v[3*i+1] >> 4) & 7; - r[8*i+5] = (s->v[3*i+1] >> 7) & 7; - r[8*i+5] ^= (s->v[3*i+2] << 1) & 7; - r[8*i+6] = (s->v[3*i+2] >> 2) & 7; - r[8*i+7] = (s->v[3*i+2] >> 5) & 7; - } - r[8*i+0] = s->v[3*i+0] & 7; - r[8*i+1] = (s->v[3*i+0] >> 3) & 7; - r[8*i+2] = (s->v[3*i+0] >> 6) & 7; - r[8*i+2] ^= (s->v[3*i+1] << 2) & 7; - r[8*i+3] = (s->v[3*i+1] >> 1) & 7; - r[8*i+4] = (s->v[3*i+1] >> 4) & 7; - - /* Making it signed */ - carry = 0; - for(i=0;i<84;i++) - { - r[i] += carry; - r[i+1] += r[i] >> 3; - r[i] &= 7; - carry = r[i] >> 2; - r[i] -= carry<<3; - } - r[84] += carry; -} - -void sc25519_window5(signed char r[51], const sc25519 *s) -{ - char carry; - int i; - for(i=0;i<6;i++) - { - r[8*i+0] = s->v[5*i+0] & 31; - r[8*i+1] = (s->v[5*i+0] >> 5) & 31; - r[8*i+1] ^= (s->v[5*i+1] << 3) & 31; - r[8*i+2] = (s->v[5*i+1] >> 2) & 31; - r[8*i+3] = (s->v[5*i+1] >> 7) & 31; - r[8*i+3] ^= (s->v[5*i+2] << 1) & 31; - r[8*i+4] = (s->v[5*i+2] >> 4) & 31; - r[8*i+4] ^= (s->v[5*i+3] << 4) & 31; - r[8*i+5] = (s->v[5*i+3] >> 1) & 31; - r[8*i+6] = (s->v[5*i+3] >> 6) & 31; - r[8*i+6] ^= (s->v[5*i+4] << 2) & 31; - r[8*i+7] = (s->v[5*i+4] >> 3) & 31; - } - r[8*i+0] = s->v[5*i+0] & 31; - r[8*i+1] = (s->v[5*i+0] >> 5) & 31; - r[8*i+1] ^= (s->v[5*i+1] << 3) & 31; - r[8*i+2] = (s->v[5*i+1] >> 2) & 31; - - /* Making it signed */ - carry = 0; - for(i=0;i<50;i++) - { - r[i] += carry; - r[i+1] += r[i] >> 5; - r[i] &= 31; - carry = r[i] >> 4; - r[i] -= carry<<5; - } - r[50] += carry; -} - -void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2) -{ - int i; - for(i=0;i<31;i++) - { - r[4*i] = ( s1->v[i] & 3) ^ (( s2->v[i] & 3) << 2); - r[4*i+1] = ((s1->v[i] >> 2) & 3) ^ (((s2->v[i] >> 2) & 3) << 2); - r[4*i+2] = ((s1->v[i] >> 4) & 3) ^ (((s2->v[i] >> 4) & 3) << 2); - r[4*i+3] = ((s1->v[i] >> 6) & 3) ^ (((s2->v[i] >> 6) & 3) << 2); - } - r[124] = ( s1->v[31] & 3) ^ (( s2->v[31] & 3) << 2); - r[125] = ((s1->v[31] >> 2) & 3) ^ (((s2->v[31] >> 2) & 3) << 2); - r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2); -} diff --git a/Blink/Commands/openssh/ed25519/sc25519.h b/Blink/Commands/openssh/ed25519/sc25519.h deleted file mode 100644 index a2c15d5ff..000000000 --- a/Blink/Commands/openssh/ed25519/sc25519.h +++ /dev/null @@ -1,80 +0,0 @@ -/* $OpenBSD: sc25519.h,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange, - * Peter Schwabe, Bo-Yin Yang. - * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.h - */ - -#ifndef SC25519_H -#define SC25519_H - -#include "crypto_api.h" - -#define sc25519 crypto_sign_ed25519_ref_sc25519 -#define shortsc25519 crypto_sign_ed25519_ref_shortsc25519 -#define sc25519_from32bytes crypto_sign_ed25519_ref_sc25519_from32bytes -#define shortsc25519_from16bytes crypto_sign_ed25519_ref_shortsc25519_from16bytes -#define sc25519_from64bytes crypto_sign_ed25519_ref_sc25519_from64bytes -#define sc25519_from_shortsc crypto_sign_ed25519_ref_sc25519_from_shortsc -#define sc25519_to32bytes crypto_sign_ed25519_ref_sc25519_to32bytes -#define sc25519_iszero_vartime crypto_sign_ed25519_ref_sc25519_iszero_vartime -#define sc25519_isshort_vartime crypto_sign_ed25519_ref_sc25519_isshort_vartime -#define sc25519_lt_vartime crypto_sign_ed25519_ref_sc25519_lt_vartime -#define sc25519_add crypto_sign_ed25519_ref_sc25519_add -#define sc25519_sub_nored crypto_sign_ed25519_ref_sc25519_sub_nored -#define sc25519_mul crypto_sign_ed25519_ref_sc25519_mul -#define sc25519_mul_shortsc crypto_sign_ed25519_ref_sc25519_mul_shortsc -#define sc25519_window3 crypto_sign_ed25519_ref_sc25519_window3 -#define sc25519_window5 crypto_sign_ed25519_ref_sc25519_window5 -#define sc25519_2interleave2 crypto_sign_ed25519_ref_sc25519_2interleave2 - -typedef struct -{ - crypto_uint32 v[32]; -} -sc25519; - -typedef struct -{ - crypto_uint32 v[16]; -} -shortsc25519; - -void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]); - -void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16]); - -void sc25519_from64bytes(sc25519 *r, const unsigned char x[64]); - -void sc25519_from_shortsc(sc25519 *r, const shortsc25519 *x); - -void sc25519_to32bytes(unsigned char r[32], const sc25519 *x); - -int sc25519_iszero_vartime(const sc25519 *x); - -int sc25519_isshort_vartime(const sc25519 *x); - -int sc25519_lt_vartime(const sc25519 *x, const sc25519 *y); - -void sc25519_add(sc25519 *r, const sc25519 *x, const sc25519 *y); - -void sc25519_sub_nored(sc25519 *r, const sc25519 *x, const sc25519 *y); - -void sc25519_mul(sc25519 *r, const sc25519 *x, const sc25519 *y); - -void sc25519_mul_shortsc(sc25519 *r, const sc25519 *x, const shortsc25519 *y); - -/* Convert s into a representation of the form \sum_{i=0}^{84}r[i]2^3 - * with r[i] in {-4,...,3} - */ -void sc25519_window3(signed char r[85], const sc25519 *s); - -/* Convert s into a representation of the form \sum_{i=0}^{50}r[i]2^5 - * with r[i] in {-16,...,15} - */ -void sc25519_window5(signed char r[51], const sc25519 *s); - -void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2); - -#endif diff --git a/Blink/Commands/openssh/match.c b/Blink/Commands/openssh/match.c deleted file mode 100644 index 77b56b66d..000000000 --- a/Blink/Commands/openssh/match.c +++ /dev/null @@ -1,352 +0,0 @@ -/* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * Simple pattern matching, with '*' and '?' as wildcards. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" - -#include - -#include -#include -#include -#include - -//#include "xmalloc.h" -#include "match.h" -//#include "misc.h" - -#include "blink-compat.h" - -/* - * Returns true if the given string matches the pattern (which may contain ? - * and * as wildcards), and zero if it does not match. - */ - -int -match_pattern(const char *s, const char *pattern) -{ - for (;;) { - /* If at end of pattern, accept if also at end of string. */ - if (!*pattern) - return !*s; - - if (*pattern == '*') { - /* Skip the asterisk. */ - pattern++; - - /* If at end of pattern, accept immediately. */ - if (!*pattern) - return 1; - - /* If next character in pattern is known, optimize. */ - if (*pattern != '?' && *pattern != '*') { - /* - * Look instances of the next character in - * pattern, and try to match starting from - * those. - */ - for (; *s; s++) - if (*s == *pattern && - match_pattern(s + 1, pattern + 1)) - return 1; - /* Failed. */ - return 0; - } - /* - * Move ahead one character at a time and try to - * match at each position. - */ - for (; *s; s++) - if (match_pattern(s, pattern)) - return 1; - /* Failed. */ - return 0; - } - /* - * There must be at least one more character in the string. - * If we are at the end, fail. - */ - if (!*s) - return 0; - - /* Check if the next character of the string is acceptable. */ - if (*pattern != '?' && *pattern != *s) - return 0; - - /* Move to the next character, both in string and in pattern. */ - s++; - pattern++; - } - /* NOTREACHED */ -} - -/* - * Tries to match the string against the - * comma-separated sequence of subpatterns (each possibly preceded by ! to - * indicate negation). Returns -1 if negation matches, 1 if there is - * a positive match, 0 if there is no match at all. - */ -int -match_pattern_list(const char *string, const char *pattern, int dolower) -{ - char sub[1024]; - int negated; - int got_positive; - u_int i, subi, len = strlen(pattern); - - got_positive = 0; - for (i = 0; i < len;) { - /* Check if the subpattern is negated. */ - if (pattern[i] == '!') { - negated = 1; - i++; - } else - negated = 0; - - /* - * Extract the subpattern up to a comma or end. Convert the - * subpattern to lowercase. - */ - for (subi = 0; - i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; - subi++, i++) - sub[subi] = dolower && isupper((u_char)pattern[i]) ? - tolower((u_char)pattern[i]) : pattern[i]; - /* If subpattern too long, return failure (no match). */ - if (subi >= sizeof(sub) - 1) - return 0; - - /* If the subpattern was terminated by a comma, then skip it. */ - if (i < len && pattern[i] == ',') - i++; - - /* Null-terminate the subpattern. */ - sub[subi] = '\0'; - - /* Try to match the subpattern against the string. */ - if (match_pattern(string, sub)) { - if (negated) - return -1; /* Negative */ - else - got_positive = 1; /* Positive */ - } - } - - /* - * Return success if got a positive match. If there was a negative - * match, we have already returned -1 and never get here. - */ - return got_positive; -} - -/* - * Tries to match the host name (which must be in all lowercase) against the - * comma-separated sequence of subpatterns (each possibly preceded by ! to - * indicate negation). Returns -1 if negation matches, 1 if there is - * a positive match, 0 if there is no match at all. - */ -int -match_hostname(const char *host, const char *pattern) -{ - char *hostcopy = strdup(host); - int r; - - lowercase(hostcopy); - r = match_pattern_list(hostcopy, pattern, 1); - free(hostcopy); - return r; -} - -/* - * returns 0 if we get a negative match for the hostname or the ip - * or if we get no match at all. returns -1 on error, or 1 on - * successful match. - */ -int -match_host_and_ip(const char *host, const char *ipaddr, - const char *patterns) -{ - int mhost, mip; - - if ((mip = addr_match_list(ipaddr, patterns)) == -2) - return -1; /* error in ipaddr match */ - else if (host == NULL || ipaddr == NULL || mip == -1) - return 0; /* negative ip address match, or testing pattern */ - - /* negative hostname match */ - if ((mhost = match_hostname(host, patterns)) == -1) - return 0; - /* no match at all */ - if (mhost == 0 && mip == 0) - return 0; - return 1; -} - -/* - * Match user, user@host_or_ip, user@host_or_ip_list against pattern. - * If user, host and ipaddr are all NULL then validate pattern/ - * Returns -1 on invalid pattern, 0 on no match, 1 on match. - */ -int -match_user(const char *user, const char *host, const char *ipaddr, - const char *pattern) -{ - char *p, *pat; - int ret; - - /* test mode */ - if (user == NULL && host == NULL && ipaddr == NULL) { - if ((p = strchr(pattern, '@')) != NULL && - match_host_and_ip(NULL, NULL, p + 1) < 0) - return -1; - return 0; - } - - if ((p = strchr(pattern,'@')) == NULL) - return match_pattern(user, pattern); - - pat = strdup(pattern); - p = strchr(pat, '@'); - *p++ = '\0'; - - if ((ret = match_pattern(user, pat)) == 1) - ret = match_host_and_ip(host, ipaddr, p); - free(pat); - - return ret; -} - -/* - * Returns first item from client-list that is also supported by server-list, - * caller must free the returned string. - */ -#define MAX_PROP 40 -#define SEP "," -char * -match_list(const char *client, const char *server, u_int *next) -{ - char *sproposals[MAX_PROP]; - char *c, *s, *p, *ret, *cp, *sp; - int i, j, nproposals; - - c = cp = strdup(client); - s = sp = strdup(server); - - for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; - (p = strsep(&sp, SEP)), i++) { - if (i < MAX_PROP) - sproposals[i] = p; - else - break; - } - nproposals = i; - - for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; - (p = strsep(&cp, SEP)), i++) { - for (j = 0; j < nproposals; j++) { - if (strcmp(p, sproposals[j]) == 0) { - ret = strdup(p); - if (next != NULL) - *next = (cp == NULL) ? - strlen(c) : (u_int)(cp - c); - free(c); - free(s); - return ret; - } - } - } - if (next != NULL) - *next = strlen(c); - free(c); - free(s); - return NULL; -} - -/* - * Filter proposal using pattern-list filter. - * "blacklist" determines sense of filter: - * non-zero indicates that items matching filter should be excluded. - * zero indicates that only items matching filter should be included. - * returns NULL on allocation error, otherwise caller must free result. - */ -static char * -filter_list(const char *proposal, const char *filter, int blacklist) -{ - size_t len = strlen(proposal) + 1; - char *fix_prop = malloc(len); - char *orig_prop = strdup(proposal); - char *cp, *tmp; - int r; - - if (fix_prop == NULL || orig_prop == NULL) { - free(orig_prop); - free(fix_prop); - return NULL; - } - - tmp = orig_prop; - *fix_prop = '\0'; - while ((cp = strsep(&tmp, ",")) != NULL) { - r = match_pattern_list(cp, filter, 0); - if ((blacklist && r != 1) || (!blacklist && r == 1)) { - if (*fix_prop != '\0') - strlcat(fix_prop, ",", len); - strlcat(fix_prop, cp, len); - } - } - free(orig_prop); - return fix_prop; -} - -/* - * Filters a comma-separated list of strings, excluding any entry matching - * the 'filter' pattern list. Caller must free returned string. - */ -char * -match_filter_blacklist(const char *proposal, const char *filter) -{ - return filter_list(proposal, filter, 1); -} - -/* - * Filters a comma-separated list of strings, including only entries matching - * the 'filter' pattern list. Caller must free returned string. - */ -char * -match_filter_whitelist(const char *proposal, const char *filter) -{ - return filter_list(proposal, filter, 0); -} diff --git a/Blink/Commands/openssh/match.h b/Blink/Commands/openssh/match.h deleted file mode 100644 index 852b1a5cb..000000000 --- a/Blink/Commands/openssh/match.h +++ /dev/null @@ -1,29 +0,0 @@ -/* $OpenBSD: match.h,v 1.18 2018/07/04 13:49:31 djm Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ -#ifndef MATCH_H -#define MATCH_H - -int match_pattern(const char *, const char *); -int match_pattern_list(const char *, const char *, int); -int match_hostname(const char *, const char *); -int match_host_and_ip(const char *, const char *, const char *); -int match_user(const char *, const char *, const char *, const char *); -char *match_list(const char *, const char *, u_int *); -char *match_filter_blacklist(const char *, const char *); -char *match_filter_whitelist(const char *, const char *); - -/* addrmatch.c */ -int addr_match_list(const char *, const char *); -int addr_match_cidr_list(const char *, const char *); -#endif diff --git a/Blink/Commands/openssh/openssl-compat.c b/Blink/Commands/openssh/openssl-compat.c deleted file mode 100644 index 2eb8406bf..000000000 --- a/Blink/Commands/openssh/openssl-compat.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2005 Darren Tucker - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER - * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS -//#include "includes.h" - -#ifdef WITH_OPENSSL - -#include -#include - -#ifdef USE_OPENSSL_ENGINE -# include -# include -#endif - -#include "log.h" - -#include "openssl-compat.h" - -/* - * OpenSSL version numbers: MNNFFPPS: major minor fix patch status - * We match major, minor, fix and status (not patch) for <1.0.0. - * After that, we acceptable compatible fix versions (so we - * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed - * within a patch series. - */ - -int -ssh_compatible_openssl(long headerver, long libver) -{ - long mask, hfix, lfix; - - /* exact match is always OK */ - if (headerver == libver) - return 1; - - /* for versions < 1.0.0, major,minor,fix,status must match */ - if (headerver < 0x1000000f) { - mask = 0xfffff00fL; /* major,minor,fix,status */ - return (headerver & mask) == (libver & mask); - } - - /* - * For versions >= 1.0.0, major,minor,status must match and library - * fix version must be equal to or newer than the header. - */ - mask = 0xfff0000fL; /* major,minor,status */ - hfix = (headerver & 0x000ff000) >> 12; - lfix = (libver & 0x000ff000) >> 12; - if ( (headerver & mask) == (libver & mask) && lfix >= hfix) - return 1; - return 0; -} - -#ifdef USE_OPENSSL_ENGINE -void -ssh_OpenSSL_add_all_algorithms(void) -{ - OpenSSL_add_all_algorithms(); - - /* Enable use of crypto hardware */ - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); - OPENSSL_config(NULL); -} -#endif - -#endif /* WITH_OPENSSL */ diff --git a/Blink/Commands/openssh/openssl-compat.h b/Blink/Commands/openssh/openssl-compat.h deleted file mode 100644 index a91a1598d..000000000 --- a/Blink/Commands/openssh/openssl-compat.h +++ /dev/null @@ -1,236 +0,0 @@ -/* - * Copyright (c) 2005 Darren Tucker - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER - * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _OPENSSL_COMPAT_H -#define _OPENSSL_COMPAT_H - -//#include "includes.h" -#ifdef WITH_OPENSSL - -#include -#include -#include -#include -#include -#include - -int ssh_compatible_openssl(long, long); - -#if (OPENSSL_VERSION_NUMBER <= 0x0090805fL) -# error OpenSSL 0.9.8f or greater is required -#endif - -#if OPENSSL_VERSION_NUMBER < 0x10000001L -# define LIBCRYPTO_EVP_INL_TYPE unsigned int -#else -# define LIBCRYPTO_EVP_INL_TYPE size_t -#endif - -#ifndef OPENSSL_RSA_MAX_MODULUS_BITS -# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 -#endif -#ifndef OPENSSL_DSA_MAX_MODULUS_BITS -# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 -#endif - -#ifndef OPENSSL_HAVE_EVPCTR -# define EVP_aes_128_ctr evp_aes_128_ctr -# define EVP_aes_192_ctr evp_aes_128_ctr -# define EVP_aes_256_ctr evp_aes_128_ctr -const EVP_CIPHER *evp_aes_128_ctr(void); -void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t); -#endif - -/* Avoid some #ifdef. Code that uses these is unreachable without GCM */ -#if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED) -# define EVP_CTRL_GCM_SET_IV_FIXED -1 -# define EVP_CTRL_GCM_IV_GEN -1 -# define EVP_CTRL_GCM_SET_TAG -1 -# define EVP_CTRL_GCM_GET_TAG -1 -#endif - -/* Replace missing EVP_CIPHER_CTX_ctrl() with something that returns failure */ -#ifndef HAVE_EVP_CIPHER_CTX_CTRL -# ifdef OPENSSL_HAVE_EVPGCM -# error AES-GCM enabled without EVP_CIPHER_CTX_ctrl /* shouldn't happen */ -# else -# define EVP_CIPHER_CTX_ctrl(a,b,c,d) (0) -# endif -#endif - -#if defined(HAVE_EVP_RIPEMD160) -# if defined(OPENSSL_NO_RIPEMD) || defined(OPENSSL_NO_RMD160) -# undef HAVE_EVP_RIPEMD160 -# endif -#endif - -/* - * We overload some of the OpenSSL crypto functions with ssh_* equivalents - * to automatically handle OpenSSL engine initialisation. - * - * In order for the compat library to call the real functions, it must - * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and - * implement the ssh_* equivalents. - */ -#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS - -# ifdef USE_OPENSSL_ENGINE -# ifdef OpenSSL_add_all_algorithms -# undef OpenSSL_add_all_algorithms -# endif -# define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms() -# endif - -void ssh_OpenSSL_add_all_algorithms(void); - -#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ - -/* LibreSSL/OpenSSL 1.1x API compat */ -#ifndef HAVE_DSA_GET0_PQG -void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -#endif /* HAVE_DSA_GET0_PQG */ - -#ifndef HAVE_DSA_SET0_PQG -int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -#endif /* HAVE_DSA_SET0_PQG */ - -#ifndef HAVE_DSA_GET0_KEY -void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, - const BIGNUM **priv_key); -#endif /* HAVE_DSA_GET0_KEY */ - -#ifndef HAVE_DSA_SET0_KEY -int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -#endif /* HAVE_DSA_SET0_KEY */ - -#ifndef HAVE_EVP_CIPHER_CTX_GET_IV -int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, - unsigned char *iv, size_t len); -#endif /* HAVE_EVP_CIPHER_CTX_GET_IV */ - -#ifndef HAVE_EVP_CIPHER_CTX_SET_IV -int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, - const unsigned char *iv, size_t len); -#endif /* HAVE_EVP_CIPHER_CTX_SET_IV */ - -#ifndef HAVE_RSA_GET0_KEY -void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, - const BIGNUM **d); -#endif /* HAVE_RSA_GET0_KEY */ - -#ifndef HAVE_RSA_SET0_KEY -int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -#endif /* HAVE_RSA_SET0_KEY */ - -#ifndef HAVE_RSA_GET0_CRT_PARAMS -void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, - const BIGNUM **iqmp); -#endif /* HAVE_RSA_GET0_CRT_PARAMS */ - -#ifndef HAVE_RSA_SET0_CRT_PARAMS -int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -#endif /* HAVE_RSA_SET0_CRT_PARAMS */ - -#ifndef HAVE_RSA_GET0_FACTORS -void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -#endif /* HAVE_RSA_GET0_FACTORS */ - -#ifndef HAVE_RSA_SET0_FACTORS -int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -#endif /* HAVE_RSA_SET0_FACTORS */ - -#ifndef DSA_SIG_GET0 -void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -#endif /* DSA_SIG_GET0 */ - -#ifndef DSA_SIG_SET0 -int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); -#endif /* DSA_SIG_SET0 */ - -#ifndef HAVE_ECDSA_SIG_GET0 -void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -#endif /* HAVE_ECDSA_SIG_GET0 */ - -#ifndef HAVE_ECDSA_SIG_SET0 -int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); -#endif /* HAVE_ECDSA_SIG_SET0 */ - -#ifndef HAVE_DH_GET0_PQG -void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -#endif /* HAVE_DH_GET0_PQG */ - -#ifndef HAVE_DH_SET0_PQG -int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -#endif /* HAVE_DH_SET0_PQG */ - -#ifndef HAVE_DH_GET0_KEY -void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -#endif /* HAVE_DH_GET0_KEY */ - -#ifndef HAVE_DH_SET0_KEY -int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); -#endif /* HAVE_DH_SET0_KEY */ - -#ifndef HAVE_DH_SET_LENGTH -int DH_set_length(DH *dh, long length); -#endif /* HAVE_DH_SET_LENGTH */ - -#ifndef HAVE_RSA_METH_FREE -void RSA_meth_free(RSA_METHOD *meth); -#endif /* HAVE_RSA_METH_FREE */ - -#ifndef HAVE_RSA_METH_DUP -RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); -#endif /* HAVE_RSA_METH_DUP */ - -#ifndef HAVE_RSA_METH_SET1_NAME -int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); -#endif /* HAVE_RSA_METH_SET1_NAME */ - -#ifndef HAVE_RSA_METH_GET_FINISH -int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa); -#endif /* HAVE_RSA_METH_GET_FINISH */ - -#ifndef HAVE_RSA_METH_SET_PRIV_ENC -int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -#endif /* HAVE_RSA_METH_SET_PRIV_ENC */ - -#ifndef HAVE_RSA_METH_SET_PRIV_DEC -int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -#endif /* HAVE_RSA_METH_SET_PRIV_DEC */ - -#ifndef HAVE_RSA_METH_SET_FINISH -int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)); -#endif /* HAVE_RSA_METH_SET_FINISH */ - -#ifndef HAVE_EVP_PKEY_GET0_RSA -RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -#endif /* HAVE_EVP_PKEY_GET0_RSA */ - -#ifndef HAVE_EVP_MD_CTX_new -EVP_MD_CTX *EVP_MD_CTX_new(void); -#endif /* HAVE_EVP_MD_CTX_new */ - -#ifndef HAVE_EVP_MD_CTX_free -void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -#endif /* HAVE_EVP_MD_CTX_free */ - -#endif /* WITH_OPENSSL */ -#endif /* _OPENSSL_COMPAT_H */ diff --git a/Blink/Commands/openssh/pathnames.h b/Blink/Commands/openssh/pathnames.h deleted file mode 100644 index 6c3045b03..000000000 --- a/Blink/Commands/openssh/pathnames.h +++ /dev/null @@ -1,172 +0,0 @@ -/* $OpenBSD: pathnames.h,v 1.28 2018/02/23 15:58:37 markus Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#define ETCDIR "/etc" - -#ifndef SSHDIR -#define SSHDIR ETCDIR "/ssh" -#endif - -#ifndef _PATH_SSH_PIDDIR -#define _PATH_SSH_PIDDIR "/var/run" -#endif - -/* - * System-wide file containing host keys of known hosts. This file should be - * world-readable. - */ -#define _PATH_SSH_SYSTEM_HOSTFILE SSHDIR "/ssh_known_hosts" -/* backward compat for protocol 2 */ -#define _PATH_SSH_SYSTEM_HOSTFILE2 SSHDIR "/ssh_known_hosts2" - -/* - * Of these, ssh_host_key must be readable only by root, whereas ssh_config - * should be world-readable. - */ -#define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" -#define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" -#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" -#define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" -#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" -#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" -#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" -#define _PATH_DH_MODULI SSHDIR "/moduli" - -#ifndef _PATH_SSH_PROGRAM -#define _PATH_SSH_PROGRAM "/usr/bin/ssh" -#endif - -/* - * The process id of the daemon listening for connections is saved here to - * make it easier to kill the correct daemon when necessary. - */ -#define _PATH_SSH_DAEMON_PID_FILE _PATH_SSH_PIDDIR "/sshd.pid" - -/* - * The directory in user's home directory in which the files reside. The - * directory should be world-readable (though not all files are). - */ -#define _PATH_SSH_USER_DIR ".ssh" - -/* - * Per-user file containing host keys of known hosts. This file need not be - * readable by anyone except the user him/herself, though this does not - * contain anything particularly secret. - */ -#define _PATH_SSH_USER_HOSTFILE "~/" _PATH_SSH_USER_DIR "/known_hosts" -/* backward compat for protocol 2 */ -#define _PATH_SSH_USER_HOSTFILE2 "~/" _PATH_SSH_USER_DIR "/known_hosts2" - -/* - * Name of the default file containing client-side authentication key. This - * file should only be readable by the user him/herself. - */ -#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa" -#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" -#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" -#define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519" -#define _PATH_SSH_CLIENT_ID_XMSS _PATH_SSH_USER_DIR "/id_xmss" - -/* - * Configuration file in user's home directory. This file need not be - * readable by anyone but the user him/herself, but does not contain anything - * particularly secret. If the user's home directory resides on an NFS - * volume where root is mapped to nobody, this may need to be world-readable. - */ -#define _PATH_SSH_USER_CONFFILE _PATH_SSH_USER_DIR "/config" - -/* - * File containing a list of those rsa keys that permit logging in as this - * user. This file need not be readable by anyone but the user him/herself, - * but does not contain anything particularly secret. If the user's home - * directory resides on an NFS volume where root is mapped to nobody, this - * may need to be world-readable. (This file is read by the daemon which is - * running as root.) - */ -#define _PATH_SSH_USER_PERMITTED_KEYS _PATH_SSH_USER_DIR "/authorized_keys" - -/* backward compat for protocol v2 */ -#define _PATH_SSH_USER_PERMITTED_KEYS2 _PATH_SSH_USER_DIR "/authorized_keys2" - -/* - * Per-user and system-wide ssh "rc" files. These files are executed with - * /bin/sh before starting the shell or command if they exist. They will be - * passed "proto cookie" as arguments if X11 forwarding with spoofing is in - * use. xauth will be run if neither of these exists. - */ -#define _PATH_SSH_USER_RC _PATH_SSH_USER_DIR "/rc" -#define _PATH_SSH_SYSTEM_RC SSHDIR "/sshrc" - -/* - * Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use - * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled. - */ -#define _PATH_SSH_HOSTS_EQUIV SSHDIR "/shosts.equiv" -#define _PATH_RHOSTS_EQUIV "/etc/hosts.equiv" - -/* - * Default location of askpass - */ -#ifndef _PATH_SSH_ASKPASS_DEFAULT -#define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" -#endif - -/* Location of ssh-keysign for hostbased authentication */ -#ifndef _PATH_SSH_KEY_SIGN -#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" -#endif - -/* Location of ssh-pkcs11-helper to support keys in tokens */ -#ifndef _PATH_SSH_PKCS11_HELPER -#define _PATH_SSH_PKCS11_HELPER "/usr/libexec/ssh-pkcs11-helper" -#endif - -/* xauth for X11 forwarding */ -#ifndef _PATH_XAUTH -#define _PATH_XAUTH "/usr/X11R6/bin/xauth" -#endif - -/* UNIX domain socket for X11 server; displaynum will replace %u */ -#ifndef _PATH_UNIX_X -#define _PATH_UNIX_X "/tmp/.X11-unix/X%u" -#endif - -/* for scp */ -#ifndef _PATH_CP -#define _PATH_CP "cp" -#endif - -/* for sftp */ -#ifndef _PATH_SFTP_SERVER -#define _PATH_SFTP_SERVER "/usr/libexec/sftp-server" -#endif - -/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */ -#ifndef _PATH_PRIVSEP_CHROOT_DIR -#define _PATH_PRIVSEP_CHROOT_DIR "/var/empty" -#endif - -/* for passwd change */ -#ifndef _PATH_PASSWD_PROG -#define _PATH_PASSWD_PROG "/usr/bin/passwd" -#endif - -#ifndef _PATH_LS -#define _PATH_LS "ls" -#endif - -/* Askpass program define */ -#ifndef ASKPASS_PROGRAM -#define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass" -#endif /* ASKPASS_PROGRAM */ diff --git a/Blink/Commands/openssh/rsa.c b/Blink/Commands/openssh/rsa.c deleted file mode 100644 index ebe11fd64..000000000 --- a/Blink/Commands/openssh/rsa.c +++ /dev/null @@ -1,190 +0,0 @@ -/* $OpenBSD: rsa.c,v 1.32 2014/06/24 01:13:21 djm Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * - * Copyright (c) 1999 Niels Provos. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * - * Description of the RSA algorithm can be found e.g. from the following - * sources: - * - * Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. - * - * Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to - * Computer Security. Prentice-Hall, 1989. - * - * Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, - * 1994. - * - * R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications - * System and Method. US Patent 4,405,829, 1983. - * - * Hans Riesel: Prime Numbers and Computer Methods for Factorization. - * Birkhauser, 1994. - * - * The RSA Frequently Asked Questions document by RSA Data Security, - * Inc., 1995. - * - * RSA in 3 lines of perl by Adam Back , 1995, as - * included below: - * - * [gone - had to be deleted - what a pity] - */ - -#include - -#include -#include - -#include "rsa.h" -/*#include "log.h"*/ -#include "ssherr.h" - -int -rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) -{ - u_char *inbuf = NULL, *outbuf = NULL; - int len, ilen, olen, r = SSH_ERR_INTERNAL_ERROR; - - if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) - return SSH_ERR_INVALID_ARGUMENT; - - olen = BN_num_bytes(key->n); - if ((outbuf = malloc(olen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - ilen = BN_num_bytes(in); - if ((inbuf = malloc(ilen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - BN_bn2bin(in, inbuf); - - if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, - RSA_PKCS1_PADDING)) <= 0) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - if (BN_bin2bn(outbuf, len, out) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - r = 0; - - out: - if (outbuf != NULL) { - memset_s(outbuf, olen, 0x0, olen); - //explicit_bzero(outbuf, olen); - free(outbuf); - } - if (inbuf != NULL) { - memset_s(inbuf, ilen, 0x0, ilen); -// explicit_bzero(inbuf, ilen); - free(inbuf); - } - return r; -} - -int -rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) -{ - u_char *inbuf = NULL, *outbuf = NULL; - int len, ilen, olen, r = SSH_ERR_INTERNAL_ERROR; - - olen = BN_num_bytes(key->n); - if ((outbuf = malloc(olen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - ilen = BN_num_bytes(in); - if ((inbuf = malloc(ilen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - BN_bn2bin(in, inbuf); - - if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, - RSA_PKCS1_PADDING)) <= 0) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } else if (BN_bin2bn(outbuf, len, out) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - r = 0; - out: - if (outbuf != NULL) { - memset_s(outbuf, olen, 0x0, olen); -// explicit_bzero(outbuf, olen); - free(outbuf); - } - if (inbuf != NULL) { - memset_s(inbuf, ilen, 0x0, ilen); -// explicit_bzero(inbuf, ilen); - free(inbuf); - } - return r; -} - -/* calculate p-1 and q-1 */ -int -rsa_generate_additional_parameters(RSA *rsa) -{ - BIGNUM *aux = NULL; - BN_CTX *ctx = NULL; - int r; - - if ((ctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((aux = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) || - (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) || - (BN_sub(aux, rsa->p, BN_value_one()) == 0) || - (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - r = 0; - out: - BN_clear_free(aux); - BN_CTX_free(ctx); - return r; -} - diff --git a/Blink/Commands/openssh/rsa.h b/Blink/Commands/openssh/rsa.h deleted file mode 100644 index c476707d5..000000000 --- a/Blink/Commands/openssh/rsa.h +++ /dev/null @@ -1,26 +0,0 @@ -/* $OpenBSD: rsa.h,v 1.17 2014/06/24 01:13:21 djm Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * RSA key generation, encryption and decryption. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#ifndef RSA_H -#define RSA_H - -#include -#include - -int rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); -int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); -int rsa_generate_additional_parameters(RSA *); - -#endif /* RSA_H */ diff --git a/Blink/Commands/openssh/ssh-add.m b/Blink/Commands/openssh/ssh-add.m deleted file mode 100644 index 5914597df..000000000 --- a/Blink/Commands/openssh/ssh-add.m +++ /dev/null @@ -1,701 +0,0 @@ -/* $OpenBSD: ssh-add.c,v 1.135 2018/02/23 15:58:37 markus Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * Adds an identity to the authentication server, or removes an identity. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * SSH2 implementation, - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#define WITH_OPENSSL -#define OPENSSL_HAS_ECC - -#include "ssh2.h" - -#import "BKPubKey.h" - -#include -#include - -#include -#include "openssl-compat.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -//#include "xmalloc.h" -//#include "ssh.h" -//#include "log.h" -#include "sshkey.h" -#include "sshbuf.h" -#include "authfd.h" -#include "authfile.h" -#include "pathnames.h" -//#include "misc.h" -#include "ssherr.h" -#include "digest.h" - -#include "ios_system/ios_system.h" -#include "ios_error.h" -#include "blink-compat.h" - -/* argv0 */ -__thread char *__ssh_add_progname; - -/* Default files to add */ -static char *default_files[] = { -#ifdef WITH_OPENSSL - _PATH_SSH_CLIENT_ID_RSA, - _PATH_SSH_CLIENT_ID_DSA, -#ifdef OPENSSL_HAS_ECC - _PATH_SSH_CLIENT_ID_ECDSA, -#endif -#endif /* WITH_OPENSSL */ - _PATH_SSH_CLIENT_ID_ED25519, - _PATH_SSH_CLIENT_ID_XMSS, - NULL -}; - -__thread static int fingerprint_hash = SSH_FP_HASH_DEFAULT; - -/* Default lifetime (0 == forever) */ -__thread static int lifetime = 0; - -/* User has to confirm key use */ -__thread static int confirm = 0; - -/* Maximum number of signatures (XMSS) */ -__thread static u_int maxsign = 0; -__thread static u_int minleft = 0; - -/* we keep a cache of one passphrase */ -__thread static char *pass = NULL; -static void -clear_pass(void) -{ - if (pass) { - explicit_bzero(pass, strlen(pass)); - free(pass); - pass = NULL; - } -} - -static int -delete_file(int agent_fd, const char *filename, int key_only, int qflag) -{ - struct sshkey *public, *cert = NULL; - char *certpath = NULL, *comment = NULL; - int r, ret = -1; - - if ((r = sshkey_load_public(filename, &public, &comment)) != 0) { - printf("Bad key file %s: %s\n", filename, ssh_err(r)); - return -1; - } - if ((r = ssh_remove_identity(agent_fd, public)) == 0) { - if (!qflag) { - fprintf(stderr, "Identity removed: %s (%s)\n", - filename, comment); - } - ret = 0; - } else - fprintf(stderr, "Could not remove identity \"%s\": %s\n", - filename, ssh_err(r)); - - if (key_only) - goto out; - - /* Now try to delete the corresponding certificate too */ - free(comment); - comment = NULL; - asprintf(&certpath, "%s-cert.pub", filename); - if ((r = sshkey_load_public(certpath, &cert, &comment)) != 0) { - if (r != SSH_ERR_SYSTEM_ERROR || errno != ENOENT) - error("Failed to load certificate \"%s\": %s", - certpath, ssh_err(r)); - goto out; - } - - if (!sshkey_equal_public(cert, public)) - fatal("Certificate %s does not match private key %s", - certpath, filename); - - if ((r = ssh_remove_identity(agent_fd, cert)) == 0) { - if (!qflag) { - fprintf(stderr, "Identity removed: %s (%s)\n", - certpath, comment); - } - ret = 0; - } else - fprintf(stderr, "Could not remove identity \"%s\": %s\n", - certpath, ssh_err(r)); - - out: - sshkey_free(cert); - sshkey_free(public); - free(certpath); - free(comment); - - return ret; -} - -/* Send a request to remove all identities. */ -static int -delete_all(int agent_fd) -{ - int ret = -1; - - /* - * Since the agent might be forwarded, old or non-OpenSSH, when asked - * to remove all keys, attempt to remove both protocol v.1 and v.2 - * keys. - */ - if (ssh_remove_all_identities(agent_fd, 2) == 0) - ret = 0; - /* ignore error-code for ssh1 */ - ssh_remove_all_identities(agent_fd, 1); - - if (ret == 0) - fprintf(stderr, "All identities removed.\n"); - else - fprintf(stderr, "Failed to remove all identities.\n"); - - return ret; -} - -static int -add_file(int agent_fd, const char *filename, int key_only, int qflag) -{ - struct sshkey *private, *cert; - char *comment = NULL; - char msg[1024], *certpath = NULL; - int r, fd, ret = -1; - size_t i; - u_int32_t left; - struct sshbuf *keyblob; - struct ssh_identitylist *idlist; - - BKPubKey * pk = [BKPubKey withID:@(filename)]; - if (pk) { - fd = -1; - } else if (strcmp(filename, "-") == 0) { - fd = STDIN_FILENO; - filename = "(stdin)"; - } else if ((fd = open(filename, O_RDONLY)) < 0) { - // perror(filename); - fprintf(stderr, "%s: %s\n", - filename, sys_errlist[errno]); - return -1; - } - - /* - * Since we'll try to load a keyfile multiple times, permission errors - * will occur multiple times, so check perms first and bail if wrong. - */ - if (fd != STDIN_FILENO && pk == nil) { - if (sshkey_perm_ok(fd, filename) != 0) { - close(fd); - return -1; - } - } - if ((keyblob = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - - if (pk) { - NSString *k = pk.privateKey; - sshbuf_put(keyblob, k.UTF8String, [k lengthOfBytesUsingEncoding:NSUTF8StringEncoding]); - } else if ((r = sshkey_load_file(fd, keyblob)) != 0) { - fprintf(stderr, "Error loading key \"%s\": %s\n", - filename, ssh_err(r)); - sshbuf_free(keyblob); - close(fd); - return -1; - } - close(fd); - - /* At first, try empty passphrase */ - if ((r = sshkey_parse_private_fileblob(keyblob, "", &private, - &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { - fprintf(stderr, "Error loading key \"%s\": %s\n", - filename, ssh_err(r)); - goto fail_load; - } - /* try last */ - if (private == NULL && pass != NULL) { - if ((r = sshkey_parse_private_fileblob(keyblob, pass, &private, - &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { - fprintf(stderr, "Error loading key \"%s\": %s\n", - filename, ssh_err(r)); - goto fail_load; - } - } - if (private == NULL) { - /* clear passphrase since it did not work */ - clear_pass(); - snprintf(msg, sizeof msg, "Enter passphrase for %s%s: ", - filename, confirm ? " (will confirm each use)" : ""); - for (;;) { - pass = read_passphrase(msg, RP_ALLOW_STDIN); - if (strcmp(pass, "") == 0) - goto fail_load; - if ((r = sshkey_parse_private_fileblob(keyblob, pass, - &private, &comment)) == 0) - break; - else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { - fprintf(stderr, - "Error loading key \"%s\": %s\n", - filename, ssh_err(r)); - fail_load: - clear_pass(); - sshbuf_free(keyblob); - return -1; - } - clear_pass(); - snprintf(msg, sizeof msg, - "Bad passphrase, try again for %s%s: ", filename, - confirm ? " (will confirm each use)" : ""); - } - } - if (comment == NULL || *comment == '\0') - comment = strdup(filename); - sshbuf_free(keyblob); - - /* For XMSS */ - if ((r = sshkey_set_filename(private, filename)) != 0) { - fprintf(stderr, "Could not add filename to private key: %s (%s)\n", - filename, comment); - goto out; - } - if (maxsign && minleft && - (r = ssh_fetch_identitylist(agent_fd, &idlist)) == 0) { - for (i = 0; i < idlist->nkeys; i++) { - if (!sshkey_equal_public(idlist->keys[i], private)) - continue; - left = sshkey_signatures_left(idlist->keys[i]); - if (left < minleft) { - fprintf(stderr, - "Only %d signatures left.\n", left); - break; - } - fprintf(stderr, "Skipping update: "); - if (left == minleft) { - fprintf(stderr, - "required signatures left (%d).\n", left); - } else { - fprintf(stderr, - "more signatures left (%d) than" - " required (%d).\n", left, minleft); - } - ssh_free_identitylist(idlist); - goto out; - } - ssh_free_identitylist(idlist); - } - - if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, maxsign)) == 0) { - fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); - ret = 0; - if (lifetime != 0) - fprintf(stderr, - "Lifetime set to %d seconds\n", lifetime); - if (confirm != 0) - fprintf(stderr, - "The user must confirm each use of the key\n"); - } else { - fprintf(stderr, "Could not add identity \"%s\": %s\n", - filename, ssh_err(r)); - } - - /* Skip trying to load the cert if requested */ - if (key_only) - goto out; - - /* Now try to add the certificate flavour too */ - asprintf(&certpath, "%s-cert.pub", filename); - if ((r = sshkey_load_public(certpath, &cert, NULL)) != 0) { - if (r != SSH_ERR_SYSTEM_ERROR || errno != ENOENT) - error("Failed to load certificate \"%s\": %s", - certpath, ssh_err(r)); - goto out; - } - - if (!sshkey_equal_public(cert, private)) { - error("Certificate %s does not match private key %s", - certpath, filename); - sshkey_free(cert); - goto out; - } - - /* Graft with private bits */ - if ((r = sshkey_to_certified(private)) != 0) { - error("%s: sshkey_to_certified: %s", __func__, ssh_err(r)); - sshkey_free(cert); - goto out; - } - if ((r = sshkey_cert_copy(cert, private)) != 0) { - error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r)); - sshkey_free(cert); - goto out; - } - sshkey_free(cert); - - if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm, maxsign)) != 0) { - error("Certificate %s (%s) add failed: %s", certpath, - private->cert->key_id, ssh_err(r)); - goto out; - } - fprintf(stderr, "Certificate added: %s (%s)\n", certpath, - private->cert->key_id); - if (lifetime != 0) - fprintf(stderr, "Lifetime set to %d seconds\n", lifetime); - if (confirm != 0) - fprintf(stderr, "The user must confirm each use of the key\n"); - out: - free(certpath); - free(comment); - sshkey_free(private); - - return ret; -} - -static int -update_card(int agent_fd, int add, const char *id) -{ - char *pin = NULL; - int r, ret = -1; - - if (add) { - if ((pin = read_passphrase("Enter passphrase for PKCS#11: ", - RP_ALLOW_STDIN)) == NULL) - return -1; - } - - if ((r = ssh_update_card(agent_fd, add, id, pin == NULL ? "" : pin, - lifetime, confirm)) == 0) { - fprintf(stderr, "Card %s: %s\n", - add ? "added" : "removed", id); - ret = 0; - } else { - fprintf(stderr, "Could not %s card \"%s\": %s\n", - add ? "add" : "remove", id, ssh_err(r)); - ret = -1; - } - free(pin); - return ret; -} - -static int -list_identities(int agent_fd, int do_fp) -{ - char *fp; - int r; - struct ssh_identitylist *idlist; - u_int32_t left; - size_t i; - - if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { - if (r != SSH_ERR_AGENT_NO_IDENTITIES) - fprintf(stderr, "error fetching identities: %s\n", - ssh_err(r)); - else - printf("The agent has no identities.\n"); - return -1; - } - for (i = 0; i < idlist->nkeys; i++) { - if (do_fp) { - fp = sshkey_fingerprint(idlist->keys[i], - fingerprint_hash, SSH_FP_DEFAULT); - printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]), - fp == NULL ? "(null)" : fp, idlist->comments[i], - sshkey_type(idlist->keys[i])); - free(fp); - } else { - if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) { - fprintf(stderr, "sshkey_write: %s\n", - ssh_err(r)); - continue; - } - fprintf(stdout, " %s", idlist->comments[i]); - left = sshkey_signatures_left(idlist->keys[i]); - if (left > 0) - fprintf(stdout, - " [signatures left %d]", left); - fprintf(stdout, "\n"); - } - } - ssh_free_identitylist(idlist); - return 0; -} - -static int -lock_agent(int agent_fd, int lock) -{ - char prompt[100], *p1, *p2; - int r, passok = 1, ret = -1; - - strlcpy(prompt, "Enter lock password: ", sizeof(prompt)); - p1 = read_passphrase(prompt, RP_ALLOW_STDIN); - if (lock) { - strlcpy(prompt, "Again: ", sizeof prompt); - p2 = read_passphrase(prompt, RP_ALLOW_STDIN); - if (strcmp(p1, p2) != 0) { - fprintf(stderr, "Passwords do not match.\n"); - passok = 0; - } - explicit_bzero(p2, strlen(p2)); - free(p2); - } - if (passok) { - if ((r = ssh_lock_agent(agent_fd, lock, p1)) == 0) { - fprintf(stderr, "Agent %slocked.\n", lock ? "" : "un"); - ret = 0; - } else { - fprintf(stderr, "Failed to %slock agent: %s\n", - lock ? "" : "un", ssh_err(r)); - } - } - explicit_bzero(p1, strlen(p1)); - free(p1); - return (ret); -} - -static int -do_file(int agent_fd, int deleting, int key_only, char *file, int qflag) -{ - if (deleting) { - if (delete_file(agent_fd, file, key_only, qflag) == -1) - return -1; - } else { - if (add_file(agent_fd, file, key_only, qflag) == -1) - return -1; - } - return 0; -} - -static void -usage(void) -{ - fprintf(stderr, "usage: %s [options] [file ...]\n", __ssh_add_progname); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -l List fingerprints of all identities.\n"); - fprintf(stderr, " -E hash Specify hash algorithm used for fingerprints.\n"); - fprintf(stderr, " -L List public key parameters of all identities.\n"); - fprintf(stderr, " -k Load only keys and not certificates.\n"); - fprintf(stderr, " -c Require confirmation to sign using identities\n"); - fprintf(stderr, " -m minleft Maxsign is only changed if less than minleft are left (for XMSS)\n"); - fprintf(stderr, " -M maxsign Maximum number of signatures allowed (for XMSS)\n"); - fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); - fprintf(stderr, " -d Delete identity.\n"); - fprintf(stderr, " -D Delete all identities.\n"); - fprintf(stderr, " -x Lock agent.\n"); - fprintf(stderr, " -X Unlock agent.\n"); - fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); - fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); - fprintf(stderr, " -q Be quiet after a successful operation.\n"); -} - -int -ssh_add_main(int argc, char **argv) -{ - extern char *optarg; - extern int optind; - int agent_fd; - char *pkcs11provider = NULL; - int r, i, ch, deleting = 0, ret = 0, key_only = 0; - int xflag = 0, lflag = 0, Dflag = 0, qflag = 0; - -// ssh_malloc_init(); /* must be called before any mallocs */ - /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ -// sanitise_stdfd(); - - __ssh_add_progname = "ssh-add";//ssh_get_progname(argv[0]); -// seed_rng(); - -#ifdef WITH_OPENSSL - OpenSSL_add_all_algorithms(); -#endif - - setvbuf(stdout, NULL, _IOLBF, 0); - - /* First, get a connection to the authentication agent. */ - switch (r = ssh_get_authentication_socket(&agent_fd)) { - case 0: - break; - case SSH_ERR_AGENT_NOT_PRESENT: - fprintf(stderr, "Could not open a connection to your " - "authentication agent.\n"); - exit(2); - default: - fprintf(stderr, "Error connecting to agent: %s\n", ssh_err(r)); - exit(2); - } - - while ((ch = getopt(argc, argv, "klLcdDxXE:e:M:m:qs:t:")) != -1) { - switch (ch) { - case 'E': - fingerprint_hash = ssh_digest_alg_by_name(optarg); - if (fingerprint_hash == -1) - fatal("Invalid hash algorithm \"%s\"", optarg); - break; - case 'k': - key_only = 1; - break; - case 'l': - case 'L': - if (lflag != 0) - fatal("-%c flag already specified", lflag); - lflag = ch; - break; - case 'x': - case 'X': - if (xflag != 0) - fatal("-%c flag already specified", xflag); - xflag = ch; - break; - case 'c': - confirm = 1; - break; - case 'm': - minleft = [@(optarg) intValue];//(int)strtonum(optarg, 1, UINT_MAX, NULL); - if (minleft == 0) { - usage(); - ret = 1; - goto done; - } - break; - case 'M': - maxsign = [@(optarg) intValue];//(int)strtonum(optarg, 1, UINT_MAX, NULL); - if (maxsign == 0) { - usage(); - ret = 1; - goto done; - } - break; - case 'd': - deleting = 1; - break; - case 'D': - Dflag = 1; - break; - case 's': - pkcs11provider = optarg; - break; - case 'e': - deleting = 1; - pkcs11provider = optarg; - break; - case 't': - if ((lifetime = convtime(optarg)) == -1) { - fprintf(stderr, "Invalid lifetime\n"); - ret = 1; - goto done; - } - break; - case 'q': - qflag = 1; - break; - default: - usage(); - ret = 1; - goto done; - } - } - - if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) - fatal("Invalid combination of actions"); - else if (xflag) { - if (lock_agent(agent_fd, xflag == 'x' ? 1 : 0) == -1) - ret = 1; - goto done; - } else if (lflag) { - if (list_identities(agent_fd, lflag == 'l' ? 1 : 0) == -1) - ret = 1; - goto done; - } else if (Dflag) { - if (delete_all(agent_fd) == -1) - ret = 1; - goto done; - } - - argc -= optind; - argv += optind; - if (pkcs11provider != NULL) { - if (update_card(agent_fd, !deleting, pkcs11provider) == -1) - ret = 1; - goto done; - } - if (argc == 0) { - char buf[PATH_MAX]; - struct passwd *pw; - struct stat st; - int count = 0; - - if ((pw = getpwuid(getuid())) == NULL) { - fprintf(stderr, "No user found with uid %u\n", - (u_int)getuid()); - ret = 1; - goto done; - } - - for (i = 0; default_files[i]; i++) { - snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, - default_files[i]); - if (stat(buf, &st) < 0) - continue; - if (do_file(agent_fd, deleting, key_only, buf, - qflag) == -1) - ret = 1; - else - count++; - } - if (count == 0) - ret = 1; - } else { - for (i = 0; i < argc; i++) { - if (do_file(agent_fd, deleting, key_only, - argv[i], qflag) == -1) - ret = 1; - } - } - clear_pass(); - -done: - ssh_close_authentication_socket(agent_fd); - return ret; -} diff --git a/Blink/Commands/openssh/ssh-agent.m b/Blink/Commands/openssh/ssh-agent.m deleted file mode 100644 index 20054686e..000000000 --- a/Blink/Commands/openssh/ssh-agent.m +++ /dev/null @@ -1,1480 +0,0 @@ -/* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */ -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * The authentication agent program. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - * - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" - -#include -#include -#include -#include -#include -#include -#include -#include -//#include "openbsd-compat/sys-queue.h" -#include - -#define WITH_OPENSSL -#ifdef WITH_OPENSSL -#include -#include "openssl-compat.h" -#endif - -#include -#include -#include -#ifdef HAVE_PATHS_H -# include -#endif -#ifdef HAVE_POLL_H -# include -#endif -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_UTIL_H -# include -#endif - -//#include -//#include "xmalloc.h" -#include "ssh2.h" -#include "sshbuf.h" -#include "sshkey.h" -#include "authfd.h" -#include "blf.h" -//#include "compat.h" -//#include "log.h" -//#include "misc.h" -#include "digest.h" -#include "ssherr.h" -//#include "match.h" - -#include "ios_system/ios_system.h" - -#include "blink-compat.h" - -#ifdef ENABLE_PKCS11 -#include "ssh-pkcs11.h" -#endif - -#ifndef DEFAULT_PKCS11_WHITELIST -# define DEFAULT_PKCS11_WHITELIST "/usr/lib*/*,/usr/local/lib*/*" -#endif - -/* Maximum accepted message length */ -#define AGENT_MAX_LEN (256*1024) - - -#ifndef _PATH_DEVNULL -# define _PATH_DEVNULL "/dev/null" -#endif - -/* Make a template filename for mk[sd]temp() */ -static void -mktemp_proto(char *s, size_t len) -{ - const char *tmpdir; - int r; - - if ((tmpdir = getenv("TMPDIR")) != NULL) { -// r = snprintf(s, len, "%s/ssh-XXXXXXXXXXXX", tmpdir); - NSLog(@"%@", [@(tmpdir) stringByStandardizingPath]); - r = snprintf(s, len, "%s/sXXXXXXXXX", [@(tmpdir) stringByStandardizingPath].UTF8String); - if (r > 0 && (size_t)r < len) - return; - } - r = snprintf(s, len, "/tmp/ssh-XXXXXXXXXXXX"); - if (r < 0 || (size_t)r >= len) - fatal("%s: template string too short", __func__); -} - - - -static int -unix_listener(const char *path, int backlog, int unlink_first) -{ - struct sockaddr_un sunaddr; - int saved_errno, sock; - - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - if (strlcpy(sunaddr.sun_path, path, - sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) { - NSLog(@"max size %@", @(sizeof(sunaddr.sun_path))); - error("%s: path \"%s\" too long for Unix domain socket", - __func__, path); - errno = ENAMETOOLONG; - return -1; - } - - sock = socket(PF_UNIX, SOCK_STREAM, 0); - if (sock < 0) { - saved_errno = errno; - error("%s: socket: %.100s", __func__, strerror(errno)); - errno = saved_errno; - return -1; - } - if (unlink_first == 1) { - if (unlink(path) != 0 && errno != ENOENT) - error("unlink(%s): %.100s", path, strerror(errno)); - } - if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { - saved_errno = errno; - error("%s: cannot bind to path %s: %s", - __func__, path, strerror(errno)); - close(sock); - errno = saved_errno; - return -1; - } - if (listen(sock, backlog) < 0) { - saved_errno = errno; - error("%s: cannot listen on path %s: %s", - __func__, path, strerror(errno)); - close(sock); - unlink(path); - errno = saved_errno; - return -1; - } - return sock; -} - - - -static int -set_nonblock(int fd) -{ - int val; - - val = fcntl(fd, F_GETFL); - if (val < 0) { - error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); - return (-1); - } - if (val & O_NONBLOCK) { - debug("fd %d is O_NONBLOCK", fd); - return (0); - } - debug("fd %d setting O_NONBLOCK", fd); - val |= O_NONBLOCK; - if (fcntl(fd, F_SETFL, val) == -1) { - debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, - strerror(errno)); - return (-1); - } - return (0); -} - -static uint64_t -monotime(void) -{ - struct timeval tv; - uint64_t msec; - gettimeofday(&tv, NULL); - msec = tv.tv_sec * 1000; - msec += tv.tv_usec / 1000; - return (msec); -} - -typedef enum { - AUTH_UNUSED, - AUTH_SOCKET, - AUTH_CONNECTION -} sock_type; - -typedef struct { - int fd; - sock_type type; - struct sshbuf *input; - struct sshbuf *output; - struct sshbuf *request; -} SocketEntry; - -__thread u_int sockets_alloc = 0; -__thread SocketEntry *sockets = NULL; - -typedef struct identity { - TAILQ_ENTRY(identity) next; - struct sshkey *key; - char *comment; - char *provider; - time_t death; - u_int confirm; -} Identity; - -struct idtable { - int nentries; - TAILQ_HEAD(idqueue, identity) idlist; -}; - -/* private key table */ -__thread struct idtable *idtab; - -__thread int max_fd = 0; - -/* pid of shell == parent of agent */ -__thread pid_t parent_pid = -1; -__thread time_t parent_alive_interval = 0; - -/* pid of process for which cleanup_socket is applicable */ -__thread pid_t cleanup_pid = 0; - -/* pathname and directory for AUTH_SOCKET */ -__thread char socket_name[PATH_MAX]; -__thread char socket_dir[PATH_MAX]; - -/* PKCS#11 path whitelist */ -__thread static char *pkcs11_whitelist; - -/* locking */ -#define LOCK_SIZE 32 -#define LOCK_SALT_SIZE 16 -#define LOCK_ROUNDS 1 -__thread int locked = 0; -__thread u_char lock_pwhash[LOCK_SIZE]; -__thread u_char lock_salt[LOCK_SALT_SIZE]; - -__thread char *__ssh_agent_progname; - -/* Default lifetime in seconds (0 == forever) */ -__thread static long lifetime = 0; - -__thread static int fingerprint_hash = SSH_FP_HASH_DEFAULT; - -static void -close_socket(SocketEntry *e) -{ - close(e->fd); - e->fd = -1; - e->type = AUTH_UNUSED; - sshbuf_free(e->input); - sshbuf_free(e->output); - sshbuf_free(e->request); -} - -static void -idtab_init(void) -{ - idtab = calloc(1, sizeof(*idtab)); - TAILQ_INIT(&idtab->idlist); - idtab->nentries = 0; -} - -static void -free_identity(Identity *id) -{ - sshkey_free(id->key); - free(id->provider); - free(id->comment); - free(id); -} - -/* return matching private key for given public key */ -static Identity * -lookup_identity(struct sshkey *key) -{ - Identity *id; - - TAILQ_FOREACH(id, &idtab->idlist, next) { - if (sshkey_equal(key, id->key)) - return (id); - } - return (NULL); -} - -/* Check confirmation of keysign request */ -static int -confirm_key(Identity *id) -{ - char *p; - int ret = -1; - - p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); - // TODO: implement ask -// if (p != NULL && -// ask_permission("Allow use of key %s?\nKey fingerprint %s.", -// id->comment, p)) -// ret = 0; - free(p); - - return (ret); -} - -static void -send_status(SocketEntry *e, int success) -{ - int r; - - if ((r = sshbuf_put_u32(e->output, 1)) != 0 || - (r = sshbuf_put_u8(e->output, success ? - SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0) { - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } -} - -/* send list of supported public keys to 'client' */ -static void -process_request_identities(SocketEntry *e) -{ - Identity *id; - struct sshbuf *msg; - int r; - - if ((msg = sshbuf_new()) == NULL) { - fatal("%s: sshbuf_new failed", __func__); - } - if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || - (r = sshbuf_put_u32(msg, idtab->nentries)) != 0) { - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - TAILQ_FOREACH(id, &idtab->idlist, next) { - if ((r = sshkey_puts(id->key, msg)) - != 0 || - (r = sshbuf_put_cstring(msg, id->comment)) != 0) { - error("%s: put key/comment: %s", __func__, - ssh_err(r)); - continue; - } - } - if ((r = sshbuf_put_stringb(e->output, msg)) != 0) { - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - sshbuf_free(msg); -} - - -static char * -agent_decode_alg(struct sshkey *key, u_int flags) -{ - if (key->type == KEY_RSA) { - if (flags & SSH_AGENT_RSA_SHA2_256) - return "rsa-sha2-256"; - else if (flags & SSH_AGENT_RSA_SHA2_512) - return "rsa-sha2-512"; - } - return NULL; -} - -/* ssh2 only */ -static void -process_sign_request2(SocketEntry *e) -{ - const u_char *data; - u_char *signature = NULL; - size_t dlen, slen = 0; - u_int compat = 0, flags; - int r, ok = -1; - struct sshbuf *msg; - struct sshkey *key = NULL; - struct identity *id; - - if ((msg = sshbuf_new()) == NULL) { - fatal("%s: sshbuf_new failed", __func__); - } - if ((r = sshkey_froms(e->request, &key)) != 0 || - (r = sshbuf_get_string_direct(e->request, &data, &dlen)) != 0 || - (r = sshbuf_get_u32(e->request, &flags)) != 0) { - error("%s: couldn't parse request: %s", __func__, ssh_err(r)); - goto send; - } - - if ((id = lookup_identity(key)) == NULL) { - verbose("%s: %s key not found", __func__, sshkey_type(key)); - goto send; - } - if (id->confirm && confirm_key(id) != 0) { - verbose("%s: user refused key", __func__); - goto send; - } - if ((r = sshkey_sign(id->key, &signature, &slen, - data, dlen, agent_decode_alg(key, flags), compat)) != 0) { - error("%s: sshkey_sign: %s", __func__, ssh_err(r)); - goto send; - } - /* Success */ - ok = 0; -send: - sshkey_free(key); - if (ok == 0) { - if ((r = sshbuf_put_u8(msg, SSH2_AGENT_SIGN_RESPONSE)) != 0 || - (r = sshbuf_put_string(msg, signature, slen)) != 0) { - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - } else if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - if ((r = sshbuf_put_stringb(e->output, msg)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - sshbuf_free(msg); - free(signature); -} - -/* shared */ -static void -process_remove_identity(SocketEntry *e) -{ - int r, success = 0; - struct sshkey *key = NULL; - Identity *id; - - if ((r = sshkey_froms(e->request, &key)) != 0) { - error("%s: get key: %s", __func__, ssh_err(r)); - goto done; - } - if ((id = lookup_identity(key)) == NULL) { - debug("%s: key not found", __func__); - goto done; - } - /* We have this key, free it. */ - if (idtab->nentries < 1) - fatal("%s: internal error: nentries %d", - __func__, idtab->nentries); - TAILQ_REMOVE(&idtab->idlist, id, next); - free_identity(id); - idtab->nentries--; - sshkey_free(key); - success = 1; -done: - send_status(e, success); -} - -static void -process_remove_all_identities(SocketEntry *e) -{ - Identity *id; - - /* Loop over all identities and clear the keys. */ - for (id = TAILQ_FIRST(&idtab->idlist); id; - id = TAILQ_FIRST(&idtab->idlist)) { - TAILQ_REMOVE(&idtab->idlist, id, next); - free_identity(id); - } - - /* Mark that there are no identities. */ - idtab->nentries = 0; - - /* Send success. */ - send_status(e, 1); -} - -/* removes expired keys and returns number of seconds until the next expiry */ -static time_t -reaper(void) -{ - time_t deadline = 0, now = monotime(); - Identity *id, *nxt; - - for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) { - nxt = TAILQ_NEXT(id, next); - if (id->death == 0) - continue; - if (now >= id->death) { - debug("expiring key '%s'", id->comment); - TAILQ_REMOVE(&idtab->idlist, id, next); - free_identity(id); - idtab->nentries--; - } else - deadline = (deadline == 0) ? id->death : - MINIMUM(deadline, id->death); - } - if (deadline == 0 || deadline <= now) - return 0; - else - return (deadline - now); -} - -static void -process_add_identity(SocketEntry *e) -{ - Identity *id; - int success = 0, confirm = 0; - u_int seconds, maxsign; - char *comment = NULL; - time_t death = 0; - struct sshkey *k = NULL; - u_char ctype; - int r = SSH_ERR_INTERNAL_ERROR; - - if ((r = sshkey_private_deserialize(e->request, &k)) != 0 || - k == NULL || - (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) { - error("%s: decode private key: %s", __func__, ssh_err(r)); - goto err; - } - - while (sshbuf_len(e->request)) { - if ((r = sshbuf_get_u8(e->request, &ctype)) != 0) { - error("%s: buffer error: %s", __func__, ssh_err(r)); - goto err; - } - switch (ctype) { - case SSH_AGENT_CONSTRAIN_LIFETIME: - if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) { - error("%s: bad lifetime constraint: %s", - __func__, ssh_err(r)); - goto err; - } - death = monotime() + seconds; - break; - case SSH_AGENT_CONSTRAIN_CONFIRM: - confirm = 1; - break; - case SSH_AGENT_CONSTRAIN_MAXSIGN: -// if ((r = sshbuf_get_u32(e->request, &maxsign)) != 0) { -// error("%s: bad maxsign constraint: %s", -// __func__, ssh_err(r)); - goto err; -// } -// if ((r = sshkey_enable_maxsign(k, maxsign)) != 0) { -// error("%s: cannot enable maxsign: %s", -// __func__, ssh_err(r)); -// goto err; -// } - break; - default: - error("%s: Unknown constraint %d", __func__, ctype); - err: - sshbuf_reset(e->request); - free(comment); - sshkey_free(k); - goto send; - } - } - - success = 1; - if (lifetime && !death) - death = monotime() + lifetime; - if ((id = lookup_identity(k)) == NULL) { - id = calloc(1, sizeof(Identity)); - TAILQ_INSERT_TAIL(&idtab->idlist, id, next); - /* Increment the number of identities. */ - idtab->nentries++; - } else { - /* key state might have been updated */ - sshkey_free(id->key); - free(id->comment); - } - id->key = k; - id->comment = comment; - id->death = death; - id->confirm = confirm; -send: - send_status(e, success); -} - -/* XXX todo: encrypt sensitive data with passphrase */ -static void -process_lock_agent(SocketEntry *e, int lock) -{ - int r, success = 0, delay; - char *passwd; - u_char passwdhash[LOCK_SIZE]; - static u_int fail_count = 0; - size_t pwlen; - - /* - * This is deliberately fatal: the user has requested that we lock, - * but we can't parse their request properly. The only safe thing to - * do is abort. - */ - if ((r = sshbuf_get_cstring(e->request, &passwd, &pwlen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (pwlen == 0) { - debug("empty password not supported"); - } else if (locked && !lock) { - if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), - passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0) - fatal("bcrypt_pbkdf"); - if (timingsafe_bcmp(passwdhash, lock_pwhash, LOCK_SIZE) == 0) { - debug("agent unlocked"); - locked = 0; - fail_count = 0; - explicit_bzero(lock_pwhash, sizeof(lock_pwhash)); - success = 1; - } else { - /* delay in 0.1s increments up to 10s */ - if (fail_count < 100) - fail_count++; - delay = 100000 * fail_count; - debug("unlock failed, delaying %0.1lf seconds", - (double)delay/1000000); - usleep(delay); - } - explicit_bzero(passwdhash, sizeof(passwdhash)); - } else if (!locked && lock) { - debug("agent locked"); - locked = 1; - arc4random_buf(lock_salt, sizeof(lock_salt)); - if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), - lock_pwhash, sizeof(lock_pwhash), LOCK_ROUNDS) < 0) - fatal("bcrypt_pbkdf"); - success = 1; - } - explicit_bzero(passwd, pwlen); - free(passwd); - send_status(e, success); -} - -static void -no_identities(SocketEntry *e) -{ - struct sshbuf *msg; - int r; - - if ((msg = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || - (r = sshbuf_put_u32(msg, 0)) != 0 || - (r = sshbuf_put_stringb(e->output, msg)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_free(msg); -} - -#ifdef ENABLE_PKCS11 -static void -process_add_smartcard_key(SocketEntry *e) -{ - char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; - int r, i, count = 0, success = 0, confirm = 0; - u_int seconds; - time_t death = 0; - u_char type; - struct sshkey **keys = NULL, *k; - Identity *id; - - if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || - (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) { - error("%s: buffer error: %s", __func__, ssh_err(r)); - goto send; - } - - while (sshbuf_len(e->request)) { - if ((r = sshbuf_get_u8(e->request, &type)) != 0) { - error("%s: buffer error: %s", __func__, ssh_err(r)); - goto send; - } - switch (type) { - case SSH_AGENT_CONSTRAIN_LIFETIME: - if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) { - error("%s: buffer error: %s", - __func__, ssh_err(r)); - goto send; - } - death = monotime() + seconds; - break; - case SSH_AGENT_CONSTRAIN_CONFIRM: - confirm = 1; - break; - default: - error("%s: Unknown constraint type %d", __func__, type); - goto send; - } - } - if (realpath(provider, canonical_provider) == NULL) { - verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", - provider, strerror(errno)); - goto send; - } - if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) { - verbose("refusing PKCS#11 add of \"%.100s\": " - "provider not whitelisted", canonical_provider); - goto send; - } - debug("%s: add %.100s", __func__, canonical_provider); - if (lifetime && !death) - death = monotime() + lifetime; - - count = pkcs11_add_provider(canonical_provider, pin, &keys); - for (i = 0; i < count; i++) { - k = keys[i]; - if (lookup_identity(k) == NULL) { - id = xcalloc(1, sizeof(Identity)); - id->key = k; - id->provider = xstrdup(canonical_provider); - id->comment = xstrdup(canonical_provider); /* XXX */ - id->death = death; - id->confirm = confirm; - TAILQ_INSERT_TAIL(&idtab->idlist, id, next); - idtab->nentries++; - success = 1; - } else { - sshkey_free(k); - } - keys[i] = NULL; - } -send: - free(pin); - free(provider); - free(keys); - send_status(e, success); -} - -static void -process_remove_smartcard_key(SocketEntry *e) -{ - char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; - int r, success = 0; - Identity *id, *nxt; - - if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || - (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) { - error("%s: buffer error: %s", __func__, ssh_err(r)); - goto send; - } - free(pin); - - if (realpath(provider, canonical_provider) == NULL) { - verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", - provider, strerror(errno)); - goto send; - } - - debug("%s: remove %.100s", __func__, canonical_provider); - for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) { - nxt = TAILQ_NEXT(id, next); - /* Skip file--based keys */ - if (id->provider == NULL) - continue; - if (!strcmp(canonical_provider, id->provider)) { - TAILQ_REMOVE(&idtab->idlist, id, next); - free_identity(id); - idtab->nentries--; - } - } - if (pkcs11_del_provider(canonical_provider) == 0) - success = 1; - else - error("%s: pkcs11_del_provider failed", __func__); -send: - free(provider); - send_status(e, success); -} -#endif /* ENABLE_PKCS11 */ - -/* dispatch incoming messages */ - -static int -process_message(u_int socknum) -{ - u_int msg_len; - u_char type; - const u_char *cp; - int r; - SocketEntry *e; - - if (socknum >= sockets_alloc) { - fatal("%s: socket number %u >= allocated %u", - __func__, socknum, sockets_alloc); - } - e = &sockets[socknum]; - - if (sshbuf_len(e->input) < 5) - return 0; /* Incomplete message header. */ - cp = sshbuf_ptr(e->input); - msg_len = PEEK_U32(cp); - if (msg_len > AGENT_MAX_LEN) { - debug("%s: socket %u (fd=%d) message too long %u > %u", - __func__, socknum, e->fd, msg_len, AGENT_MAX_LEN); - return -1; - } - if (sshbuf_len(e->input) < msg_len + 4) - return 0; /* Incomplete message body. */ - - /* move the current input to e->request */ - sshbuf_reset(e->request); - if ((r = sshbuf_get_stringb(e->input, e->request)) != 0 || - (r = sshbuf_get_u8(e->request, &type)) != 0) { - if (r == SSH_ERR_MESSAGE_INCOMPLETE || - r == SSH_ERR_STRING_TOO_LARGE) { - debug("%s: buffer error: %s", __func__, ssh_err(r)); - return -1; - } - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - - debug("%s: socket %u (fd=%d) type %d", __func__, socknum, e->fd, type); - - /* check whether agent is locked */ - if (locked && type != SSH_AGENTC_UNLOCK) { - sshbuf_reset(e->request); - switch (type) { - case SSH2_AGENTC_REQUEST_IDENTITIES: - /* send empty lists */ - no_identities(e); - break; - default: - /* send a fail message for all other request types */ - send_status(e, 0); - } - return 0; - } - - switch (type) { - case SSH_AGENTC_LOCK: - case SSH_AGENTC_UNLOCK: - process_lock_agent(e, type == SSH_AGENTC_LOCK); - break; - case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: - process_remove_all_identities(e); /* safe for !WITH_SSH1 */ - break; - /* ssh2 */ - case SSH2_AGENTC_SIGN_REQUEST: - process_sign_request2(e); - break; - case SSH2_AGENTC_REQUEST_IDENTITIES: - process_request_identities(e); - break; - case SSH2_AGENTC_ADD_IDENTITY: - case SSH2_AGENTC_ADD_ID_CONSTRAINED: - process_add_identity(e); - break; - case SSH2_AGENTC_REMOVE_IDENTITY: - process_remove_identity(e); - break; - case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: - process_remove_all_identities(e); - break; -#ifdef ENABLE_PKCS11 - case SSH_AGENTC_ADD_SMARTCARD_KEY: - case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED: - process_add_smartcard_key(e); - break; - case SSH_AGENTC_REMOVE_SMARTCARD_KEY: - process_remove_smartcard_key(e); - break; -#endif /* ENABLE_PKCS11 */ - default: - /* Unknown message. Respond with failure. */ - error("Unknown message %d", type); - sshbuf_reset(e->request); - send_status(e, 0); - break; - } - return 0; -} - -static void -new_socket(sock_type type, int fd) -{ - u_int i, old_alloc, new_alloc; - - set_nonblock(fd); - - if (fd > max_fd) - max_fd = fd; - - for (i = 0; i < sockets_alloc; i++) - if (sockets[i].type == AUTH_UNUSED) { - sockets[i].fd = fd; - if ((sockets[i].input = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((sockets[i].output = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((sockets[i].request = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - sockets[i].type = type; - return; - } - old_alloc = sockets_alloc; - new_alloc = sockets_alloc + 10; - sockets = realloc(sockets, new_alloc * sizeof(sockets[0]));// xreallocarray(sockets, new_alloc, sizeof(sockets[0])); - for (i = old_alloc; i < new_alloc; i++) - sockets[i].type = AUTH_UNUSED; - sockets_alloc = new_alloc; - sockets[old_alloc].fd = fd; - if ((sockets[old_alloc].input = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((sockets[old_alloc].output = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((sockets[old_alloc].request = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - sockets[old_alloc].type = type; -} - -static int -handle_socket_read(u_int socknum) -{ - struct sockaddr_un sunaddr; - socklen_t slen; - uid_t euid; - gid_t egid; - int fd; - - slen = sizeof(sunaddr); - fd = accept(sockets[socknum].fd, (struct sockaddr *)&sunaddr, &slen); - if (fd < 0) { - error("accept from AUTH_SOCKET: %s", strerror(errno)); - return -1; - } - if (getpeereid(fd, &euid, &egid) < 0) { - error("getpeereid %d failed: %s", fd, strerror(errno)); - close(fd); - return -1; - } - if ((euid != 0) && (getuid() != euid)) { - error("uid mismatch: peer euid %u != uid %u", - (u_int) euid, (u_int) getuid()); - close(fd); - return -1; - } - new_socket(AUTH_CONNECTION, fd); - return 0; -} - -static int -handle_conn_read(u_int socknum) -{ - char buf[1024]; - ssize_t len; - int r; - - if ((len = read(sockets[socknum].fd, buf, sizeof(buf))) <= 0) { - if (len == -1) { - if (errno == EAGAIN || errno == EINTR) - return 0; - error("%s: read error on socket %u (fd %d): %s", - __func__, socknum, sockets[socknum].fd, - strerror(errno)); - } - return -1; - } - if ((r = sshbuf_put(sockets[socknum].input, buf, len)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - explicit_bzero(buf, sizeof(buf)); - process_message(socknum); - return 0; -} - -static int -handle_conn_write(u_int socknum) -{ - ssize_t len; - int r; - - if (sshbuf_len(sockets[socknum].output) == 0) - return 0; /* shouldn't happen */ - if ((len = write(sockets[socknum].fd, - sshbuf_ptr(sockets[socknum].output), - sshbuf_len(sockets[socknum].output))) <= 0) { - if (len == -1) { - if (errno == EAGAIN || errno == EINTR) - return 0; - error("%s: read error on socket %u (fd %d): %s", - __func__, socknum, sockets[socknum].fd, - strerror(errno)); - } - return -1; - } - if ((r = sshbuf_consume(sockets[socknum].output, len)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - return 0; -} - -static void -after_poll(struct pollfd *pfd, size_t npfd, u_int maxfds) -{ - size_t i; - u_int socknum, activefds = npfd; - - for (i = 0; i < npfd; i++) { - if (pfd[i].revents == 0) - continue; - /* Find sockets entry */ - for (socknum = 0; socknum < sockets_alloc; socknum++) { - if (sockets[socknum].type != AUTH_SOCKET && - sockets[socknum].type != AUTH_CONNECTION) - continue; - if (pfd[i].fd == sockets[socknum].fd) - break; - } - if (socknum >= sockets_alloc) { - error("%s: no socket for fd %d", __func__, pfd[i].fd); - continue; - } - /* Process events */ - switch (sockets[socknum].type) { - case AUTH_SOCKET: - if ((pfd[i].revents & (POLLIN|POLLERR)) == 0) - break; - if (npfd > maxfds) { - debug3("out of fds (active %u >= limit %u); " - "skipping accept", activefds, maxfds); - break; - } - if (handle_socket_read(socknum) == 0) - activefds++; - break; - case AUTH_CONNECTION: - if ((pfd[i].revents & (POLLIN|POLLERR)) != 0 && - handle_conn_read(socknum) != 0) { - goto close_sock; - } - if ((pfd[i].revents & (POLLOUT|POLLHUP)) != 0 && - handle_conn_write(socknum) != 0) { - close_sock: - if (activefds == 0) - fatal("activefds == 0 at close_sock"); - close_socket(&sockets[socknum]); - activefds--; - break; - } - break; - default: - break; - } - } -} - -static int -prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds) -{ - struct pollfd *pfd = *pfdp; - size_t i, j, npfd = 0; - time_t deadline; - - /* Count active sockets */ - for (i = 0; i < sockets_alloc; i++) { - switch (sockets[i].type) { - case AUTH_SOCKET: - case AUTH_CONNECTION: - npfd++; - break; - case AUTH_UNUSED: - break; - default: - fatal("Unknown socket type %d", sockets[i].type); - break; - } - } - if (npfd != *npfdp && - (pfd = recallocarray(pfd, *npfdp, npfd, sizeof(*pfd))) == NULL) - fatal("%s: recallocarray failed", __func__); - *pfdp = pfd; - *npfdp = npfd; - - for (i = j = 0; i < sockets_alloc; i++) { - switch (sockets[i].type) { - case AUTH_SOCKET: - if (npfd > maxfds) { - debug3("out of fds (active %zu >= limit %u); " - "skipping arming listener", npfd, maxfds); - break; - } - pfd[j].fd = sockets[i].fd; - pfd[j].revents = 0; - pfd[j].events = POLLIN; - j++; - break; - case AUTH_CONNECTION: - pfd[j].fd = sockets[i].fd; - pfd[j].revents = 0; - /* XXX backoff when input buffer full */ - pfd[j].events = POLLIN; - if (sshbuf_len(sockets[i].output) > 0) - pfd[j].events |= POLLOUT; - j++; - break; - default: - break; - } - } - deadline = reaper(); - if (parent_alive_interval != 0) - deadline = (deadline == 0) ? parent_alive_interval : - MINIMUM(deadline, parent_alive_interval); - if (deadline == 0) { - *timeoutp = -1; /* INFTIM */ - } else { - if (deadline > INT_MAX / 1000) - *timeoutp = INT_MAX / 1000; - else - *timeoutp = deadline * 1000; - } - return (1); -} - -static void -cleanup_socket(void) -{ - if (cleanup_pid != 0 && getpid() != cleanup_pid) - return; - debug("%s: cleanup", __func__); - if (socket_name[0]) - unlink(socket_name); - if (socket_dir[0]) - rmdir(socket_dir); -} - -void -cleanup_exit(int i) -{ - cleanup_socket(); - _exit(i); -} - -/*ARGSUSED*/ -static void -cleanup_handler(int sig) -{ - cleanup_socket(); -#ifdef ENABLE_PKCS11 - pkcs11_terminate(); -#endif - _exit(2); -} - -static void -thread_cleanup_handler(void *arg) -{ - cleanup_socket(); -#ifdef ENABLE_PKCS11 - pkcs11_terminate(); -#endif -} - -static void -check_parent_exists(void) -{ - /* - * If our parent has exited then getppid() will return (pid_t)1, - * so testing for that should be safe. - */ - if (parent_pid != -1 && getppid() != parent_pid) { - /* printf("Parent has died - Authentication agent exiting.\n"); */ - cleanup_socket(); - _exit(2); - } -} - -static void -usage(void) -{ - fprintf(stderr, - "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" - " [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n" - " ssh-agent [-c | -s] -k\n"); - exit(1); -} - -int -ssh_agent_main(int ac, char **av) -{ - int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0; - int sock, fd, ch, result, saved_errno; - char *shell, *format, *pidstr, *agentsocket = NULL; -#ifdef HAVE_SETRLIMIT - struct rlimit rlim; -#endif - extern int optind; - extern char *optarg; - pid_t pid; - char pidstrbuf[1 + 3 * sizeof pid]; - size_t len; - mode_t prev_mask; - int timeout = -1; /* INFTIM */ - struct pollfd *pfd = NULL; - size_t npfd = 0; - u_int maxfds; - -// ssh_malloc_init(); /* must be called before any mallocs */ - /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ -// sanitise_stdfd(); - - /* drop */ - setegid(getgid()); - setgid(getgid()); - -// platform_disable_tracing(0); /* strict=no */ - -// if (getrlimit(RLIMIT_NOFILE, &rlim) == -1) -// fatal("%s: getrlimit: %s", __progname, strerror(errno)); - -#ifdef WITH_OPENSSL - OpenSSL_add_all_algorithms(); -#endif - - __ssh_agent_progname = "ssh-agent";// ssh_get_progname(av[0]); - // seed_rng(); /* Handled in arc4random() */ - - while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) { - switch (ch) { - case 'E': - fingerprint_hash = ssh_digest_alg_by_name(optarg); - if (fingerprint_hash == -1) - fatal("Invalid hash algorithm \"%s\"", optarg); - break; - case 'c': - if (s_flag) - usage(); - c_flag++; - break; - case 'k': - k_flag++; - break; - case 'P': - if (pkcs11_whitelist != NULL) - fatal("-P option already specified"); - pkcs11_whitelist = strdup(optarg); - break; - case 's': - if (c_flag) - usage(); - s_flag++; - break; - case 'd': - if (d_flag || D_flag) - usage(); - d_flag++; - break; - case 'D': - if (d_flag || D_flag) - usage(); - D_flag++; - break; - case 'a': - agentsocket = optarg; - break; - case 't': - if ((lifetime = convtime(optarg)) == -1) { - fprintf(stderr, "Invalid lifetime\n"); - usage(); - } - break; - default: - usage(); - } - } - ac -= optind; - av += optind; - - if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) - usage(); - - D_flag = 1; - - if (pkcs11_whitelist == NULL) - pkcs11_whitelist = strdup(DEFAULT_PKCS11_WHITELIST); - - if (ac == 0 && !c_flag && !s_flag) { - shell = getenv("SHELL"); - if (shell != NULL && (len = strlen(shell)) > 2 && - strncmp(shell + len - 3, "csh", 3) == 0) - c_flag = 1; - } - if (k_flag) { - const char *errstr = NULL; - - pidstr = getenv(SSH_AGENTPID_ENV_NAME); - if (pidstr == NULL) { - fprintf(stderr, "%s not set, cannot kill agent\n", - SSH_AGENTPID_ENV_NAME); - exit(1); - } - pid = [@(pidstr) intValue];// (int)strtonum(pidstr, 2, INT_MAX, &errstr); - if (errstr) { - fprintf(stderr, - "%s=\"%s\", which is not a good PID: %s\n", - SSH_AGENTPID_ENV_NAME, pidstr, errstr); - exit(1); - } - if (kill(pid, SIGTERM) == -1) { - perror("kill"); - exit(1); - } - format = c_flag ? "unsetenv %s;\n" : "unset %s;\n"; - printf(format, SSH_AUTHSOCKET_ENV_NAME); - printf(format, SSH_AGENTPID_ENV_NAME); - printf("echo Agent pid %ld killed;\n", (long)pid); - exit(0); - } - - /* - * Minimum file descriptors: - * stdio (3) + listener (1) + syslog (1 maybe) + connection (1) + - * a few spare for libc / stack protectors / sanitisers, etc. - */ -#define SSH_AGENT_MIN_FDS (3+1+1+1+4) -// if (rlim.rlim_cur < SSH_AGENT_MIN_FDS) -// fatal("%s: file descriptior rlimit %lld too low (minimum %u)", -// __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS); -// maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS; - maxfds = 1000; // ?? - - parent_pid = getpid(); - - if (agentsocket == NULL) { - /* Create private directory for agent socket */ - mktemp_proto(socket_dir, sizeof(socket_dir)); - if (mkdtemp(socket_dir) == NULL) { - perror("mkdtemp: private socket dir"); - exit(1); - } - snprintf(socket_name, sizeof socket_name, "%s/a.%ld", socket_dir, - (long)parent_pid); - } else { - /* Try to use specified agent socket */ - socket_dir[0] = '\0'; - strlcpy(socket_name, agentsocket, sizeof socket_name); - } - - /* - * Create socket early so it will exist before command gets run from - * the parent. - */ - prev_mask = umask(0177); - sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0); - if (sock < 0) { - /* XXX - unix_listener() calls error() not perror() */ - *socket_name = '\0'; /* Don't unlink any existing file */ - cleanup_exit(1); - } - umask(prev_mask); - - /* - * Fork, and have the parent execute the command, if any, or present - * the socket data. The child continues as the authentication agent. - */ - if (D_flag || d_flag) { -// log_init(__progname, -// d_flag ? SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_INFO, -// SYSLOG_FACILITY_AUTH, 1); - setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1); - format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; - printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, - SSH_AUTHSOCKET_ENV_NAME); - printf("echo Agent pid %ld;\n", (long)parent_pid); - fflush(stdout); - goto skip; - } - pid = fork(); - if (pid == -1) { - perror("fork"); - cleanup_exit(1); - } - if (pid != 0) { /* Parent - execute the given command. */ - close(sock); - snprintf(pidstrbuf, sizeof pidstrbuf, "%ld", (long)pid); - if (ac == 0) { - format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; - printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, - SSH_AUTHSOCKET_ENV_NAME); - printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf, - SSH_AGENTPID_ENV_NAME); - printf("echo Agent pid %ld;\n", (long)pid); - exit(0); - } - if (setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1) == -1 || - setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1) == -1) { - perror("setenv"); - exit(1); - } - execvp(av[0], av); - perror(av[0]); - exit(1); - } - /* child */ -// log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0); - - if (setsid() == -1) { - error("setsid: %s", strerror(errno)); - cleanup_exit(1); - } - - (void)chdir("/"); - if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { - /* XXX might close listen socket */ - (void)dup2(fd, STDIN_FILENO); - (void)dup2(fd, STDOUT_FILENO); - (void)dup2(fd, STDERR_FILENO); - if (fd > 2) - close(fd); - } - -#ifdef HAVE_SETRLIMIT - /* deny core dumps, since memory contains unencrypted private keys */ - rlim.rlim_cur = rlim.rlim_max = 0; - if (setrlimit(RLIMIT_CORE, &rlim) < 0) { - error("setrlimit RLIMIT_CORE: %s", strerror(errno)); - cleanup_exit(1); - } -#endif - -skip: - - cleanup_pid = getpid(); - -#ifdef ENABLE_PKCS11 - pkcs11_init(0); -#endif - new_socket(AUTH_SOCKET, sock); - if (ac > 0) - parent_alive_interval = 10; - idtab_init(); - - pthread_cleanup_push(thread_cleanup_handler, NULL); -// signal(SIGPIPE, SIG_IGN); -// signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); -// signal(SIGHUP, cleanup_handler); -// signal(SIGTERM, cleanup_handler); - -// if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) -// fatal("%s: pledge: %s", __progname, strerror(errno)); -// platform_pledge_agent(); -// - while (1) { - prepare_poll(&pfd, &npfd, &timeout, maxfds); - result = poll(pfd, npfd, timeout); - saved_errno = errno; - if (parent_alive_interval != 0) - check_parent_exists(); - (void) reaper(); /* remove expired keys */ - if (result < 0) { - if (saved_errno == EINTR) - continue; - fatal("poll: %s", strerror(saved_errno)); - } else if (result > 0) - after_poll(pfd, npfd, maxfds); - } - pthread_cleanup_pop(0) - thread_cleanup_handler(NULL); - - /* NOTREACHED */ -} diff --git a/Blink/Commands/openssh/ssh-ecdsa.c b/Blink/Commands/openssh/ssh-ecdsa.c deleted file mode 100644 index e81250135..000000000 --- a/Blink/Commands/openssh/ssh-ecdsa.c +++ /dev/null @@ -1,205 +0,0 @@ -/* $OpenBSD: ssh-ecdsa.c,v 1.14 2018/02/07 02:06:51 jsing Exp $ */ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * Copyright (c) 2010 Damien Miller. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" -#define WITH_OPENSSL -#define OPENSSL_HAS_ECC - -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) - -#include - -#include -#include -#include -#include - -#include - -#include "sshbuf.h" -#include "ssherr.h" -#include "digest.h" -#define SSHKEY_INTERNAL -#include "sshkey.h" - -#include "openssl-compat.h" -#include "blink-compat.h" - -/* ARGSUSED */ -int -ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat) -{ - ECDSA_SIG *sig = NULL; - const BIGNUM *sig_r, *sig_s; - int hash_alg; - u_char digest[SSH_DIGEST_MAX_LENGTH]; - size_t len, dlen; - struct sshbuf *b = NULL, *bb = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (lenp != NULL) - *lenp = 0; - if (sigp != NULL) - *sigp = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA) - return SSH_ERR_INVALID_ARGUMENT; - - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || - (dlen = ssh_digest_bytes(hash_alg)) == 0) - return SSH_ERR_INTERNAL_ERROR; - if ((ret = ssh_digest_memory(hash_alg, data, datalen, - digest, sizeof(digest))) != 0) - goto out; - - if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - if ((bb = sshbuf_new()) == NULL || (b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - ECDSA_SIG_get0(sig, &sig_r, &sig_s); - if ((ret = sshbuf_put_bignum2(bb, sig_r)) != 0 || - (ret = sshbuf_put_bignum2(bb, sig_s)) != 0) - goto out; - if ((ret = sshbuf_put_cstring(b, sshkey_ssh_name_plain(key))) != 0 || - (ret = sshbuf_put_stringb(b, bb)) != 0) - goto out; - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - ret = 0; -out: - explicit_bzero(digest, sizeof(digest)); - sshbuf_free(b); - sshbuf_free(bb); - ECDSA_SIG_free(sig); - return ret; -} - -/* ARGSUSED */ -int -ssh_ecdsa_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat) -{ - ECDSA_SIG *sig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; - int hash_alg; - u_char digest[SSH_DIGEST_MAX_LENGTH]; - size_t dlen; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL, *sigbuf = NULL; - char *ktype = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA || - signature == NULL || signaturelen == 0) - return SSH_ERR_INVALID_ARGUMENT; - - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || - (dlen = ssh_digest_bytes(hash_alg)) == 0) - return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ - if ((b = sshbuf_from(signature, signaturelen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (sshbuf_get_cstring(b, &ktype, NULL) != 0 || - sshbuf_froms(b, &sigbuf) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (strcmp(sshkey_ssh_name_plain(key), ktype) != 0) { - ret = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - if (sshbuf_len(b) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - - /* parse signature */ - if ((sig = ECDSA_SIG_new()) == NULL || - (sig_r = BN_new()) == NULL || - (sig_s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (sshbuf_get_bignum2(sigbuf, sig_r) != 0 || - sshbuf_get_bignum2(sigbuf, sig_s) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - sig_r = sig_s = NULL; /* transferred */ - - if (sshbuf_len(sigbuf) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - if ((ret = ssh_digest_memory(hash_alg, data, datalen, - digest, sizeof(digest))) != 0) - goto out; - - switch (ECDSA_do_verify(digest, dlen, sig, key->ecdsa)) { - case 1: - ret = 0; - break; - case 0: - ret = SSH_ERR_SIGNATURE_INVALID; - goto out; - default: - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - -out: - explicit_bzero(digest, sizeof(digest)); - sshbuf_free(sigbuf); - sshbuf_free(b); - ECDSA_SIG_free(sig); - BN_clear_free(sig_r); - BN_clear_free(sig_s); - free(ktype); - return ret; -} - -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ diff --git a/Blink/Commands/openssh/ssh-ed25519.c b/Blink/Commands/openssh/ssh-ed25519.c deleted file mode 100644 index 93c018908..000000000 --- a/Blink/Commands/openssh/ssh-ed25519.c +++ /dev/null @@ -1,169 +0,0 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */ -/* - * Copyright (c) 2013 Markus Friedl - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -//#include "includes.h" - -#include -#include - -#include "crypto_api.h" - -#include -#include - -//#include "log.h" -#include "sshbuf.h" -#define SSHKEY_INTERNAL -#include "sshkey.h" -#include "ssherr.h" -#include "ssh2.h" - -#include "blink-compat.h" - -int -ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat) -{ - u_char *sig = NULL; - size_t slen = 0, len; - unsigned long long smlen; - int r, ret; - struct sshbuf *b = NULL; - - if (lenp != NULL) - *lenp = 0; - if (sigp != NULL) - *sigp = NULL; - - if (key == NULL || - sshkey_type_plain(key->type) != KEY_ED25519 || - key->ed25519_sk == NULL || - datalen >= INT_MAX - crypto_sign_ed25519_BYTES) - return SSH_ERR_INVALID_ARGUMENT; - smlen = slen = datalen + crypto_sign_ed25519_BYTES; - if ((sig = malloc(slen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - - if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen, - key->ed25519_sk)) != 0 || smlen <= datalen) { - r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */ - goto out; - } - /* encode signature */ - if ((b = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 || - (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0) - goto out; - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - /* success */ - r = 0; -out: - sshbuf_free(b); - if (sig != NULL) { - explicit_bzero(sig, slen); - free(sig); - } - - return r; -} - -int -ssh_ed25519_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat) -{ - struct sshbuf *b = NULL; - char *ktype = NULL; - const u_char *sigblob; - u_char *sm = NULL, *m = NULL; - size_t len; - unsigned long long smlen = 0, mlen = 0; - int r, ret; - - if (key == NULL || - sshkey_type_plain(key->type) != KEY_ED25519 || - key->ed25519_pk == NULL || - datalen >= INT_MAX - crypto_sign_ed25519_BYTES || - signature == NULL || signaturelen == 0) - return SSH_ERR_INVALID_ARGUMENT; - - if ((b = sshbuf_from(signature, signaturelen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_get_cstring(b, &ktype, NULL)) != 0 || - (r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0) - goto out; - if (strcmp("ssh-ed25519", ktype) != 0) { - r = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - if (sshbuf_len(b) != 0) { - r = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - if (len > crypto_sign_ed25519_BYTES) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (datalen >= SIZE_MAX - len) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - smlen = len + datalen; - mlen = smlen; - if ((sm = malloc(smlen)) == NULL || (m = malloc(mlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(sm, sigblob, len); - memcpy(sm+len, data, datalen); - if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen, - key->ed25519_pk)) != 0) { - debug2("%s: crypto_sign_ed25519_open failed: %d", - __func__, ret); - } - if (ret != 0 || mlen != datalen) { - r = SSH_ERR_SIGNATURE_INVALID; - goto out; - } - /* XXX compare 'm' and 'data' ? */ - /* success */ - r = 0; -out: - if (sm != NULL) { - explicit_bzero(sm, smlen); - free(sm); - } - if (m != NULL) { - explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */ - free(m); - } - sshbuf_free(b); - free(ktype); - return r; -} diff --git a/Blink/Commands/openssh/ssh-rsa.c b/Blink/Commands/openssh/ssh-rsa.c deleted file mode 100644 index 4105e99f6..000000000 --- a/Blink/Commands/openssh/ssh-rsa.c +++ /dev/null @@ -1,450 +0,0 @@ -/* $OpenBSD: ssh-rsa.c,v 1.67 2018/07/03 11:39:54 djm Exp $ */ -/* - * Copyright (c) 2000, 2003 Markus Friedl - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -//#include "includes.h" -#define WITH_OPENSSL -#ifdef WITH_OPENSSL - -#include - -#include -#include - -#include -#include - -#include "sshbuf.h" -//#include "compat.h" -#include "ssherr.h" -#define SSHKEY_INTERNAL -#include "sshkey.h" -#include "digest.h" -//#include "log.h" - -#include "openssl-compat.h" -#include "blink-compat.h" - -static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); - -static const char * -rsa_hash_alg_ident(int hash_alg) -{ - switch (hash_alg) { - case SSH_DIGEST_SHA1: - return "ssh-rsa"; - case SSH_DIGEST_SHA256: - return "rsa-sha2-256"; - case SSH_DIGEST_SHA512: - return "rsa-sha2-512"; - } - return NULL; -} - -/* - * Returns the hash algorithm ID for a given algorithm identifier as used - * inside the signature blob, - */ -static int -rsa_hash_id_from_ident(const char *ident) -{ - if (strcmp(ident, "ssh-rsa") == 0) - return SSH_DIGEST_SHA1; - if (strcmp(ident, "rsa-sha2-256") == 0) - return SSH_DIGEST_SHA256; - if (strcmp(ident, "rsa-sha2-512") == 0) - return SSH_DIGEST_SHA512; - return -1; -} - -/* - * Return the hash algorithm ID for the specified key name. This includes - * all the cases of rsa_hash_id_from_ident() but also the certificate key - * types. - */ -static int -rsa_hash_id_from_keyname(const char *alg) -{ - int r; - - if ((r = rsa_hash_id_from_ident(alg)) != -1) - return r; - if (strcmp(alg, "ssh-rsa-cert-v01@openssh.com") == 0) - return SSH_DIGEST_SHA1; - if (strcmp(alg, "rsa-sha2-256-cert-v01@openssh.com") == 0) - return SSH_DIGEST_SHA256; - if (strcmp(alg, "rsa-sha2-512-cert-v01@openssh.com") == 0) - return SSH_DIGEST_SHA512; - return -1; -} - -static int -rsa_hash_alg_nid(int type) -{ - switch (type) { - case SSH_DIGEST_SHA1: - return NID_sha1; - case SSH_DIGEST_SHA256: - return NID_sha256; - case SSH_DIGEST_SHA512: - return NID_sha512; - default: - return -1; - } -} - -int -ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) -{ - const BIGNUM *rsa_p, *rsa_q, *rsa_d; - BIGNUM *aux = NULL, *d_consttime = NULL; - BIGNUM *rsa_dmq1 = NULL, *rsa_dmp1 = NULL, *rsa_iqmp = NULL; - BN_CTX *ctx = NULL; - int r; - - if (key == NULL || key->rsa == NULL || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; - - RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); - RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); - - if ((ctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((aux = BN_new()) == NULL || - (rsa_dmq1 = BN_new()) == NULL || - (rsa_dmp1 = BN_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((d_consttime = BN_dup(rsa_d)) == NULL || - (rsa_iqmp = BN_dup(iqmp)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - BN_set_flags(aux, BN_FLG_CONSTTIME); - BN_set_flags(d_consttime, BN_FLG_CONSTTIME); - - if ((BN_sub(aux, rsa_q, BN_value_one()) == 0) || - (BN_mod(rsa_dmq1, d_consttime, aux, ctx) == 0) || - (BN_sub(aux, rsa_p, BN_value_one()) == 0) || - (BN_mod(rsa_dmp1, d_consttime, aux, ctx) == 0)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (!RSA_set0_crt_params(key->rsa, rsa_dmp1, rsa_dmq1, rsa_iqmp)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_dmp1 = rsa_dmq1 = rsa_iqmp = NULL; /* transferred */ - /* success */ - r = 0; -out: - BN_clear_free(aux); - BN_clear_free(d_consttime); - BN_clear_free(rsa_dmp1); - BN_clear_free(rsa_dmq1); - BN_clear_free(rsa_iqmp); - BN_CTX_free(ctx); - return r; -} - -/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ -int -ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg_ident) -{ - const BIGNUM *rsa_n; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; - size_t slen = 0; - u_int dlen, len; - int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - - if (lenp != NULL) - *lenp = 0; - if (sigp != NULL) - *sigp = NULL; - - if (alg_ident == NULL || strlen(alg_ident) == 0) - hash_alg = SSH_DIGEST_SHA1; - else - hash_alg = rsa_hash_id_from_keyname(alg_ident); - if (key == NULL || key->rsa == NULL || hash_alg == -1 || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; - RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); - if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - slen = RSA_size(key->rsa); - if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) - return SSH_ERR_INVALID_ARGUMENT; - - /* hash the data */ - nid = rsa_hash_alg_nid(hash_alg); - if ((dlen = ssh_digest_bytes(hash_alg)) == 0) - return SSH_ERR_INTERNAL_ERROR; - if ((ret = ssh_digest_memory(hash_alg, data, datalen, - digest, sizeof(digest))) != 0) - goto out; - - if ((sig = malloc(slen)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - - if (RSA_sign(nid, digest, dlen, sig, &len, key->rsa) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (len < slen) { - size_t diff = slen - len; - memmove(sig + diff, sig, len); - explicit_bzero(sig, diff); - } else if (len > slen) { - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } - /* encode signature */ - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((ret = sshbuf_put_cstring(b, rsa_hash_alg_ident(hash_alg))) != 0 || - (ret = sshbuf_put_string(b, sig, slen)) != 0) - goto out; - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - ret = 0; -out: - explicit_bzero(digest, sizeof(digest)); - freezero(sig, slen); - sshbuf_free(b); - return ret; -} - -int -ssh_rsa_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, const u_char *data, size_t datalen, - const char *alg) -{ - const BIGNUM *rsa_n; - char *sigtype = NULL; - int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; - size_t len = 0, diff, modlen, dlen; - struct sshbuf *b = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; - - if (key == NULL || key->rsa == NULL || - sshkey_type_plain(key->type) != KEY_RSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; - RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); - if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - - if ((b = sshbuf_from(sig, siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (sshbuf_get_cstring(b, &sigtype, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((hash_alg = rsa_hash_id_from_ident(sigtype)) == -1) { - ret = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - /* - * Allow ssh-rsa-cert-v01 certs to generate SHA2 signatures for - * legacy reasons, but otherwise the signature type should match. - */ - if (alg != NULL && strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { - if ((want_alg = rsa_hash_id_from_keyname(alg)) == -1) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if (hash_alg != want_alg) { - ret = SSH_ERR_SIGNATURE_INVALID; - goto out; - } - } - if (sshbuf_get_string(b, &sigblob, &len) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (sshbuf_len(b) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } - /* RSA_verify expects a signature of RSA_size */ - modlen = RSA_size(key->rsa); - if (len > modlen) { - ret = SSH_ERR_KEY_BITS_MISMATCH; - goto out; - } else if (len < modlen) { - diff = modlen - len; - osigblob = sigblob; - if ((sigblob = realloc(sigblob, modlen)) == NULL) { - sigblob = osigblob; /* put it back for clear/free */ - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memmove(sigblob + diff, sigblob, len); - explicit_bzero(sigblob, diff); - len = modlen; - } - if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } - if ((ret = ssh_digest_memory(hash_alg, data, datalen, - digest, sizeof(digest))) != 0) - goto out; - - ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, - key->rsa); -out: - freezero(sigblob, len); - free(sigtype); - sshbuf_free(b); - explicit_bzero(digest, sizeof(digest)); - return ret; -} - -/* - * See: - * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ - * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn - */ - -/* - * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) - * oiw(14) secsig(3) algorithms(2) 26 } - */ -static const u_char id_sha1[] = { - 0x30, 0x21, /* type Sequence, length 0x21 (33) */ - 0x30, 0x09, /* type Sequence, length 0x09 */ - 0x06, 0x05, /* type OID, length 0x05 */ - 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* id-sha1 OID */ - 0x05, 0x00, /* NULL */ - 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ -}; - -/* - * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html - * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) - * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) - * id-sha256(1) } - */ -static const u_char id_sha256[] = { - 0x30, 0x31, /* type Sequence, length 0x31 (49) */ - 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ - 0x06, 0x09, /* type OID, length 0x09 */ - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */ - 0x05, 0x00, /* NULL */ - 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */ -}; - -/* - * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html - * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) - * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) - * id-sha256(3) } - */ -static const u_char id_sha512[] = { - 0x30, 0x51, /* type Sequence, length 0x51 (81) */ - 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ - 0x06, 0x09, /* type OID, length 0x09 */ - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */ - 0x05, 0x00, /* NULL */ - 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */ -}; - -static int -rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp) -{ - switch (hash_alg) { - case SSH_DIGEST_SHA1: - *oidp = id_sha1; - *oidlenp = sizeof(id_sha1); - break; - case SSH_DIGEST_SHA256: - *oidp = id_sha256; - *oidlenp = sizeof(id_sha256); - break; - case SSH_DIGEST_SHA512: - *oidp = id_sha512; - *oidlenp = sizeof(id_sha512); - break; - default: - return SSH_ERR_INVALID_ARGUMENT; - } - return 0; -} - -static int -openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, - u_char *sigbuf, size_t siglen, RSA *rsa) -{ - size_t rsasize = 0, oidlen = 0, hlen = 0; - int ret, len, oidmatch, hashmatch; - const u_char *oid = NULL; - u_char *decrypted = NULL; - - if ((ret = rsa_hash_alg_oid(hash_alg, &oid, &oidlen)) != 0) - return ret; - ret = SSH_ERR_INTERNAL_ERROR; - hlen = ssh_digest_bytes(hash_alg); - if (hashlen != hlen) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto done; - } - rsasize = RSA_size(rsa); - if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || - siglen == 0 || siglen > rsasize) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto done; - } - if ((decrypted = malloc(rsasize)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto done; - } - if ((len = RSA_public_decrypt(siglen, sigbuf, decrypted, rsa, - RSA_PKCS1_PADDING)) < 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto done; - } - if (len < 0 || (size_t)len != hlen + oidlen) { - ret = SSH_ERR_INVALID_FORMAT; - goto done; - } - oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0; - hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0; - if (!oidmatch || !hashmatch) { - ret = SSH_ERR_SIGNATURE_INVALID; - goto done; - } - ret = 0; -done: - freezero(decrypted, rsasize); - return ret; -} -#endif /* WITH_OPENSSL */ diff --git a/Blink/Commands/openssh/ssh2.h b/Blink/Commands/openssh/ssh2.h deleted file mode 100644 index f2e37c96a..000000000 --- a/Blink/Commands/openssh/ssh2.h +++ /dev/null @@ -1,174 +0,0 @@ -/* $OpenBSD: ssh2.h,v 1.18 2016/05/04 14:22:33 markus Exp $ */ - -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * draft-ietf-secsh-architecture-05.txt - * - * Transport layer protocol: - * - * 1-19 Transport layer generic (e.g. disconnect, ignore, debug, - * etc) - * 20-29 Algorithm negotiation - * 30-49 Key exchange method specific (numbers can be reused for - * different authentication methods) - * - * User authentication protocol: - * - * 50-59 User authentication generic - * 60-79 User authentication method specific (numbers can be reused - * for different authentication methods) - * - * Connection protocol: - * - * 80-89 Connection protocol generic - * 90-127 Channel related messages - * - * Reserved for client protocols: - * - * 128-191 Reserved - * - * Local extensions: - * - * 192-255 Local extensions - */ - -/* special marker for no message */ - -#define SSH_MSG_NONE 0 - -/* ranges */ - -#define SSH2_MSG_TRANSPORT_MIN 1 -#define SSH2_MSG_TRANSPORT_MAX 49 -#define SSH2_MSG_USERAUTH_MIN 50 -#define SSH2_MSG_USERAUTH_MAX 79 -#define SSH2_MSG_USERAUTH_PER_METHOD_MIN 60 -#define SSH2_MSG_USERAUTH_PER_METHOD_MAX SSH2_MSG_USERAUTH_MAX -#define SSH2_MSG_CONNECTION_MIN 80 -#define SSH2_MSG_CONNECTION_MAX 127 -#define SSH2_MSG_RESERVED_MIN 128 -#define SSH2_MSG_RESERVED_MAX 191 -#define SSH2_MSG_LOCAL_MIN 192 -#define SSH2_MSG_LOCAL_MAX 255 -#define SSH2_MSG_MIN 1 -#define SSH2_MSG_MAX 255 - -/* transport layer: generic */ - -#define SSH2_MSG_DISCONNECT 1 -#define SSH2_MSG_IGNORE 2 -#define SSH2_MSG_UNIMPLEMENTED 3 -#define SSH2_MSG_DEBUG 4 -#define SSH2_MSG_SERVICE_REQUEST 5 -#define SSH2_MSG_SERVICE_ACCEPT 6 -#define SSH2_MSG_EXT_INFO 7 - -/* transport layer: alg negotiation */ - -#define SSH2_MSG_KEXINIT 20 -#define SSH2_MSG_NEWKEYS 21 - -/* transport layer: kex specific messages, can be reused */ - -#define SSH2_MSG_KEXDH_INIT 30 -#define SSH2_MSG_KEXDH_REPLY 31 - -/* dh-group-exchange */ -#define SSH2_MSG_KEX_DH_GEX_REQUEST_OLD 30 -#define SSH2_MSG_KEX_DH_GEX_GROUP 31 -#define SSH2_MSG_KEX_DH_GEX_INIT 32 -#define SSH2_MSG_KEX_DH_GEX_REPLY 33 -#define SSH2_MSG_KEX_DH_GEX_REQUEST 34 - -/* ecdh */ -#define SSH2_MSG_KEX_ECDH_INIT 30 -#define SSH2_MSG_KEX_ECDH_REPLY 31 - -/* user authentication: generic */ - -#define SSH2_MSG_USERAUTH_REQUEST 50 -#define SSH2_MSG_USERAUTH_FAILURE 51 -#define SSH2_MSG_USERAUTH_SUCCESS 52 -#define SSH2_MSG_USERAUTH_BANNER 53 - -/* user authentication: method specific, can be reused */ - -#define SSH2_MSG_USERAUTH_PK_OK 60 -#define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ 60 -#define SSH2_MSG_USERAUTH_INFO_REQUEST 60 -#define SSH2_MSG_USERAUTH_INFO_RESPONSE 61 - -/* connection protocol: generic */ - -#define SSH2_MSG_GLOBAL_REQUEST 80 -#define SSH2_MSG_REQUEST_SUCCESS 81 -#define SSH2_MSG_REQUEST_FAILURE 82 - -/* channel related messages */ - -#define SSH2_MSG_CHANNEL_OPEN 90 -#define SSH2_MSG_CHANNEL_OPEN_CONFIRMATION 91 -#define SSH2_MSG_CHANNEL_OPEN_FAILURE 92 -#define SSH2_MSG_CHANNEL_WINDOW_ADJUST 93 -#define SSH2_MSG_CHANNEL_DATA 94 -#define SSH2_MSG_CHANNEL_EXTENDED_DATA 95 -#define SSH2_MSG_CHANNEL_EOF 96 -#define SSH2_MSG_CHANNEL_CLOSE 97 -#define SSH2_MSG_CHANNEL_REQUEST 98 -#define SSH2_MSG_CHANNEL_SUCCESS 99 -#define SSH2_MSG_CHANNEL_FAILURE 100 - -/* disconnect reason code */ - -#define SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT 1 -#define SSH2_DISCONNECT_PROTOCOL_ERROR 2 -#define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3 -#define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4 -#define SSH2_DISCONNECT_RESERVED 4 -#define SSH2_DISCONNECT_MAC_ERROR 5 -#define SSH2_DISCONNECT_COMPRESSION_ERROR 6 -#define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE 7 -#define SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED 8 -#define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE 9 -#define SSH2_DISCONNECT_CONNECTION_LOST 10 -#define SSH2_DISCONNECT_BY_APPLICATION 11 -#define SSH2_DISCONNECT_TOO_MANY_CONNECTIONS 12 -#define SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER 13 -#define SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE 14 -#define SSH2_DISCONNECT_ILLEGAL_USER_NAME 15 - -/* misc */ - -#define SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED 1 -#define SSH2_OPEN_CONNECT_FAILED 2 -#define SSH2_OPEN_UNKNOWN_CHANNEL_TYPE 3 -#define SSH2_OPEN_RESOURCE_SHORTAGE 4 - -#define SSH2_EXTENDED_DATA_STDERR 1 - -/* Certificate types for OpenSSH certificate keys extension */ -#define SSH2_CERT_TYPE_USER 1 -#define SSH2_CERT_TYPE_HOST 2 diff --git a/Blink/Commands/openssh/sshbuf.c b/Blink/Commands/openssh/sshbuf.c deleted file mode 100644 index 9454f993a..000000000 --- a/Blink/Commands/openssh/sshbuf.c +++ /dev/null @@ -1,1465 +0,0 @@ -/* $OpenBSD: sshbuf.c,v 1.8 2016/11/25 23:22:04 djm Exp $ */ -/* - * Copyright (c) 2011 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - - -#define SSHBUF_INTERNAL - -#include -#include -#include -#include -#include -#include - -//#if defined(__linux) -#include -//#endif - -#include "ssherr.h" -#include "sshbuf.h" - -#define explicit_bzero(p, plen) memset_s(p, plen, 0x0, plen) - -/* #include "misc.h" */ -#define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) - -static inline int -sshbuf_check_sanity(const struct sshbuf *buf) -{ - SSHBUF_TELL("sanity"); - if (buf == NULL || - (!buf->readonly && buf->d != buf->cd) || - buf->refcount < 1 || buf->refcount > SSHBUF_REFS_MAX || - buf->cd == NULL || - (buf->dont_free && (buf->readonly || buf->parent != NULL)) || - buf->max_size > SSHBUF_SIZE_MAX || - buf->alloc > buf->max_size || - buf->size > buf->alloc || - buf->off > buf->size) { - /* Do not try to recover from corrupted buffer internals */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - signal(SIGSEGV, SIG_DFL); - raise(SIGSEGV); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -static void -sshbuf_maybe_pack(struct sshbuf *buf, int force) -{ - SSHBUF_DBG(("force %d", force)); - SSHBUF_TELL("pre-pack"); - if (buf->off == 0 || buf->readonly || buf->refcount > 1) - return; - if (force || - (buf->off >= SSHBUF_PACK_MIN && buf->off >= buf->size / 2)) { - memmove(buf->d, buf->d + buf->off, buf->size - buf->off); - buf->size -= buf->off; - buf->off = 0; - SSHBUF_TELL("packed"); - } -} - -struct sshbuf * -sshbuf_new(void) -{ - struct sshbuf *ret; - - if ((ret = calloc(sizeof(*ret), 1)) == NULL) - return NULL; - ret->alloc = SSHBUF_SIZE_INIT; - ret->max_size = SSHBUF_SIZE_MAX; - ret->readonly = 0; - ret->refcount = 1; - ret->parent = NULL; - if ((ret->cd = ret->d = calloc(1, ret->alloc)) == NULL) { - free(ret); - return NULL; - } - return ret; -} - -struct sshbuf * -sshbuf_from(const void *blob, size_t len) -{ - struct sshbuf *ret; - - if (blob == NULL || len > SSHBUF_SIZE_MAX || - (ret = calloc(sizeof(*ret), 1)) == NULL) - return NULL; - ret->alloc = ret->size = ret->max_size = len; - ret->readonly = 1; - ret->refcount = 1; - ret->parent = NULL; - ret->cd = blob; - ret->d = NULL; - return ret; -} - -int -sshbuf_set_parent(struct sshbuf *child, struct sshbuf *parent) -{ - int r; - - if ((r = sshbuf_check_sanity(child)) != 0 || - (r = sshbuf_check_sanity(parent)) != 0) - return r; - child->parent = parent; - child->parent->refcount++; - return 0; -} - -struct sshbuf * -sshbuf_fromb(struct sshbuf *buf) -{ - struct sshbuf *ret; - - if (sshbuf_check_sanity(buf) != 0) - return NULL; - if ((ret = sshbuf_from(sshbuf_ptr(buf), sshbuf_len(buf))) == NULL) - return NULL; - if (sshbuf_set_parent(ret, buf) != 0) { - sshbuf_free(ret); - return NULL; - } - return ret; -} - -void -sshbuf_init(struct sshbuf *ret) -{ - explicit_bzero(ret, sizeof(*ret)); - ret->alloc = SSHBUF_SIZE_INIT; - ret->max_size = SSHBUF_SIZE_MAX; - ret->readonly = 0; - ret->dont_free = 1; - ret->refcount = 1; - if ((ret->cd = ret->d = calloc(1, ret->alloc)) == NULL) - ret->alloc = 0; -} - -void -sshbuf_free(struct sshbuf *buf) -{ - int dont_free = 0; - - if (buf == NULL) - return; - /* - * The following will leak on insane buffers, but this is the safest - * course of action - an invalid pointer or already-freed pointer may - * have been passed to us and continuing to scribble over memory would - * be bad. - */ - if (sshbuf_check_sanity(buf) != 0) - return; - /* - * If we are a child, the free our parent to decrement its reference - * count and possibly free it. - */ - sshbuf_free(buf->parent); - buf->parent = NULL; - /* - * If we are a parent with still-extant children, then don't free just - * yet. The last child's call to sshbuf_free should decrement our - * refcount to 0 and trigger the actual free. - */ - buf->refcount--; - if (buf->refcount > 0) - return; - dont_free = buf->dont_free; - if (!buf->readonly) { - explicit_bzero(buf->d, buf->alloc); - free(buf->d); - } - explicit_bzero(buf, sizeof(*buf)); - if (!dont_free) - free(buf); -} - -void -sshbuf_reset(struct sshbuf *buf) -{ - u_char *d; - - if (buf->readonly || buf->refcount > 1) { - /* Nonsensical. Just make buffer appear empty */ - buf->off = buf->size; - return; - } - if (sshbuf_check_sanity(buf) == 0) - explicit_bzero(buf->d, buf->alloc); - buf->off = buf->size = 0; - if (buf->alloc != SSHBUF_SIZE_INIT) { - if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) { - buf->cd = buf->d = d; - buf->alloc = SSHBUF_SIZE_INIT; - } - } -} - -size_t -sshbuf_max_size(const struct sshbuf *buf) -{ - return buf->max_size; -} - -size_t -sshbuf_alloc(const struct sshbuf *buf) -{ - return buf->alloc; -} - -const struct sshbuf * -sshbuf_parent(const struct sshbuf *buf) -{ - return buf->parent; -} - -u_int -sshbuf_refcount(const struct sshbuf *buf) -{ - return buf->refcount; -} - -int -sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) -{ - size_t rlen; - u_char *dp; - int r; - - SSHBUF_DBG(("set max buf = %p len = %zu", buf, max_size)); - if ((r = sshbuf_check_sanity(buf)) != 0) - return r; - if (max_size == buf->max_size) - return 0; - if (buf->readonly || buf->refcount > 1) - return SSH_ERR_BUFFER_READ_ONLY; - if (max_size > SSHBUF_SIZE_MAX) - return SSH_ERR_NO_BUFFER_SPACE; - /* pack and realloc if necessary */ - sshbuf_maybe_pack(buf, max_size < buf->size); - if (max_size < buf->alloc && max_size > buf->size) { - if (buf->size < SSHBUF_SIZE_INIT) - rlen = SSHBUF_SIZE_INIT; - else - rlen = ROUNDUP(buf->size, SSHBUF_SIZE_INC); - if (rlen > max_size) - rlen = max_size; - explicit_bzero(buf->d + buf->size, buf->alloc - buf->size); - SSHBUF_DBG(("new alloc = %zu", rlen)); - if ((dp = realloc(buf->d, rlen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - buf->cd = buf->d = dp; - buf->alloc = rlen; - } - SSHBUF_TELL("new-max"); - if (max_size < buf->alloc) - return SSH_ERR_NO_BUFFER_SPACE; - buf->max_size = max_size; - return 0; -} - -size_t -sshbuf_len(const struct sshbuf *buf) -{ - if (sshbuf_check_sanity(buf) != 0) - return 0; - return buf->size - buf->off; -} - -size_t -sshbuf_avail(const struct sshbuf *buf) -{ - if (sshbuf_check_sanity(buf) != 0 || buf->readonly || buf->refcount > 1) - return 0; - return buf->max_size - (buf->size - buf->off); -} - -const u_char * -sshbuf_ptr(const struct sshbuf *buf) -{ - if (sshbuf_check_sanity(buf) != 0) - return NULL; - return buf->cd + buf->off; -} - -u_char * -sshbuf_mutable_ptr(const struct sshbuf *buf) -{ - if (sshbuf_check_sanity(buf) != 0 || buf->readonly || buf->refcount > 1) - return NULL; - return buf->d + buf->off; -} - -int -sshbuf_check_reserve(const struct sshbuf *buf, size_t len) -{ - int r; - - if ((r = sshbuf_check_sanity(buf)) != 0) - return r; - if (buf->readonly || buf->refcount > 1) - return SSH_ERR_BUFFER_READ_ONLY; - SSHBUF_TELL("check"); - /* Check that len is reasonable and that max_size + available < len */ - if (len > buf->max_size || buf->max_size - len < buf->size - buf->off) - return SSH_ERR_NO_BUFFER_SPACE; - return 0; -} - -int -sshbuf_allocate(struct sshbuf *buf, size_t len) -{ - size_t rlen, need; - u_char *dp; - int r; - - SSHBUF_DBG(("allocate buf = %p len = %zu", buf, len)); - if ((r = sshbuf_check_reserve(buf, len)) != 0) - return r; - /* - * If the requested allocation appended would push us past max_size - * then pack the buffer, zeroing buf->off. - */ - sshbuf_maybe_pack(buf, buf->size + len > buf->max_size); - SSHBUF_TELL("allocate"); - if (len + buf->size <= buf->alloc) - return 0; /* already have it. */ - - /* - * Prefer to alloc in SSHBUF_SIZE_INC units, but - * allocate less if doing so would overflow max_size. - */ - need = len + buf->size - buf->alloc; - rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); - SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen)); - if (rlen > buf->max_size) - rlen = buf->alloc + need; - SSHBUF_DBG(("adjusted rlen %zu", rlen)); - if ((dp = realloc(buf->d, rlen)) == NULL) { - SSHBUF_DBG(("realloc fail")); - return SSH_ERR_ALLOC_FAIL; - } - buf->alloc = rlen; - buf->cd = buf->d = dp; - if ((r = sshbuf_check_reserve(buf, len)) < 0) { - /* shouldn't fail */ - return r; - } - SSHBUF_TELL("done"); - return 0; -} - -int -sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp) -{ - u_char *dp; - int r; - - if (dpp != NULL) - *dpp = NULL; - - SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len)); - if ((r = sshbuf_allocate(buf, len)) != 0) - return r; - - dp = buf->d + buf->size; - buf->size += len; - if (dpp != NULL) - *dpp = dp; - return 0; -} - -int -sshbuf_consume(struct sshbuf *buf, size_t len) -{ - int r; - - SSHBUF_DBG(("len = %zu", len)); - if ((r = sshbuf_check_sanity(buf)) != 0) - return r; - if (len == 0) - return 0; - if (len > sshbuf_len(buf)) - return SSH_ERR_MESSAGE_INCOMPLETE; - buf->off += len; - SSHBUF_TELL("done"); - return 0; -} - -int -sshbuf_consume_end(struct sshbuf *buf, size_t len) -{ - int r; - - SSHBUF_DBG(("len = %zu", len)); - if ((r = sshbuf_check_sanity(buf)) != 0) - return r; - if (len == 0) - return 0; - if (len > sshbuf_len(buf)) - return SSH_ERR_MESSAGE_INCOMPLETE; - buf->size -= len; - SSHBUF_TELL("done"); - return 0; -} - -int -sshbuf_get(struct sshbuf *buf, void *v, size_t len) -{ - const u_char *p = sshbuf_ptr(buf); - int r; - - if ((r = sshbuf_consume(buf, len)) < 0) - return r; - if (v != NULL && len != 0) - memcpy(v, p, len); - return 0; -} - -int -sshbuf_get_u64(struct sshbuf *buf, uint64_t *valp) -{ - const u_char *p = sshbuf_ptr(buf); - int r; - - if ((r = sshbuf_consume(buf, 8)) < 0) - return r; - if (valp != NULL) - *valp = PEEK_U64(p); - return 0; -} - -int -sshbuf_get_u32(struct sshbuf *buf, uint32_t *valp) -{ - const u_char *p = sshbuf_ptr(buf); - int r; - - if ((r = sshbuf_consume(buf, 4)) < 0) - return r; - if (valp != NULL) - *valp = PEEK_U32(p); - return 0; -} - -int -sshbuf_get_u16(struct sshbuf *buf, uint16_t *valp) -{ - const u_char *p = sshbuf_ptr(buf); - int r; - - if ((r = sshbuf_consume(buf, 2)) < 0) - return r; - if (valp != NULL) - *valp = PEEK_U16(p); - return 0; -} - -int -sshbuf_get_u8(struct sshbuf *buf, u_char *valp) -{ - const u_char *p = sshbuf_ptr(buf); - int r; - - if ((r = sshbuf_consume(buf, 1)) < 0) - return r; - if (valp != NULL) - *valp = (uint8_t)*p; - return 0; -} - -int -sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp) -{ - const u_char *val; - size_t len; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_get_string_direct(buf, &val, &len)) < 0) - return r; - if (valp != NULL) { - if ((*valp = malloc(len + 1)) == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if (len != 0) - memcpy(*valp, val, len); - (*valp)[len] = '\0'; - } - if (lenp != NULL) - *lenp = len; - return 0; -} - -int -sshbuf_get_string8(struct sshbuf *buf, u_char **valp, size_t *lenp) -{ - const u_char *val; - size_t len; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_get_string8_direct(buf, &val, &len)) < 0) - return r; - if (valp != NULL) { - if ((*valp = malloc(len + 1)) == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if (len != 0) - memcpy(*valp, val, len); - (*valp)[len] = '\0'; - } - if (lenp != NULL) - *lenp = len; - return 0; -} - -int -sshbuf_get_string8_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp) -{ - size_t len; - const u_char *p; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_peek_string8_direct(buf, &p, &len)) < 0) - return r; - if (valp != NULL) - *valp = p; - if (lenp != NULL) - *lenp = len; - if (sshbuf_consume(buf, len + 1) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -int -sshbuf_peek_string8_direct(const struct sshbuf *buf, const u_char **valp, - size_t *lenp) -{ - uint32_t len; - const u_char *p = sshbuf_ptr(buf); - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if (sshbuf_len(buf) < 1) { - SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); - return SSH_ERR_MESSAGE_INCOMPLETE; - } - len = p[0]; - if (len > SSHBUF_SIZE_MAX - 1) { - SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE")); - return SSH_ERR_STRING_TOO_LARGE; - } - if (sshbuf_len(buf) - 1 < len) { - SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); - return SSH_ERR_MESSAGE_INCOMPLETE; - } - if (valp != NULL) - *valp = p + 1; - if (lenp != NULL) - *lenp = len; - return 0; -} - -int -sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp) -{ - size_t len; - const u_char *p; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0) - return r; - if (valp != NULL) - *valp = p; - if (lenp != NULL) - *lenp = len; - if (sshbuf_consume(buf, len + 4) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -int -sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, - size_t *lenp) -{ - uint32_t len; - const u_char *p = sshbuf_ptr(buf); - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if (sshbuf_len(buf) < 4) { - SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); - return SSH_ERR_MESSAGE_INCOMPLETE; - } - len = PEEK_U32(p); - if (len > SSHBUF_SIZE_MAX - 4) { - SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE")); - return SSH_ERR_STRING_TOO_LARGE; - } - if (sshbuf_len(buf) - 4 < len) { - SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); - return SSH_ERR_MESSAGE_INCOMPLETE; - } - if (valp != NULL) - *valp = p + 4; - if (lenp != NULL) - *lenp = len; - return 0; -} - -int -sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp) -{ - size_t len; - const u_char *p, *z; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0) - return r; - /* Allow a \0 only at the end of the string */ - if (len > 0 && - (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) { - SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT")); - return SSH_ERR_INVALID_FORMAT; - } - if ((r = sshbuf_skip_string(buf)) != 0) - return -1; - if (valp != NULL) { - if ((*valp = malloc(len + 1)) == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if (len != 0) - memcpy(*valp, p, len); - (*valp)[len] = '\0'; - } - if (lenp != NULL) - *lenp = (size_t)len; - return 0; -} - -int -sshbuf_get_cstring8(struct sshbuf *buf, char **valp, size_t *lenp) -{ - size_t len; - const u_char *p, *z; - int r; - - if (valp != NULL) - *valp = NULL; - if (lenp != NULL) - *lenp = 0; - if ((r = sshbuf_peek_string8_direct(buf, &p, &len)) != 0) - return r; - /* Allow a \0 only at the end of the string */ - if (len > 0 && - (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) { - SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT")); - return SSH_ERR_INVALID_FORMAT; - } - if ((r = sshbuf_skip_string8(buf)) != 0) - return -1; - if (valp != NULL) { - if ((*valp = malloc(len + 1)) == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if (len != 0) - memcpy(*valp, p, len); - (*valp)[len] = '\0'; - } - if (lenp != NULL) - *lenp = (size_t)len; - return 0; -} - -int -sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v) -{ - uint32_t len; - u_char *p; - int r; - - /* - * Use sshbuf_peek_string_direct() to figure out if there is - * a complete string in 'buf' and copy the string directly - * into 'v'. - */ - if ((r = sshbuf_peek_string_direct(buf, NULL, NULL)) != 0 || - (r = sshbuf_get_u32(buf, &len)) != 0 || - (r = sshbuf_reserve(v, len, &p)) != 0 || - (r = sshbuf_get(buf, p, len)) != 0) - return r; - return 0; -} - -int -sshbuf_get_stringb8(struct sshbuf *buf, struct sshbuf *v) -{ - uint8_t len; - u_char *p; - int r; - - /* - * Use sshbuf_peek_string_direct() to figure out if there is - * a complete string in 'buf' and copy the string directly - * into 'v'. - */ - if ((r = sshbuf_peek_string8_direct(buf, NULL, NULL)) != 0 || - (r = sshbuf_get_u8(buf, &len)) != 0 || - (r = sshbuf_reserve(v, len, &p)) != 0 || - (r = sshbuf_get(buf, p, len)) != 0) - return r; - return 0; -} - -int -sshbuf_put(struct sshbuf *buf, const void *v, size_t len) -{ - u_char *p; - int r; - - if ((r = sshbuf_reserve(buf, len, &p)) < 0) - return r; - if (len != 0) - memcpy(p, v, len); - return 0; -} - -int -sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v) -{ - return sshbuf_put(buf, sshbuf_ptr(v), sshbuf_len(v)); -} - -int -sshbuf_putf(struct sshbuf *buf, const char *fmt, ...) -{ - va_list ap; - int r; - - va_start(ap, fmt); - r = sshbuf_putfv(buf, fmt, ap); - va_end(ap); - return r; -} - -int -sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) -{ - va_list ap2; - int r, len; - u_char *p; - - va_copy(ap2, ap); - if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if (len == 0) { - r = 0; - goto out; /* Nothing to do */ - } - va_end(ap2); - va_copy(ap2, ap); - if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0) - goto out; - if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) { - r = SSH_ERR_INTERNAL_ERROR; - goto out; /* Shouldn't happen */ - } - /* Consume terminating \0 */ - if ((r = sshbuf_consume_end(buf, 1)) != 0) - goto out; - r = 0; -out: - va_end(ap2); - return r; -} - -int -sshbuf_put_u64(struct sshbuf *buf, uint64_t val) -{ - u_char *p; - int r; - - if ((r = sshbuf_reserve(buf, 8, &p)) < 0) - return r; - POKE_U64(p, val); - return 0; -} - -int -sshbuf_put_u32(struct sshbuf *buf, uint32_t val) -{ - u_char *p; - int r; - - if ((r = sshbuf_reserve(buf, 4, &p)) < 0) - return r; - POKE_U32(p, val); - return 0; -} - -int -sshbuf_put_u16(struct sshbuf *buf, uint16_t val) -{ - u_char *p; - int r; - - if ((r = sshbuf_reserve(buf, 2, &p)) < 0) - return r; - POKE_U16(p, val); - return 0; -} - -int -sshbuf_put_u8(struct sshbuf *buf, u_char val) -{ - u_char *p; - int r; - - if ((r = sshbuf_reserve(buf, 1, &p)) < 0) - return r; - p[0] = val; - return 0; -} - -int -sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) -{ - u_char *d; - int r; - - if (len > SSHBUF_SIZE_MAX - 4) { - SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE")); - return SSH_ERR_NO_BUFFER_SPACE; - } - if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0) - return r; - POKE_U32(d, len); - if (len != 0) - memcpy(d + 4, v, len); - return 0; -} - -int -sshbuf_put_string8(struct sshbuf *buf, const void *v, size_t len) -{ - u_char *d; - int r; - - if (len > 0xFF - 1) { - SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE")); - return SSH_ERR_NO_BUFFER_SPACE; - } - if ((r = sshbuf_reserve(buf, len + 1, &d)) < 0) - return r; - d[0] = len; - if (len != 0) - memcpy(d + 1, v, len); - return 0; -} - -int -sshbuf_put_cstring(struct sshbuf *buf, const char *v) -{ - return sshbuf_put_string(buf, (u_char *)v, v == NULL ? 0 : strlen(v)); -} - -int -sshbuf_put_cstring8(struct sshbuf *buf, const char *v) -{ - return sshbuf_put_string8(buf, (u_char *)v, v == NULL ? 0 : strlen(v)); -} - -int -sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v) -{ - return sshbuf_put_string(buf, sshbuf_ptr(v), sshbuf_len(v)); -} - -int -sshbuf_put_stringb8(struct sshbuf *buf, const struct sshbuf *v) -{ - return sshbuf_put_string8(buf, sshbuf_ptr(v), sshbuf_len(v)); -} - -int -sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp) -{ - const u_char *p; - size_t len; - struct sshbuf *ret; - int r; - - if (buf == NULL || bufp == NULL) - return SSH_ERR_INVALID_ARGUMENT; - *bufp = NULL; - if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0) - return r; - if ((ret = sshbuf_from(p, len)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_consume(buf, len + 4)) != 0 || /* Shouldn't happen */ - (r = sshbuf_set_parent(ret, buf)) != 0) { - sshbuf_free(ret); - return r; - } - *bufp = ret; - return 0; -} - -int -sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len) -{ - u_char *d; - const u_char *s = (const u_char *)v; - int r, prepend; - - if (len > SSHBUF_SIZE_MAX - 5) { - SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE")); - return SSH_ERR_NO_BUFFER_SPACE; - } - /* Skip leading zero bytes */ - for (; len > 0 && *s == 0; len--, s++) - ; - /* - * If most significant bit is set then prepend a zero byte to - * avoid interpretation as a negative number. - */ - prepend = len > 0 && (s[0] & 0x80) != 0; - if ((r = sshbuf_reserve(buf, len + 4 + prepend, &d)) < 0) - return r; - POKE_U32(d, len + prepend); - if (prepend) - d[4] = 0; - if (len != 0) - memcpy(d + 4 + prepend, s, len); - return 0; -} - -int -sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, - const u_char **valp, size_t *lenp) -{ - const u_char *d; - size_t len, olen; - int r; - - if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0) - return r; - len = olen; - /* Refuse negative (MSB set) bignums */ - if ((len != 0 && (*d & 0x80) != 0)) - return SSH_ERR_BIGNUM_IS_NEGATIVE; - /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */ - if (len > SSHBUF_MAX_BIGNUM + 1 || - (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0)) - return SSH_ERR_BIGNUM_TOO_LARGE; - /* Trim leading zeros */ - while (len > 0 && *d == 0x00) { - d++; - len--; - } - if (valp != NULL) - *valp = d; - if (lenp != NULL) - *lenp = len; - if (sshbuf_consume(buf, olen + 4) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - - -int -sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v) -{ - const u_char *d; - size_t len; - int r; - - if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0) - return r; - if (v != NULL && BN_bin2bn(d, len, v) == NULL) - return SSH_ERR_ALLOC_FAIL; - return 0; -} - -int -sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v) -{ - const u_char *d = sshbuf_ptr(buf); - uint16_t len_bits; - size_t len_bytes; - - /* Length in bits */ - if (sshbuf_len(buf) < 2) - return SSH_ERR_MESSAGE_INCOMPLETE; - len_bits = PEEK_U16(d); - len_bytes = (len_bits + 7) >> 3; - if (len_bytes > SSHBUF_MAX_BIGNUM) - return SSH_ERR_BIGNUM_TOO_LARGE; - if (sshbuf_len(buf) < 2 + len_bytes) - return SSH_ERR_MESSAGE_INCOMPLETE; - if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (sshbuf_consume(buf, 2 + len_bytes) != 0) { - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -static int -get_ec(const u_char *d, size_t len, EC_POINT *v, const EC_GROUP *g) -{ - /* Refuse overlong bignums */ - if (len == 0 || len > SSHBUF_MAX_ECPOINT) - return SSH_ERR_ECPOINT_TOO_LARGE; - - if (*d != POINT_CONVERSION_UNCOMPRESSED && - (*d & ~0x1) != POINT_CONVERSION_COMPRESSED) { - return SSH_ERR_INVALID_FORMAT; - } - - if (v != NULL && EC_POINT_oct2point(g, v, d, len, NULL) != 1) - return SSH_ERR_INVALID_FORMAT; /* XXX assumption */ - return 0; -} - -int -sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g) -{ - const u_char *d; - size_t len; - int r; - - if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) - return r; - if ((r = get_ec(d, len, v, g)) != 0) - return r; - /* Skip string */ - if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -int -sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v) -{ - EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v)); - int r; - const u_char *d; - size_t len; - - if (pt == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) { - EC_POINT_free(pt); - return r; - } - if ((r = get_ec(d, len, pt, EC_KEY_get0_group(v))) != 0) { - EC_POINT_free(pt); - return r; - } - if (EC_KEY_set_public_key(v, pt) != 1) { - EC_POINT_free(pt); - return SSH_ERR_ALLOC_FAIL; /* XXX assumption */ - } - EC_POINT_free(pt); - /* Skip string */ - if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -int -sshbuf_get_eckey8(struct sshbuf *buf, EC_KEY *v) -{ - EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v)); - int r; - const u_char *d; - size_t len; - - if (pt == NULL) { - SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); - return SSH_ERR_ALLOC_FAIL; - } - if ((r = sshbuf_peek_string8_direct(buf, &d, &len)) < 0) { - EC_POINT_free(pt); - return r; - } - if ((r = get_ec(d, len, pt, EC_KEY_get0_group(v))) != 0) { - EC_POINT_free(pt); - return r; - } - if (EC_KEY_set_public_key(v, pt) != 1) { - EC_POINT_free(pt); - return SSH_ERR_ALLOC_FAIL; /* XXX assumption */ - } - EC_POINT_free(pt); - /* Skip string */ - if (sshbuf_get_string8_direct(buf, NULL, NULL) != 0) { - /* Shouldn't happen */ - SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); - SSHBUF_ABORT(); - return SSH_ERR_INTERNAL_ERROR; - } - return 0; -} - -int -sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v) -{ - u_char d[SSHBUF_MAX_BIGNUM + 1]; - int len = BN_num_bytes(v), prepend = 0, r; - - if (len < 0 || len > SSHBUF_MAX_BIGNUM) - return SSH_ERR_INVALID_ARGUMENT; - *d = '\0'; - if (BN_bn2bin(v, d + 1) != len) - return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ - /* If MSB is set, prepend a \0 */ - if (len > 0 && (d[1] & 0x80) != 0) - prepend = 1; - if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) { - explicit_bzero(d, sizeof(d)); - return r; - } - explicit_bzero(d, sizeof(d)); - return 0; -} - -int -sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v) -{ - int r, len_bits = BN_num_bits(v); - size_t len_bytes = (len_bits + 7) / 8; - u_char d[SSHBUF_MAX_BIGNUM], *dp; - - if (len_bits < 0 || len_bytes > SSHBUF_MAX_BIGNUM) - return SSH_ERR_INVALID_ARGUMENT; - if (BN_bn2bin(v, d) != (int)len_bytes) - return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ - if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) { - explicit_bzero(d, sizeof(d)); - return r; - } - POKE_U16(dp, len_bits); - if (len_bytes != 0) - memcpy(dp + 2, d, len_bytes); - explicit_bzero(d, sizeof(d)); - return 0; -} - -int -sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) -{ - u_char d[SSHBUF_MAX_ECPOINT]; - BN_CTX *bn_ctx; - size_t len; - int ret; - - if ((bn_ctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, bn_ctx)) > SSHBUF_MAX_ECPOINT) { - BN_CTX_free(bn_ctx); - return SSH_ERR_INVALID_ARGUMENT; - } - if (EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, - d, len, bn_ctx) != len) { - BN_CTX_free(bn_ctx); - return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ - } - BN_CTX_free(bn_ctx); - ret = sshbuf_put_string(buf, d, len); - explicit_bzero(d, len); - return ret; -} - -int -sshbuf_put_ec8(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) -{ - u_char d[SSHBUF_MAX_ECPOINT]; - BN_CTX *bn_ctx; - size_t len; - int ret; - - if ((bn_ctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_COMPRESSED, - NULL, 0, bn_ctx)) > SSHBUF_MAX_ECPOINT) { - BN_CTX_free(bn_ctx); - return SSH_ERR_INVALID_ARGUMENT; - } - if (EC_POINT_point2oct(g, v, POINT_CONVERSION_COMPRESSED, - d, len, bn_ctx) != len) { - BN_CTX_free(bn_ctx); - return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ - } - BN_CTX_free(bn_ctx); - ret = sshbuf_put_string8(buf, d, len); - explicit_bzero(d, len); - return ret; -} - -int -sshbuf_put_eckey(struct sshbuf *buf, const EC_KEY *v) -{ - return sshbuf_put_ec(buf, EC_KEY_get0_public_key(v), - EC_KEY_get0_group(v)); -} - -int -sshbuf_put_eckey8(struct sshbuf *buf, const EC_KEY *v) -{ - return sshbuf_put_ec8(buf, EC_KEY_get0_public_key(v), - EC_KEY_get0_group(v)); -} - - -void -sshbuf_dump_data(const void *s, size_t len, FILE *f) -{ - size_t i, j; - const u_char *p = (const u_char *)s; - - for (i = 0; i < len; i += 16) { - fprintf(f, "%.4zu: ", i); - for (j = i; j < i + 16; j++) { - if (j < len) - fprintf(f, "%02x ", p[j]); - else - fprintf(f, " "); - } - fprintf(f, " "); - for (j = i; j < i + 16; j++) { - if (j < len) { - if (isascii(p[j]) && isprint(p[j])) - fprintf(f, "%c", p[j]); - else - fprintf(f, "."); - } - } - fprintf(f, "\n"); - } -} - -void -sshbuf_dump(struct sshbuf *buf, FILE *f) -{ - fprintf(f, "buffer %p len = %zu\n", (void *)buf, sshbuf_len(buf)); - sshbuf_dump_data(sshbuf_ptr(buf), sshbuf_len(buf), f); -} - -char * -sshbuf_dtob16(struct sshbuf *buf) -{ - size_t i, j, len = sshbuf_len(buf); - const u_char *p = sshbuf_ptr(buf); - char *ret; - const char hex[] = "0123456789abcdef"; - - if (len == 0) - return strdup(""); - if (SIZE_MAX / 2 <= len || (ret = malloc(len * 2 + 1)) == NULL) - return NULL; - for (i = j = 0; i < len; i++) { - ret[j++] = hex[(p[i] >> 4) & 0xf]; - ret[j++] = hex[p[i] & 0xf]; - } - ret[j] = '\0'; - return ret; -} - -char * -sshbuf_dtob64(struct sshbuf *buf) -{ - size_t len = sshbuf_len(buf), plen; - const u_char *p = sshbuf_ptr(buf); - char *ret; - int r; - - if (len == 0) - return strdup(""); - plen = ((len + 2) / 3) * 4 + 1; - if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL) - return NULL; - if ((r = b64_ntop(p, len, ret, plen)) == -1) { - explicit_bzero(ret, plen); - free(ret); - return NULL; - } - return ret; -} - -int -sshbuf_b64tod(struct sshbuf *buf, const char *b64) -{ - size_t plen = strlen(b64); - int nlen, r; - u_char *p; - - if (plen == 0) - return 0; - if ((p = malloc(plen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((nlen = b64_pton(b64, p, plen)) < 0) { - explicit_bzero(p, plen); - free(p); - return SSH_ERR_INVALID_FORMAT; - } - if ((r = sshbuf_put(buf, p, nlen)) < 0) { - explicit_bzero(p, plen); - free(p); - return r; - } - explicit_bzero(p, plen); - free(p); - return 0; -} - -char * -sshbuf_dup_string(struct sshbuf *buf) -{ - const u_char *p = NULL, *s = sshbuf_ptr(buf); - size_t l = sshbuf_len(buf); - char *r; - - if (s == NULL || l > SIZE_MAX) - return NULL; - /* accept a nul only as the last character in the buffer */ - if (l > 0 && (p = memchr(s, '\0', l)) != NULL) { - if (p != s + l - 1) - return NULL; - l--; /* the nul is put back below */ - } - if ((r = malloc(l + 1)) == NULL) - return NULL; - if (l > 0) - memcpy(r, s, l); - r[l] = '\0'; - return r; -} - -#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4)) -#include - -void * -recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size) -{ - size_t oldsize, newsize; - void *newptr; - - if (ptr == NULL) - return calloc(newnmemb, size); - - if ((newnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && - newnmemb > 0 && SIZE_MAX / newnmemb < size) { - errno = ENOMEM; - return NULL; - } - newsize = newnmemb * size; - - if ((oldnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && - oldnmemb > 0 && SIZE_MAX / oldnmemb < size) { - errno = EINVAL; - return NULL; - } - oldsize = oldnmemb * size; - - /* - * Don't bother too much if we're shrinking just a bit, - * we do not shrink for series of small steps, oh well. - */ - if (newsize <= oldsize) { - size_t d = oldsize - newsize; - - if (d < oldsize / 2 && d < (size_t)getpagesize()) { - memset((char *)ptr + newsize, 0, d); - return ptr; - } - } - - newptr = malloc(newsize); - if (newptr == NULL) - return NULL; - - if (newsize > oldsize) { - memcpy(newptr, ptr, oldsize); - memset((char *)newptr + oldsize, 0, newsize - oldsize); - } else - memcpy(newptr, ptr, newsize); - - explicit_bzero(ptr, oldsize); - free(ptr); - - return newptr; -} diff --git a/Blink/Commands/openssh/sshbuf.h b/Blink/Commands/openssh/sshbuf.h deleted file mode 100644 index 347a64bcb..000000000 --- a/Blink/Commands/openssh/sshbuf.h +++ /dev/null @@ -1,371 +0,0 @@ -/* $OpenBSD: sshbuf.h,v 1.8 2016/11/25 23:22:04 djm Exp $ */ -/* - * Copyright (c) 2011 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _SSHBUF_H -#define _SSHBUF_H - -#include -#include -#include -#include -#include -#include - -#define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size */ -#define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ -#define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ -#define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ - -/* - * NB. do not depend on the internals of this. It will be made opaque - * one day. - */ -struct sshbuf { - u_char *d; /* Data */ - const u_char *cd; /* Const data */ - size_t off; /* First available byte is buf->d + buf->off */ - size_t size; /* Last byte is buf->d + buf->size - 1 */ - size_t max_size; /* Maximum size of buffer */ - size_t alloc; /* Total bytes allocated to buf->d */ - int readonly; /* Refers to external, const data */ - int dont_free; /* Kludge to support sshbuf_init */ - u_int refcount; /* Tracks self and number of child buffers */ - struct sshbuf *parent; /* If child, pointer to parent */ -}; - -#ifndef SSHBUF_NO_DEPREACTED -/* - * NB. Please do not use sshbuf_init() in new code. Please use sshbuf_new() - * instead. sshbuf_init() is deprectated and will go away soon (it is - * only included to allow compat with buffer_* in OpenSSH) - */ -void sshbuf_init(struct sshbuf *buf); -#endif - -/* - * Create a new sshbuf buffer. - * Returns pointer to buffer on success, or NULL on allocation failure. - */ -struct sshbuf *sshbuf_new(void); - -/* - * Create a new, read-only sshbuf buffer from existing data. - * Returns pointer to buffer on success, or NULL on allocation failure. - */ -struct sshbuf *sshbuf_from(const void *blob, size_t len); - -/* - * Create a new, read-only sshbuf buffer from the contents of an existing - * buffer. The contents of "buf" must not change in the lifetime of the - * resultant buffer. - * Returns pointer to buffer on success, or NULL on allocation failure. - */ -struct sshbuf *sshbuf_fromb(struct sshbuf *buf); - -/* - * Create a new, read-only sshbuf buffer from the contents of a string in - * an existing buffer (the string is consumed in the process). - * The contents of "buf" must not change in the lifetime of the resultant - * buffer. - * Returns pointer to buffer on success, or NULL on allocation failure. - */ -int sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp); - -/* - * Clear and free buf - */ -void sshbuf_free(struct sshbuf *buf); - -/* - * Reset buf, clearing its contents. NB. max_size is preserved. - */ -void sshbuf_reset(struct sshbuf *buf); - -/* - * Return the maximum size of buf - */ -size_t sshbuf_max_size(const struct sshbuf *buf); - -/* - * Set the maximum size of buf - * Returns 0 on success, or a negative SSH_ERR_* error code on failure. - */ -int sshbuf_set_max_size(struct sshbuf *buf, size_t max_size); - -/* - * Returns the length of data in buf - */ -size_t sshbuf_len(const struct sshbuf *buf); - -/* - * Returns number of bytes left in buffer before hitting max_size. - */ -size_t sshbuf_avail(const struct sshbuf *buf); - -/* - * Returns a read-only pointer to the start of the data in buf - */ -const u_char *sshbuf_ptr(const struct sshbuf *buf); - -/* - * Returns a mutable pointer to the start of the data in buf, or - * NULL if the buffer is read-only. - */ -u_char *sshbuf_mutable_ptr(const struct sshbuf *buf); - -/* - * Check whether a reservation of size len will succeed in buf - * Safer to use than direct comparisons again sshbuf_avail as it copes - * with unsigned overflows correctly. - * Returns 0 on success, or a negative SSH_ERR_* error code on failure. - */ -int sshbuf_check_reserve(const struct sshbuf *buf, size_t len); - -/* - * Preallocates len additional bytes in buf. - * Useful for cases where the caller knows how many bytes will ultimately be - * required to avoid realloc in the buffer code. - * Returns 0 on success, or a negative SSH_ERR_* error code on failure. - */ -int sshbuf_allocate(struct sshbuf *buf, size_t len); - -/* - * Reserve len bytes in buf. - * Returns 0 on success and a pointer to the first reserved byte via the - * optional dpp parameter or a negative * SSH_ERR_* error code on failure. - */ -int sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp); - -/* - * Consume len bytes from the start of buf - * Returns 0 on success, or a negative SSH_ERR_* error code on failure. - */ -int sshbuf_consume(struct sshbuf *buf, size_t len); - -/* - * Consume len bytes from the end of buf - * Returns 0 on success, or a negative SSH_ERR_* error code on failure. - */ -int sshbuf_consume_end(struct sshbuf *buf, size_t len); - -/* Extract or deposit some bytes */ -int sshbuf_get(struct sshbuf *buf, void *v, size_t len); -int sshbuf_put(struct sshbuf *buf, const void *v, size_t len); -int sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v); - -/* Append using a printf(3) format */ -int sshbuf_putf(struct sshbuf *buf, const char *fmt, ...) - __attribute__((format(printf, 2, 3))); -int sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap); - -/* Functions to extract or store big-endian words of various sizes */ -int sshbuf_get_u64(struct sshbuf *buf, uint64_t *valp); -int sshbuf_get_u32(struct sshbuf *buf, uint32_t *valp); -int sshbuf_get_u16(struct sshbuf *buf, uint16_t *valp); -int sshbuf_get_u8(struct sshbuf *buf, uint8_t *valp); -int sshbuf_put_u64(struct sshbuf *buf, uint64_t val); -int sshbuf_put_u32(struct sshbuf *buf, uint32_t val); -int sshbuf_put_u16(struct sshbuf *buf, uint16_t val); -int sshbuf_put_u8(struct sshbuf *buf, uint8_t val); - -/* - * Functions to extract or store SSH wire encoded strings (u32 len || data) - * The "cstring" variants admit no \0 characters in the string contents. - * Caller must free *valp. - */ -int sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp); -int sshbuf_get_string8(struct sshbuf *buf, u_char **valp, size_t *lenp); -int sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp); -int sshbuf_get_cstring8(struct sshbuf *buf, char **valp, size_t *lenp); -int sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v); -int sshbuf_get_stringb8(struct sshbuf *buf, struct sshbuf *v); -int sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len); -int sshbuf_put_string8(struct sshbuf *buf, const void *v, size_t len); -int sshbuf_put_cstring(struct sshbuf *buf, const char *v); -int sshbuf_put_cstring8(struct sshbuf *buf, const char *v); -int sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v); -int sshbuf_put_stringb8(struct sshbuf *buf, const struct sshbuf *v); - -/* - * "Direct" variant of sshbuf_get_string, returns pointer into the sshbuf to - * avoid an malloc+memcpy. The pointer is guaranteed to be valid until the - * next sshbuf-modifying function call. Caller does not free. - */ -int sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, - size_t *lenp); -int sshbuf_get_string8_direct(struct sshbuf *buf, const u_char **valp, - size_t *lenp); - -/* Skip past a string */ -#define sshbuf_skip_string(buf) sshbuf_get_string_direct(buf, NULL, NULL) -#define sshbuf_skip_string8(buf) sshbuf_get_string8_direct(buf, NULL, NULL) - -/* Another variant: "peeks" into the buffer without modifying it */ -int sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, - size_t *lenp); -int sshbuf_peek_string8_direct(const struct sshbuf *buf, const u_char **valp, - size_t *lenp); - -/* - * Functions to extract or store SSH wire encoded bignums and elliptic - * curve points. - */ -int sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len); -int sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, - const u_char **valp, size_t *lenp); -int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v); -int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v); -int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); -int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v); -int sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g); -int sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v); -int sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g); -int sshbuf_put_eckey(struct sshbuf *buf, const EC_KEY *v); - -int sshbuf_get_eckey8(struct sshbuf *buf, EC_KEY *v); -int sshbuf_put_ec8(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g); -int sshbuf_put_eckey8(struct sshbuf *buf, const EC_KEY *v); - -/* Dump the contents of the buffer in a human-readable format */ -void sshbuf_dump(struct sshbuf *buf, FILE *f); - -/* Dump specified memory in a human-readable format */ -void sshbuf_dump_data(const void *s, size_t len, FILE *f); - -/* Return the hexadecimal representation of the contents of the buffer */ -char *sshbuf_dtob16(struct sshbuf *buf); - -/* Encode the contents of the buffer as base64 */ -char *sshbuf_dtob64(struct sshbuf *buf); - -/* Decode base64 data and append it to the buffer */ -int sshbuf_b64tod(struct sshbuf *buf, const char *b64); - -/* - * Duplicate the contents of a buffer to a string (caller to free). - * Returns NULL on buffer error, or if the buffer contains a premature - * nul character. - */ -char *sshbuf_dup_string(struct sshbuf *buf); - -/* Macros for decoding/encoding integers */ -#define PEEK_U64(p) \ - (((uint64_t)(((const u_char *)(p))[0]) << 56) | \ - ((uint64_t)(((const u_char *)(p))[1]) << 48) | \ - ((uint64_t)(((const u_char *)(p))[2]) << 40) | \ - ((uint64_t)(((const u_char *)(p))[3]) << 32) | \ - ((uint64_t)(((const u_char *)(p))[4]) << 24) | \ - ((uint64_t)(((const u_char *)(p))[5]) << 16) | \ - ((uint64_t)(((const u_char *)(p))[6]) << 8) | \ - (uint64_t)(((const u_char *)(p))[7])) -#define PEEK_U32(p) \ - (((uint32_t)(((const u_char *)(p))[0]) << 24) | \ - ((uint32_t)(((const u_char *)(p))[1]) << 16) | \ - ((uint32_t)(((const u_char *)(p))[2]) << 8) | \ - (uint32_t)(((const u_char *)(p))[3])) -#define PEEK_U16(p) \ - (((uint16_t)(((const u_char *)(p))[0]) << 8) | \ - (uint16_t)(((const u_char *)(p))[1])) - -#define POKE_U64(p, v) \ - do { \ - const uint64_t __v = (v); \ - ((u_char *)(p))[0] = (__v >> 56) & 0xff; \ - ((u_char *)(p))[1] = (__v >> 48) & 0xff; \ - ((u_char *)(p))[2] = (__v >> 40) & 0xff; \ - ((u_char *)(p))[3] = (__v >> 32) & 0xff; \ - ((u_char *)(p))[4] = (__v >> 24) & 0xff; \ - ((u_char *)(p))[5] = (__v >> 16) & 0xff; \ - ((u_char *)(p))[6] = (__v >> 8) & 0xff; \ - ((u_char *)(p))[7] = __v & 0xff; \ - } while (0) -#define POKE_U32(p, v) \ - do { \ - const uint32_t __v = (v); \ - ((u_char *)(p))[0] = (__v >> 24) & 0xff; \ - ((u_char *)(p))[1] = (__v >> 16) & 0xff; \ - ((u_char *)(p))[2] = (__v >> 8) & 0xff; \ - ((u_char *)(p))[3] = __v & 0xff; \ - } while (0) -#define POKE_U16(p, v) \ - do { \ - const uint16_t __v = (v); \ - ((u_char *)(p))[0] = (__v >> 8) & 0xff; \ - ((u_char *)(p))[1] = __v & 0xff; \ - } while (0) - -/* Internal definitions follow. Exposed for regress tests */ -#ifdef SSHBUF_INTERNAL - -/* - * Return the allocation size of buf - */ -size_t sshbuf_alloc(const struct sshbuf *buf); - -/* - * Increment the reference count of buf. - */ -int sshbuf_set_parent(struct sshbuf *child, struct sshbuf *parent); - -/* - * Return the parent buffer of buf, or NULL if it has no parent. - */ -const struct sshbuf *sshbuf_parent(const struct sshbuf *buf); - -/* - * Return the reference count of buf - */ -u_int sshbuf_refcount(const struct sshbuf *buf); - -# define SSHBUF_SIZE_INIT 256 /* Initial allocation */ -# define SSHBUF_SIZE_INC 256 /* Preferred increment length */ -# define SSHBUF_PACK_MIN 8192 /* Minimim packable offset */ - -/* # define SSHBUF_ABORT abort */ -/* # define SSHBUF_DEBUG */ - -# ifndef SSHBUF_ABORT -# define SSHBUF_ABORT() -# endif - -# ifdef SSHBUF_DEBUG -# define SSHBUF_TELL(what) do { \ - printf("%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \ - __FILE__, __LINE__, __func__, what, \ - buf->size, buf->alloc, buf->off, buf->max_size); \ - fflush(stdout); \ - } while (0) -# define SSHBUF_DBG(x) do { \ - printf("%s:%d %s: ", __FILE__, __LINE__, __func__); \ - printf x; \ - printf("\n"); \ - fflush(stdout); \ - } while (0) -# else -# define SSHBUF_TELL(what) -# define SSHBUF_DBG(x) -# endif -#endif /* SSHBUF_INTERNAL */ - -void * recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size); - -#undef b64_ntop -#undef b64_pton -extern int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize); -extern int b64_pton(char const *src, u_char *target, size_t targsize); - -#endif /* _SSHBUF_H */ diff --git a/Blink/Commands/openssh/ssherr.h b/Blink/Commands/openssh/ssherr.h deleted file mode 100644 index d03e09248..000000000 --- a/Blink/Commands/openssh/ssherr.h +++ /dev/null @@ -1,87 +0,0 @@ -/* $OpenBSD: ssherr.h,v 1.3 2015/01/30 01:13:33 djm Exp $ */ -/* - * Copyright (c) 2011 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _SSHERR_H -#define _SSHERR_H - -/* XXX are these too granular? not granular enough? I can't decide - djm */ - -/* Error codes */ -#define SSH_ERR_SUCCESS 0 -#define SSH_ERR_INTERNAL_ERROR -1 -#define SSH_ERR_ALLOC_FAIL -2 -#define SSH_ERR_MESSAGE_INCOMPLETE -3 -#define SSH_ERR_INVALID_FORMAT -4 -#define SSH_ERR_BIGNUM_IS_NEGATIVE -5 -#define SSH_ERR_STRING_TOO_LARGE -6 -#define SSH_ERR_BIGNUM_TOO_LARGE -7 -#define SSH_ERR_ECPOINT_TOO_LARGE -8 -#define SSH_ERR_NO_BUFFER_SPACE -9 -#define SSH_ERR_INVALID_ARGUMENT -10 -#define SSH_ERR_KEY_BITS_MISMATCH -11 -#define SSH_ERR_EC_CURVE_INVALID -12 -#define SSH_ERR_KEY_TYPE_MISMATCH -13 -#define SSH_ERR_KEY_TYPE_UNKNOWN -14 /* XXX UNSUPPORTED? */ -#define SSH_ERR_EC_CURVE_MISMATCH -15 -#define SSH_ERR_EXPECTED_CERT -16 -#define SSH_ERR_KEY_LACKS_CERTBLOB -17 -#define SSH_ERR_KEY_CERT_UNKNOWN_TYPE -18 -#define SSH_ERR_KEY_CERT_INVALID_SIGN_KEY -19 -#define SSH_ERR_KEY_INVALID_EC_VALUE -20 -#define SSH_ERR_SIGNATURE_INVALID -21 -#define SSH_ERR_LIBCRYPTO_ERROR -22 -#define SSH_ERR_UNEXPECTED_TRAILING_DATA -23 -#define SSH_ERR_SYSTEM_ERROR -24 -#define SSH_ERR_KEY_CERT_INVALID -25 -#define SSH_ERR_AGENT_COMMUNICATION -26 -#define SSH_ERR_AGENT_FAILURE -27 -#define SSH_ERR_DH_GEX_OUT_OF_RANGE -28 -#define SSH_ERR_DISCONNECTED -29 -#define SSH_ERR_MAC_INVALID -30 -#define SSH_ERR_NO_CIPHER_ALG_MATCH -31 -#define SSH_ERR_NO_MAC_ALG_MATCH -32 -#define SSH_ERR_NO_COMPRESS_ALG_MATCH -33 -#define SSH_ERR_NO_KEX_ALG_MATCH -34 -#define SSH_ERR_NO_HOSTKEY_ALG_MATCH -35 -#define SSH_ERR_NO_HOSTKEY_LOADED -36 -#define SSH_ERR_PROTOCOL_MISMATCH -37 -#define SSH_ERR_NO_PROTOCOL_VERSION -38 -#define SSH_ERR_NEED_REKEY -39 -#define SSH_ERR_PASSPHRASE_TOO_SHORT -40 -#define SSH_ERR_FILE_CHANGED -41 -#define SSH_ERR_KEY_UNKNOWN_CIPHER -42 -#define SSH_ERR_KEY_WRONG_PASSPHRASE -43 -#define SSH_ERR_KEY_BAD_PERMISSIONS -44 -#define SSH_ERR_KEY_CERT_MISMATCH -45 -#define SSH_ERR_KEY_NOT_FOUND -46 -#define SSH_ERR_AGENT_NOT_PRESENT -47 -#define SSH_ERR_AGENT_NO_IDENTITIES -48 -#define SSH_ERR_BUFFER_READ_ONLY -49 -#define SSH_ERR_KRL_BAD_MAGIC -50 -#define SSH_ERR_KEY_REVOKED -51 -#define SSH_ERR_CONN_CLOSED -52 -#define SSH_ERR_CONN_TIMEOUT -53 -#define SSH_ERR_CONN_CORRUPT -54 -#define SSH_ERR_PROTOCOL_ERROR -55 -#define SSH_ERR_KEY_LENGTH -56 -#define SSH_ERR_NUMBER_TOO_LARGE -57 -#define SSH_ERR_SIGN_ALG_UNSUPPORTED -58 - -/* Translate a numeric error code to a human-readable error string */ -const char *ssh_err(int n); - -#endif /* _SSHERR_H */ diff --git a/Blink/Commands/openssh/sshkey.c b/Blink/Commands/openssh/sshkey.c deleted file mode 100644 index e48f63c02..000000000 --- a/Blink/Commands/openssh/sshkey.c +++ /dev/null @@ -1,4172 +0,0 @@ -/* $OpenBSD: sshkey.c,v 1.70 2018/09/14 04:17:44 djm Exp $ */ -/* - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. - * Copyright (c) 2008 Alexander von Gernler. All rights reserved. - * Copyright (c) 2010,2011 Damien Miller. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -//#include "includes.h" - -#include -#include - -#define WITH_OPENSSL -#define OPENSSL_HAS_ECC -#define OPENSSL_HAS_NISTP521 - -#ifdef WITH_OPENSSL -#include -#include -#include -#endif - -#include "crypto_api.h" - -#include -#include -#include -#include -#include -#ifdef HAVE_UTIL_H -#include -#endif /* HAVE_UTIL_H */ - -#include "ssh2.h" -#include "ssherr.h" -//#include "misc.h" -#include "sshbuf.h" -#include "cipher.h" -#include "digest.h" -#define SSHKEY_INTERNAL -#include "sshkey.h" -#include "blink-compat.h" -//#include "sshkey-xmss.h" -#include "match.h" -#include "blf.h" - - -#include - -//#include -#include -#include -#ifndef OPENSSL_NO_DSA -#include -#endif -#include -#include -#include -#include -#include -#include -//#include "xmss_fast.h" - -#include "openssl-compat.h" - -/* openssh private key file format */ -#define MARK_BEGIN "-----BEGIN OPENSSH PRIVATE KEY-----\n" -#define MARK_END "-----END OPENSSH PRIVATE KEY-----\n" -#define MARK_BEGIN_LEN (sizeof(MARK_BEGIN) - 1) -#define MARK_END_LEN (sizeof(MARK_END) - 1) -#define KDFNAME "bcrypt" -#define AUTH_MAGIC "openssh-key-v1" -#define SALT_LEN 16 -#define DEFAULT_CIPHERNAME "aes256-ctr" -#define DEFAULT_ROUNDS 16 - -/* Version identification string for SSH v1 identity files. */ -#define LEGACY_BEGIN "SSH PRIVATE KEY FILE FORMAT 1.1\n" - -int sshkey_private_serialize_opt(const struct sshkey *key, - struct sshbuf *buf, enum sshkey_serialize_rep); -static int sshkey_from_blob_internal(struct sshbuf *buf, - struct sshkey **keyp, int allow_cert); -static int get_sigtype(const u_char *sig, size_t siglen, char **sigtypep); - -/* Supported key types */ -struct keytype { - const char *name; - const char *shortname; - const char *sigalg; - int type; - int nid; - int cert; - int sigonly; -}; -static const struct keytype keytypes[] = { - { "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 }, - { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL, - KEY_ED25519_CERT, 0, 1, 0 }, -#ifdef WITH_XMSS - { "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 }, - { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL, - KEY_XMSS_CERT, 0, 1, 0 }, -#endif /* WITH_XMSS */ -#ifdef WITH_OPENSSL - { "ssh-rsa", "RSA", NULL, KEY_RSA, 0, 0, 0 }, - { "rsa-sha2-256", "RSA", NULL, KEY_RSA, 0, 0, 1 }, - { "rsa-sha2-512", "RSA", NULL, KEY_RSA, 0, 0, 1 }, - { "ssh-dss", "DSA", NULL, KEY_DSA, 0, 0, 0 }, -#ifdef OPENSSL_HAS_ECC - { "ecdsa-sha2-nistp256", "ECDSA", NULL, - KEY_ECDSA, NID_X9_62_prime256v1, 0, 0 }, - { "ecdsa-sha2-nistp384", "ECDSA", NULL, - KEY_ECDSA, NID_secp384r1, 0, 0 }, -#ifdef OPENSSL_HAS_NISTP521 - { "ecdsa-sha2-nistp521", "ECDSA", NULL, - KEY_ECDSA, NID_secp521r1, 0, 0 }, -#endif /* OPENSSL_HAS_NISTP521 */ -#endif /* OPENSSL_HAS_ECC */ - { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL, - KEY_RSA_CERT, 0, 1, 0 }, - { "rsa-sha2-256-cert-v01@openssh.com", "RSA-CERT", - "ssh-rsa-sha2-256", KEY_RSA_CERT, 0, 1, 1 }, - { "rsa-sha2-512-cert-v01@openssh.com", "RSA-CERT", - "ssh-rsa-sha2-512", KEY_RSA_CERT, 0, 1, 1 }, - { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", NULL, - KEY_DSA_CERT, 0, 1, 0 }, - { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL, - KEY_RSA_CERT, 0, 1, 0 }, - { "rsa-sha2-256-cert-v01@openssh.com", "RSA-CERT", - "ssh-rsa-sha2-256", KEY_RSA_CERT, 0, 1, 1 }, - { "rsa-sha2-512-cert-v01@openssh.com", "RSA-CERT", - "ssh-rsa-sha2-512", KEY_RSA_CERT, 0, 1, 1 }, - { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", NULL, - KEY_DSA_CERT, 0, 1, 0 }, -#ifdef OPENSSL_HAS_ECC - { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT", NULL, - KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1, 0 }, - { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", NULL, - KEY_ECDSA_CERT, NID_secp384r1, 1, 0 }, -#ifdef OPENSSL_HAS_NISTP521 - { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", NULL, - KEY_ECDSA_CERT, NID_secp521r1, 1, 0 }, -#endif /* OPENSSL_HAS_NISTP521 */ -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - { NULL, NULL, NULL, -1, -1, 0, 0 } -}; - -const char * -sshkey_type(const struct sshkey *k) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->type == k->type) - return kt->shortname; - } - return "unknown"; -} - -static const char * -sshkey_ssh_name_from_type_nid(int type, int nid) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->type == type && (kt->nid == 0 || kt->nid == nid)) - return kt->name; - } - return "ssh-unknown"; -} - -int -sshkey_type_is_cert(int type) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->type == type) - return kt->cert; - } - return 0; -} - -const char * -sshkey_ssh_name(const struct sshkey *k) -{ - return sshkey_ssh_name_from_type_nid(k->type, k->ecdsa_nid); -} - -const char * -sshkey_ssh_name_plain(const struct sshkey *k) -{ - return sshkey_ssh_name_from_type_nid(sshkey_type_plain(k->type), - k->ecdsa_nid); -} - -int -sshkey_type_from_name(const char *name) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - /* Only allow shortname matches for plain key types */ - if ((kt->name != NULL && strcmp(name, kt->name) == 0) || - (!kt->cert && strcasecmp(kt->shortname, name) == 0)) - return kt->type; - } - return KEY_UNSPEC; -} - -int -sshkey_ecdsa_nid_from_name(const char *name) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->type != KEY_ECDSA && kt->type != KEY_ECDSA_CERT) - continue; - if (kt->name != NULL && strcmp(name, kt->name) == 0) - return kt->nid; - } - return -1; -} - -char * -sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) -{ - char *tmp, *ret = NULL; - size_t nlen, rlen = 0; - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->name == NULL) - continue; - if (!include_sigonly && kt->sigonly) - continue; - if ((certs_only && !kt->cert) || (plain_only && kt->cert)) - continue; - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(kt->name); - if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { - free(ret); - return NULL; - } - ret = tmp; - memcpy(ret + rlen, kt->name, nlen + 1); - rlen += nlen; - } - return ret; -} - -int -sshkey_names_valid2(const char *names, int allow_wildcard) -{ - char *s, *cp, *p; - const struct keytype *kt; - int type; - - if (names == NULL || strcmp(names, "") == 0) - return 0; - if ((s = cp = strdup(names)) == NULL) - return 0; - for ((p = strsep(&cp, ",")); p && *p != '\0'; - (p = strsep(&cp, ","))) { - type = sshkey_type_from_name(p); - if (type == KEY_UNSPEC) { - if (allow_wildcard) { - /* - * Try matching key types against the string. - * If any has a positive or negative match then - * the component is accepted. - */ - for (kt = keytypes; kt->type != -1; kt++) { - if (match_pattern_list(kt->name, - p, 0) != 0) - break; - } - if (kt->type != -1) - continue; - } - free(s); - return 0; - } - } - free(s); - return 1; -} - -u_int -sshkey_size(const struct sshkey *k) -{ -#ifdef WITH_OPENSSL - const BIGNUM *rsa_n, *dsa_p; -#endif /* WITH_OPENSSL */ - - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: - if (k->rsa == NULL) - return 0; - RSA_get0_key(k->rsa, &rsa_n, NULL, NULL); - return BN_num_bits(rsa_n); - case KEY_DSA: - case KEY_DSA_CERT: - if (k->dsa == NULL) - return 0; - DSA_get0_pqg(k->dsa, &dsa_p, NULL, NULL); - return BN_num_bits(dsa_p); - case KEY_ECDSA: - case KEY_ECDSA_CERT: - return sshkey_curve_nid_to_bits(k->ecdsa_nid); -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - case KEY_XMSS: - case KEY_XMSS_CERT: - return 256; /* XXX */ - } - return 0; -} - -static int -sshkey_type_is_valid_ca(int type) -{ - switch (type) { - case KEY_RSA: - case KEY_DSA: - case KEY_ECDSA: - case KEY_ED25519: - case KEY_XMSS: - return 1; - default: - return 0; - } -} - -int -sshkey_is_cert(const struct sshkey *k) -{ - if (k == NULL) - return 0; - return sshkey_type_is_cert(k->type); -} - -/* Return the cert-less equivalent to a certified key type */ -int -sshkey_type_plain(int type) -{ - switch (type) { - case KEY_RSA_CERT: - return KEY_RSA; - case KEY_DSA_CERT: - return KEY_DSA; - case KEY_ECDSA_CERT: - return KEY_ECDSA; - case KEY_ED25519_CERT: - return KEY_ED25519; - case KEY_XMSS_CERT: - return KEY_XMSS; - default: - return type; - } -} - -#ifdef WITH_OPENSSL -/* XXX: these are really begging for a table-driven approach */ -int -sshkey_curve_name_to_nid(const char *name) -{ - if (strcmp(name, "nistp256") == 0) - return NID_X9_62_prime256v1; - else if (strcmp(name, "nistp384") == 0) - return NID_secp384r1; -#ifdef OPENSSL_HAS_NISTP521 - else if (strcmp(name, "nistp521") == 0) - return NID_secp521r1; -#endif /* OPENSSL_HAS_NISTP521 */ - else - return -1; -} - -u_int -sshkey_curve_nid_to_bits(int nid) -{ - switch (nid) { - case NID_X9_62_prime256v1: - return 256; - case NID_secp384r1: - return 384; -#ifdef OPENSSL_HAS_NISTP521 - case NID_secp521r1: - return 521; -#endif /* OPENSSL_HAS_NISTP521 */ - default: - return 0; - } -} - -int -sshkey_ecdsa_bits_to_nid(int bits) -{ - switch (bits) { - case 256: - return NID_X9_62_prime256v1; - case 384: - return NID_secp384r1; -#ifdef OPENSSL_HAS_NISTP521 - case 521: - return NID_secp521r1; -#endif /* OPENSSL_HAS_NISTP521 */ - default: - return -1; - } -} - -const char * -sshkey_curve_nid_to_name(int nid) -{ - switch (nid) { - case NID_X9_62_prime256v1: - return "nistp256"; - case NID_secp384r1: - return "nistp384"; -#ifdef OPENSSL_HAS_NISTP521 - case NID_secp521r1: - return "nistp521"; -#endif /* OPENSSL_HAS_NISTP521 */ - default: - return NULL; - } -} - -int -sshkey_ec_nid_to_hash_alg(int nid) -{ - int kbits = sshkey_curve_nid_to_bits(nid); - - if (kbits <= 0) - return -1; - - /* RFC5656 section 6.2.1 */ - if (kbits <= 256) - return SSH_DIGEST_SHA256; - else if (kbits <= 384) - return SSH_DIGEST_SHA384; - else - return SSH_DIGEST_SHA512; -} -#endif /* WITH_OPENSSL */ - -static void -cert_free(struct sshkey_cert *cert) -{ - u_int i; - - if (cert == NULL) - return; - sshbuf_free(cert->certblob); - sshbuf_free(cert->critical); - sshbuf_free(cert->extensions); - free(cert->key_id); - for (i = 0; i < cert->nprincipals; i++) - free(cert->principals[i]); - free(cert->principals); - sshkey_free(cert->signature_key); - free(cert->signature_type); - freezero(cert, sizeof(*cert)); -} - -static struct sshkey_cert * -cert_new(void) -{ - struct sshkey_cert *cert; - - if ((cert = calloc(1, sizeof(*cert))) == NULL) - return NULL; - if ((cert->certblob = sshbuf_new()) == NULL || - (cert->critical = sshbuf_new()) == NULL || - (cert->extensions = sshbuf_new()) == NULL) { - cert_free(cert); - return NULL; - } - cert->key_id = NULL; - cert->principals = NULL; - cert->signature_key = NULL; - cert->signature_type = NULL; - return cert; -} - -struct sshkey * -sshkey_new(int type) -{ - struct sshkey *k; -#ifdef WITH_OPENSSL - RSA *rsa; - DSA *dsa; -#endif /* WITH_OPENSSL */ - - if ((k = calloc(1, sizeof(*k))) == NULL) - return NULL; - k->type = type; - k->ecdsa = NULL; - k->ecdsa_nid = -1; - k->dsa = NULL; - k->rsa = NULL; - k->cert = NULL; - k->ed25519_sk = NULL; - k->ed25519_pk = NULL; - k->xmss_sk = NULL; - k->xmss_pk = NULL; - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: - if ((rsa = RSA_new()) == NULL) { - free(k); - return NULL; - } - k->rsa = rsa; - break; - case KEY_DSA: - case KEY_DSA_CERT: - if ((dsa = DSA_new()) == NULL) { - free(k); - return NULL; - } - k->dsa = dsa; - break; - case KEY_ECDSA: - case KEY_ECDSA_CERT: - /* Cannot do anything until we know the group */ - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - case KEY_XMSS: - case KEY_XMSS_CERT: - /* no need to prealloc */ - break; - case KEY_UNSPEC: - break; - default: - free(k); - return NULL; - } - - if (sshkey_is_cert(k)) { - if ((k->cert = cert_new()) == NULL) { - sshkey_free(k); - return NULL; - } - } - - return k; -} - -void -sshkey_free(struct sshkey *k) -{ - if (k == NULL) - return; - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: - RSA_free(k->rsa); - k->rsa = NULL; - break; - case KEY_DSA: - case KEY_DSA_CERT: - DSA_free(k->dsa); - k->dsa = NULL; - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - case KEY_ECDSA_CERT: - EC_KEY_free(k->ecdsa); - k->ecdsa = NULL; - break; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - freezero(k->ed25519_pk, ED25519_PK_SZ); - k->ed25519_pk = NULL; - freezero(k->ed25519_sk, ED25519_SK_SZ); - k->ed25519_sk = NULL; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: - freezero(k->xmss_pk, sshkey_xmss_pklen(k)); - k->xmss_pk = NULL; - freezero(k->xmss_sk, sshkey_xmss_sklen(k)); - k->xmss_sk = NULL; - sshkey_xmss_free_state(k); - free(k->xmss_name); - k->xmss_name = NULL; - free(k->xmss_filename); - k->xmss_filename = NULL; - break; -#endif /* WITH_XMSS */ - case KEY_UNSPEC: - break; - default: - break; - } - if (sshkey_is_cert(k)) - cert_free(k->cert); - freezero(k, sizeof(*k)); -} - -static int -cert_compare(struct sshkey_cert *a, struct sshkey_cert *b) -{ - if (a == NULL && b == NULL) - return 1; - if (a == NULL || b == NULL) - return 0; - if (sshbuf_len(a->certblob) != sshbuf_len(b->certblob)) - return 0; - if (timingsafe_bcmp(sshbuf_ptr(a->certblob), sshbuf_ptr(b->certblob), - sshbuf_len(a->certblob)) != 0) - return 0; - return 1; -} - -/* - * Compare public portions of key only, allowing comparisons between - * certificates and plain keys too. - */ -int -sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) -{ -#if defined(WITH_OPENSSL) - const BIGNUM *rsa_e_a, *rsa_n_a; - const BIGNUM *rsa_e_b, *rsa_n_b; - const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; - const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; -#if defined(OPENSSL_HAS_ECC) - BN_CTX *bnctx; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - - if (a == NULL || b == NULL || - sshkey_type_plain(a->type) != sshkey_type_plain(b->type)) - return 0; - - switch (a->type) { -#ifdef WITH_OPENSSL - case KEY_RSA_CERT: - case KEY_RSA: - if (a->rsa == NULL || b->rsa == NULL) - return 0; - RSA_get0_key(a->rsa, &rsa_n_a, &rsa_e_a, NULL); - RSA_get0_key(b->rsa, &rsa_n_b, &rsa_e_b, NULL); - return BN_cmp(rsa_e_a, rsa_e_b) == 0 && - BN_cmp(rsa_n_a, rsa_n_b) == 0; - case KEY_DSA_CERT: - case KEY_DSA: - if (a->dsa == NULL || b->dsa == NULL) - return 0; - DSA_get0_pqg(a->dsa, &dsa_p_a, &dsa_q_a, &dsa_g_a); - DSA_get0_pqg(b->dsa, &dsa_p_b, &dsa_q_b, &dsa_g_b); - DSA_get0_key(a->dsa, &dsa_pub_key_a, NULL); - DSA_get0_key(b->dsa, &dsa_pub_key_b, NULL); - return BN_cmp(dsa_p_a, dsa_p_b) == 0 && - BN_cmp(dsa_q_a, dsa_q_b) == 0 && - BN_cmp(dsa_g_a, dsa_g_b) == 0 && - BN_cmp(dsa_pub_key_a, dsa_pub_key_b) == 0; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: - if (a->ecdsa == NULL || b->ecdsa == NULL || - EC_KEY_get0_public_key(a->ecdsa) == NULL || - EC_KEY_get0_public_key(b->ecdsa) == NULL) - return 0; - if ((bnctx = BN_CTX_new()) == NULL) - return 0; - if (EC_GROUP_cmp(EC_KEY_get0_group(a->ecdsa), - EC_KEY_get0_group(b->ecdsa), bnctx) != 0 || - EC_POINT_cmp(EC_KEY_get0_group(a->ecdsa), - EC_KEY_get0_public_key(a->ecdsa), - EC_KEY_get0_public_key(b->ecdsa), bnctx) != 0) { - BN_CTX_free(bnctx); - return 0; - } - BN_CTX_free(bnctx); - return 1; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - return a->ed25519_pk != NULL && b->ed25519_pk != NULL && - memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0; -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: - return a->xmss_pk != NULL && b->xmss_pk != NULL && - sshkey_xmss_pklen(a) == sshkey_xmss_pklen(b) && - memcmp(a->xmss_pk, b->xmss_pk, sshkey_xmss_pklen(a)) == 0; -#endif /* WITH_XMSS */ - default: - return 0; - } - /* NOTREACHED */ -} - -int -sshkey_equal(const struct sshkey *a, const struct sshkey *b) -{ - if (a == NULL || b == NULL || a->type != b->type) - return 0; - if (sshkey_is_cert(a)) { - if (!cert_compare(a->cert, b->cert)) - return 0; - } - return sshkey_equal_public(a, b); -} - -static int -to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain, - enum sshkey_serialize_rep opts) -{ - int type, ret = SSH_ERR_INTERNAL_ERROR; - const char *typename; -#ifdef WITH_OPENSSL - const BIGNUM *rsa_n, *rsa_e, *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key; -#endif /* WITH_OPENSSL */ - - if (key == NULL) - return SSH_ERR_INVALID_ARGUMENT; - - if (sshkey_is_cert(key)) { - if (key->cert == NULL) - return SSH_ERR_EXPECTED_CERT; - if (sshbuf_len(key->cert->certblob) == 0) - return SSH_ERR_KEY_LACKS_CERTBLOB; - } - type = force_plain ? sshkey_type_plain(key->type) : key->type; - typename = sshkey_ssh_name_from_type_nid(type, key->ecdsa_nid); - - switch (type) { -#ifdef WITH_OPENSSL - case KEY_DSA_CERT: - case KEY_ECDSA_CERT: - case KEY_RSA_CERT: -#endif /* WITH_OPENSSL */ - case KEY_ED25519_CERT: -#ifdef WITH_XMSS - case KEY_XMSS_CERT: -#endif /* WITH_XMSS */ - /* Use the existing blob */ - /* XXX modified flag? */ - if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0) - return ret; - break; -#ifdef WITH_OPENSSL - case KEY_DSA: - if (key->dsa == NULL) - return SSH_ERR_INVALID_ARGUMENT; - DSA_get0_pqg(key->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(key->dsa, &dsa_pub_key, NULL); - if ((ret = sshbuf_put_cstring(b, typename)) != 0 || - (ret = sshbuf_put_bignum2(b, dsa_p)) != 0 || - (ret = sshbuf_put_bignum2(b, dsa_q)) != 0 || - (ret = sshbuf_put_bignum2(b, dsa_g)) != 0 || - (ret = sshbuf_put_bignum2(b, dsa_pub_key)) != 0) - return ret; - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if (key->ecdsa == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((ret = sshbuf_put_cstring(b, typename)) != 0 || - (ret = sshbuf_put_cstring(b, - sshkey_curve_nid_to_name(key->ecdsa_nid))) != 0 || - (ret = sshbuf_put_eckey(b, key->ecdsa)) != 0) - return ret; - break; -#endif - case KEY_RSA: - if (key->rsa == NULL) - return SSH_ERR_INVALID_ARGUMENT; - RSA_get0_key(key->rsa, &rsa_n, &rsa_e, NULL); - if ((ret = sshbuf_put_cstring(b, typename)) != 0 || - (ret = sshbuf_put_bignum2(b, rsa_e)) != 0 || - (ret = sshbuf_put_bignum2(b, rsa_n)) != 0) - return ret; - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - if (key->ed25519_pk == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((ret = sshbuf_put_cstring(b, typename)) != 0 || - (ret = sshbuf_put_string(b, - key->ed25519_pk, ED25519_PK_SZ)) != 0) - return ret; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - if (key->xmss_name == NULL || key->xmss_pk == NULL || - sshkey_xmss_pklen(key) == 0) - return SSH_ERR_INVALID_ARGUMENT; - if ((ret = sshbuf_put_cstring(b, typename)) != 0 || - (ret = sshbuf_put_cstring(b, key->xmss_name)) != 0 || - (ret = sshbuf_put_string(b, - key->xmss_pk, sshkey_xmss_pklen(key))) != 0 || - (ret = sshkey_xmss_serialize_pk_info(key, b, opts)) != 0) - return ret; - break; -#endif /* WITH_XMSS */ - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } - return 0; -} - -int -sshkey_putb(const struct sshkey *key, struct sshbuf *b) -{ - return to_blob_buf(key, b, 0, SSHKEY_SERIALIZE_DEFAULT); -} - -int -sshkey_puts_opts(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - struct sshbuf *tmp; - int r; - - if ((tmp = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - r = to_blob_buf(key, tmp, 0, opts); - if (r == 0) - r = sshbuf_put_stringb(b, tmp); - sshbuf_free(tmp); - return r; -} - -int -sshkey_puts(const struct sshkey *key, struct sshbuf *b) -{ - return sshkey_puts_opts(key, b, SSHKEY_SERIALIZE_DEFAULT); -} - -int -sshkey_putb_plain(const struct sshkey *key, struct sshbuf *b) -{ - return to_blob_buf(key, b, 1, SSHKEY_SERIALIZE_DEFAULT); -} - -static int -to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain, - enum sshkey_serialize_rep opts) -{ - int ret = SSH_ERR_INTERNAL_ERROR; - size_t len; - struct sshbuf *b = NULL; - - if (lenp != NULL) - *lenp = 0; - if (blobp != NULL) - *blobp = NULL; - if ((b = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((ret = to_blob_buf(key, b, force_plain, opts)) != 0) - goto out; - len = sshbuf_len(b); - if (lenp != NULL) - *lenp = len; - if (blobp != NULL) { - if ((*blobp = malloc(len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*blobp, sshbuf_ptr(b), len); - } - ret = 0; -out: - sshbuf_free(b); - return ret; -} - -int -sshkey_to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp) -{ - return to_blob(key, blobp, lenp, 0, SSHKEY_SERIALIZE_DEFAULT); -} - -int -sshkey_plain_to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp) -{ - return to_blob(key, blobp, lenp, 1, SSHKEY_SERIALIZE_DEFAULT); -} - -int -sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, - u_char **retp, size_t *lenp) -{ - u_char *blob = NULL, *ret = NULL; - size_t blob_len = 0; - int r = SSH_ERR_INTERNAL_ERROR; - - if (retp != NULL) - *retp = NULL; - if (lenp != NULL) - *lenp = 0; - if (ssh_digest_bytes(dgst_alg) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = to_blob(k, &blob, &blob_len, 1, SSHKEY_SERIALIZE_DEFAULT)) - != 0) - goto out; - if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = ssh_digest_memory(dgst_alg, blob, blob_len, - ret, SSH_DIGEST_MAX_LENGTH)) != 0) - goto out; - /* success */ - if (retp != NULL) { - *retp = ret; - ret = NULL; - } - if (lenp != NULL) - *lenp = ssh_digest_bytes(dgst_alg); - r = 0; -out: - free(ret); - if (blob != NULL) { - explicit_bzero(blob, blob_len); - free(blob); - } - return r; -} - -static char * -fingerprint_b64(const char *alg, u_char *dgst_raw, size_t dgst_raw_len) -{ - char *ret; - size_t plen = strlen(alg) + 1; - size_t rlen = ((dgst_raw_len + 2) / 3) * 4 + plen + 1; - int r; - - if (dgst_raw_len > 65536 || (ret = calloc(1, rlen)) == NULL) - return NULL; - strlcpy(ret, alg, rlen); - strlcat(ret, ":", rlen); - if (dgst_raw_len == 0) - return ret; - if ((r = b64_ntop(dgst_raw, dgst_raw_len, - ret + plen, rlen - plen)) == -1) { - freezero(ret, rlen); - return NULL; - } - /* Trim padding characters from end */ - ret[strcspn(ret, "=")] = '\0'; - return ret; -} - -static char * -fingerprint_hex(const char *alg, u_char *dgst_raw, size_t dgst_raw_len) -{ - char *retval, hex[5]; - size_t i, rlen = dgst_raw_len * 3 + strlen(alg) + 2; - - if (dgst_raw_len > 65536 || (retval = calloc(1, rlen)) == NULL) - return NULL; - strlcpy(retval, alg, rlen); - strlcat(retval, ":", rlen); - for (i = 0; i < dgst_raw_len; i++) { - snprintf(hex, sizeof(hex), "%s%02x", - i > 0 ? ":" : "", dgst_raw[i]); - strlcat(retval, hex, rlen); - } - return retval; -} - -static char * -fingerprint_bubblebabble(u_char *dgst_raw, size_t dgst_raw_len) -{ - char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' }; - char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm', - 'n', 'p', 'r', 's', 't', 'v', 'z', 'x' }; - u_int i, j = 0, rounds, seed = 1; - char *retval; - - rounds = (dgst_raw_len / 2) + 1; - if ((retval = calloc(rounds, 6)) == NULL) - return NULL; - retval[j++] = 'x'; - for (i = 0; i < rounds; i++) { - u_int idx0, idx1, idx2, idx3, idx4; - if ((i + 1 < rounds) || (dgst_raw_len % 2 != 0)) { - idx0 = (((((u_int)(dgst_raw[2 * i])) >> 6) & 3) + - seed) % 6; - idx1 = (((u_int)(dgst_raw[2 * i])) >> 2) & 15; - idx2 = ((((u_int)(dgst_raw[2 * i])) & 3) + - (seed / 6)) % 6; - retval[j++] = vowels[idx0]; - retval[j++] = consonants[idx1]; - retval[j++] = vowels[idx2]; - if ((i + 1) < rounds) { - idx3 = (((u_int)(dgst_raw[(2 * i) + 1])) >> 4) & 15; - idx4 = (((u_int)(dgst_raw[(2 * i) + 1]))) & 15; - retval[j++] = consonants[idx3]; - retval[j++] = '-'; - retval[j++] = consonants[idx4]; - seed = ((seed * 5) + - ((((u_int)(dgst_raw[2 * i])) * 7) + - ((u_int)(dgst_raw[(2 * i) + 1])))) % 36; - } - } else { - idx0 = seed % 6; - idx1 = 16; - idx2 = seed / 6; - retval[j++] = vowels[idx0]; - retval[j++] = consonants[idx1]; - retval[j++] = vowels[idx2]; - } - } - retval[j++] = 'x'; - retval[j++] = '\0'; - return retval; -} - -/* - * Draw an ASCII-Art representing the fingerprint so human brain can - * profit from its built-in pattern recognition ability. - * This technique is called "random art" and can be found in some - * scientific publications like this original paper: - * - * "Hash Visualization: a New Technique to improve Real-World Security", - * Perrig A. and Song D., 1999, International Workshop on Cryptographic - * Techniques and E-Commerce (CrypTEC '99) - * sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf - * - * The subject came up in a talk by Dan Kaminsky, too. - * - * If you see the picture is different, the key is different. - * If the picture looks the same, you still know nothing. - * - * The algorithm used here is a worm crawling over a discrete plane, - * leaving a trace (augmenting the field) everywhere it goes. - * Movement is taken from dgst_raw 2bit-wise. Bumping into walls - * makes the respective movement vector be ignored for this turn. - * Graphs are not unambiguous, because circles in graphs can be - * walked in either direction. - */ - -/* - * Field sizes for the random art. Have to be odd, so the starting point - * can be in the exact middle of the picture, and FLDBASE should be >=8 . - * Else pictures would be too dense, and drawing the frame would - * fail, too, because the key type would not fit in anymore. - */ -#define FLDBASE 8 -#define FLDSIZE_Y (FLDBASE + 1) -#define FLDSIZE_X (FLDBASE * 2 + 1) -static char * -fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, - const struct sshkey *k) -{ - /* - * Chars to be used after each other every time the worm - * intersects with itself. Matter of taste. - */ - char *augmentation_string = " .o+=*BOX@%&#/^SE"; - char *retval, *p, title[FLDSIZE_X], hash[FLDSIZE_X]; - u_char field[FLDSIZE_X][FLDSIZE_Y]; - size_t i, tlen, hlen; - u_int b; - int x, y, r; - size_t len = strlen(augmentation_string) - 1; - - if ((retval = calloc((FLDSIZE_X + 3), (FLDSIZE_Y + 2))) == NULL) - return NULL; - - /* initialize field */ - memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); - x = FLDSIZE_X / 2; - y = FLDSIZE_Y / 2; - - /* process raw key */ - for (i = 0; i < dgst_raw_len; i++) { - int input; - /* each byte conveys four 2-bit move commands */ - input = dgst_raw[i]; - for (b = 0; b < 4; b++) { - /* evaluate 2 bit, rest is shifted later */ - x += (input & 0x1) ? 1 : -1; - y += (input & 0x2) ? 1 : -1; - - /* assure we are still in bounds */ - x = MAXIMUM(x, 0); - y = MAXIMUM(y, 0); - x = MINIMUM(x, FLDSIZE_X - 1); - y = MINIMUM(y, FLDSIZE_Y - 1); - - /* augment the field */ - if (field[x][y] < len - 2) - field[x][y]++; - input = input >> 2; - } - } - - /* mark starting point and end point*/ - field[FLDSIZE_X / 2][FLDSIZE_Y / 2] = len - 1; - field[x][y] = len; - - /* assemble title */ - r = snprintf(title, sizeof(title), "[%s %u]", - sshkey_type(k), sshkey_size(k)); - /* If [type size] won't fit, then try [type]; fits "[ED25519-CERT]" */ - if (r < 0 || r > (int)sizeof(title)) - r = snprintf(title, sizeof(title), "[%s]", sshkey_type(k)); - tlen = (r <= 0) ? 0 : strlen(title); - - /* assemble hash ID. */ - r = snprintf(hash, sizeof(hash), "[%s]", alg); - hlen = (r <= 0) ? 0 : strlen(hash); - - /* output upper border */ - p = retval; - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - tlen) / 2; i++) - *p++ = '-'; - memcpy(p, title, tlen); - p += tlen; - for (i += tlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; - *p++ = '\n'; - - /* output content */ - for (y = 0; y < FLDSIZE_Y; y++) { - *p++ = '|'; - for (x = 0; x < FLDSIZE_X; x++) - *p++ = augmentation_string[MINIMUM(field[x][y], len)]; - *p++ = '|'; - *p++ = '\n'; - } - - /* output lower border */ - *p++ = '+'; - for (i = 0; i < (FLDSIZE_X - hlen) / 2; i++) - *p++ = '-'; - memcpy(p, hash, hlen); - p += hlen; - for (i += hlen; i < FLDSIZE_X; i++) - *p++ = '-'; - *p++ = '+'; - - return retval; -} - -char * -sshkey_fingerprint(const struct sshkey *k, int dgst_alg, - enum sshkey_fp_rep dgst_rep) -{ - char *retval = NULL; - u_char *dgst_raw; - size_t dgst_raw_len; - - if (sshkey_fingerprint_raw(k, dgst_alg, &dgst_raw, &dgst_raw_len) != 0) - return NULL; - switch (dgst_rep) { - case SSH_FP_DEFAULT: - if (dgst_alg == SSH_DIGEST_MD5) { - retval = fingerprint_hex(ssh_digest_alg_name(dgst_alg), - dgst_raw, dgst_raw_len); - } else { - retval = fingerprint_b64(ssh_digest_alg_name(dgst_alg), - dgst_raw, dgst_raw_len); - } - break; - case SSH_FP_HEX: - retval = fingerprint_hex(ssh_digest_alg_name(dgst_alg), - dgst_raw, dgst_raw_len); - break; - case SSH_FP_BASE64: - retval = fingerprint_b64(ssh_digest_alg_name(dgst_alg), - dgst_raw, dgst_raw_len); - break; - case SSH_FP_BUBBLEBABBLE: - retval = fingerprint_bubblebabble(dgst_raw, dgst_raw_len); - break; - case SSH_FP_RANDOMART: - retval = fingerprint_randomart(ssh_digest_alg_name(dgst_alg), - dgst_raw, dgst_raw_len, k); - break; - default: - explicit_bzero(dgst_raw, dgst_raw_len); - free(dgst_raw); - return NULL; - } - explicit_bzero(dgst_raw, dgst_raw_len); - free(dgst_raw); - return retval; -} - -static int -peek_type_nid(const char *s, size_t l, int *nid) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->name == NULL || strlen(kt->name) != l) - continue; - if (memcmp(s, kt->name, l) == 0) { - *nid = -1; - if (kt->type == KEY_ECDSA || kt->type == KEY_ECDSA_CERT) - *nid = kt->nid; - return kt->type; - } - } - return KEY_UNSPEC; -} - -/* XXX this can now be made const char * */ -int -sshkey_read(struct sshkey *ret, char **cpp) -{ - struct sshkey *k; - char *cp, *blobcopy; - size_t space; - int r, type, curve_nid = -1; - struct sshbuf *blob; - - if (ret == NULL) - return SSH_ERR_INVALID_ARGUMENT; - - switch (ret->type) { - case KEY_UNSPEC: - case KEY_RSA: - case KEY_DSA: - case KEY_ECDSA: - case KEY_ED25519: - case KEY_DSA_CERT: - case KEY_ECDSA_CERT: - case KEY_RSA_CERT: - case KEY_ED25519_CERT: -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: -#endif /* WITH_XMSS */ - break; /* ok */ - default: - return SSH_ERR_INVALID_ARGUMENT; - } - - /* Decode type */ - cp = *cpp; - space = strcspn(cp, " \t"); - if (space == strlen(cp)) - return SSH_ERR_INVALID_FORMAT; - if ((type = peek_type_nid(cp, space, &curve_nid)) == KEY_UNSPEC) - return SSH_ERR_INVALID_FORMAT; - - /* skip whitespace */ - for (cp += space; *cp == ' ' || *cp == '\t'; cp++) - ; - if (*cp == '\0') - return SSH_ERR_INVALID_FORMAT; - if (ret->type != KEY_UNSPEC && ret->type != type) - return SSH_ERR_KEY_TYPE_MISMATCH; - if ((blob = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - - /* find end of keyblob and decode */ - space = strcspn(cp, " \t"); - if ((blobcopy = strndup(cp, space)) == NULL) { - sshbuf_free(blob); - return SSH_ERR_ALLOC_FAIL; - } - if ((r = sshbuf_b64tod(blob, blobcopy)) != 0) { - free(blobcopy); - sshbuf_free(blob); - return r; - } - free(blobcopy); - if ((r = sshkey_fromb(blob, &k)) != 0) { - sshbuf_free(blob); - return r; - } - sshbuf_free(blob); - - /* skip whitespace and leave cp at start of comment */ - for (cp += space; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* ensure type of blob matches type at start of line */ - if (k->type != type) { - sshkey_free(k); - return SSH_ERR_KEY_TYPE_MISMATCH; - } - if (sshkey_type_plain(type) == KEY_ECDSA && curve_nid != k->ecdsa_nid) { - sshkey_free(k); - return SSH_ERR_EC_CURVE_MISMATCH; - } - - /* Fill in ret from parsed key */ - ret->type = type; - if (sshkey_is_cert(ret)) { - if (!sshkey_is_cert(k)) { - sshkey_free(k); - return SSH_ERR_EXPECTED_CERT; - } - if (ret->cert != NULL) - cert_free(ret->cert); - ret->cert = k->cert; - k->cert = NULL; - } - switch (sshkey_type_plain(ret->type)) { -#ifdef WITH_OPENSSL - case KEY_RSA: - RSA_free(ret->rsa); - ret->rsa = k->rsa; - k->rsa = NULL; -#ifdef DEBUG_PK - RSA_print_fp(stderr, ret->rsa, 8); -#endif - break; - case KEY_DSA: - DSA_free(ret->dsa); - ret->dsa = k->dsa; - k->dsa = NULL; -#ifdef DEBUG_PK - DSA_print_fp(stderr, ret->dsa, 8); -#endif - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - EC_KEY_free(ret->ecdsa); - ret->ecdsa = k->ecdsa; - ret->ecdsa_nid = k->ecdsa_nid; - k->ecdsa = NULL; - k->ecdsa_nid = -1; -#ifdef DEBUG_PK - sshkey_dump_ec_key(ret->ecdsa); -#endif - break; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - freezero(ret->ed25519_pk, ED25519_PK_SZ); - ret->ed25519_pk = k->ed25519_pk; - k->ed25519_pk = NULL; -#ifdef DEBUG_PK - /* XXX */ -#endif - break; -#ifdef WITH_XMSS - case KEY_XMSS: - free(ret->xmss_pk); - ret->xmss_pk = k->xmss_pk; - k->xmss_pk = NULL; - free(ret->xmss_state); - ret->xmss_state = k->xmss_state; - k->xmss_state = NULL; - free(ret->xmss_name); - ret->xmss_name = k->xmss_name; - k->xmss_name = NULL; - free(ret->xmss_filename); - ret->xmss_filename = k->xmss_filename; - k->xmss_filename = NULL; -#ifdef DEBUG_PK - /* XXX */ -#endif - break; -#endif /* WITH_XMSS */ - default: - sshkey_free(k); - return SSH_ERR_INTERNAL_ERROR; - } - sshkey_free(k); - - /* success */ - *cpp = cp; - return 0; -} - - -int -sshkey_to_base64(const struct sshkey *key, char **b64p) -{ - int r = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *uu = NULL; - - if (b64p != NULL) - *b64p = NULL; - if ((b = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_putb(key, b)) != 0) - goto out; - if ((uu = sshbuf_dtob64(b)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - /* Success */ - if (b64p != NULL) { - *b64p = uu; - uu = NULL; - } - r = 0; -out: - sshbuf_free(b); - free(uu); - return r; -} - -int -sshkey_format_text(const struct sshkey *key, struct sshbuf *b) -{ - int r = SSH_ERR_INTERNAL_ERROR; - char *uu = NULL; - - if ((r = sshkey_to_base64(key, &uu)) != 0) - goto out; - if ((r = sshbuf_putf(b, "%s %s", - sshkey_ssh_name(key), uu)) != 0) - goto out; - r = 0; -out: - free(uu); - return r; -} - -int -sshkey_write(const struct sshkey *key, FILE *f) -{ - struct sshbuf *b = NULL; - int r = SSH_ERR_INTERNAL_ERROR; - - if ((b = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_format_text(key, b)) != 0) - goto out; - if (fwrite(sshbuf_ptr(b), sshbuf_len(b), 1, f) != 1) { - if (feof(f)) - errno = EPIPE; - r = SSH_ERR_SYSTEM_ERROR; - goto out; - } - /* Success */ - r = 0; -out: - sshbuf_free(b); - return r; -} - -const char * -sshkey_cert_type(const struct sshkey *k) -{ - switch (k->cert->type) { - case SSH2_CERT_TYPE_USER: - return "user"; - case SSH2_CERT_TYPE_HOST: - return "host"; - default: - return "unknown"; - } -} - -#ifdef WITH_OPENSSL -static int -rsa_generate_private_key(u_int bits, RSA **rsap) -{ - RSA *private = NULL; - BIGNUM *f4 = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (rsap == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || - bits > SSHBUF_MAX_BIGNUM * 8) - return SSH_ERR_KEY_LENGTH; - *rsap = NULL; - if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (!BN_set_word(f4, RSA_F4) || - !RSA_generate_key_ex(private, bits, f4, NULL)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - *rsap = private; - private = NULL; - ret = 0; -out: - RSA_free(private); - BN_free(f4); - return ret; -} - -static int -dsa_generate_private_key(u_int bits, DSA **dsap) -{ - DSA *private; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (dsap == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (bits != 1024) - return SSH_ERR_KEY_LENGTH; - if ((private = DSA_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - *dsap = NULL; - if (!DSA_generate_parameters_ex(private, bits, NULL, 0, NULL, - NULL, NULL) || !DSA_generate_key(private)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - *dsap = private; - private = NULL; - ret = 0; -out: - DSA_free(private); - return ret; -} - -#ifdef OPENSSL_HAS_ECC -int -sshkey_ecdsa_key_to_nid(EC_KEY *k) -{ - EC_GROUP *eg; - int nids[] = { - NID_X9_62_prime256v1, - NID_secp384r1, -#ifdef OPENSSL_HAS_NISTP521 - NID_secp521r1, -#endif /* OPENSSL_HAS_NISTP521 */ - -1 - }; - int nid; - u_int i; - BN_CTX *bnctx; - const EC_GROUP *g = EC_KEY_get0_group(k); - - /* - * The group may be stored in a ASN.1 encoded private key in one of two - * ways: as a "named group", which is reconstituted by ASN.1 object ID - * or explicit group parameters encoded into the key blob. Only the - * "named group" case sets the group NID for us, but we can figure - * it out for the other case by comparing against all the groups that - * are supported. - */ - if ((nid = EC_GROUP_get_curve_name(g)) > 0) - return nid; - if ((bnctx = BN_CTX_new()) == NULL) - return -1; - for (i = 0; nids[i] != -1; i++) { - if ((eg = EC_GROUP_new_by_curve_name(nids[i])) == NULL) { - BN_CTX_free(bnctx); - return -1; - } - if (EC_GROUP_cmp(g, eg, bnctx) == 0) - break; - EC_GROUP_free(eg); - } - BN_CTX_free(bnctx); - if (nids[i] != -1) { - /* Use the group with the NID attached */ - EC_GROUP_set_asn1_flag(eg, OPENSSL_EC_NAMED_CURVE); - if (EC_KEY_set_group(k, eg) != 1) { - EC_GROUP_free(eg); - return -1; - } - } - return nids[i]; -} - -static int -ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) -{ - EC_KEY *private; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (nid == NULL || ecdsap == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) - return SSH_ERR_KEY_LENGTH; - *ecdsap = NULL; - if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (EC_KEY_generate_key(private) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); - *ecdsap = private; - private = NULL; - ret = 0; -out: - EC_KEY_free(private); - return ret; -} -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - -int -sshkey_generate(int type, u_int bits, struct sshkey **keyp) -{ - struct sshkey *k; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (keyp == NULL) - return SSH_ERR_INVALID_ARGUMENT; - *keyp = NULL; - if ((k = sshkey_new(KEY_UNSPEC)) == NULL) - return SSH_ERR_ALLOC_FAIL; - switch (type) { - case KEY_ED25519: - if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL || - (k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - break; - } - crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk); - ret = 0; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - ret = sshkey_xmss_generate_private_key(k, bits); - break; -#endif /* WITH_XMSS */ -#ifdef WITH_OPENSSL - case KEY_DSA: - ret = dsa_generate_private_key(bits, &k->dsa); - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - ret = ecdsa_generate_private_key(bits, &k->ecdsa_nid, - &k->ecdsa); - break; -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA: - ret = rsa_generate_private_key(bits, &k->rsa); - break; -#endif /* WITH_OPENSSL */ - default: - ret = SSH_ERR_INVALID_ARGUMENT; - } - if (ret == 0) { - k->type = type; - *keyp = k; - } else - sshkey_free(k); - return ret; -} - -int -sshkey_cert_copy(const struct sshkey *from_key, struct sshkey *to_key) -{ - u_int i; - const struct sshkey_cert *from; - struct sshkey_cert *to; - int r = SSH_ERR_INTERNAL_ERROR; - - if (to_key == NULL || (from = from_key->cert) == NULL) - return SSH_ERR_INVALID_ARGUMENT; - - if ((to = cert_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - - if ((r = sshbuf_putb(to->certblob, from->certblob)) != 0 || - (r = sshbuf_putb(to->critical, from->critical)) != 0 || - (r = sshbuf_putb(to->extensions, from->extensions)) != 0) - goto out; - - to->serial = from->serial; - to->type = from->type; - if (from->key_id == NULL) - to->key_id = NULL; - else if ((to->key_id = strdup(from->key_id)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - to->valid_after = from->valid_after; - to->valid_before = from->valid_before; - if (from->signature_key == NULL) - to->signature_key = NULL; - else if ((r = sshkey_from_private(from->signature_key, - &to->signature_key)) != 0) - goto out; - if (from->signature_type != NULL && - (to->signature_type = strdup(from->signature_type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (from->nprincipals > SSHKEY_CERT_MAX_PRINCIPALS) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if (from->nprincipals > 0) { - if ((to->principals = calloc(from->nprincipals, - sizeof(*to->principals))) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - for (i = 0; i < from->nprincipals; i++) { - to->principals[i] = strdup(from->principals[i]); - if (to->principals[i] == NULL) { - to->nprincipals = i; - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - } - } - to->nprincipals = from->nprincipals; - - /* success */ - cert_free(to_key->cert); - to_key->cert = to; - to = NULL; - r = 0; -out: - cert_free(to); - return r; -} - -int -sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) -{ - struct sshkey *n = NULL; - int r = SSH_ERR_INTERNAL_ERROR; -#ifdef WITH_OPENSSL - const BIGNUM *rsa_n, *rsa_e; - BIGNUM *rsa_n_dup = NULL, *rsa_e_dup = NULL; - const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key; - BIGNUM *dsa_p_dup = NULL, *dsa_q_dup = NULL, *dsa_g_dup = NULL; - BIGNUM *dsa_pub_key_dup = NULL; -#endif /* WITH_OPENSSL */ - - *pkp = NULL; - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_DSA: - case KEY_DSA_CERT: - if ((n = sshkey_new(k->type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - DSA_get0_pqg(k->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(k->dsa, &dsa_pub_key, NULL); - if ((dsa_p_dup = BN_dup(dsa_p)) == NULL || - (dsa_q_dup = BN_dup(dsa_q)) == NULL || - (dsa_g_dup = BN_dup(dsa_g)) == NULL || - (dsa_pub_key_dup = BN_dup(dsa_pub_key)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (!DSA_set0_pqg(n->dsa, dsa_p_dup, dsa_q_dup, dsa_g_dup)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_p_dup = dsa_q_dup = dsa_g_dup = NULL; /* transferred */ - if (!DSA_set0_key(n->dsa, dsa_pub_key_dup, NULL)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_pub_key_dup = NULL; /* transferred */ - - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - case KEY_ECDSA_CERT: - if ((n = sshkey_new(k->type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - n->ecdsa_nid = k->ecdsa_nid; - n->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); - if (n->ecdsa == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (EC_KEY_set_public_key(n->ecdsa, - EC_KEY_get0_public_key(k->ecdsa)) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - break; -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA: - case KEY_RSA_CERT: - if ((n = sshkey_new(k->type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - RSA_get0_key(k->rsa, &rsa_n, &rsa_e, NULL); - if ((rsa_n_dup = BN_dup(rsa_n)) == NULL || - (rsa_e_dup = BN_dup(rsa_e)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (!RSA_set0_key(n->rsa, rsa_n_dup, rsa_e_dup, NULL)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_n_dup = rsa_e_dup = NULL; /* transferred */ - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - if ((n = sshkey_new(k->type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (k->ed25519_pk != NULL) { - if ((n->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); - } - break; -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: - if ((n = sshkey_new(k->type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_xmss_init(n, k->xmss_name)) != 0) - goto out; - if (k->xmss_pk != NULL) { - size_t pklen = sshkey_xmss_pklen(k); - if (pklen == 0 || sshkey_xmss_pklen(n) != pklen) { - r = SSH_ERR_INTERNAL_ERROR; - goto out; - } - if ((n->xmss_pk = malloc(pklen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(n->xmss_pk, k->xmss_pk, pklen); - } - break; -#endif /* WITH_XMSS */ - default: - r = SSH_ERR_KEY_TYPE_UNKNOWN; - goto out; - } - if (sshkey_is_cert(k) && (r = sshkey_cert_copy(k, n)) != 0) - goto out; - /* success */ - *pkp = n; - n = NULL; - r = 0; -out: - sshkey_free(n); -#ifdef WITH_OPENSSL - BN_clear_free(rsa_n_dup); - BN_clear_free(rsa_e_dup); - BN_clear_free(dsa_p_dup); - BN_clear_free(dsa_q_dup); - BN_clear_free(dsa_g_dup); - BN_clear_free(dsa_pub_key_dup); -#endif - - return r; -} - -static int -cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) -{ - struct sshbuf *principals = NULL, *crit = NULL; - struct sshbuf *exts = NULL, *ca = NULL; - u_char *sig = NULL; - size_t signed_len = 0, slen = 0, kidlen = 0; - int ret = SSH_ERR_INTERNAL_ERROR; - - /* Copy the entire key blob for verification and later serialisation */ - if ((ret = sshbuf_putb(key->cert->certblob, certbuf)) != 0) - return ret; - - /* Parse body of certificate up to signature */ - if ((ret = sshbuf_get_u64(b, &key->cert->serial)) != 0 || - (ret = sshbuf_get_u32(b, &key->cert->type)) != 0 || - (ret = sshbuf_get_cstring(b, &key->cert->key_id, &kidlen)) != 0 || - (ret = sshbuf_froms(b, &principals)) != 0 || - (ret = sshbuf_get_u64(b, &key->cert->valid_after)) != 0 || - (ret = sshbuf_get_u64(b, &key->cert->valid_before)) != 0 || - (ret = sshbuf_froms(b, &crit)) != 0 || - (ret = sshbuf_froms(b, &exts)) != 0 || - (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0 || - (ret = sshbuf_froms(b, &ca)) != 0) { - /* XXX debug print error for ret */ - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* Signature is left in the buffer so we can calculate this length */ - signed_len = sshbuf_len(key->cert->certblob) - sshbuf_len(b); - - if ((ret = sshbuf_get_string(b, &sig, &slen)) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - - if (key->cert->type != SSH2_CERT_TYPE_USER && - key->cert->type != SSH2_CERT_TYPE_HOST) { - ret = SSH_ERR_KEY_CERT_UNKNOWN_TYPE; - goto out; - } - - /* Parse principals section */ - while (sshbuf_len(principals) > 0) { - char *principal = NULL; - char **oprincipals = NULL; - - if (key->cert->nprincipals >= SSHKEY_CERT_MAX_PRINCIPALS) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((ret = sshbuf_get_cstring(principals, &principal, - NULL)) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - oprincipals = key->cert->principals; - key->cert->principals = recallocarray(key->cert->principals, - key->cert->nprincipals, key->cert->nprincipals + 1, - sizeof(*key->cert->principals)); - if (key->cert->principals == NULL) { - free(principal); - key->cert->principals = oprincipals; - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - key->cert->principals[key->cert->nprincipals++] = principal; - } - - /* - * Stash a copies of the critical options and extensions sections - * for later use. - */ - if ((ret = sshbuf_putb(key->cert->critical, crit)) != 0 || - (exts != NULL && - (ret = sshbuf_putb(key->cert->extensions, exts)) != 0)) - goto out; - - /* - * Validate critical options and extensions sections format. - */ - while (sshbuf_len(crit) != 0) { - if ((ret = sshbuf_get_string_direct(crit, NULL, NULL)) != 0 || - (ret = sshbuf_get_string_direct(crit, NULL, NULL)) != 0) { - sshbuf_reset(key->cert->critical); - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - } - while (exts != NULL && sshbuf_len(exts) != 0) { - if ((ret = sshbuf_get_string_direct(exts, NULL, NULL)) != 0 || - (ret = sshbuf_get_string_direct(exts, NULL, NULL)) != 0) { - sshbuf_reset(key->cert->extensions); - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - } - - /* Parse CA key and check signature */ - if (sshkey_from_blob_internal(ca, &key->cert->signature_key, 0) != 0) { - ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; - goto out; - } - if (!sshkey_type_is_valid_ca(key->cert->signature_key->type)) { - ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; - goto out; - } - if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, - sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) - goto out; - if ((ret = get_sigtype(sig, slen, &key->cert->signature_type)) != 0) - goto out; - - /* Success */ - ret = 0; -out: - sshbuf_free(ca); - sshbuf_free(crit); - sshbuf_free(exts); - sshbuf_free(principals); - free(sig); - return ret; -} - -#ifdef WITH_OPENSSL -static int -check_rsa_length(const RSA *rsa) -{ - const BIGNUM *rsa_n; - - RSA_get0_key(rsa, &rsa_n, NULL, NULL); - if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - return 0; -} -#endif - -static int -sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, - int allow_cert) -{ - int type, ret = SSH_ERR_INTERNAL_ERROR; - char *ktype = NULL, *curve = NULL, *xmss_name = NULL; - struct sshkey *key = NULL; - size_t len; - u_char *pk = NULL; - struct sshbuf *copy; -#if defined(WITH_OPENSSL) - BIGNUM *rsa_n = NULL, *rsa_e = NULL; - BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL, *dsa_pub_key = NULL; -#if defined(OPENSSL_HAS_ECC) - EC_POINT *q = NULL; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - -#ifdef DEBUG_PK /* XXX */ - sshbuf_dump(b, stderr); -#endif - if (keyp != NULL) - *keyp = NULL; - if ((copy = sshbuf_fromb(b)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - - type = sshkey_type_from_name(ktype); - if (!allow_cert && sshkey_type_is_cert(type)) { - ret = SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; - goto out; - } - switch (type) { -#ifdef WITH_OPENSSL - case KEY_RSA_CERT: - /* Skip nonce */ - if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* FALLTHROUGH */ - case KEY_RSA: - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((rsa_e = BN_new()) == NULL || - (rsa_n = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (sshbuf_get_bignum2(b, rsa_e) != 0 || - sshbuf_get_bignum2(b, rsa_n) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (!RSA_set0_key(key->rsa, rsa_n, rsa_e, NULL)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_n = rsa_e = NULL; /* transferred */ - if ((ret = check_rsa_length(key->rsa)) != 0) - goto out; -#ifdef DEBUG_PK - RSA_print_fp(stderr, key->rsa, 8); -#endif - break; - case KEY_DSA_CERT: - /* Skip nonce */ - if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* FALLTHROUGH */ - case KEY_DSA: - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((dsa_p = BN_new()) == NULL || - (dsa_q = BN_new()) == NULL || - (dsa_g = BN_new()) == NULL || - (dsa_pub_key = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (sshbuf_get_bignum2(b, dsa_p) != 0 || - sshbuf_get_bignum2(b, dsa_q) != 0 || - sshbuf_get_bignum2(b, dsa_g) != 0 || - sshbuf_get_bignum2(b, dsa_pub_key) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (!DSA_set0_pqg(key->dsa, dsa_p, dsa_q, dsa_g)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_p = dsa_q = dsa_g = NULL; /* transferred */ - if (!DSA_set0_key(key->dsa, dsa_pub_key, NULL)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_pub_key = NULL; /* transferred */ -#ifdef DEBUG_PK - DSA_print_fp(stderr, key->dsa, 8); -#endif - break; - case KEY_ECDSA_CERT: - /* Skip nonce */ - if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* FALLTHROUGH */ -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - key->ecdsa_nid = sshkey_ecdsa_nid_from_name(ktype); - if (sshbuf_get_cstring(b, &curve, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (key->ecdsa_nid != sshkey_curve_name_to_nid(curve)) { - ret = SSH_ERR_EC_CURVE_MISMATCH; - goto out; - } - EC_KEY_free(key->ecdsa); - if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) - == NULL) { - ret = SSH_ERR_EC_CURVE_INVALID; - goto out; - } - if ((q = EC_POINT_new(EC_KEY_get0_group(key->ecdsa))) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (sshbuf_get_ec(b, q, EC_KEY_get0_group(key->ecdsa)) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (sshkey_ec_validate_public(EC_KEY_get0_group(key->ecdsa), - q) != 0) { - ret = SSH_ERR_KEY_INVALID_EC_VALUE; - goto out; - } - if (EC_KEY_set_public_key(key->ecdsa, q) != 1) { - /* XXX assume it is a allocation error */ - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -#ifdef DEBUG_PK - sshkey_dump_ec_point(EC_KEY_get0_group(key->ecdsa), q); -#endif - break; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519_CERT: - /* Skip nonce */ - if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* FALLTHROUGH */ - case KEY_ED25519: - if ((ret = sshbuf_get_string(b, &pk, &len)) != 0) - goto out; - if (len != ED25519_PK_SZ) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - key->ed25519_pk = pk; - pk = NULL; - break; -#ifdef WITH_XMSS - case KEY_XMSS_CERT: - /* Skip nonce */ - if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* FALLTHROUGH */ - case KEY_XMSS: - if ((ret = sshbuf_get_cstring(b, &xmss_name, NULL)) != 0) - goto out; - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((ret = sshkey_xmss_init(key, xmss_name)) != 0) - goto out; - if ((ret = sshbuf_get_string(b, &pk, &len)) != 0) - goto out; - if (len == 0 || len != sshkey_xmss_pklen(key)) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - key->xmss_pk = pk; - pk = NULL; - if (type != KEY_XMSS_CERT && - (ret = sshkey_xmss_deserialize_pk_info(key, b)) != 0) - goto out; - break; -#endif /* WITH_XMSS */ - case KEY_UNSPEC: - default: - ret = SSH_ERR_KEY_TYPE_UNKNOWN; - goto out; - } - - /* Parse certificate potion */ - if (sshkey_is_cert(key) && (ret = cert_parse(b, key, copy)) != 0) - goto out; - - if (key != NULL && sshbuf_len(b) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - ret = 0; - if (keyp != NULL) { - *keyp = key; - key = NULL; - } -out: - sshbuf_free(copy); - sshkey_free(key); - free(xmss_name); - free(ktype); - free(curve); - free(pk); -#if defined(WITH_OPENSSL) - BN_clear_free(rsa_n); - BN_clear_free(rsa_e); - BN_clear_free(dsa_p); - BN_clear_free(dsa_q); - BN_clear_free(dsa_g); - BN_clear_free(dsa_pub_key); -#if defined(OPENSSL_HAS_ECC) - EC_POINT_free(q); -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - return ret; -} - -int -sshkey_from_blob(const u_char *blob, size_t blen, struct sshkey **keyp) -{ - struct sshbuf *b; - int r; - - if ((b = sshbuf_from(blob, blen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - r = sshkey_from_blob_internal(b, keyp, 1); - sshbuf_free(b); - return r; -} - -int -sshkey_fromb(struct sshbuf *b, struct sshkey **keyp) -{ - return sshkey_from_blob_internal(b, keyp, 1); -} - -int -sshkey_froms(struct sshbuf *buf, struct sshkey **keyp) -{ - struct sshbuf *b; - int r; - - if ((r = sshbuf_froms(buf, &b)) != 0) - return r; - r = sshkey_from_blob_internal(b, keyp, 1); - sshbuf_free(b); - return r; -} - -static int -get_sigtype(const u_char *sig, size_t siglen, char **sigtypep) -{ - int r; - struct sshbuf *b = NULL; - char *sigtype = NULL; - - if (sigtypep != NULL) - *sigtypep = NULL; - if ((b = sshbuf_from(sig, siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_get_cstring(b, &sigtype, NULL)) != 0) - goto out; - /* success */ - if (sigtypep != NULL) { - *sigtypep = sigtype; - sigtype = NULL; - } - r = 0; -out: - free(sigtype); - sshbuf_free(b); - return r; -} - -/* - * - * Checks whether a certificate's signature type is allowed. - * Returns 0 (success) if the certificate signature type appears in the - * "allowed" pattern-list, or the key is not a certificate to begin with. - * Otherwise returns a ssherr.h code. - */ -int -sshkey_check_cert_sigtype(const struct sshkey *key, const char *allowed) -{ - if (key == NULL || allowed == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (!sshkey_type_is_cert(key->type)) - return 0; - if (key->cert == NULL || key->cert->signature_type == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (match_pattern_list(key->cert->signature_type, allowed, 0) != 1) - return SSH_ERR_SIGN_ALG_UNSUPPORTED; - return 0; -} - -/* - * Returns the expected signature algorithm for a given public key algorithm. - */ -const char * -sshkey_sigalg_by_name(const char *name) -{ - const struct keytype *kt; - - for (kt = keytypes; kt->type != -1; kt++) { - if (strcmp(kt->name, name) != 0) - continue; - if (kt->sigalg != NULL) - return kt->sigalg; - if (!kt->cert) - return kt->name; - return sshkey_ssh_name_from_type_nid( - sshkey_type_plain(kt->type), kt->nid); - } - return NULL; -} - -/* - * Verifies that the signature algorithm appearing inside the signature blob - * matches that which was requested. - */ -int -sshkey_check_sigtype(const u_char *sig, size_t siglen, - const char *requested_alg) -{ - const char *expected_alg; - char *sigtype = NULL; - int r; - - if (requested_alg == NULL) - return 0; - if ((expected_alg = sshkey_sigalg_by_name(requested_alg)) == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((r = get_sigtype(sig, siglen, &sigtype)) != 0) - return r; - r = strcmp(expected_alg, sigtype) == 0; - free(sigtype); - return r ? 0 : SSH_ERR_SIGN_ALG_UNSUPPORTED; -} - -int -sshkey_sign(const struct sshkey *key, - u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg, u_int compat) -{ - if (sigp != NULL) - *sigp = NULL; - if (lenp != NULL) - *lenp = 0; - if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) - return SSH_ERR_INVALID_ARGUMENT; - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_DSA_CERT: - case KEY_DSA: - return ssh_dss_sign(key, sigp, lenp, data, datalen, compat); -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: - return ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT: - case KEY_RSA: - return ssh_rsa_sign(key, sigp, lenp, data, datalen, alg); -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat); -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: - return ssh_xmss_sign(key, sigp, lenp, data, datalen, compat); -#endif /* WITH_XMSS */ - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } -} - -/* - * ssh_key_verify returns 0 for a correct signature and < 0 on error. - * If "alg" specified, then the signature must use that algorithm. - */ -int -sshkey_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, - const u_char *data, size_t dlen, const char *alg, u_int compat) -{ - if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) - return SSH_ERR_INVALID_ARGUMENT; - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_DSA_CERT: - case KEY_DSA: - return ssh_dss_verify(key, sig, siglen, data, dlen, compat); -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: - return ssh_ecdsa_verify(key, sig, siglen, data, dlen, compat); -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT: - case KEY_RSA: - return ssh_rsa_verify(key, sig, siglen, data, dlen, alg); -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - case KEY_ED25519_CERT: - return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); -#ifdef WITH_XMSS - case KEY_XMSS: - case KEY_XMSS_CERT: - return ssh_xmss_verify(key, sig, siglen, data, dlen, compat); -#endif /* WITH_XMSS */ - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } -} - -/* Convert a plain key to their _CERT equivalent */ -int -sshkey_to_certified(struct sshkey *k) -{ - int newtype; - - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - newtype = KEY_RSA_CERT; - break; - case KEY_DSA: - newtype = KEY_DSA_CERT; - break; - case KEY_ECDSA: - newtype = KEY_ECDSA_CERT; - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - newtype = KEY_ED25519_CERT; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - newtype = KEY_XMSS_CERT; - break; -#endif /* WITH_XMSS */ - default: - return SSH_ERR_INVALID_ARGUMENT; - } - if ((k->cert = cert_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - k->type = newtype; - return 0; -} - -/* Convert a certificate to its raw key equivalent */ -int -sshkey_drop_cert(struct sshkey *k) -{ - if (!sshkey_type_is_cert(k->type)) - return SSH_ERR_KEY_TYPE_UNKNOWN; - cert_free(k->cert); - k->cert = NULL; - k->type = sshkey_type_plain(k->type); - return 0; -} - -/* Sign a certified key, (re-)generating the signed certblob. */ -int -sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg, - sshkey_certify_signer *signer, void *signer_ctx) -{ - struct sshbuf *principals = NULL; - u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; - size_t i, ca_len, sig_len; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *cert = NULL; - char *sigtype = NULL; -#ifdef WITH_OPENSSL - const BIGNUM *rsa_n, *rsa_e, *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key; -#endif /* WITH_OPENSSL */ - - if (k == NULL || k->cert == NULL || - k->cert->certblob == NULL || ca == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (!sshkey_is_cert(k)) - return SSH_ERR_KEY_TYPE_UNKNOWN; - if (!sshkey_type_is_valid_ca(ca->type)) - return SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; - - /* - * If no alg specified as argument but a signature_type was set, - * then prefer that. If both were specified, then they must match. - */ - if (alg == NULL) - alg = k->cert->signature_type; - else if (k->cert->signature_type != NULL && - strcmp(alg, k->cert->signature_type) != 0) - return SSH_ERR_INVALID_ARGUMENT; - - if ((ret = sshkey_to_blob(ca, &ca_blob, &ca_len)) != 0) - return SSH_ERR_KEY_CERT_INVALID_SIGN_KEY; - - cert = k->cert->certblob; /* for readability */ - sshbuf_reset(cert); - if ((ret = sshbuf_put_cstring(cert, sshkey_ssh_name(k))) != 0) - goto out; - - /* -v01 certs put nonce first */ - arc4random_buf(&nonce, sizeof(nonce)); - if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0) - goto out; - - /* XXX this substantially duplicates to_blob(); refactor */ - switch (k->type) { -#ifdef WITH_OPENSSL - case KEY_DSA_CERT: - DSA_get0_pqg(k->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(k->dsa, &dsa_pub_key, NULL); - if ((ret = sshbuf_put_bignum2(cert, dsa_p)) != 0 || - (ret = sshbuf_put_bignum2(cert, dsa_q)) != 0 || - (ret = sshbuf_put_bignum2(cert, dsa_g)) != 0 || - (ret = sshbuf_put_bignum2(cert, dsa_pub_key)) != 0) - goto out; - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - if ((ret = sshbuf_put_cstring(cert, - sshkey_curve_nid_to_name(k->ecdsa_nid))) != 0 || - (ret = sshbuf_put_ec(cert, - EC_KEY_get0_public_key(k->ecdsa), - EC_KEY_get0_group(k->ecdsa))) != 0) - goto out; - break; -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT: - RSA_get0_key(k->rsa, &rsa_n, &rsa_e, NULL); - if ((ret = sshbuf_put_bignum2(cert, rsa_e)) != 0 || - (ret = sshbuf_put_bignum2(cert, rsa_n)) != 0) - goto out; - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519_CERT: - if ((ret = sshbuf_put_string(cert, - k->ed25519_pk, ED25519_PK_SZ)) != 0) - goto out; - break; -#ifdef WITH_XMSS - case KEY_XMSS_CERT: - if (k->xmss_name == NULL) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((ret = sshbuf_put_cstring(cert, k->xmss_name)) || - (ret = sshbuf_put_string(cert, - k->xmss_pk, sshkey_xmss_pklen(k))) != 0) - goto out; - break; -#endif /* WITH_XMSS */ - default: - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - - if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 || - (ret = sshbuf_put_u32(cert, k->cert->type)) != 0 || - (ret = sshbuf_put_cstring(cert, k->cert->key_id)) != 0) - goto out; - - if ((principals = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - for (i = 0; i < k->cert->nprincipals; i++) { - if ((ret = sshbuf_put_cstring(principals, - k->cert->principals[i])) != 0) - goto out; - } - if ((ret = sshbuf_put_stringb(cert, principals)) != 0 || - (ret = sshbuf_put_u64(cert, k->cert->valid_after)) != 0 || - (ret = sshbuf_put_u64(cert, k->cert->valid_before)) != 0 || - (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0 || - (ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0 || - (ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */ - (ret = sshbuf_put_string(cert, ca_blob, ca_len)) != 0) - goto out; - - /* Sign the whole mess */ - if ((ret = signer(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), - sshbuf_len(cert), alg, 0, signer_ctx)) != 0) - goto out; - /* Check and update signature_type against what was actually used */ - if ((ret = get_sigtype(sig_blob, sig_len, &sigtype)) != 0) - goto out; - if (alg != NULL && strcmp(alg, sigtype) != 0) { - ret = SSH_ERR_SIGN_ALG_UNSUPPORTED; - goto out; - } - if (k->cert->signature_type == NULL) { - k->cert->signature_type = sigtype; - sigtype = NULL; - } - /* Append signature and we are done */ - if ((ret = sshbuf_put_string(cert, sig_blob, sig_len)) != 0) - goto out; - ret = 0; -out: - if (ret != 0) - sshbuf_reset(cert); - free(sig_blob); - free(ca_blob); - free(sigtype); - sshbuf_free(principals); - return ret; -} - -static int -default_key_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, - const char *alg, u_int compat, void *ctx) -{ - if (ctx != NULL) - return SSH_ERR_INVALID_ARGUMENT; - return sshkey_sign(key, sigp, lenp, data, datalen, alg, compat); -} - -int -sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) -{ - return sshkey_certify_custom(k, ca, alg, default_key_sign, NULL); -} - -int -sshkey_cert_check_authority(const struct sshkey *k, - int want_host, int require_principal, - const char *name, const char **reason) -{ - u_int i, principal_matches; - time_t now = time(NULL); - - if (reason != NULL) - *reason = NULL; - - if (want_host) { - if (k->cert->type != SSH2_CERT_TYPE_HOST) { - *reason = "Certificate invalid: not a host certificate"; - return SSH_ERR_KEY_CERT_INVALID; - } - } else { - if (k->cert->type != SSH2_CERT_TYPE_USER) { - *reason = "Certificate invalid: not a user certificate"; - return SSH_ERR_KEY_CERT_INVALID; - } - } - if (now < 0) { - /* yikes - system clock before epoch! */ - *reason = "Certificate invalid: not yet valid"; - return SSH_ERR_KEY_CERT_INVALID; - } - if ((u_int64_t)now < k->cert->valid_after) { - *reason = "Certificate invalid: not yet valid"; - return SSH_ERR_KEY_CERT_INVALID; - } - if ((u_int64_t)now >= k->cert->valid_before) { - *reason = "Certificate invalid: expired"; - return SSH_ERR_KEY_CERT_INVALID; - } - if (k->cert->nprincipals == 0) { - if (require_principal) { - *reason = "Certificate lacks principal list"; - return SSH_ERR_KEY_CERT_INVALID; - } - } else if (name != NULL) { - principal_matches = 0; - for (i = 0; i < k->cert->nprincipals; i++) { - if (strcmp(name, k->cert->principals[i]) == 0) { - principal_matches = 1; - break; - } - } - if (!principal_matches) { - *reason = "Certificate invalid: name is not a listed " - "principal"; - return SSH_ERR_KEY_CERT_INVALID; - } - } - return 0; -} - -size_t -sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l) -{ - char from[32], to[32], ret[64]; - time_t tt; - struct tm *tm; - - *from = *to = '\0'; - if (cert->valid_after == 0 && - cert->valid_before == 0xffffffffffffffffULL) - return strlcpy(s, "forever", l); - - if (cert->valid_after != 0) { - /* XXX revisit INT_MAX in 2038 :) */ - tt = cert->valid_after > INT_MAX ? - INT_MAX : cert->valid_after; - tm = localtime(&tt); - strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm); - } - if (cert->valid_before != 0xffffffffffffffffULL) { - /* XXX revisit INT_MAX in 2038 :) */ - tt = cert->valid_before > INT_MAX ? - INT_MAX : cert->valid_before; - tm = localtime(&tt); - strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm); - } - - if (cert->valid_after == 0) - snprintf(ret, sizeof(ret), "before %s", to); - else if (cert->valid_before == 0xffffffffffffffffULL) - snprintf(ret, sizeof(ret), "after %s", from); - else - snprintf(ret, sizeof(ret), "from %s to %s", from, to); - - return strlcpy(s, ret, l); -} - -int -sshkey_private_serialize_opt(const struct sshkey *key, struct sshbuf *b, - enum sshkey_serialize_rep opts) -{ - int r = SSH_ERR_INTERNAL_ERROR; -#ifdef WITH_OPENSSL - const BIGNUM *rsa_n, *rsa_e, *rsa_d, *rsa_iqmp, *rsa_p, *rsa_q; - const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key, *dsa_priv_key; -#endif /* WITH_OPENSSL */ - - if ((r = sshbuf_put_cstring(b, sshkey_ssh_name(key))) != 0) - goto out; - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_RSA: - RSA_get0_key(key->rsa, &rsa_n, &rsa_e, &rsa_d); - RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); - RSA_get0_crt_params(key->rsa, NULL, NULL, &rsa_iqmp); - if ((r = sshbuf_put_bignum2(b, rsa_n)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_e)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_d)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_iqmp)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_p)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_q)) != 0) - goto out; - break; - case KEY_RSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); - RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); - RSA_get0_crt_params(key->rsa, NULL, NULL, &rsa_iqmp); - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_d)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_iqmp)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_p)) != 0 || - (r = sshbuf_put_bignum2(b, rsa_q)) != 0) - goto out; - break; - case KEY_DSA: - DSA_get0_pqg(key->dsa, &dsa_p, &dsa_q, &dsa_g); - DSA_get0_key(key->dsa, &dsa_pub_key, &dsa_priv_key); - if ((r = sshbuf_put_bignum2(b, dsa_p)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_q)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_g)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_pub_key)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_priv_key)) != 0) - goto out; - break; - case KEY_DSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - DSA_get0_key(key->dsa, NULL, &dsa_priv_key); - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_bignum2(b, dsa_priv_key)) != 0) - goto out; - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if ((r = sshbuf_put_cstring(b, - sshkey_curve_nid_to_name(key->ecdsa_nid))) != 0 || - (r = sshbuf_put_eckey(b, key->ecdsa)) != 0 || - (r = sshbuf_put_bignum2(b, - EC_KEY_get0_private_key(key->ecdsa))) != 0) - goto out; - break; - case KEY_ECDSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_bignum2(b, - EC_KEY_get0_private_key(key->ecdsa))) != 0) - goto out; - break; -#endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - if ((r = sshbuf_put_string(b, key->ed25519_pk, - ED25519_PK_SZ)) != 0 || - (r = sshbuf_put_string(b, key->ed25519_sk, - ED25519_SK_SZ)) != 0) - goto out; - break; - case KEY_ED25519_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_string(b, key->ed25519_pk, - ED25519_PK_SZ)) != 0 || - (r = sshbuf_put_string(b, key->ed25519_sk, - ED25519_SK_SZ)) != 0) - goto out; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - if (key->xmss_name == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || - (r = sshbuf_put_string(b, key->xmss_pk, - sshkey_xmss_pklen(key))) != 0 || - (r = sshbuf_put_string(b, key->xmss_sk, - sshkey_xmss_sklen(key))) != 0 || - (r = sshkey_xmss_serialize_state_opt(key, b, opts)) != 0) - goto out; - break; - case KEY_XMSS_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0 || - key->xmss_name == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || - (r = sshbuf_put_string(b, key->xmss_pk, - sshkey_xmss_pklen(key))) != 0 || - (r = sshbuf_put_string(b, key->xmss_sk, - sshkey_xmss_sklen(key))) != 0 || - (r = sshkey_xmss_serialize_state_opt(key, b, opts)) != 0) - goto out; - break; -#endif /* WITH_XMSS */ - default: - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - /* success */ - r = 0; -out: - return r; -} - -int -sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) -{ - return sshkey_private_serialize_opt(key, b, - SSHKEY_SERIALIZE_DEFAULT); -} - -int -sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) -{ - char *tname = NULL, *curve = NULL, *xmss_name = NULL; - struct sshkey *k = NULL; - size_t pklen = 0, sklen = 0; - int type, r = SSH_ERR_INTERNAL_ERROR; - u_char *ed25519_pk = NULL, *ed25519_sk = NULL; - u_char *xmss_pk = NULL, *xmss_sk = NULL; -#ifdef WITH_OPENSSL - BIGNUM *exponent = NULL; - BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL; - BIGNUM *rsa_iqmp = NULL, *rsa_p = NULL, *rsa_q = NULL; - BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL; - BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL; -#endif /* WITH_OPENSSL */ - - if (kp != NULL) - *kp = NULL; - if ((r = sshbuf_get_cstring(buf, &tname, NULL)) != 0) - goto out; - type = sshkey_type_from_name(tname); - switch (type) { -#ifdef WITH_OPENSSL - case KEY_DSA: - if ((k = sshkey_new(type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((dsa_p = BN_new()) == NULL || - (dsa_q = BN_new()) == NULL || - (dsa_g = BN_new()) == NULL || - (dsa_pub_key = BN_new()) == NULL || - (dsa_priv_key = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_get_bignum2(buf, dsa_p)) != 0 || - (r = sshbuf_get_bignum2(buf, dsa_q)) != 0 || - (r = sshbuf_get_bignum2(buf, dsa_g)) != 0 || - (r = sshbuf_get_bignum2(buf, dsa_pub_key)) != 0 || - (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) - goto out; - if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_p = dsa_q = dsa_g = NULL; /* transferred */ - if (!DSA_set0_key(k->dsa, dsa_pub_key, dsa_priv_key)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_pub_key = dsa_priv_key = NULL; /* transferred */ - break; - case KEY_DSA_CERT: - if ((dsa_priv_key = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_froms(buf, &k)) != 0 || - (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) - goto out; - if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - dsa_priv_key = NULL; /* transferred */ - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if ((k = sshkey_new(type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((k->ecdsa_nid = sshkey_ecdsa_nid_from_name(tname)) == -1) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_get_cstring(buf, &curve, NULL)) != 0) - goto out; - if (k->ecdsa_nid != sshkey_curve_name_to_nid(curve)) { - r = SSH_ERR_EC_CURVE_MISMATCH; - goto out; - } - k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); - if (k->ecdsa == NULL || (exponent = BN_new()) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 || - (r = sshbuf_get_bignum2(buf, exponent))) - goto out; - if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa), - EC_KEY_get0_public_key(k->ecdsa))) != 0 || - (r = sshkey_ec_validate_private(k->ecdsa)) != 0) - goto out; - break; - case KEY_ECDSA_CERT: - if ((exponent = BN_new()) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((r = sshkey_froms(buf, &k)) != 0 || - (r = sshbuf_get_bignum2(buf, exponent)) != 0) - goto out; - if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa), - EC_KEY_get0_public_key(k->ecdsa))) != 0 || - (r = sshkey_ec_validate_private(k->ecdsa)) != 0) - goto out; - break; -#endif /* OPENSSL_HAS_ECC */ - case KEY_RSA: - if ((k = sshkey_new(type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((rsa_n = BN_new()) == NULL || - (rsa_e = BN_new()) == NULL || - (rsa_d = BN_new()) == NULL || - (rsa_iqmp = BN_new()) == NULL || - (rsa_p = BN_new()) == NULL || - (rsa_q = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_get_bignum2(buf, rsa_n)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_e)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) - goto out; - if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_n = rsa_e = rsa_d = NULL; /* transferred */ - if (!RSA_set0_factors(k->rsa, rsa_p, rsa_q)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_p = rsa_q = NULL; /* transferred */ - if ((r = check_rsa_length(k->rsa)) != 0) - goto out; - if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0) - goto out; - break; - case KEY_RSA_CERT: - if ((rsa_d = BN_new()) == NULL || - (rsa_iqmp = BN_new()) == NULL || - (rsa_p = BN_new()) == NULL || - (rsa_q = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_froms(buf, &k)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || - (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) - goto out; - if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_d = NULL; /* transferred */ - if (!RSA_set0_factors(k->rsa, rsa_p, rsa_q)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - rsa_p = rsa_q = NULL; /* transferred */ - if ((r = check_rsa_length(k->rsa)) != 0) - goto out; - if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0) - goto out; - break; -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - if ((k = sshkey_new(type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_get_string(buf, &ed25519_pk, &pklen)) != 0 || - (r = sshbuf_get_string(buf, &ed25519_sk, &sklen)) != 0) - goto out; - if (pklen != ED25519_PK_SZ || sklen != ED25519_SK_SZ) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - k->ed25519_pk = ed25519_pk; - k->ed25519_sk = ed25519_sk; - ed25519_pk = ed25519_sk = NULL; - break; - case KEY_ED25519_CERT: - if ((r = sshkey_froms(buf, &k)) != 0 || - (r = sshbuf_get_string(buf, &ed25519_pk, &pklen)) != 0 || - (r = sshbuf_get_string(buf, &ed25519_sk, &sklen)) != 0) - goto out; - if (pklen != ED25519_PK_SZ || sklen != ED25519_SK_SZ) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - k->ed25519_pk = ed25519_pk; - k->ed25519_sk = ed25519_sk; - ed25519_pk = ed25519_sk = NULL; - break; -#ifdef WITH_XMSS - case KEY_XMSS: - if ((k = sshkey_new(type)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_get_cstring(buf, &xmss_name, NULL)) != 0 || - (r = sshkey_xmss_init(k, xmss_name)) != 0 || - (r = sshbuf_get_string(buf, &xmss_pk, &pklen)) != 0 || - (r = sshbuf_get_string(buf, &xmss_sk, &sklen)) != 0) - goto out; - if (pklen != sshkey_xmss_pklen(k) || - sklen != sshkey_xmss_sklen(k)) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - k->xmss_pk = xmss_pk; - k->xmss_sk = xmss_sk; - xmss_pk = xmss_sk = NULL; - /* optional internal state */ - if ((r = sshkey_xmss_deserialize_state_opt(k, buf)) != 0) - goto out; - break; - case KEY_XMSS_CERT: - if ((r = sshkey_froms(buf, &k)) != 0 || - (r = sshbuf_get_cstring(buf, &xmss_name, NULL)) != 0 || - (r = sshbuf_get_string(buf, &xmss_pk, &pklen)) != 0 || - (r = sshbuf_get_string(buf, &xmss_sk, &sklen)) != 0) - goto out; - if (strcmp(xmss_name, k->xmss_name)) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (pklen != sshkey_xmss_pklen(k) || - sklen != sshkey_xmss_sklen(k)) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - k->xmss_pk = xmss_pk; - k->xmss_sk = xmss_sk; - xmss_pk = xmss_sk = NULL; - /* optional internal state */ - if ((r = sshkey_xmss_deserialize_state_opt(k, buf)) != 0) - goto out; - break; -#endif /* WITH_XMSS */ - default: - r = SSH_ERR_KEY_TYPE_UNKNOWN; - goto out; - } -#ifdef WITH_OPENSSL - /* enable blinding */ - switch (k->type) { - case KEY_RSA: - case KEY_RSA_CERT: - if (RSA_blinding_on(k->rsa, NULL) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - break; - } -#endif /* WITH_OPENSSL */ - /* success */ - r = 0; - if (kp != NULL) { - *kp = k; - k = NULL; - } -out: - free(tname); - free(curve); -#ifdef WITH_OPENSSL - BN_clear_free(exponent); - BN_clear_free(dsa_p); - BN_clear_free(dsa_q); - BN_clear_free(dsa_g); - BN_clear_free(dsa_pub_key); - BN_clear_free(dsa_priv_key); - BN_clear_free(rsa_n); - BN_clear_free(rsa_e); - BN_clear_free(rsa_d); - BN_clear_free(rsa_p); - BN_clear_free(rsa_q); - BN_clear_free(rsa_iqmp); -#endif /* WITH_OPENSSL */ - sshkey_free(k); - freezero(ed25519_pk, pklen); - freezero(ed25519_sk, sklen); - free(xmss_name); - freezero(xmss_pk, pklen); - freezero(xmss_sk, sklen); - return r; -} - -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) -int -sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) -{ - BN_CTX *bnctx; - EC_POINT *nq = NULL; - BIGNUM *order, *x, *y, *tmp; - int ret = SSH_ERR_KEY_INVALID_EC_VALUE; - - /* - * NB. This assumes OpenSSL has already verified that the public - * point lies on the curve. This is done by EC_POINT_oct2point() - * implicitly calling EC_POINT_is_on_curve(). If this code is ever - * reachable with public points not unmarshalled using - * EC_POINT_oct2point then the caller will need to explicitly check. - */ - - if ((bnctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - BN_CTX_start(bnctx); - - /* - * We shouldn't ever hit this case because bignum_get_ecpoint() - * refuses to load GF2m points. - */ - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != - NID_X9_62_prime_field) - goto out; - - /* Q != infinity */ - if (EC_POINT_is_at_infinity(group, public)) - goto out; - - if ((x = BN_CTX_get(bnctx)) == NULL || - (y = BN_CTX_get(bnctx)) == NULL || - (order = BN_CTX_get(bnctx)) == NULL || - (tmp = BN_CTX_get(bnctx)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ - if (EC_GROUP_get_order(group, order, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, public, - x, y, bnctx) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_num_bits(x) <= BN_num_bits(order) / 2 || - BN_num_bits(y) <= BN_num_bits(order) / 2) - goto out; - - /* nQ == infinity (n == order of subgroup) */ - if ((nq = EC_POINT_new(group)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (EC_POINT_mul(group, nq, NULL, public, order, bnctx) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (EC_POINT_is_at_infinity(group, nq) != 1) - goto out; - - /* x < order - 1, y < order - 1 */ - if (!BN_sub(tmp, order, BN_value_one())) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_cmp(x, tmp) >= 0 || BN_cmp(y, tmp) >= 0) - goto out; - ret = 0; -out: - BN_CTX_free(bnctx); - EC_POINT_free(nq); - return ret; -} - -int -sshkey_ec_validate_private(const EC_KEY *key) -{ - BN_CTX *bnctx; - BIGNUM *order, *tmp; - int ret = SSH_ERR_KEY_INVALID_EC_VALUE; - - if ((bnctx = BN_CTX_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - BN_CTX_start(bnctx); - - if ((order = BN_CTX_get(bnctx)) == NULL || - (tmp = BN_CTX_get(bnctx)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* log2(private) > log2(order)/2 */ - if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, bnctx) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_num_bits(EC_KEY_get0_private_key(key)) <= - BN_num_bits(order) / 2) - goto out; - - /* private < order - 1 */ - if (!BN_sub(tmp, order, BN_value_one())) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if (BN_cmp(EC_KEY_get0_private_key(key), tmp) >= 0) - goto out; - ret = 0; -out: - BN_CTX_free(bnctx); - return ret; -} - -void -sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) -{ - BIGNUM *x, *y; - BN_CTX *bnctx; - - if (point == NULL) { - fputs("point=(NULL)\n", stderr); - return; - } - if ((bnctx = BN_CTX_new()) == NULL) { - fprintf(stderr, "%s: BN_CTX_new failed\n", __func__); - return; - } - BN_CTX_start(bnctx); - if ((x = BN_CTX_get(bnctx)) == NULL || - (y = BN_CTX_get(bnctx)) == NULL) { - fprintf(stderr, "%s: BN_CTX_get failed\n", __func__); - return; - } - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != - NID_X9_62_prime_field) { - fprintf(stderr, "%s: group is not a prime field\n", __func__); - return; - } - if (EC_POINT_get_affine_coordinates_GFp(group, point, x, y, - bnctx) != 1) { - fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", - __func__); - return; - } - fputs("x=", stderr); - BN_print_fp(stderr, x); - fputs("\ny=", stderr); - BN_print_fp(stderr, y); - fputs("\n", stderr); - BN_CTX_free(bnctx); -} - -void -sshkey_dump_ec_key(const EC_KEY *key) -{ - const BIGNUM *exponent; - - sshkey_dump_ec_point(EC_KEY_get0_group(key), - EC_KEY_get0_public_key(key)); - fputs("exponent=", stderr); - if ((exponent = EC_KEY_get0_private_key(key)) == NULL) - fputs("(NULL)", stderr); - else - BN_print_fp(stderr, EC_KEY_get0_private_key(key)); - fputs("\n", stderr); -} -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ - -static int -sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, - const char *passphrase, const char *comment, const char *ciphername, - int rounds) -{ - u_char *cp, *key = NULL, *pubkeyblob = NULL; - u_char salt[SALT_LEN]; - char *b64 = NULL; - size_t i, pubkeylen, keylen, ivlen, blocksize, authlen; - u_int check; - int r = SSH_ERR_INTERNAL_ERROR; - struct sshcipher_ctx *ciphercontext = NULL; - const struct sshcipher *cipher; - const char *kdfname = KDFNAME; - struct sshbuf *encoded = NULL, *encrypted = NULL, *kdf = NULL; - - if (rounds <= 0) - rounds = DEFAULT_ROUNDS; - if (passphrase == NULL || !strlen(passphrase)) { - ciphername = "none"; - kdfname = "none"; - } else if (ciphername == NULL) - ciphername = DEFAULT_CIPHERNAME; - if ((cipher = cipher_by_name(ciphername)) == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - - if ((kdf = sshbuf_new()) == NULL || - (encoded = sshbuf_new()) == NULL || - (encrypted = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - blocksize = cipher_blocksize(cipher); - keylen = cipher_keylen(cipher); - ivlen = cipher_ivlen(cipher); - authlen = cipher_authlen(cipher); - if ((key = calloc(1, keylen + ivlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (strcmp(kdfname, "bcrypt") == 0) { - arc4random_buf(salt, SALT_LEN); - if (bcrypt_pbkdf(passphrase, strlen(passphrase), - salt, SALT_LEN, key, keylen + ivlen, rounds) < 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_put_string(kdf, salt, SALT_LEN)) != 0 || - (r = sshbuf_put_u32(kdf, rounds)) != 0) - goto out; - } else if (strcmp(kdfname, "none") != 0) { - /* Unsupported KDF type */ - r = SSH_ERR_KEY_UNKNOWN_CIPHER; - goto out; - } - if ((r = cipher_init(&ciphercontext, cipher, key, keylen, - key + keylen, ivlen, 1)) != 0) - goto out; - - if ((r = sshbuf_put(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC))) != 0 || - (r = sshbuf_put_cstring(encoded, ciphername)) != 0 || - (r = sshbuf_put_cstring(encoded, kdfname)) != 0 || - (r = sshbuf_put_stringb(encoded, kdf)) != 0 || - (r = sshbuf_put_u32(encoded, 1)) != 0 || /* number of keys */ - (r = sshkey_to_blob(prv, &pubkeyblob, &pubkeylen)) != 0 || - (r = sshbuf_put_string(encoded, pubkeyblob, pubkeylen)) != 0) - goto out; - - /* set up the buffer that will be encrypted */ - - /* Random check bytes */ - check = arc4random(); - if ((r = sshbuf_put_u32(encrypted, check)) != 0 || - (r = sshbuf_put_u32(encrypted, check)) != 0) - goto out; - - /* append private key and comment*/ - if ((r = sshkey_private_serialize_opt(prv, encrypted, - SSHKEY_SERIALIZE_FULL)) != 0 || - (r = sshbuf_put_cstring(encrypted, comment)) != 0) - goto out; - - /* padding */ - i = 0; - while (sshbuf_len(encrypted) % blocksize) { - if ((r = sshbuf_put_u8(encrypted, ++i & 0xff)) != 0) - goto out; - } - - /* length in destination buffer */ - if ((r = sshbuf_put_u32(encoded, sshbuf_len(encrypted))) != 0) - goto out; - - /* encrypt */ - if ((r = sshbuf_reserve(encoded, - sshbuf_len(encrypted) + authlen, &cp)) != 0) - goto out; - if ((r = cipher_crypt(ciphercontext, 0, cp, - sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0) - goto out; - - /* uuencode */ - if ((b64 = sshbuf_dtob64(encoded)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - sshbuf_reset(blob); - if ((r = sshbuf_put(blob, MARK_BEGIN, MARK_BEGIN_LEN)) != 0) - goto out; - for (i = 0; i < strlen(b64); i++) { - if ((r = sshbuf_put_u8(blob, b64[i])) != 0) - goto out; - /* insert line breaks */ - if (i % 70 == 69 && (r = sshbuf_put_u8(blob, '\n')) != 0) - goto out; - } - if (i % 70 != 69 && (r = sshbuf_put_u8(blob, '\n')) != 0) - goto out; - if ((r = sshbuf_put(blob, MARK_END, MARK_END_LEN)) != 0) - goto out; - - /* success */ - r = 0; - -out: - sshbuf_free(kdf); - sshbuf_free(encoded); - sshbuf_free(encrypted); - cipher_free(ciphercontext); - explicit_bzero(salt, sizeof(salt)); - if (key != NULL) { - explicit_bzero(key, keylen + ivlen); - free(key); - } - if (pubkeyblob != NULL) { - explicit_bzero(pubkeyblob, pubkeylen); - free(pubkeyblob); - } - if (b64 != NULL) { - explicit_bzero(b64, strlen(b64)); - free(b64); - } - return r; -} - -static int -sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - char *comment = NULL, *ciphername = NULL, *kdfname = NULL; - const struct sshcipher *cipher = NULL; - const u_char *cp; - int r = SSH_ERR_INTERNAL_ERROR; - size_t encoded_len; - size_t i, keylen = 0, ivlen = 0, authlen = 0, slen = 0; - struct sshbuf *encoded = NULL, *decoded = NULL; - struct sshbuf *kdf = NULL, *decrypted = NULL; - struct sshcipher_ctx *ciphercontext = NULL; - struct sshkey *k = NULL; - u_char *key = NULL, *salt = NULL, *dp, pad, last; - u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((encoded = sshbuf_new()) == NULL || - (decoded = sshbuf_new()) == NULL || - (decrypted = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* check preamble */ - cp = sshbuf_ptr(blob); - encoded_len = sshbuf_len(blob); - if (encoded_len < (MARK_BEGIN_LEN + MARK_END_LEN) || - memcmp(cp, MARK_BEGIN, MARK_BEGIN_LEN) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - cp += MARK_BEGIN_LEN; - encoded_len -= MARK_BEGIN_LEN; - - /* Look for end marker, removing whitespace as we go */ - while (encoded_len > 0) { - if (*cp != '\n' && *cp != '\r') { - if ((r = sshbuf_put_u8(encoded, *cp)) != 0) - goto out; - } - last = *cp; - encoded_len--; - cp++; - if (last == '\n') { - if (encoded_len >= MARK_END_LEN && - memcmp(cp, MARK_END, MARK_END_LEN) == 0) { - /* \0 terminate */ - if ((r = sshbuf_put_u8(encoded, 0)) != 0) - goto out; - break; - } - } - } - if (encoded_len == 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* decode base64 */ - if ((r = sshbuf_b64tod(decoded, (char *)sshbuf_ptr(encoded))) != 0) - goto out; - - /* check magic */ - if (sshbuf_len(decoded) < sizeof(AUTH_MAGIC) || - memcmp(sshbuf_ptr(decoded), AUTH_MAGIC, sizeof(AUTH_MAGIC))) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - /* parse public portion of key */ - if ((r = sshbuf_consume(decoded, sizeof(AUTH_MAGIC))) != 0 || - (r = sshbuf_get_cstring(decoded, &ciphername, NULL)) != 0 || - (r = sshbuf_get_cstring(decoded, &kdfname, NULL)) != 0 || - (r = sshbuf_froms(decoded, &kdf)) != 0 || - (r = sshbuf_get_u32(decoded, &nkeys)) != 0 || - (r = sshbuf_skip_string(decoded)) != 0 || /* pubkey */ - (r = sshbuf_get_u32(decoded, &encrypted_len)) != 0) - goto out; - - if ((cipher = cipher_by_name(ciphername)) == NULL) { - r = SSH_ERR_KEY_UNKNOWN_CIPHER; - goto out; - } - if ((passphrase == NULL || strlen(passphrase) == 0) && - strcmp(ciphername, "none") != 0) { - /* passphrase required */ - r = SSH_ERR_KEY_WRONG_PASSPHRASE; - goto out; - } - if (strcmp(kdfname, "none") != 0 && strcmp(kdfname, "bcrypt") != 0) { - r = SSH_ERR_KEY_UNKNOWN_CIPHER; - goto out; - } - if (!strcmp(kdfname, "none") && strcmp(ciphername, "none") != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (nkeys != 1) { - /* XXX only one key supported */ - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* check size of encrypted key blob */ - blocksize = cipher_blocksize(cipher); - if (encrypted_len < blocksize || (encrypted_len % blocksize) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* setup key */ - keylen = cipher_keylen(cipher); - ivlen = cipher_ivlen(cipher); - authlen = cipher_authlen(cipher); - if ((key = calloc(1, keylen + ivlen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (strcmp(kdfname, "bcrypt") == 0) { - if ((r = sshbuf_get_string(kdf, &salt, &slen)) != 0 || - (r = sshbuf_get_u32(kdf, &rounds)) != 0) - goto out; - if (bcrypt_pbkdf(passphrase, strlen(passphrase), salt, slen, - key, keylen + ivlen, rounds) < 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - } - - /* check that an appropriate amount of auth data is present */ - if (sshbuf_len(decoded) < encrypted_len + authlen) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* decrypt private portion of key */ - if ((r = sshbuf_reserve(decrypted, encrypted_len, &dp)) != 0 || - (r = cipher_init(&ciphercontext, cipher, key, keylen, - key + keylen, ivlen, 0)) != 0) - goto out; - if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), - encrypted_len, 0, authlen)) != 0) { - /* an integrity error here indicates an incorrect passphrase */ - if (r == SSH_ERR_MAC_INVALID) - r = SSH_ERR_KEY_WRONG_PASSPHRASE; - goto out; - } - if ((r = sshbuf_consume(decoded, encrypted_len + authlen)) != 0) - goto out; - /* there should be no trailing data */ - if (sshbuf_len(decoded) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - - /* check check bytes */ - if ((r = sshbuf_get_u32(decrypted, &check1)) != 0 || - (r = sshbuf_get_u32(decrypted, &check2)) != 0) - goto out; - if (check1 != check2) { - r = SSH_ERR_KEY_WRONG_PASSPHRASE; - goto out; - } - - /* Load the private key and comment */ - if ((r = sshkey_private_deserialize(decrypted, &k)) != 0 || - (r = sshbuf_get_cstring(decrypted, &comment, NULL)) != 0) - goto out; - - /* Check deterministic padding */ - i = 0; - while (sshbuf_len(decrypted)) { - if ((r = sshbuf_get_u8(decrypted, &pad)) != 0) - goto out; - if (pad != (++i & 0xff)) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - } - - /* XXX decode pubkey and check against private */ - - /* success */ - r = 0; - if (keyp != NULL) { - *keyp = k; - k = NULL; - } - if (commentp != NULL) { - *commentp = comment; - comment = NULL; - } -out: - pad = 0; - cipher_free(ciphercontext); - free(ciphername); - free(kdfname); - free(comment); - if (salt != NULL) { - explicit_bzero(salt, slen); - free(salt); - } - if (key != NULL) { - explicit_bzero(key, keylen + ivlen); - free(key); - } - sshbuf_free(encoded); - sshbuf_free(decoded); - sshbuf_free(kdf); - sshbuf_free(decrypted); - sshkey_free(k); - return r; -} - - -#ifdef WITH_OPENSSL -/* convert SSH v2 key in OpenSSL PEM format */ -static int -sshkey_private_pem_to_blob(struct sshkey *key, struct sshbuf *blob, - const char *_passphrase, const char *comment) -{ - int success, r; - int blen, len = strlen(_passphrase); - u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; - const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL; - char *bptr; - BIO *bio = NULL; - - if (len > 0 && len <= 4) - return SSH_ERR_PASSPHRASE_TOO_SHORT; - if ((bio = BIO_new(BIO_s_mem())) == NULL) - return SSH_ERR_ALLOC_FAIL; - - switch (key->type) { - case KEY_DSA: - success = PEM_write_bio_DSAPrivateKey(bio, key->dsa, - cipher, passphrase, len, NULL, NULL); - break; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - success = PEM_write_bio_ECPrivateKey(bio, key->ecdsa, - cipher, passphrase, len, NULL, NULL); - break; -#endif - case KEY_RSA: - success = PEM_write_bio_RSAPrivateKey(bio, key->rsa, - cipher, passphrase, len, NULL, NULL); - break; - default: - success = 0; - break; - } - if (success == 0) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((blen = BIO_get_mem_data(bio, &bptr)) <= 0) { - r = SSH_ERR_INTERNAL_ERROR; - goto out; - } - if ((r = sshbuf_put(blob, bptr, blen)) != 0) - goto out; - r = 0; -out: - BIO_free(bio); - return r; -} -#endif /* WITH_OPENSSL */ - -/* Serialise "key" to buffer "blob" */ -int -sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, - const char *passphrase, const char *comment, - int force_new_format, const char *new_format_cipher, int new_format_rounds) -{ - switch (key->type) { -#ifdef WITH_OPENSSL - case KEY_DSA: - case KEY_ECDSA: - case KEY_RSA: - if (force_new_format) { - return sshkey_private_to_blob2(key, blob, passphrase, - comment, new_format_cipher, new_format_rounds); - } - return sshkey_private_pem_to_blob(key, blob, - passphrase, comment); -#endif /* WITH_OPENSSL */ - case KEY_ED25519: -#ifdef WITH_XMSS - case KEY_XMSS: -#endif /* WITH_XMSS */ - return sshkey_private_to_blob2(key, blob, passphrase, - comment, new_format_cipher, new_format_rounds); - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } -} - - -#ifdef WITH_OPENSSL -static int -translate_libcrypto_error(unsigned long pem_err) -{ - int pem_reason = ERR_GET_REASON(pem_err); - - switch (ERR_GET_LIB(pem_err)) { - case ERR_LIB_PEM: - switch (pem_reason) { - case PEM_R_BAD_PASSWORD_READ: - case PEM_R_PROBLEMS_GETTING_PASSWORD: - case PEM_R_BAD_DECRYPT: - return SSH_ERR_KEY_WRONG_PASSPHRASE; - default: - return SSH_ERR_INVALID_FORMAT; - } - case ERR_LIB_EVP: - switch (pem_reason) { - case EVP_R_BAD_DECRYPT: - return SSH_ERR_KEY_WRONG_PASSPHRASE; -#ifdef EVP_R_BN_DECODE_ERROR - case EVP_R_BN_DECODE_ERROR: -#endif - case EVP_R_DECODE_ERROR: -#ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR - case EVP_R_PRIVATE_KEY_DECODE_ERROR: -#endif - return SSH_ERR_INVALID_FORMAT; - default: - return SSH_ERR_LIBCRYPTO_ERROR; - } - case ERR_LIB_ASN1: - return SSH_ERR_INVALID_FORMAT; - } - return SSH_ERR_LIBCRYPTO_ERROR; -} - -static void -clear_libcrypto_errors(void) -{ - while (ERR_get_error() != 0) - ; -} - -/* - * Translate OpenSSL error codes to determine whether - * passphrase is required/incorrect. - */ -static int -convert_libcrypto_error(void) -{ - /* - * Some password errors are reported at the beginning - * of the error queue. - */ - if (translate_libcrypto_error(ERR_peek_error()) == - SSH_ERR_KEY_WRONG_PASSPHRASE) - return SSH_ERR_KEY_WRONG_PASSPHRASE; - return translate_libcrypto_error(ERR_peek_last_error()); -} - -static int -sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, - const char *passphrase, struct sshkey **keyp) -{ - EVP_PKEY *pk = NULL; - struct sshkey *prv = NULL; - BIO *bio = NULL; - int r; - - if (keyp != NULL) - *keyp = NULL; - - if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) - return SSH_ERR_ALLOC_FAIL; - if (BIO_write(bio, sshbuf_ptr(blob), sshbuf_len(blob)) != - (int)sshbuf_len(blob)) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - clear_libcrypto_errors(); - if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, - (char *)passphrase)) == NULL) { - r = convert_libcrypto_error(); - goto out; - } - if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && - (type == KEY_UNSPEC || type == KEY_RSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - prv->rsa = EVP_PKEY_get1_RSA(pk); - prv->type = KEY_RSA; -#ifdef DEBUG_PK - RSA_print_fp(stderr, prv->rsa, 8); -#endif - if (RSA_blinding_on(prv->rsa, NULL) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((r = check_rsa_length(prv->rsa)) != 0) - goto out; - } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA && - (type == KEY_UNSPEC || type == KEY_DSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - prv->dsa = EVP_PKEY_get1_DSA(pk); - prv->type = KEY_DSA; -#ifdef DEBUG_PK - DSA_print_fp(stderr, prv->dsa, 8); -#endif -#ifdef OPENSSL_HAS_ECC - } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_EC && - (type == KEY_UNSPEC || type == KEY_ECDSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - prv->ecdsa = EVP_PKEY_get1_EC_KEY(pk); - prv->type = KEY_ECDSA; - prv->ecdsa_nid = sshkey_ecdsa_key_to_nid(prv->ecdsa); - if (prv->ecdsa_nid == -1 || - sshkey_curve_nid_to_name(prv->ecdsa_nid) == NULL || - sshkey_ec_validate_public(EC_KEY_get0_group(prv->ecdsa), - EC_KEY_get0_public_key(prv->ecdsa)) != 0 || - sshkey_ec_validate_private(prv->ecdsa) != 0) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } -# ifdef DEBUG_PK - if (prv != NULL && prv->ecdsa != NULL) - sshkey_dump_ec_key(prv->ecdsa); -# endif -#endif /* OPENSSL_HAS_ECC */ - } else { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - r = 0; - if (keyp != NULL) { - *keyp = prv; - prv = NULL; - } -out: - BIO_free(bio); - EVP_PKEY_free(pk); - sshkey_free(prv); - return r; -} -#endif /* WITH_OPENSSL */ - -int -sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, - const char *passphrase, struct sshkey **keyp, char **commentp) -{ - int r = SSH_ERR_INTERNAL_ERROR; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - switch (type) { -#ifdef WITH_OPENSSL - case KEY_DSA: - case KEY_ECDSA: - case KEY_RSA: - return sshkey_parse_private_pem_fileblob(blob, type, - passphrase, keyp); -#endif /* WITH_OPENSSL */ - case KEY_ED25519: -#ifdef WITH_XMSS - case KEY_XMSS: -#endif /* WITH_XMSS */ - return sshkey_parse_private2(blob, type, passphrase, - keyp, commentp); - case KEY_UNSPEC: - r = sshkey_parse_private2(blob, type, passphrase, keyp, - commentp); - /* Do not fallback to PEM parser if only passphrase is wrong. */ - if (r == 0 || r == SSH_ERR_KEY_WRONG_PASSPHRASE) - return r; -#ifdef WITH_OPENSSL - return sshkey_parse_private_pem_fileblob(blob, type, - passphrase, keyp); -#else - return SSH_ERR_INVALID_FORMAT; -#endif /* WITH_OPENSSL */ - default: - return SSH_ERR_KEY_TYPE_UNKNOWN; - } -} - -int -sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, - passphrase, keyp, commentp); -} - -#ifdef WITH_XMSS -/* - * serialize the key with the current state and forward the state - * maxsign times. - */ -int -sshkey_private_serialize_maxsign(const struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, sshkey_printfn *pr) -{ - int r, rupdate; - - if (maxsign == 0 || - sshkey_type_plain(k->type) != KEY_XMSS) - return sshkey_private_serialize_opt(k, b, - SSHKEY_SERIALIZE_DEFAULT); - if ((r = sshkey_xmss_get_state(k, pr)) != 0 || - (r = sshkey_private_serialize_opt(k, b, - SSHKEY_SERIALIZE_STATE)) != 0 || - (r = sshkey_xmss_forward_state(k, maxsign)) != 0) - goto out; - r = 0; -out: - if ((rupdate = sshkey_xmss_update_state(k, pr)) != 0) { - if (r == 0) - r = rupdate; - } - return r; -} - -u_int32_t -sshkey_signatures_left(const struct sshkey *k) -{ - if (sshkey_type_plain(k->type) == KEY_XMSS) - return sshkey_xmss_signatures_left(k); - return 0; -} - -int -sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) -{ - if (sshkey_type_plain(k->type) != KEY_XMSS) - return SSH_ERR_INVALID_ARGUMENT; - return sshkey_xmss_enable_maxsign(k, maxsign); -} - -int -sshkey_set_filename(struct sshkey *k, const char *filename) -{ - if (k == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if (sshkey_type_plain(k->type) != KEY_XMSS) - return 0; - if (filename == NULL) - return SSH_ERR_INVALID_ARGUMENT; - if ((k->xmss_filename = strdup(filename)) == NULL) - return SSH_ERR_ALLOC_FAIL; - return 0; -} -#else -int -sshkey_private_serialize_maxsign(const struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, sshkey_printfn *pr) -{ - return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT); -} - -u_int32_t -sshkey_signatures_left(const struct sshkey *k) -{ - return 0; -} - -int -sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) -{ - return SSH_ERR_INVALID_ARGUMENT; -} - -int -sshkey_set_filename(struct sshkey *k, const char *filename) -{ - if (k == NULL) - return SSH_ERR_INVALID_ARGUMENT; - return 0; -} -#endif /* WITH_XMSS */ diff --git a/Blink/Commands/openssh/sshkey.h b/Blink/Commands/openssh/sshkey.h deleted file mode 100644 index 14c6623dc..000000000 --- a/Blink/Commands/openssh/sshkey.h +++ /dev/null @@ -1,280 +0,0 @@ -/* $OpenBSD: sshkey.h,v 1.30 2018/09/14 04:17:44 djm Exp $ */ - -/* - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef SSHKEY_H -#define SSHKEY_H - -#include - -#define WITH_OPENSSL -#define OPENSSL_HAS_ECC - -#ifdef WITH_OPENSSL -#include -#include -#ifdef OPENSSL_HAS_ECC -#include -#else /* OPENSSL_HAS_ECC */ -#define EC_KEY void -#define EC_GROUP void -#define EC_POINT void -#endif /* OPENSSL_HAS_ECC */ -#else /* WITH_OPENSSL */ -# define BIGNUM void -# define RSA void -# define DSA void -# define EC_KEY void -# define EC_GROUP void -# define EC_POINT void -#endif /* WITH_OPENSSL */ - -#define SSH_RSA_MINIMUM_MODULUS_SIZE 1024 -#define SSH_KEY_MAX_SIGN_DATA_SIZE (1 << 20) - -struct sshbuf; - -/* Key types */ -enum sshkey_types { - KEY_RSA, - KEY_DSA, - KEY_ECDSA, - KEY_ED25519, - KEY_RSA_CERT, - KEY_DSA_CERT, - KEY_ECDSA_CERT, - KEY_ED25519_CERT, - KEY_XMSS, - KEY_XMSS_CERT, - KEY_UNSPEC -}; - -/* Default fingerprint hash */ -#define SSH_FP_HASH_DEFAULT SSH_DIGEST_SHA256 - -/* Fingerprint representation formats */ -enum sshkey_fp_rep { - SSH_FP_DEFAULT = 0, - SSH_FP_HEX, - SSH_FP_BASE64, - SSH_FP_BUBBLEBABBLE, - SSH_FP_RANDOMART -}; - -/* Private key serialisation formats, used on the wire */ -enum sshkey_serialize_rep { - SSHKEY_SERIALIZE_DEFAULT = 0, - SSHKEY_SERIALIZE_STATE = 1, - SSHKEY_SERIALIZE_FULL = 2, - SSHKEY_SERIALIZE_INFO = 254, -}; - -/* key is stored in external hardware */ -#define SSHKEY_FLAG_EXT 0x0001 - -#define SSHKEY_CERT_MAX_PRINCIPALS 256 -/* XXX opaquify? */ -struct sshkey_cert { - struct sshbuf *certblob; /* Kept around for use on wire */ - u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ - u_int64_t serial; - char *key_id; - u_int nprincipals; - char **principals; - u_int64_t valid_after, valid_before; - struct sshbuf *critical; - struct sshbuf *extensions; - struct sshkey *signature_key; - char *signature_type; -}; - -/* XXX opaquify? */ -struct sshkey { - int type; - int flags; - RSA *rsa; - DSA *dsa; - int ecdsa_nid; /* NID of curve */ - EC_KEY *ecdsa; - u_char *ed25519_sk; - u_char *ed25519_pk; - char *xmss_name; - char *xmss_filename; /* for state file updates */ - void *xmss_state; /* depends on xmss_name, opaque */ - u_char *xmss_sk; - u_char *xmss_pk; - struct sshkey_cert *cert; -}; - -#define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES -#define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES - -struct sshkey *sshkey_new(int); -void sshkey_free(struct sshkey *); -int sshkey_equal_public(const struct sshkey *, - const struct sshkey *); -int sshkey_equal(const struct sshkey *, const struct sshkey *); -char *sshkey_fingerprint(const struct sshkey *, - int, enum sshkey_fp_rep); -int sshkey_fingerprint_raw(const struct sshkey *k, - int, u_char **retp, size_t *lenp); -const char *sshkey_type(const struct sshkey *); -const char *sshkey_cert_type(const struct sshkey *); -int sshkey_format_text(const struct sshkey *, struct sshbuf *); -int sshkey_write(const struct sshkey *, FILE *); -int sshkey_read(struct sshkey *, char **); -u_int sshkey_size(const struct sshkey *); - -int sshkey_generate(int type, u_int bits, struct sshkey **keyp); -int sshkey_from_private(const struct sshkey *, struct sshkey **); -int sshkey_type_from_name(const char *); -int sshkey_is_cert(const struct sshkey *); -int sshkey_type_is_cert(int); -int sshkey_type_plain(int); -int sshkey_to_certified(struct sshkey *); -int sshkey_drop_cert(struct sshkey *); -int sshkey_cert_copy(const struct sshkey *, struct sshkey *); -int sshkey_cert_check_authority(const struct sshkey *, int, int, - const char *, const char **); -size_t sshkey_format_cert_validity(const struct sshkey_cert *, - char *, size_t) __attribute__((__bounded__(__string__, 2, 3))); -int sshkey_check_cert_sigtype(const struct sshkey *, const char *); - -int sshkey_certify(struct sshkey *, struct sshkey *, const char *); -/* Variant allowing use of a custom signature function (e.g. for ssh-agent) */ -typedef int sshkey_certify_signer(const struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int, void *); -int sshkey_certify_custom(struct sshkey *, struct sshkey *, const char *, - sshkey_certify_signer *, void *); - -int sshkey_ecdsa_nid_from_name(const char *); -int sshkey_curve_name_to_nid(const char *); -const char * sshkey_curve_nid_to_name(int); -u_int sshkey_curve_nid_to_bits(int); -int sshkey_ecdsa_bits_to_nid(int); -int sshkey_ecdsa_key_to_nid(EC_KEY *); -int sshkey_ec_nid_to_hash_alg(int nid); -int sshkey_ec_validate_public(const EC_GROUP *, const EC_POINT *); -int sshkey_ec_validate_private(const EC_KEY *); -const char *sshkey_ssh_name(const struct sshkey *); -const char *sshkey_ssh_name_plain(const struct sshkey *); -int sshkey_names_valid2(const char *, int); -char *sshkey_alg_list(int, int, int, char); - -int sshkey_from_blob(const u_char *, size_t, struct sshkey **); -int sshkey_fromb(struct sshbuf *, struct sshkey **); -int sshkey_froms(struct sshbuf *, struct sshkey **); -int sshkey_to_blob(const struct sshkey *, u_char **, size_t *); -int sshkey_to_base64(const struct sshkey *, char **); -int sshkey_putb(const struct sshkey *, struct sshbuf *); -int sshkey_puts(const struct sshkey *, struct sshbuf *); -int sshkey_puts_opts(const struct sshkey *, struct sshbuf *, - enum sshkey_serialize_rep); -int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); -int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); - -int sshkey_sign(const struct sshkey *, u_char **, size_t *, - const u_char *, size_t, const char *, u_int); -int sshkey_verify(const struct sshkey *, const u_char *, size_t, - const u_char *, size_t, const char *, u_int); -int sshkey_check_sigtype(const u_char *, size_t, const char *); -const char *sshkey_sigalg_by_name(const char *); - -/* for debug */ -void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *); -void sshkey_dump_ec_key(const EC_KEY *); - -/* private key parsing and serialisation */ -int sshkey_private_serialize(const struct sshkey *key, struct sshbuf *buf); -int sshkey_private_serialize_opt(const struct sshkey *key, struct sshbuf *buf, - enum sshkey_serialize_rep); -int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp); - -/* private key file format parsing and serialisation */ -int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, - const char *passphrase, const char *comment, - int force_new_format, const char *new_format_cipher, int new_format_rounds); -int sshkey_parse_private_fileblob(struct sshbuf *buffer, - const char *passphrase, struct sshkey **keyp, char **commentp); -int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, - const char *passphrase, struct sshkey **keyp, char **commentp); - -/* XXX should be internal, but used by ssh-keygen */ -int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *); - -/* stateful keys (e.g. XMSS) */ -#ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS -typedef void sshkey_printfn(const char *, ...); -#else -typedef void sshkey_printfn(const char *, ...) __attribute__((format(printf, 1, 2))); -#endif -int sshkey_set_filename(struct sshkey *, const char *); -int sshkey_enable_maxsign(struct sshkey *, u_int32_t); -u_int32_t sshkey_signatures_left(const struct sshkey *); -int sshkey_forward_state(const struct sshkey *, u_int32_t, sshkey_printfn *); -int sshkey_private_serialize_maxsign(const struct sshkey *key, struct sshbuf *buf, - u_int32_t maxsign, sshkey_printfn *pr); - -#ifdef SSHKEY_INTERNAL -int ssh_rsa_sign(const struct sshkey *key, - u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, - const char *ident); -int ssh_rsa_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, const u_char *data, size_t datalen, - const char *alg); -int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat); -int ssh_dss_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat); -int ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat); -int ssh_ecdsa_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat); -int ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat); -int ssh_ed25519_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat); -int ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat); -int ssh_xmss_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat); -#endif - -#if !defined(WITH_OPENSSL) -#undef RSA -#undef DSA -#undef EC_KEY -#undef EC_GROUP -#undef EC_POINT -#elif !defined(OPENSSL_HAS_ECC) -#undef EC_KEY -#undef EC_GROUP -#undef EC_POINT -#endif - -#endif /* SSHKEY_H */ diff --git a/Blink/Commands/openurl.m b/Blink/Commands/openurl.m index e10a28af7..b54c9a78b 100644 --- a/Blink/Commands/openurl.m +++ b/Blink/Commands/openurl.m @@ -30,6 +30,7 @@ //////////////////////////////////////////////////////////////////////////////// #include +#import #include "ios_system/ios_system.h" #include "ios_error.h" #include "openurl.h" diff --git a/Blink/Commands/xcall.m b/Blink/Commands/xcall.m index a27f4c550..96a7d98e9 100644 --- a/Blink/Commands/xcall.m +++ b/Blink/Commands/xcall.m @@ -30,6 +30,7 @@ //////////////////////////////////////////////////////////////////////////////// #include +#import #include "ios_system/ios_system.h" #include "ios_error.h" #include "bk_getopts.h" diff --git a/Blink/SSHClient.h b/Blink/SSHClient.h index 6e4446066..0b256c0ff 100644 --- a/Blink/SSHClient.h +++ b/Blink/SSHClient.h @@ -31,7 +31,7 @@ #import -#include +#import #import "SSHClientOptions.h" #import "TermDevice.h" diff --git a/Frameworks/ios_system b/Frameworks/ios_system index e005cbc41..e7fc05869 160000 --- a/Frameworks/ios_system +++ b/Frameworks/ios_system @@ -1 +1 @@ -Subproject commit e005cbc41a7f8dbef0b49ea11de3fc74a71b71d6 +Subproject commit e7fc058694ba51bc8594d769daa7d17896421268 diff --git a/Frameworks/lib/.gitignore b/Frameworks/lib/.gitignore deleted file mode 100644 index 86d0cb272..000000000 --- a/Frameworks/lib/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -# Ignore everything in this directory -* -# Except this file -!.gitignore \ No newline at end of file diff --git a/Sessions/MoshSession.m b/Sessions/MoshSession.m index b006a599f..3305e7ffe 100644 --- a/Sessions/MoshSession.m +++ b/Sessions/MoshSession.m @@ -34,7 +34,7 @@ #include #include -#include "libmoshios/moshiosbridge.h" +#include #import "BKHosts.h" #import "MoshSession.h" diff --git a/Settings/Model/BKPubKey.m b/Settings/Model/BKPubKey.m index 216d32f5b..8f85f0620 100644 --- a/Settings/Model/BKPubKey.m +++ b/Settings/Model/BKPubKey.m @@ -36,9 +36,10 @@ #import "UICKeyChainStore/UICKeyChainStore.h" #import "BlinkPaths.h" -#import "sshbuf.h" -#import "sshkey.h" -#import "ssherr.h" +#import +#import +#import +#import const NSString *BK_KEYTYPE_RSA = @"RSA"; const NSString *BK_KEYTYPE_DSA = @"DSA"; diff --git a/get_frameworks.sh b/get_frameworks.sh index 2956939b8..d2452ae7d 100755 --- a/get_frameworks.sh +++ b/get_frameworks.sh @@ -1,22 +1,14 @@ #!/bin/bash - set -e -DEPS_VERSION="1.4.6" - -GHROOT="https://github.com/blinksh" - ( - -cd "${BASH_SOURCE%/*}/Frameworks" -echo "Downloading frameworks" -curl -OL $GHROOT/external-deps/releases/download/v$DEPS_VERSION/frameworks.tar.gz -( tar -xzf frameworks.tar.gz --strip 1 && rm frameworks.tar.gz ) || { echo "Frameworks failed to download"; exit 1; } - + cd xcfs + swift package resolve ) -# We need ios_system for the sources of curl_static too: -(# ios_system -cd "${BASH_SOURCE%/*}/Frameworks/ios_system" -sh ./get_sources.sh +( + cd Frameworks/ios_system/xcfs + swift package resolve ) + +echo "done" \ No newline at end of file diff --git a/xcfs/Package.resolved b/xcfs/Package.resolved new file mode 100644 index 000000000..b51ad0b68 --- /dev/null +++ b/xcfs/Package.resolved @@ -0,0 +1,16 @@ +{ + "object": { + "pins": [ + { + "package": "FMake", + "repositoryURL": "https://github.com/yury/FMake", + "state": { + "branch": null, + "revision": "1a19d51fc4f74f4c33e4540e395f98faee6e7c4d", + "version": "0.0.15" + } + } + ] + }, + "version": 1 +} diff --git a/xcfs/Package.swift b/xcfs/Package.swift new file mode 100644 index 000000000..e3dd5c40a --- /dev/null +++ b/xcfs/Package.swift @@ -0,0 +1,107 @@ +// swift-tools-version:5.3 +import PackageDescription + +_ = Package( + name: "deps", + platforms: [.macOS("11")], + dependencies: [ + .package(url: "https://github.com/yury/FMake", from: "0.0.15") + ], + + targets: [ + .binaryTarget( + name: "Protobuf_C_", + url: "https://github.com/yury/protobuf-cpp-apple/releases/download/v3.14.0/Protobuf_C_-static.xcframework.zip", + checksum: "07433ba7926493200ff7ad31412bc9247d6ddc092b4fa5e650b01c6f36a35559" + ), + + .binaryTarget( + name: "mosh", + url: "https://github.com/yury/mosh-apple/releases/download/v1.3.2/mosh.xcframework.zip", + checksum: "727d404455b94de3fa9834441b19cf6c51e93db64cd91f7dd31d0683e42b52ad" + ), + + .binaryTarget( + name: "OpenSSH", + url: "https://github.com/yury/openssh-apple/releases/download/v8.4.0/OpenSSH-static.xcframework.zip", + checksum: "82b57892d1656980ee710b27ea3aacd436c52f4e85212c2a74aa2f3cea588de2" + ), + + .binaryTarget( + name: "libssh2", + url: "https://github.com/yury/libssh2-apple/releases/download/v1.9.0/libssh2-dynamic.xcframework.zip", + checksum: "07952e484eb511b1badb110c15d4621bb84ef98b28ea4d6e1d3a067d420806f5" + ), + + .binaryTarget( + name: "ios_system", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/ios_system.xcframework.zip", + checksum: "a3ec1c198b944b7d0e8932b7da447b164ae9b869c11c8f0f35cc7b5f09129fe2" + ), + + .binaryTarget( + name: "awk", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/awk.xcframework.zip", + checksum: "d130cff498a50d3b5f0e6161488e4c768e815c866df448257f391ab620c2676c" + ), + + .binaryTarget( + name: "curl_ios", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/curl_ios.xcframework.zip", + checksum: "57beebc661ce6a68c796fc47e872ee1bdeaae25053bb80ca77dd2e04f75a0c7b" + ), + + .binaryTarget( + name: "files", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/files.xcframework.zip", + checksum: "248243920e0b9dc45bbba279d31f83191abf69b5e98d909ce245baf37a749837" + ), + + .binaryTarget( + name: "shell", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/shell.xcframework.zip", + checksum: "cf0f5e0cad1ac0b28efbf5b4a382053fa8d83e1ea30d8457ae30b056d6ce6fda" + ), + + .binaryTarget( + name: "ssh_cmd", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/ssh_cmd.xcframework.zip", + checksum: "5df5ab2568954953367c37e7f2a937b4475c404d996330ce3096742798e00cfc" + ), + + .binaryTarget( + name: "tar", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/tar.xcframework.zip", + checksum: "1c259d4c13c665732da35978456345415540aa1c4f0dd597616145ceeb6a9237" + ), + + .binaryTarget( + name: "text", + url: "https://github.com/yury/ios_system/releases/download/v2.7.0/text.xcframework.zip", + checksum: "31dadcea8823a79b9425eb752fc76d14c8d784217e7a9b7d18cb387006b14f67" + ), + + .binaryTarget( + name: "openssl", + url: "https://github.com/yury/openssl-apple/releases/download/v1.1.1i/openssl-dynamic.xcframework.zip", + checksum: "d07917d2db5480add458a7373bb469b2e46e9aba27ab0ebd3ddc8654df58e60f" + ), + + .binaryTarget( + name: "libssh", + url: "https://github.com/yury/libssh-apple/releases/download/v0.9.4/LibSSH-dynamic.xcframework.zip", + checksum: "9779da1a08e3a23bd1f2534da9c33f5f2075b9206283d106f454d881cc26d12a" + ), + + .binaryTarget( + name: "network_ios", + url: "https://github.com/yury/network_ios/releases/download/v0.2/network_ios.xcframework.zip", + checksum: "ec5860ecd720ccaaa298ab02766d8469c21f5fe5d3bab5a43bab090001dafa9c" + ), + + .target( + name: "build", + dependencies: ["FMake"] + ), + ] +) \ No newline at end of file